last executing test programs: 45.235060341s ago: executing program 3 (id=2448): r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) 40.718192709s ago: executing program 3 (id=2451): r0 = socket(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x0) sendmmsg$inet_sctp(r0, &(0x7f0000006cc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000000200000000000000000000000000d8651b0289d0fd4b0022"], 0x30}], 0x1, 0x0) 33.49191773s ago: executing program 3 (id=2454): prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa1000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) fcntl$dupfd(r0, 0x0, r0) 31.000187284s ago: executing program 3 (id=2456): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat2(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[], 0x0, 0x9a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$MAP_CREATE(0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0) r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x54, r7, 0x1, 0x2, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_FWMARK={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x44008}, 0x0) 4.585168731s ago: executing program 1 (id=2473): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(0xffffffffffffffff, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, &(0x7f0000000000), 0x4) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x16, 0x0, 0x290) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) syz_emit_ethernet(0xe, &(0x7f0000000180)={@remote, @empty, @void, {@generic={0x88ca}}}, 0x0) write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[], 0xe) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'veth1_to_bond\x00', &(0x7f0000001880)=@ethtool_dump={0x3e}}) 3.256523126s ago: executing program 1 (id=2475): setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x24, 0x2c, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xc}}}, 0x24}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 3.060872806s ago: executing program 1 (id=2476): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000140)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xeffffdff, 0x0, [{}, {0x0, 0x0, 0x0, '\x00', 0xff}, {0x3, 0xfe}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x20}, {}, {0x0, 0x73}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x2}]}}) 2.987843215s ago: executing program 1 (id=2477): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) close(r2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) fchown(r6, 0x0, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f0000f2cff4)={0x2018}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x70bd26, 0x0, {0x7, r7}, [@MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x1, 0x0, 0x0, {@ip4=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r9 = socket(0x10, 0x3, 0x0) write(r9, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) 2.170114364s ago: executing program 2 (id=2459): syz_open_procfs(0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$mixer_OSS_ALSAEMULVER(r0, 0xc0044d0a, &(0x7f0000010180)) 2.097371026s ago: executing program 1 (id=2485): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000140)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xeffffdff, 0x0, [{}, {0x0, 0x0, 0x0, '\x00', 0xff}, {0x3, 0xfe}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x20}, {}, {0x0, 0x73}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x2}]}}) 2.047194618s ago: executing program 1 (id=2486): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$unix(r3, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e24}, 0x6e) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, &(0x7f0000000000)=[{&(0x7f0000000100)="58000000140019234083feff040d8c560a06580200ff0000000000000020ffff00000000000064009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100070c100000000200ffffffff", 0x58}], 0x1) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x7d1, &(0x7f0000000cc0)={@local, @dev, @void, {@llc={0x4, {@llc={0x8e, 0x7e, "81", "c3a3d87764e056226a5f335e5c3019b1cc69ac2b921498207a5fb191aafc41cc20fdc54cf63be35fb5e45a83e943137ba901fe2a40f3af9f7442db280db452887efe683deafb6a170453b98f935808e648a1923228a4405b960744c76d9c14ccbe3cae0cab14141b66992f2790a08133dbf15d6ef1e8fad856cc44c4caebcc7a90a5a1ee035498d20138dae4f343e87a1c0c955bd6b99404579b991e0db62deb65797063725f3f63c552db261cdd52ad0e452c5558d91b492700e733256ff1a4d4cbedc9f0c1566d2fea75c7ecbdb413df290e613488ccd28bddb1298e607645a9dd0c226f1c5d90ab022f77b138e44142d384e2b849d45b618ed1fea834c75385aac49100eb46874753e156248c7f3a6ac271d6742fcf031a0fe51e03a4afe513c8ee46961f924d25eda0c6f67cb9c87c52ce2e1940125263caa0e0670692be24b9cb8ba59882de989460908ecbc1485b4c8ab4886298b586e45edefd95afc2402827afd845ef440d87bc490e7f3ffeb3a8f461b8eff46f84575a211100578490e80eab069601f7764137314ed175c3e325c0b2cc5006fe645dffc601f9245de9eda2d2c9e65be9c7ca1d8ef15b2a0114c666017a9032b13ef5d0ee7e49d2ef1cf40d65eda77189cea8492f995ec5f56a2cca02fb497c9d33f14a56b65e32fa4da25c73d215a9e5f30c467cad9e29481800e72341b19a87d6e6bc228f1d6ac54f30ff0f47911131603373605f3042a34107d499ac63e90d71db9c9cf539c5c0b7ad0e4b97aca6b41f92f804cb796328e05ff3fc193e23421dbac9ac2af8fb9b352ac66e187b758337bcd353acf4994645a6a0d4b5f55f818b664ee19b5ef184ec33c4ef95df840314ba42ba0f17477b2bed53bac370666aa3bf1867454f4b60fc79f5eb9c9c4eaa53dfdb4364257b00868e134f9eb536753a526a44e6a15af3c14b63aaad36670a511ded921f09e06cff7c1fca760941f1f00c918a2b0627e93ec2d312158fab984a6e1d618e007cade07963ff4de77fc756136c131a66d9559a0b1bce56931b7ed50ed53e9a9fd94e06e2fe322c671a01808d2a5433db8a8ec188645983811460d9b10cd8ffe2cb790a7c8557e863db3832476798d051d5176e2fd0c55b03d119f8e7a38859aa4da5eac60f43d4637e3191d0bb876442be0c05ec82621876cece454d317be50f3a3d6fba0c7fb7ecd6d61109bb7c8873471ff10a38a1c0fc7da7d56cbc726d1b985b465d0a381e65e29f12fad9455fbefc5b441a34ead956bd8b5744860ee3ff18c8b2caa80e2baeeeb174f3c0424af6e3a0b9521ab8e72194ce0a9ae2f810a7e9b5404c00eb0c46ebeeeeaffcea28cecc2095262bf810664d4f78ac559f096a05db9133248c010aff30f0a48f2f61e5840c96ef2469964edff6098e44bae58f29bd7b5bbee71e5d917fdbd5d4d737befcc23ba8b4c7198750e2cb9d1c1caf5edc9e55288adfeab5325356aa9f8b22d2d1e76e18e172fe59eca9e17b7700f795473f433831cb0ed7a1040a423e5ae68ca49a484739e2597d49723dd84d69268e8ad70dec0fc313b3fda5b4016fc19850d4896e6fc95410c91d360a856a1aadca178926c5a3e504aa0aef827108b2ac33db500954a9a1e4c41902320bfea4bec2e7dcba37164d29fc99da4521f0b107df9b4ef27938c089a031266e48476c37e33d29475926d0ae47a21f35587c7d57012bd5e9053b96ca914900a8316a0b02704af70ee9e0ef6876d0f10f91139bef55cb0154861ec02850b45210cbe8f454dde50b9ba93ec31fccc41a4973d32a5b3f83eb09de056b1e8667e29dc868f4e1172bfb3f5b732bd15b7940ee5c284722d7471b61283a9f6e964e7cc1740b2e8b9e7fb261d1172f5a7e2143bc4d8f9166d1ebe24b5e07885e29567613e080d9f9bfdaaa7c467a6649737ec900682d8144b01c4b60714693442814d657c1da6fa464cade06f3c6b2b7eb024f7e711d3b6c82e185b8f78bffe8d5c303d626fa625df9d8c51718987d0563f6abd3ee9263e77dcfecc93c992ec3f8cbde27779cd6c0411d0a08fff8f0ac6077433029c4cfe07f032e337ffbe6cd2cee788bf2cbe998f05c7132f33e5afbad315cfa8176c9cafecb8e1243d3ba4626012835959ff79a071d7dcbfc94496e17012946d10e32eb377d9e5db66226e4b39acfb52b6be3d245f5c3370aca12b2097556929ab391c2ae38c1226b5383921faaf1ec44fc32b227b2d84e85b53ca96dc73f2151a36d1410ab16a2853bad7e39752ad1010874218f8f673d094625e5f0a9314ce8b8b897f5821553300e93ee995549671d85dddf214f7174ea503048777b6a80f64cfc41764c38f6e866c50ba495e3cbf57215d0b3c225beeac399d789dace451580e0ee0193210c50faf1fa4ed634842057b8f17155ddd8d8ffade2c19d7fe09738352795cb8b79d25308b9ca9682c89b447199f7092af4d764ff91d71b71ea94a5771c744065c6dc94221f14af6368f826358cb1db85c52890fdb7df01474a2646a7d636560ff603bd1de9a03d70718d3d46162961c4f88487116d87d3cf2731a9c3e4fd1adec873a095a3fc0a1e87fca5b5010da547aa035abcf96311ba8200dfec877d28075e6c45dd8c5ec0d70b0a46f74af91b47bfe0485a794354be9ea52b64b4a57b9845427564ac4dd246fab4dc9acfc3f1c271c65ce0ee67d944a69064a7b4263cb19aaf8abfc697f43dde8c25d79bc128ad0a0e17c1442de751315a87d9e6bc950d83c57321c32d00eeafc6ee7aa0c8ac106787b743657918d79db1a19b690dbdb5"}}}}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000000", @ANYRES32=0x1, @ANYBLOB="000000000065a1bad2000000", @ANYRES32=0x0, @ANYBLOB='\x00'/25], 0x48) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f00000005c0)=r5, 0x12) syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000200)={0x2c, &(0x7f0000000040)={0x20, 0xa, 0x95, {0x95, 0x30, "06171e2626a21589def15c0ecf38d345bd1b5bd4b0f9f81138b6facd41eb3ebd00fa459db19f3087416f42ede6444ca58d14794ff78565db84c4855a1032a0d0ca03feb313f09d6711185cf27e4feaa80ee7f81cb581fb586d8fff46382f4743177526099bb7eec9ea61d1cbc6a51de36bcaa26f2d275dc77f63d9e88eb64f2c8f71bcb70b8c744f0fed376f9ebc8300ec1f75"}}, &(0x7f0000000100)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x8, 0x18, 0x0, 0x0, 0xf, 0x9, 0x1}}}, 0x0) 1.729162899s ago: executing program 2 (id=2494): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) close(r2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) fchown(r6, 0x0, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f0000f2cff4)={0x2018}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x70bd26, 0x0, {0x7, r7}, [@MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x1, 0x0, 0x0, {@ip4=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r9 = socket(0x10, 0x3, 0x0) write(r9, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) 984.174574ms ago: executing program 4 (id=2497): sched_setscheduler(0x0, 0x1, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7}) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) mq_timedreceive(r1, &(0x7f0000000340)=""/221, 0xdd, 0x0, 0x0) 799.909689ms ago: executing program 4 (id=2498): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x24, 0x2c, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xc}}}, 0x24}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) 780.882226ms ago: executing program 0 (id=2499): r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000a40)='fuseblk\x00\xd7\x9f\x1d\x83\xd1\t}\xc0c\xa4\x9f\xb7\xec\xd0\xde\x11s\xcb\xca3AU\xc4\x0f\xec\x9a\x86E\xf5\xec\xb0A\x89\xe9\xbb\xfa\xd9\x14U\xad\xe4\x02\xd6\x891RO\x06O.\xe9$\x17y\x90\xd1\xb5H\x7f\xd8\xbc\xd9^\x937G\x86\x99-{)~1\x17\x0f0\xc5\xf3\xa5+\xa1\xa6\x88S\xc2\xf9\xf0$\xfe\x84\x85L\xba2\x1a\nh\xe0\xebY\x7fym\xef\x04\xab\x9bS\x04S\xb6\r6\xe9\xb5\xa9\x14~\xc5F\xcb\xc8l\xb9P\xc0\xbe\xe7k\xa2(\xdf\x13(t\x0f\xdd\xa3\xa3\x83\xc5PcK\xdf\xf6\xb5\x8f\v\xee\xa8\xb6\xcd#\xf5\xa3\x86\xc3\xe1&\x04_#\xef\xb5\xf4pG}u&}p\x1e\xf82\xb3\x9d\xe9\xc5\x9b+,t\xf6Y\xd0\xc9\x0e\xb41%0\a|\xa5\x8e\xefp\x9b\xd54\b\xaa\'\x88\xaf@\xe6\x00\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000200)='fuseblk\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000006c0)=':\x00', &(0x7f0000000700)='ext4_mark_inode_dirty\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f0000000e80)='%\xea\xfbq|\x04\xe6,fz\x16\t\x06M\xd4+\xc8\xccy\xac)\x93\x83\x89At0\xcfgez\vGX|Ct(\x1d\xbb\f17\x9e\xdf\x1c\x85\t(\xbb\nR\xc6\xb1J\xd0\nH `\x05\"\xd4F7B\x00^X\xd8\xc2%kV\bu\x95\x937\x88\xe4\xeb\xdd83\x94\xffd\xb7&*\x94s\x04\x91\xc0\x04|\xa2\xe3\xbd\xa9\x15\xeb\xaa\xff\xaa\xcb\xac\xa3g\xfd\xd4\x8f\xa8\xf2Q\xb6\xc6M%\x98]+g\xe2\xa1;h\xb3\xd2t\x0ec7\x16uBP\x88\xa5-Y_Q\x8f\x1cw\xc1#\xea\xd7\x9c\x18\xe5\xf1d\x19\x81\xd6J\x8b\xc7\x0e\xfdp\x0f\xbc\x19\x19%QzU\xe6\xe4\xe0ud\f\x9a\xce?\xfd\a\x1fnAL\xa9\xe8\xa0l\xec\xec\x9a\xef\xf3\x1e4H\xf7c|\x9aW\xc3\xd7<\xe56\xa4\xc2\x1c\x04\xbe\xa9\xc5\xb1\v\xbe\xa3\x83\xe9\xb9^\xfa\r\xf7\x84<\x1e\xb1\x95BL\xc72\xd9\x92\x87[f\x89\x90\xf1\xb78\xff\xadUm\xdb\xf5\xf9\x19\xe7\xe2\x10\xf8\xcc\xee\xe5\x00\xa2n\xe4zh6\xeex\x97\x1e\xc0\xe6%\xd5\xa2\xcf\xb7\xb6\x13\x83h\xe8\xad\xf76V\xa9D\b\xac\x97dy5', 0x0) close(r0) 737.948061ms ago: executing program 2 (id=2500): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0xd, 0xd7, &(0x7f0000000700)=""/215, 0x0, 0x5, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 700.067353ms ago: executing program 4 (id=2501): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r1, r0, 0x1, 0x0, @val=@netfilter={0x2, 0x0, 0x8000}}, 0x40) syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 690.156725ms ago: executing program 0 (id=2502): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x30008c0, &(0x7f0000000180)={[{}, {@codepage={'codepage', 0x3d, 'iso8859-6'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {}, {@part={'part', 0x3d, 0x5}}]}, 0x11, 0x2b6, &(0x7f0000000200)="$eJzs3U9rE0EYx/HfbNI22lK3tiJ4rBb0Ilov4iUieRGeRG0iFENFrfjnVMWTiN69+xZ8EV4U34CePPkC6mllZifZJLvZTUOTber3Aw2b7D47z2T/zDyBsgLw37rV+Pn52m/7Z6SKKtK7G1IgqSZVJZ3R2dqznd3t3Xarmbejiouwf0ZxpElts7XTygq1cS7CC+27qpZ6P8NkRFF081fZSaB07urPEEgL/up062tTzyzf6zHj9g45j1lj9rWvF1ouOw8AQLn8+B/4cX7Jz9+DQNrww/6RHP/HtV92AhMX5a7tGf9dlRUZe3xPuVVJvedKOLs+6FSJo7Q8N/B+XvGZ1TfBNEVVpcslOPFgu926vPWo3Qz0RnWvZ7M199qMT92OgmzXM2rTHCP03WTPKBddH+ZsHzbj/J9L6st/dcwWx2a+mu/mjgn1Sc3u/K8aGXuY3JEKB45UnP+V4Xt0vQztVvK3jXq9HvRtsuIaOedb8Ap6WcuuSNQ5o1bU/wNBWJSnizo9EBX37mpB1Gpm1Gbn3ZCotb4o25vu2Ty8vUkzH8xts64/+qJGz/w/sPltKPfKTK4asxEPBe4bj/szn91c1e0zTI0c6cul+y0uDEv9b/49DQfwXvd1XctPX756WGm3W0/swr2MhcdL3U/m3kqZ25S8oL3kkwVFTmrjzqA0zcQuHeoO7f2jcGN7lR2Jg3KsFxrfpnsilbFQ8v0JU5Ec9LIzQUnsvMvE9V9Sr1TjyZ59CTPn6SP+EOD3GNk5dreCS2KjeEYu6eSBKrjF4RVcuuZK1Yyu5jp/Uboweouhz/OYMA390F1+/wcAAAAAAAAAAAAAAAAAAJg10/h3grL7CAAAAAAAAAAAAAAAAAAAAADArOs+/1ed5/9qtOf/Dj6K5TCf//txRzz/F5i8fwEAAP//FZd8vg==") r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e30000000000000000000000008000300"], 0x58}}, 0x0) 638.299319ms ago: executing program 3 (id=2458): quotactl_fd$Q_SYNC(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000001080), 0x1, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=") memfd_create(0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0xfffffffffffffdb6, &(0x7f0000000280)=0x6) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = getpid() fsetxattr$trusted_overlay_origin(r0, &(0x7f0000001200), 0x0, 0x0, 0x3) sched_setscheduler(r1, 0x2, 0x0) mkdir(0x0, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[], 0x20) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000240)=""/90) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000580)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x75}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x30}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x2, 0x3, 0x401}, 0x14}}, 0x0) socket$netlink(0x10, 0x3, 0xc) close(r4) 623.430993ms ago: executing program 0 (id=2503): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000440)="d8000000180081034ef0f206b74cb9040a1d080006007c06e8fc55a10a0015000600142603600e1208000f0000000401a8000100df80ffff00000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b31627ffe06bbaceac3c2fb14c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775820d16a468eb4edbb57a5025ccca9e00360db798262f3dcace0d0bdb8e73ece0b42a9ecbee12cf1de59bf09ebc62e9b6e6bf545de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0) 615.705964ms ago: executing program 4 (id=2504): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x101) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmmsg$inet(r1, &(0x7f0000007640)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000240)="53493c28387aec22593e2d5d7d46d8aeb7834789cf47d1fb17f77d352ee06806745ff1a3ad05ca14b8d93407a3d04907d39957", 0x33}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000900)="812a", 0x2}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x3, 0x4810) 523.840596ms ago: executing program 2 (id=2505): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r0, 0x0, 0x0) setsockopt$sock_void(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_batadv\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022}) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x100, 0x0, 0x4400046, r2}) socket$inet6_mptcp(0xa, 0x1, 0x106) syz_emit_ethernet(0x15e, &(0x7f00000003c0)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x128, 0x3a, 0xff, @dev, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @rand_addr=' \x01\x00', @private1, [{0x4, 0x20, "9595f429ae08a565c9a41d413a70a44d2e6f790a3872d50bb14d25344dc5b3a281f175f5ee04aab21301b94d966c72c15a143c69205625466855101cf44d89d9f6ee47d77c0d4e53e34b67c542fc6f6f6c60139c43b78286f5bb8f4f11d164af24e2633a45bf4ed944b0ef6a7b7167f73cf54e78686ac09402659c29eb0ce380654c1bb0f61d255b1556b7a311096b7aab867396997ffab76abca01185b08d1e29ee14d8fe61245487104b1c5205c6adc794ba413b92d2d208b86f40983c4819c33b59c1abe2a4b0aa661fcb54e0855d6bb5dd267878ff59bcfc6079e7a5e0135118be22dc6c97e730f7053d6ec34ca11b5c7c3830af6b26868600f042ff"}]}}}}}}, 0x0) 514.318476ms ago: executing program 0 (id=2506): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_open_dev$tty1(0xc, 0x4, 0x1) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x4c}}, 0x0) 513.975523ms ago: executing program 4 (id=2507): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 486.07906ms ago: executing program 0 (id=2508): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, 0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10) io_setup(0xffff, &(0x7f00000007c0)) 448.679954ms ago: executing program 2 (id=2509): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000002c0)='net_dev_xmit\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$packet(0x11, 0x2, 0x300) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000002c0)='net_dev_xmit\x00', r4}, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'xfrm0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)='\v', 0x1, 0x0, &(0x7f0000000040)={0x11, 0x0, r5}, 0x14) 371.956414ms ago: executing program 4 (id=2510): syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000008c0)={0x44, &(0x7f00000002c0)={0x0, 0xe, 0x3, "930f36"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000"], 0xfdef) 95.524103ms ago: executing program 2 (id=2511): r0 = gettid() tkill(0x0, 0x7) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x7) ptrace$ARCH_SHSTK_LOCK(0x1e, 0x0, 0x1, 0x5003) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$FUSE_INIT(r1, &(0x7f0000000240)={0x50}, 0x50) syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) close(r2) syz_fuse_handle_req(r1, &(0x7f0000006380)="94abf1a608275aa0b8bbb9bc6631cce6655323596989b7f8ec82fd66f5b3c645fe13739e5580ebcd1b3fd35664382ac98068f36f76340d73fdd149e5799015f2e4b164ec00c22e2f79bd66cca2a692a621e5b2e656300c757a298c8e597eebe04ba952dbaa2fd723612131db8ef099ab2c5b99883e5214eaeb300001754aa6e5bf2d05a78c0159b48c3fcc52629abc7dbc2250dcb480d1daf2dd84dc83f5a7fb098d643cd4856f3e2cb639508cdd57a9b282fd3e72a0ff3bf31cc7bea3394b3afcb7c71fbd00c6536da4182ff58fb149cf9dc781b1022ab21726e73b31b7b346dbd035cdc5194b8e53eb7d339b27b0ba05e0f0351455285c0a7cffd678eb3e69a7d9f3cd093da073c42e6efaefc36569de0bfc5b5517d01979dd02799439545f67f5fa076ba5dd91ad24a604655e579ac525940f35f0a11556d87b85affa391cf218f34a5dd2aaa50d2d5bbbed08fae38c575a46c33391ce3aeabe693603bdb8d871d0c3814fb66eeabbcacaab28d00d71a9a2b2ed7a55633ab69f82cdcb99ecf768efbd55e22e23a2f4c0b912276325962f1f3f241ed1d0b113d94db91a7ff6fe2f2a62593387652b1ebf547a74f4b29cb31385860b92230360438f4924eae363c80c5e74c305746d2fa3949b09d8f77e23344ead6aea2dc9913377d82490dc1e4ecb3cc3393ffe6225c279b7f484091d0454a3fc9ff133a898fe7adce97e5b2ec0774222ce8a343fbd0cbbef2ecf7cbd4147e80f871e931e2ca316a478e52e09d9edd5a0b70a9f8fd013a8cdd7c3f9873ee89096c32991d248291ef30d9be55835c92185b13e75faadad4b27b409bd5ae67bfd748768ea38ac387ce958038f8e7dfd626d1ed34989f4a7259b02ea220bfbcb3a4c3847a3f1e721c07e726ecf21e447f832d94871a20d0d03baf7941a54ebd765f262562cf4ecd93a4a281947d6fb1c2002534d4a8e17e07bf44bc0a1dcb015809365a9028fb8ac18d366553f5bee8fbeb55d2ef344343bd280e3cf163efc504bb188adf1a56d3018de41ee972584cbc050061f776d95e4951194a24cfe6e2a80bd951432dbe701466f5eef8d97814028296bdd1de9e1e98a58339230de2bfeeae2220a7d50067caff43a69cb33856005e9d6da8b37375b99a556c2b4cbd05b9ed8ca6a21c6760b455f811e9fcabc0bada9e2517d7c4f7cc446a3c8a0c6486bdd77ad0e48f2fa842636661eb1964db4853a14fa2c18a6a6273f4ec2e29a8ad853793d374d278c6d3b5ef0625117060337e02acaf5c797ec871ed60c33f5b6f37de8d4ee9e491d92bcfef3138633483634389d0864594fa7c643440ba69e3141e053932187354c81167fb1049812ad7397d04ad493bd5a835741a373c6e8fda17d380bc068a9e3b6099d19cfc77e2dbaa62ee0ac50e565274240416785c744c4efdf21d6d08b46e29daf918ba17b29d183b445fb40509b3b7cbb63108c41aa07c633bb8fe07d2c7033ae4316f6f8ea8973aee79777adf39a17b9cc32e8ef67d30d70d403a31d6aae34be3632e003970d1fd818c8cd4788f0c239e38b3ba31e60084d9b15f9167aca58aec4fff6603e8a8dac01e14d06feb6735406e2dbf3de36c40c58a71959bcbd4a9f257dcbbb875f790a83ddc71d3a343b1322e9ea8f00969afa09bb9c3ef1b6df95babc6569bed7782e274ae94bf769ba7007b16e6dae45aabba187401091cb901f47d399239c94aeff27ddab7bdd721c1969d30f94dee8c0d017edc67bdf1a01c9af7295aa2ff5d356807c6376b7e77100323423b25693ac09850ca03cbe9f716a59893e80e464c6422c6c65e86bc2d6e97032685191a964e95d478bf9fcb40ee310a36b7ad069bd2361aed315b9fff0167e5a55f349363afc5cd93ce4dd0c7959a763576cba282314904b70390100c0c96182314f2e18cab4ed4aa4b448cf5f21297122bde34789742ab8ffdbff05238b41f5de215f296dafb67f315482aeaaaebed1156053e4209ae6e4df50b55663a061da499c1625384374a5a43e288094bc31c1b4a79bad407c4c8738ebbab5fc835d5b82add49b4f253c703ce4cf1da0208fb948bc213480beb6cea0e7b6b80bdfe1296d24fcef0eec37740437e918d00c7cbaeb159815c8ea9a0db55e686639d7d6e3674b9eacdea8451fc6810973e56514b8676ce88acc4a11e965f0e385e2b575ff286fc1c4b85964b4a1b269824187ed094516c52879aebef104e57c53f5b256d68b691b4da1c8e4ca58b7cbc29d0ae546d982adf0641aa8acbea10c1f4cbbc12d2a9b30a90745eb60d6b71b9fb0515402fe5a20b2cd0fb02e9a3fefc58ac231b5b2ccc4a97a44030b352c4c32b466a237eec8abd2d755462d2c25ee9a6777e0a6c07d346055f49e8a014afee91499d341dde1a935fe500c41ec2d2febb978476c64d207a3fadb92469db2b61263c18354bcc138624850078a763b9a4372a6036aac26f2e541d966cf285da40157305cade4f58475fa91cafe913f6c242cf3f6664aebac3210d2a6374ba61448fcf3943b4c252216db06f22f6abdeac3e4ed16822616b293466dd252f9f6bb74a429880f23c50370c4df370f307e24869caa5bfc9e23fe86f9919c846de3007e1da425ec81bb5fefa3224447400f9f3dc2cf3f09f92f165af9e92648e97d417d89a644ffad0e00f6eb33b150484279f2882084bd549004859b2b563b2797f3fea89a659d30823681cddcf2d720ef2b3d4833c0f72a38ffe5ce332e8312093267f40fdb37137ba55874e53f0ec3034abfb2751c05900bf973eaeb9ab0f635fc8e0ce3e96a29481a9017259391219db8d99da4b661761beaa512fed039def9ea45f1307818cb000b138027bd4520ddb307a1b80aa649fb1bbcb96f376e3dbabf01e15db4aa0ee598ecae5c5ade23055b10cc5a4e16e821c1723c18762e133adb8ae473a75e3e474a3251fd3c723ab0aec7548553f63420b4115cfb533b471997f493186546123639c771949f51e2d54a3a56f3878c371f683d98e9410bc8498385a2d788a675e2bae2a50bd38c38cc022433ffa66d6f6fd3b85050e75302b2c4ba79752ac9d31ab87d335a1d5b21a4ebe8b0ff71f1064cd0d74ab2a74a8fecb1c8472e799979d828630077dfec241e297f23b53d05d34324ac9d604616c6dfa2fa1007781a60b1bdc7839a1934f0e5fa86513e989c36eef194d41b31c9bd6ecf6c3f3fdca42a21eec1fa592cfc5fcd9452bcd1d73896ff6161071eb2bf901fc6c7a175fae887f231190cc6b1239b6ca5797929ca197d158993c741a3f791d918bfd24fae0ad7218309c243a2ec6aae7d4d31e7de5485312d8c0cb8cd64cfdeb106f7b13337ebb896afa327fae47bb43ec3e7897faf31be68499a17cbeaf7f71e472dea2ed4b25a3544448a18acc9b30d6772b85aaebd28750050775dcc82f441a64ebb0fca3272e09797875f18d226386065d572c8edd1a0b20fd0de8a3f2222088dd5ebf2ad653c73fa8efae75a2e297498863772c99033214d27bfc869659cb22568b4ea14d33a10e04fb08f583fd12b1b95c4ccab643659f2dad640cbe3e4a321b7dbc91e6c70bf71c6f251b8e9ab189f003707dd2907bdf528dc3e06913588619709eab33b58d547472d75c3dade783dbd7a8bf381661b04a677a75997fbb25c6393f46197a6a1b95bd2c4954ab2b56488b12526c2c69608927d81e654f36f7ea900aa549144aeb3cafeed4183e653bf02577c330775501edb95379f3ab520209c348d95caaa17a6f4f6eef05308eaa27c0117f674cc725cbab82be7a43ef1db1a1798f6085bc7fd8ce9977d31bb952ca1b243eae7843c92ebc3a731691bcb79ca1b84fe27991146ae21c1608a5c78fc1562221115a3d45d3c9ac331ddb3cc4b202dad558372d82c20b3f8956c8acfb2ccd5235ae88c8a60c8a3b2411dfa4ba0455e97e763e26ab31035f7e5b6cc94a292a9e215ee44ba711811813e69b2f246199ab1e0058d0734d515015d2f11583d9e9ddd2ed8e8f6368e5df35566d5ef7fb5d8da3db148eab61edb678d541e4cf1f4ffcae2532c7abdea24903264b6f2f5412ddc461483c1f0348fdc4e7aa6b04056e296aab5f24ccc66898e0c084b87c8b9eade6f64208116cffe31a444b32f49eab6b2a31f5e725849eb88c80813da3a5087d838797e8fb6ffa623d965f26fd8ba6e9cca2394677fcbf1b9762e38b3475fd99efc819628648cd03e5c702d0355f87a4d4366703329119919b87fd18a632aea157d475ae75e75e963763e442685a5ceead5ca83c24f8aed36ecd713d88bc29607963a802412c0e075d9797e5f20120e4c698716f13a929a751907bf596a8e85564852623f496b006bb068de4a797d8c63411326db2ff49e7f67fae236c0f189b2b068e9c846e61db6332691f1844482833f730a3bc48c5fa74b71f74004cdbe1e3753129e41af3cdc79dd7d56f32c480a054dd279eacc73956e830208484a4096d2028b3a93fadc4d69ea8088454345de5fd68025288e7757c99ff70f93dcde174a4ac018cd2a0e81d27bbe7863eb76ae9aff10872233808d77cdd47119d964c22d0fd148317eb8323d5d81f7b69edc0ca571d1b503fac46f7912904e9f8a861018ed7d17272000896cc06973066442e08a49bab6a217a0d008b52f20409c3ec4f23091814f39226b68a86d40793d0680ef1b77120fd56812def445f72a3c970c7302995c9f5c53fbff7580bb6fccb1966cec26bf7be42e314864342a6aa62be1e6b3ec53fce3ec33ebf1ca95039515e49a3df24a91e9995ed32d723137e3db69e721debd4bfa83445e17059ad2adafd40d7b0e83b753317a452bd0c3708ddd28109355074effced1c47fdb3fa7e6276e6ebaf8c1c8f0ed31b33eda003d1d1e828fa8c0374304f504ace8ece90492a6c16a76c57d03f1ba41e5896eb4b991c8bcc31ec100bbb10fce071d7d15c7fb6f0e77205b9eaebb0cc43a88e44ab1a07d4b70c5f3e885022b68b42d41da38553c2a2f7760d56013a8c892809aa3c48e3d7b5908d870b5493a7a35fb2408daae3809e88697114c40f39899a05bb4a052dc03028544db9fdf14c4830cf79af0a58ada73e336c26e38750c7bd1ffe3e659e22edec6d385356448a56f8d8ab9d0389100ac6a763bddea19d90bfec95557999dac1f1a61050a725e72d8518d9244452f45f0fd121950e66f9d4c1e7170285703f72670bb58efb7bfe2e324754941fdf11f3c376e85fbec7e35cca7b69b313098d8d758833ea7e5a62158452f5e44c0a15df699e385c3a3ac4075a328f0b6c3b1dd157c15072d3fce341f62e061e1029bce0a9597abcd2f477d520925c65f08914110025aee988a0875afbb102a8df67edd22f1eb1c76fc5af408ac3dd4b6176d8674f08f2e006f947b4351f8fe8f3a3cd87a6a8ffaa336d6b248096c3ee13e706619bacec98f057330f51b9712537c5f8175d33a48d5644f8ed6145a972577b5a2c8f0fb5de26ec2e2cde444064828396c78987c769dd535505a9faeca560efd84313eecc575ff558181783f43935e1a8cc7962d70db72843d661e49b8cfdc51a247895ab275a4e26f12ccd9e03dd9ee6fe34d30363c1ee90746174edff06cded7d2288a6a68e7206a26963cb93147153316caa2142740447a4eca7666412029887ed5572e7f47e70a587b3efb9d6597bf592300cc5a5fba135fef2651efbe2bac61609ce5ab9b010cfc2d49cdac877600fb09c323df86bbbcb489bc4e47ab790e85e2282f216b0006ddf49542675dd9d7fd396e9220bbb07a04b105b28f57f7fff63c6b4bacb305ddd0c51f3339504ce78675587d849cc9adb8da6548b2d0c8d04768bbbf4b01cd03bc18ee93ec61a1e41a29c65b708b3754626788099485a39374500932bfd8506a4b7fa788798e18e50ac94f38056898ef21dd2cdf966f611c120c72cd50f03708495eb9395d59b7c4867d4cc8eaebb05d4012b0bf391f08cd35b7d3659b84c35895d0d11e18826d8a424964685481c12b69f0eb9352cff3344e77cfad8786b21dccdc5dbbac71651a8691eea714efe53328c9eb6653a05dbe2f157bef8419419d38d539684ee0dd68e3d0e597d22ad1cdb3b2c97afe45604e597f486b0886a71301e3e8010ee90970a76967ecd2cdac75aa05e44b05193bef5413409bd2eeefcfdde513e6b42b2501948ee8387bf33157e7f68c7f3bcb925deae063f1078d117969c805f33f31aeeac1328531bca5f6d5aff9eca4ab5ae816d4a957c7ca05067aa55a651843d15d1efd044bad69958a9874b8bd88c7e9f4319fd992df3e78988e0ab9ef7f5bf5f1d6ef4d5448319f7e0d1ca3f5deb012fc80b581db2e36accd7d418418f8e7728b8065b22d703bd0d51ef7439b272d15069fc92e0ed968aa0342a3a8337ff16d5bbbcb7ce8aa1f0bc3193b15942c98fd13ada4e043644bf65ef70002aa28404210410b5f4bb80d6d2187b586b52ad52cb8b0906d3b4d7ff294f763ef6cfbc213797618fb9470ab4d00f6de784a2a2137718845ff97e733bad805f1e80082b19cd8951354e09bfb8d024fbe033602a5e0d78761317493d47cff2e8530c33806b2cc8e66ad034377c349c50325164c9fb94034cde962a69dbcacd3c9453b54028431e650423c77837b7f0b2cab0cf56f3bd0535a6950f7606e725b5e93ecf7d914d17ba6f856167c082651697002a25023c5383fab0d9f4afea33a250a36e24052f616a97cdd4cb96e012fe5ca8ead7d8b0600d16fe5ec498b3a209d9fcc14b645fb11681867144200992520d087caee528a6dc73d4a389a57140d77f54ff18650c29a2bf0a92e4ffc539e0ab1c1e448490f46f8dec5e63cd1c5b75887a4ceac43b7fbf9f5d68fcf401dfee74f82bfcab548c7ede7a81bf65e6bccd23b34f79b8752f81933a6acd619ee01cfdd4f54220e5a08aa8f4364b53d2a3a25f86c84e38348ba5747c946bda54ab2e04eabc17e6701250daf180cc91fd74ba9ec262536a829e79d35d534734a3257d8ae90416d3d7485f991de0e66734a5cf03f92c120953c65e242a2cbeb91c55951ea1328c36c71bc5c0ae95ea48d81901a6e6442d4fe0e876bc4ddc94540d4533412aee13c2868cbbf0144a851c0e8a78a4be2d27edaa903051c1c4e82d424afd95b2894feab779aeafaf8a58ddb8fa3de0f4fe3c0df297abb1c867bd8196530b06dd3000482d0781b061fe0da1d7a952323aaa957d3c975f9264f00b611efbdfbf3aed1e3b2e2802908cf3e3ad383c1a61bce742c25711344d592c827ba78a7e16667cdf5af34f6d95d98f2a23510ee0379059096334f6668f54751d1d6c4e0c0da2241b19b34d82892954839529daea14d496dd4f7de1921a11fc45aca15b5c4f417485ca8306ee6341c09ef4c4f243fd93042de46d287dad92cd99b68c20960274237a1f71d9e9657d67648ebbf4a8a142319db8ffad8695f4e6122ee5385b631bb03fb1432dc70cd6b7b86f2139e987067b1666e0fb90dfc79c723d0cb15529640520d4f2e046d55147dbdf52f8243c55301a8d0261e93411174adb42cf814e0b2a00685186825c8bcd07a7b548b3ae74f1352fb987af5f952d94edb4d5f5fb1d028355dd49ae4de13998cf1328d5cc7076417dfc44a99911c113ed3f8a3912ee6bdc7b69339518e0e2d1f3bc7ef9c3158ed1db8495fe7828be8eff6d41ba0c55d4ed9a57948452ddc8322978e1c6764a9cf8468972dcefe226489575185fd240c13231cbfcc01c9bc1522c696e7f0f8ecb3cfafa04aa28de0f322dd4d1e018f2d5351394e7d161d3ee116c6a2e801ccab25bbe9b275e65f9e941c939da09935d5a181dcb50787826c1881f939fd71dd56f1ab24fccf114602dfc5b849ec4c29b1d5eedaf3084aec0adf3a6e2dbc55e55860e84ab411470f20000e824f806d56ed166e1a8c82297da0b6022f4446677822869f150d832d039102114fce889de9c98c3cbbc6587b3aa1a4993783d7ab41834f03df61d9b7002d956db0a10be8845c060f8f79af459236a9edce76d7b3e111a69df0314e55d80ae646846b785d70315c70ed30656606626605698cf73e4a6fb521a31a726e952d93951155891016368d8167e9c0369d3c5c380c19f8a1cc983939943003a19392e4cf9a6d784e58c5e16204a579a73b80832933cc5098071fc386a09fb6735d6e0fb8dba762c3240e5dc1efc2da087ba8d7e7b9413feee3a3aa985ff5d6a9a747c7e296affef28925b399db93e3042e50f12b15dd89c67d6b8f1bc161cee276c5a647fd778ee3971cf95805e94a681d8569ebcecdd9949170c8a668f3f6e278dec2a456b4fa77227b1e9bd2f17e51987e17f424ed67f8059a30fa4b74d454f401c574644cd56eeb93919e31e3ce2fcc7dea8a9d33e5d13b8604d635ae0cf05707e45d1ac78bb86581182cb558561611a885629a10a560ac8384570967265eb8dfb14252c8eba90f72a412f63efe51812eb985c89eb151187a4e6c45b1835152af7b3030b0aa2687895ff0cdcd8192b0c0b11f978a0aa9a746e399ac638cfc33236f7afd4f6c16f655f86900e9e5e34fe190a746f80ec76cf393c6581d90d92bdf312f383f3e64fbf6c6c6582bf6a066bd6a8e797ea0f6de3cf5623a253671e52173cf7834de18f3d1bcc86a3e77eb2058dc6de9e5795a8ebcd8e30a7acfaa06b1a2fc896f670e6a32f2a55c707b794e9060bbde5426d7ce14264397a102c4547744d03d113a90a9da880aee53bfc05fd43c33a220a1bac64c7bdb52432add50cc8c6dd91da13cbe52f41f62b7d78a910d0a13a2602e03dbec202d39398559a813b9d43122ae8e2939c0401e61e360005c79e8c52a732d2d5e768374d0f5ff7e169c6a26d48736ad1e8adde5f4f71588fc9c49a608638b372d2650211b23599c9707368a0fe77adb04b6d0ca12ca935f9929d806f58db785ab779b8373587a11e377a2fdd00824fef974faaf19542e1588183e4830e00afc34305af75bcd8a324a8d05fbf1cdf8bcbf9ff907b3cd71f1694aa79bc9cce537b7585d6820b1d55a3011b7144ca89d69ec7ec8a6e5834a52de985b3dc95e4ab114cb519a331922c01672f66adc47affd81ad02d67ba6311545a359adc7d7b7fc39f64a6cbc363586061b3aab300439d7c0a481c49dab4763b9b85b3bb2b232ac87f85c12589a4f6853b260c89cd8517ef987f21fb78b1ed8c008dec1981ab32959330bb5f2b6d862c6d1de359b985fc0bffda86742ffc27c69a13a9d0ca5c2bdb1f5c08bf2e54e1c6c59b61032c0c90d4f59dca87832340222f9a146307094fe5f5bbf38f071827310db7ca1f29f9d2a2abe6dda82c5d9a9cb683f40af21219f4c65baab336ba6dd91b848eef25667945c25fd2878ee7d4be46a2490069b743f9f594b5d94b0009460e348f608dfc23a302158474d0401b6ebd757b022141490fcb2d6e636beae2a840dd09a7c2d594178db237c91d380df2aa4eb750ad326ebf2e3e7270cec8c5388151b8d8cdfcb89b9026088e4a8568e6273051f248b93f6b0a3aefc9447b2f905b641cba2c11d649e2c54cd8dd1e8dfc80f90b5ee74a765a53c1f94227bdf951c9046f0fb29c48eb164225f74b216ac9ff974ffd6555eab3c9a50eb91204f8f09d67a573e486415b1d05778637c765c2780fb173f359bb52e7d92152ed2db48bcf62ac4f5bf99cebf9f7a211c5171dfecf8a0a6151fcdfca0ad323dcf8143f046358f13c7e5ce3f2a2a4bafa348f3a27adb5e51527e8e94baac46194bd28b14521bf43478817778f570235d27270f99be39ea3d83bf656eb2cca4cc9fc815e52d8dd427b947120e05f661f03a65d43642c255017b872a8d71d3d27f4a1c06ca6c30a0dd420390e68aebeb9bf47dddf59e2fb0e55a711783e1176a813ab902869f1a8752c8c1f47f747849947fde9a909161f40a29ec733130f0c788e6b092ff52bf7a6dfc9e712813a7139b3b53912538763e0dc7b325fe84fcd1de95a9391cc8d9a5a403102d1e50be5fee97d983094764112c0a71f4eb0e0ee3b012b3e5ca0e874898f090b4953d219c49a04caa9b519ab8c2dfa8e8f301ca546cd8f4b337b1ca2d3b3e74e08cf94815743d92feac9180d39bb88aa28035eab53e95f16560fc31ec90111b8cdded9755bf4c80d4ad0ef46225a40d80d6d4b5a913cea99a20743adadcdd20ea8f2c1fa627917972e14d6dce8349dae75f73c0a2945be14265ee8bb04857e21b86b36ffb4b6dc867eb3491c0a779b742303fd6487f4cf4123ed9e625b8c51dac48a43a5eb8853c70ee5ef7caaa66dd51f0314b5f80522d081e9d62fc7038832eeb0d546c595b678fbda43e3584402289640cfbcf1f87c7a6193a5404caed933ddf00e584b586ec389b8fcdf8c92f9606dec2febaf33649d289bf8930b3ee27d6931863db7182fb92aed99f3d360d97f659d15db6bfc57fe2c72b978bb4eca4369a58242ac81feea1523125c904919d1f1c274a34a6958c2207830cd812e31da054518d6319bb0c4e8ce0f8492bc6add0bb5b80ac849127c990a438b857e43edb3f764fd6c5654089861815e1effcaa1d8b3d5e5d76a8d56ab817dd809669171a1189bf6f45dd4e83bd414ddc02c7e576d633f988461df8ddb90729c53828f03038a062346fa75b8ed078c424a9782b8c5e154906fd809b219e7c331e84f279eb56e7923b99e526634ae0f36377f862109fbee0d3b7756231fced451c7888d0091450f797c49d65bd4449ea3a5f3c05161ef66a66bf6f8973d7b61720c18b24157b570c9239d2d0d964ebb39459a061590683dfebc22115fbe56e530c3ad57ec00a01e4f8f11256a51b3d6aa4526811a2bb962902c072580a692bd7cacc14bfbc70db8638cb801995696b9439e383d809ae63343d75cca0d65c14289139bc7a420edcf8c94dd13cc21a2b5cfb9700cd32dd0acbbbaeba18783b5146512064dc3616d452d39a09a682fc39eb7939210c984ffb3ffd053743af80ee2ddeee1e53c3646d89b8d4c7f1a5ebad694f6a45a8c705ed4a760219417b030a53a101ca63bab87ebc709876f27d6f0b4bb7685ed9d85f178a27967a288c52d5913bbb5a13e9c30eba2b407fdc4e668dadec9630cb0048ea9877e3b8b0a4972a6ea3ff7ce94dbb585423ecfbe078d1ce81c1869edc1546c6b68ce567daee77c6e824ccdcce4d675af0394629b1d29f24a3d84c5d5ee3cc05d00480b9b970df6f423492e6a5f0a2a11bdf89acaaf49a3724a0fa621b9d7f6f957a6e1553a254f39b48270b596b21113fa5c0715f4fb0fb525f9ed1b2d4146b92b78fcdb303eeb1b610e83b37688b013494db9d5b6baa601b4be3bd84f95d6108f968272bad050811fd5c56c160e9dc5e58b81286d08f793758a49bee0e1fe4190d4afb90824a2466c134a820e83e54c410db43a3c89418eb439dabe7eef817dc32196de1ab944c8be1217f78ea621e86d005e5fee6cd9fb19403a1d0e91dbd960149395c96559053e514876003a1aa1e081e3f46801c5b4f181b2a084863055f51a3871d7ef405ed05b4008933fdd90250720bca25cf6b2a5f1c2fed6e0c472ea7aea95badbfe4401b611d667333c39d94a2e576fd", 0x2000, &(0x7f00000008c0)={&(0x7f00000001c0)={0x50, 0x0, 0xd, {0x7, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 78.73594ms ago: executing program 3 (id=2512): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) sendmmsg$inet(r0, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000680)={0x2, 0x0, @multicast1}, 0x10, 0x0}}], 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller0\x00', @link_local}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) close(0xffffffffffffffff) 0s ago: executing program 0 (id=2513): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x0) kernel console output (not intermixed with test programs): UASHFS error: Failed to read block 0x4de: -5 [ 744.842329][T12609] SQUASHFS error: Failed to read block 0x4de: -5 [ 744.852800][T12609] SQUASHFS error: Failed to read block 0x4de: -5 [ 744.901670][T12609] SQUASHFS error: Failed to read block 0x4de: -5 [ 744.911000][T12609] SQUASHFS error: Failed to read block 0x4de: -5 [ 745.083058][T12619] loop2: detected capacity change from 0 to 512 [ 745.122917][T12619] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 745.185125][T12619] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e12c, mo2=0002] [ 745.197218][T12619] EXT4-fs (loop2): orphan cleanup on readonly fs [ 745.209388][T12619] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1742: bg 0: block 361: padding at end of block bitmap is not set [ 745.242296][T12629] loop3: detected capacity change from 0 to 512 [ 745.249238][T12629] ext4: Unknown parameter 'nouser_xattr' [ 745.273205][T12619] EXT4-fs (loop2): Remounting filesystem read-only [ 745.299226][T12619] EXT4-fs (loop2): 1 truncate cleaned up [ 745.305567][T12619] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 745.781383][T12636] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.1742: dx entry: limit 0 != root limit 125 [ 745.807007][T12636] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1742: Corrupt directory, running e2fsck is recommended [ 747.056008][T10309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 747.212153][T12665] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1754'. [ 747.480376][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.486708][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.945389][ T29] audit: type=1326 audit(1728537006.710:5980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.099295][ T29] audit: type=1326 audit(1728537006.710:5981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.124218][ T29] audit: type=1326 audit(1728537006.820:5982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.154837][T12691] loop2: detected capacity change from 0 to 16 [ 748.181712][T12691] erofs: Unknown parameter 'ÿÿÿÿ' [ 748.200551][ T29] audit: type=1326 audit(1728537006.820:5983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.295939][ T29] audit: type=1326 audit(1728537006.820:5984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.334441][ T29] audit: type=1326 audit(1728537006.820:5985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.414710][T12697] loop2: detected capacity change from 0 to 16 [ 748.430151][T12697] erofs: (device loop2): mounted with root inode @ nid 36. [ 748.776036][ T29] audit: type=1326 audit(1728537006.820:5986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.828661][ T29] audit: type=1326 audit(1728537006.820:5987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.859850][ T29] audit: type=1326 audit(1728537006.820:5988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 748.887390][ T29] audit: type=1326 audit(1728537006.820:5989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12667 comm="syz.2.1758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 749.094697][T12701] loop3: detected capacity change from 0 to 512 [ 749.150852][T12701] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 749.168061][T12701] ext4 filesystem being mounted at /130/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 749.515448][T12701] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1767'. [ 749.587018][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 749.775075][T12719] loop3: detected capacity change from 0 to 1024 [ 749.923054][T12722] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1771'. [ 751.707345][T12750] loop2: detected capacity change from 0 to 128 [ 751.747780][T12750] FAT-fs (loop2): Directory bread(block 160) failed [ 751.754750][T12750] FAT-fs (loop2): Directory bread(block 161) failed [ 751.770610][T12750] FAT-fs (loop2): Directory bread(block 162) failed [ 751.787521][T12750] FAT-fs (loop2): Directory bread(block 163) failed [ 751.794966][T12750] FAT-fs (loop2): Directory bread(block 164) failed [ 751.801966][T12750] FAT-fs (loop2): Directory bread(block 165) failed [ 751.812363][T12750] FAT-fs (loop2): Directory bread(block 166) failed [ 751.819561][T12750] FAT-fs (loop2): Directory bread(block 167) failed [ 751.855887][ T1105] Bluetooth: hci2: Frame reassembly failed (-84) [ 752.209666][T12768] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1787'. [ 753.034363][T12780] loop3: detected capacity change from 0 to 512 [ 753.065106][T12780] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 753.108244][T12780] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 753.546925][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 753.705959][T12796] loop3: detected capacity change from 0 to 8192 [ 754.227136][T12157] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 754.548488][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 754.548507][ T29] audit: type=1326 audit(1728537013.310:5991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.568816][T12819] loop1: detected capacity change from 0 to 16 [ 754.586057][ T29] audit: type=1326 audit(1728537013.310:5992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.615516][ T29] audit: type=1326 audit(1728537013.310:5993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.635260][T12819] erofs: Unknown parameter 'ÿÿÿÿ' [ 754.645662][ T29] audit: type=1326 audit(1728537013.310:5994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.676491][T12822] loop3: detected capacity change from 0 to 1024 [ 754.749489][T12822] EXT4-fs: Ignoring removed orlov option [ 754.766921][T12822] EXT4-fs: Ignoring removed nomblk_io_submit option [ 754.778546][ T29] audit: type=1326 audit(1728537013.310:5995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.804936][ T29] audit: type=1326 audit(1728537013.310:5996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.836400][ T29] audit: type=1326 audit(1728537013.310:5997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.860771][ T29] audit: type=1326 audit(1728537013.320:5998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.861531][T12822] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 754.885989][T12827] loop1: detected capacity change from 0 to 16 [ 754.903541][T12827] erofs: (device loop1): mounted with root inode @ nid 36. [ 754.941688][ T29] audit: type=1326 audit(1728537013.320:5999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 754.964453][ T29] audit: type=1326 audit(1728537013.320:6000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12811 comm="syz.0.1802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685177dff9 code=0x7ffc0000 [ 755.472863][T12811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 757.131698][T12863] syz.2.1817 uses obsolete (PF_INET,SOCK_PACKET) [ 757.358826][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.413878][T12865] loop3: detected capacity change from 0 to 16 [ 757.423540][T12865] erofs: Unknown parameter 'ÿÿÿÿ' [ 757.428784][T10403] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 757.584899][T10403] usb 3-1: config 36 has an invalid descriptor of length 0, skipping remainder of the config [ 757.601727][T10403] usb 3-1: config 36 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 757.624645][T12867] loop3: detected capacity change from 0 to 16 [ 757.638395][T12867] erofs: (device loop3): mounted with root inode @ nid 36. [ 757.702429][T10403] usb 3-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29 [ 757.762805][T10403] usb 3-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16 [ 757.886321][T10403] usb 3-1: Manufacturer: syz [ 757.927598][T10403] usb 3-1: SerialNumber: syz [ 758.322862][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 758.344641][T10403] usbhid 3-1:36.0: couldn't find an input interrupt endpoint [ 758.358225][T10403] usb 3-1: USB disconnect, device number 8 [ 758.852055][T12893] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1826'. [ 759.122085][T12897] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1827'. [ 759.281424][T12901] loop3: detected capacity change from 0 to 4096 [ 759.376485][T12901] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 759.604231][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 759.604248][ T29] audit: type=1326 audit(1728537018.250:6003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.632861][ C0] vkms_vblank_simulate: vblank timer overrun [ 759.666989][ T29] audit: type=1326 audit(1728537018.260:6004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.683513][T12911] loop2: detected capacity change from 0 to 512 [ 759.694092][ T29] audit: type=1326 audit(1728537018.300:6005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.718387][ C0] vkms_vblank_simulate: vblank timer overrun [ 759.856533][ T29] audit: type=1326 audit(1728537018.310:6006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.912076][ T29] audit: type=1326 audit(1728537018.320:6007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.927487][T12911] ext2: Unknown parameter 'subj_type' [ 759.934864][ T29] audit: type=1326 audit(1728537018.320:6008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.934923][ T29] audit: type=1326 audit(1728537018.320:6009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.935001][ T29] audit: type=1326 audit(1728537018.340:6010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.941001][T12901] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 759.963067][ T29] audit: type=1326 audit(1728537018.340:6011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 759.963184][ T29] audit: type=1326 audit(1728537018.340:6012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12902 comm="syz.2.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 760.013671][ C0] vkms_vblank_simulate: vblank timer overrun [ 760.180419][ C0] vkms_vblank_simulate: vblank timer overrun [ 761.396692][T12914] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 761.551520][T12939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1841'. [ 762.419680][T12949] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1843'. [ 763.126306][T12963] netlink: 'syz.4.1851': attribute type 4 has an invalid length. [ 764.021680][T12980] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1857'. [ 764.097269][T12987] loop3: detected capacity change from 0 to 2048 [ 764.206855][T12987] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 764.286506][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 764.690485][T13017] loop1: detected capacity change from 0 to 512 [ 764.807696][T13017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 764.821470][T13017] ext4 filesystem being mounted at /123/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 765.006658][T13021] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1871'. [ 765.195161][T10306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 765.419081][T13035] binder: 13029:13035 ioctl c0306201 0 returned -14 [ 765.454358][T13037] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1877'. [ 765.654824][T13060] loop3: detected capacity change from 0 to 512 [ 765.725359][T13060] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 765.743488][T13060] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 766.028190][ T5238] Bluetooth: hci7: link tx timeout [ 766.055738][ T5238] Bluetooth: hci7: killing stalled connection 11:aa:aa:aa:aa:aa [ 766.249645][T13060] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1884'. [ 766.305429][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 766.671209][T12157] Bluetooth: hci7: link tx timeout [ 766.676371][T12157] Bluetooth: hci7: killing stalled connection 11:aa:aa:aa:aa:aa [ 767.029024][T13093] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1891'. [ 767.157960][ T5318] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 767.170347][ T1105] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 767.463829][ T1105] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 767.478484][ T5318] usb 5-1: Using ep0 maxpacket: 32 [ 767.492591][ T5318] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice= e.22 [ 767.501858][ T5318] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 767.510372][ T5318] usb 5-1: Product: syz [ 767.514523][ T5318] usb 5-1: Manufacturer: syz [ 767.520476][ T5318] usb 5-1: SerialNumber: syz [ 767.547940][ T5318] usb 5-1: config 0 descriptor?? [ 767.599699][ T5318] usb 5-1: selecting invalid altsetting 3 [ 767.613568][ T1105] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 767.656687][ T5318] comedi comedi0: could not set alternate setting 3 in high speed [ 767.684752][ T5318] usbdux 5-1:0.0: driver 'usbdux' failed to auto-configure device. [ 767.709665][ T5318] usbdux 5-1:0.0: probe with driver usbdux failed with error -22 [ 767.729327][ T1105] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 767.808440][ T5318] usb 5-1: USB disconnect, device number 8 [ 767.821286][T12157] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 767.833849][T12157] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 767.842651][T12157] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 767.904225][T12157] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 767.922041][T12157] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 767.931771][T12157] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 768.010015][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 768.027993][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 768.046851][ T1105] bond0 (unregistering): Released all slaves [ 768.167957][ T5238] Bluetooth: hci7: command 0x0405 tx timeout [ 768.188384][ T938] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 768.337957][ T938] usb 4-1: Using ep0 maxpacket: 8 [ 768.349513][ T938] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 768.360634][ T1105] hsr_slave_0: left promiscuous mode [ 768.368542][ T938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 768.385783][ T1105] hsr_slave_1: left promiscuous mode [ 768.393085][ T938] usb 4-1: Product: syz [ 768.398918][ T938] usb 4-1: Manufacturer: syz [ 768.410358][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 768.412387][ T938] usb 4-1: SerialNumber: syz [ 768.744747][ T938] usb 4-1: config 0 descriptor?? [ 768.751555][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 768.785661][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 768.800928][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 768.830387][ T1105] veth1_macvtap: left promiscuous mode [ 768.840710][ T1105] veth0_macvtap: left promiscuous mode [ 768.853598][ T1105] veth1_vlan: left promiscuous mode [ 768.863892][ T1105] veth0_vlan: left promiscuous mode [ 768.958283][ T938] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 769.117188][T13136] loop1: detected capacity change from 0 to 512 [ 769.125780][T13136] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 769.138524][T13136] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e12c, mo2=0002] [ 769.146615][T13136] EXT4-fs (loop1): orphan cleanup on readonly fs [ 769.158976][T13136] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1906: bg 0: block 361: padding at end of block bitmap is not set [ 769.173586][T13136] EXT4-fs (loop1): Remounting filesystem read-only [ 769.180458][T13136] EXT4-fs (loop1): 1 truncate cleaned up [ 769.186746][T13136] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 769.406953][ T1105] team0 (unregistering): Port device team_slave_1 removed [ 769.460549][ T1105] team0 (unregistering): Port device team_slave_0 removed [ 769.485501][T13143] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.1906: dx entry: limit 0 != root limit 125 [ 769.536929][T13143] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1906: Corrupt directory, running e2fsck is recommended [ 769.566302][T13146] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1909'. [ 769.705088][ T938] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 769.744213][T13105] chnl_net:caif_netlink_parms(): no params data found [ 769.764407][ T938] usb 4-1: USB disconnect, device number 10 [ 769.801504][T13151] loop2: detected capacity change from 0 to 1024 [ 769.992245][T13105] bridge0: port 1(bridge_slave_0) entered blocking state [ 770.008246][ T5238] Bluetooth: hci0: command tx timeout [ 770.029820][T13105] bridge0: port 1(bridge_slave_0) entered disabled state [ 770.037798][T13105] bridge_slave_0: entered allmulticast mode [ 770.044906][T13105] bridge_slave_0: entered promiscuous mode [ 770.052585][T13105] bridge0: port 2(bridge_slave_1) entered blocking state [ 770.059879][T13105] bridge0: port 2(bridge_slave_1) entered disabled state [ 770.067344][T13105] bridge_slave_1: entered allmulticast mode [ 770.074332][T13105] bridge_slave_1: entered promiscuous mode [ 770.127260][T13160] loop2: detected capacity change from 0 to 1024 [ 770.168114][T13160] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 770.192779][T13105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 770.235104][T13105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 770.376940][T13105] team0: Port device team_slave_0 added [ 770.405747][T13105] team0: Port device team_slave_1 added [ 770.472045][T13105] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 770.503246][T13105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 770.568110][T13105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 770.815654][ T1105] bond0: (slave bond_slave_0): interface is now down [ 770.833663][ T1105] bond0: (slave bond_slave_1): interface is now down [ 770.881219][ T1105] bond0: (slave bond_slave_0): interface is now down [ 771.006891][ T1105] bond0: (slave bond_slave_1): interface is now down [ 771.022743][T13178] netlink: 'syz.3.1914': attribute type 10 has an invalid length. [ 771.040233][T13178] bond0: (slave netdevsim0): Enslaving as an active interface with a down link [ 771.050162][T10306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 771.052309][ T1105] bond0: (slave bond_slave_0): interface is now down [ 771.089930][ T1105] bond0: (slave bond_slave_1): interface is now down [ 771.106762][T13105] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 771.115819][T13105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 771.140291][T13184] loop3: detected capacity change from 0 to 8 [ 771.148331][ T2568] bond0: (slave bond_slave_0): interface is now down [ 771.153672][T13105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 771.155737][ T2568] bond0: (slave bond_slave_1): interface is now down [ 771.190543][T13184] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.197045][T13184] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.199203][ T2568] bond0: (slave bond_slave_0): interface is now down [ 771.214680][ T2568] bond0: (slave bond_slave_1): interface is now down [ 771.229875][ T29] kauditd_printk_skb: 11 callbacks suppressed [ 771.229890][ T29] audit: type=1800 audit(1728537030.000:6024): pid=13184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1916" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 771.255739][ T1105] bond0: (slave bond_slave_0): interface is now down [ 771.255758][ T1105] bond0: (slave bond_slave_1): interface is now down [ 771.279106][ T2568] bond0: (slave bond_slave_0): interface is now down [ 771.286176][ T2568] bond0: (slave bond_slave_1): interface is now down [ 771.353166][ T6576] bond0: (slave bond_slave_0): interface is now down [ 771.353491][T13185] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.368390][ T6576] bond0: (slave bond_slave_1): interface is now down [ 771.378153][T13185] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.387095][T13185] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.395447][T13185] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.490804][T13185] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.500110][T13185] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.528938][T13185] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.537154][T13185] SQUASHFS error: Failed to read block 0x4de: -5 [ 771.538017][T10546] bond0: (slave bond_slave_0): interface is now down [ 771.579275][T13105] hsr_slave_0: entered promiscuous mode [ 771.590613][T10546] bond0: (slave bond_slave_1): interface is now down [ 771.628505][ T6576] bond0: (slave bond_slave_0): interface is now down [ 771.635405][ T6576] bond0: (slave bond_slave_1): interface is now down [ 771.658499][T13105] hsr_slave_1: entered promiscuous mode [ 771.666935][ T6576] bond0: (slave bond_slave_0): interface is now down [ 771.696179][ T6576] bond0: (slave bond_slave_1): interface is now down [ 771.861316][ T12] bond0: (slave bond_slave_0): interface is now down [ 771.899965][ T12] bond0: (slave bond_slave_1): interface is now down [ 771.919399][ T6576] bond0: (slave bond_slave_0): interface is now down [ 771.932913][ T6576] bond0: (slave bond_slave_1): interface is now down [ 771.961810][T10546] bond0: (slave bond_slave_0): interface is now down [ 771.968640][T10546] bond0: (slave bond_slave_1): interface is now down [ 771.996726][T10546] bond0: (slave bond_slave_0): interface is now down [ 772.003808][T10546] bond0: (slave bond_slave_1): interface is now down [ 772.032975][ T6576] bond0: (slave bond_slave_0): interface is now down [ 772.097550][T12157] Bluetooth: hci0: command tx timeout [ 772.099368][ T6576] bond0: (slave bond_slave_1): interface is now down [ 772.164651][ T6576] bond0: (slave bond_slave_0): interface is now down [ 772.205219][ T6576] bond0: (slave bond_slave_1): interface is now down [ 772.288732][ T6576] bond0: (slave bond_slave_0): interface is now down [ 772.340235][T13221] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1925'. [ 772.347948][ T6576] bond0: (slave bond_slave_1): interface is now down [ 772.378379][ T2568] bond0: (slave bond_slave_0): interface is now down [ 772.386267][ T2568] bond0: (slave bond_slave_1): interface is now down [ 772.421804][T10546] bond0: (slave bond_slave_0): interface is now down [ 772.432899][T10546] bond0: (slave bond_slave_1): interface is now down [ 772.468156][ T2568] bond0: (slave bond_slave_0): interface is now down [ 772.483035][ T2568] bond0: (slave bond_slave_1): interface is now down [ 772.528540][T10546] bond0: (slave bond_slave_0): interface is now down [ 772.545519][T10546] bond0: (slave bond_slave_1): interface is now down [ 772.599334][ T2568] bond0: (slave bond_slave_0): interface is now down [ 772.606083][ T2568] bond0: (slave bond_slave_1): interface is now down [ 772.678864][ T2568] bond0: (slave bond_slave_0): interface is now down [ 772.711305][ T2568] bond0: (slave bond_slave_1): interface is now down [ 772.768373][ T2568] bond0: now running without any active interface! [ 773.187454][T13242] loop2: detected capacity change from 0 to 8 [ 773.338011][ T29] audit: type=1326 audit(1728537032.040:6025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 773.346289][T13105] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 773.411454][T13105] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 773.414201][ T29] audit: type=1326 audit(1728537032.040:6026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 773.445049][T13105] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 773.494052][ T29] audit: type=1326 audit(1728537032.050:6027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 773.519873][T13105] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 773.570697][T13250] loop3: detected capacity change from 0 to 8 [ 773.572808][ T29] audit: type=1326 audit(1728537032.060:6028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 773.594191][T13252] loop1: detected capacity change from 0 to 512 [ 773.611083][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 773.638269][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 773.668854][T13252] ext2: Unknown parameter 'subj_type' [ 773.679835][ T29] audit: type=1326 audit(1728537032.060:6029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 773.745995][T13105] 8021q: adding VLAN 0 to HW filter on device bond0 [ 773.980896][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 773.989563][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 773.997949][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 774.006338][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 774.009154][T13105] 8021q: adding VLAN 0 to HW filter on device team0 [ 774.058245][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 774.067209][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 774.072968][ T29] audit: type=1326 audit(1728537032.080:6030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 774.084601][T13259] loop1: detected capacity change from 0 to 512 [ 774.139321][ T2568] bridge0: port 1(bridge_slave_0) entered blocking state [ 774.146451][ T2568] bridge0: port 1(bridge_slave_0) entered forwarding state [ 774.154676][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 774.168162][T12157] Bluetooth: hci0: command 0x040f tx timeout [ 774.201861][T13250] SQUASHFS error: Failed to read block 0x4de: -5 [ 774.210195][ T2568] bridge0: port 2(bridge_slave_1) entered blocking state [ 774.217310][ T2568] bridge0: port 2(bridge_slave_1) entered forwarding state [ 774.225618][T13259] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1932: bg 0: block 393: padding at end of block bitmap is not set [ 774.241309][ T29] audit: type=1326 audit(1728537032.090:6031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 774.249764][T13259] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 774.264882][ T29] audit: type=1326 audit(1728537032.090:6032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 774.351767][T13259] EXT4-fs (loop1): 2 truncates cleaned up [ 774.358412][T13259] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 774.387838][ T29] audit: type=1326 audit(1728537032.100:6033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13240 comm="syz.3.1929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f745b37dff9 code=0x7ffc0000 [ 774.446694][T13259] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz.1.1932: path /135/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0 [ 774.505244][T13265] loop3: detected capacity change from 0 to 4096 [ 774.638581][T13105] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 774.671709][T13105] veth0_vlan: entered promiscuous mode [ 774.682697][T13105] veth1_vlan: entered promiscuous mode [ 774.701726][T13105] veth0_macvtap: entered promiscuous mode [ 774.710161][T13105] veth1_macvtap: entered promiscuous mode [ 774.749799][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 774.765282][T10306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 774.775973][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 774.856001][T13276] loop3: detected capacity change from 0 to 736 [ 774.902676][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 774.949551][T13275] IPv4: Oversized IP packet from 172.20.20.24 [ 774.956079][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 774.962534][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 774.977135][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.032996][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 775.102752][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.160245][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 775.216211][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.407959][T12093] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 775.489250][T13105] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 775.589054][T13292] loop3: detected capacity change from 0 to 64 [ 775.596852][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.699161][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.709162][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.719884][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.729816][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.740530][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.750486][T13105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.761038][T13105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.765333][T13292] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1938'. [ 775.772696][T13105] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 775.811658][T13105] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.820620][T13105] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.829486][T13105] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.838303][T13105] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 776.151221][T12093] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 776.175471][T12093] usb 5-1: config 0 interface 0 altsetting 28 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 776.255354][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 776.276409][ T5238] Bluetooth: hci0: command 0x040f tx timeout [ 776.299641][T12093] usb 5-1: config 0 interface 0 has no altsetting 0 [ 776.308536][T12093] usb 5-1: New USB device found, idVendor=1a55, idProduct=83df, bcdDevice=11.91 [ 776.311020][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 776.318008][T12093] usb 5-1: New USB device strings: Mfr=95, Product=254, SerialNumber=0 [ 776.344735][T12093] usb 5-1: Product: syz [ 776.349281][T12093] usb 5-1: Manufacturer: syz [ 776.350181][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 776.356015][T12093] usb 5-1: config 0 descriptor?? [ 776.411838][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 776.695423][T12157] Bluetooth: hci2: sending frame failed (-49) [ 776.701772][ T5238] Bluetooth: hci2: Opcode 0x1003 failed: -49 [ 776.770433][T13318] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 776.851283][T13318] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 777.010741][T13325] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1944'. [ 777.076358][T12093] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 777.166974][T12093] usb 5-1: USB disconnect, device number 9 [ 777.186015][T13331] loop2: detected capacity change from 0 to 512 [ 777.239184][T13331] ext2: Unknown parameter 'subj_type' [ 777.843070][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 777.843175][ T29] audit: type=1326 audit(1728537036.610:6047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13349 comm="syz.0.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 777.990221][ T29] audit: type=1326 audit(1728537036.640:6048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13349 comm="syz.0.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 778.079190][T13357] loop3: detected capacity change from 0 to 4096 [ 778.097333][ T29] audit: type=1326 audit(1728537036.650:6049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13349 comm="syz.0.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 778.119598][ C1] vkms_vblank_simulate: vblank timer overrun [ 778.129761][T13357] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 778.190350][ T29] audit: type=1326 audit(1728537036.660:6050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13349 comm="syz.0.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 778.223399][T13357] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 778.254806][T13357] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 778.276849][T13373] loop1: detected capacity change from 0 to 256 [ 778.293010][ T29] audit: type=1326 audit(1728537036.670:6051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13349 comm="syz.0.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 778.367278][T13378] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.1957'. [ 778.389601][ T29] audit: type=1326 audit(1728537036.680:6052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13349 comm="syz.0.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 778.478859][ T29] audit: type=1326 audit(1728537036.730:6053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13349 comm="syz.0.1949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 778.487080][T13385] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.1957'. [ 778.501319][ C1] vkms_vblank_simulate: vblank timer overrun [ 778.782485][T13408] loop1: detected capacity change from 0 to 512 [ 778.791796][T13408] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 778.823700][T13408] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e12c, mo2=0002] [ 778.832218][T13408] EXT4-fs (loop1): orphan cleanup on readonly fs [ 778.839322][T13408] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1965: bg 0: block 361: padding at end of block bitmap is not set [ 778.854959][T13408] EXT4-fs (loop1): Remounting filesystem read-only [ 778.861798][T13408] EXT4-fs (loop1): 1 truncate cleaned up [ 778.868857][T13408] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 779.065870][T13426] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.1965: dx entry: limit 0 != root limit 125 [ 779.094135][T13426] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1965: Corrupt directory, running e2fsck is recommended [ 779.315680][T13435] loop2: detected capacity change from 0 to 8 [ 779.336899][T13435] SQUASHFS error: lzo decompression failed, data probably corrupt [ 779.376987][T13435] SQUASHFS error: Failed to read block 0x91: -5 [ 779.397822][T13435] SQUASHFS error: Unable to read metadata cache entry [8f] [ 779.475449][T13435] SQUASHFS error: Unable to read inode 0x11f [ 779.482385][T13440] loop3: detected capacity change from 0 to 2048 [ 779.529457][T13440] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 779.743634][T13450] loop3: detected capacity change from 0 to 512 [ 780.540783][T10306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 780.610145][T13497] loop1: detected capacity change from 0 to 1024 [ 780.636662][T13497] EXT4-fs: Ignoring removed orlov option [ 780.649691][T13497] EXT4-fs: Ignoring removed nomblk_io_submit option [ 780.673471][T13497] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 781.070313][T10306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 781.232129][T13519] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1989'. [ 781.324166][T13531] loop2: detected capacity change from 0 to 512 [ 781.340853][T13531] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 781.358097][T13531] ext4 filesystem being mounted at /157/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 781.538240][ T5288] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 781.546078][T12093] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 781.685450][T13531] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1995'. [ 781.721336][T10309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 781.831551][ T5288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 781.851904][T12093] usb 5-1: Using ep0 maxpacket: 8 [ 781.866980][ T5288] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 781.880836][T12093] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 781.895439][ T5288] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 781.913567][T12093] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 781.923734][ T5288] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 781.931806][T12093] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 781.942260][T12093] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 781.955300][T12093] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 781.964379][T12093] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 781.973966][ T5288] usb 2-1: config 0 descriptor?? [ 782.182201][T12093] usb 5-1: usb_control_msg returned -32 [ 782.187912][T12093] usbtmc 5-1:16.0: can't read capabilities [ 782.395460][ T5288] hid-thrustmaster 0003:044F:B65D.0004: unknown main item tag 0x0 [ 782.403498][ T5288] hid-thrustmaster 0003:044F:B65D.0004: unknown main item tag 0x0 [ 782.411476][ T5288] hid-thrustmaster 0003:044F:B65D.0004: unknown main item tag 0x0 [ 782.419331][ T5288] hid-thrustmaster 0003:044F:B65D.0004: unknown main item tag 0x0 [ 782.428129][ T5288] hid-thrustmaster 0003:044F:B65D.0004: unknown main item tag 0x0 [ 782.436926][ T5288] hid-thrustmaster 0003:044F:B65D.0004: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.1-1/input0 [ 782.449140][ T5288] hid-thrustmaster 0003:044F:B65D.0004: Wrong number of endpoints? [ 782.537158][ C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 782.554232][T13549] usbtmc 5-1:16.0: Unable to send data, error -71 [ 782.601397][ C1] hid-thrustmaster 0003:044F:B65D.0004: URB to get model id failed with error -71 [ 782.601640][T10403] usb 2-1: USB disconnect, device number 12 [ 782.735343][T13561] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2005'. [ 783.535617][T13597] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2018'. [ 783.548895][T13595] loop3: detected capacity change from 0 to 1024 [ 783.765591][T13595] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 783.924933][ T29] audit: type=1326 audit(1728537042.580:6054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 783.958247][ T29] audit: type=1326 audit(1728537042.580:6055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 783.993300][ T29] audit: type=1326 audit(1728537042.600:6056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 784.016220][ T29] audit: type=1326 audit(1728537042.610:6057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 784.039863][T13598] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 784.049917][ T29] audit: type=1326 audit(1728537042.610:6058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 784.060329][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 784.073035][ T29] audit: type=1326 audit(1728537042.630:6059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 784.105790][ T29] audit: type=1326 audit(1728537042.630:6060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 784.143513][ T29] audit: type=1326 audit(1728537042.630:6061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 784.178884][ T29] audit: type=1326 audit(1728537042.640:6062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 784.201721][ T29] audit: type=1326 audit(1728537042.640:6063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz.1.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f154217dff9 code=0x7ffc0000 [ 784.307128][ T8] usb 5-1: USB disconnect, device number 10 [ 784.432005][T12157] Bluetooth: hci2: sending frame failed (-49) [ 784.438245][ T5238] Bluetooth: hci2: Opcode 0x1003 failed: -49 [ 785.209115][ T5318] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 785.358014][ T5318] usb 2-1: Using ep0 maxpacket: 32 [ 785.366423][ T5318] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 785.379579][ T5318] usb 2-1: config 0 has no interfaces? [ 785.385138][ T5318] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 785.396572][ T5318] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 785.409239][ T5318] usb 2-1: config 0 descriptor?? [ 785.641474][ T5318] usb 2-1: USB disconnect, device number 13 [ 786.168576][T12157] Bluetooth: hci2: sending frame failed (-49) [ 786.174726][ T5238] Bluetooth: hci2: Opcode 0x1003 failed: -49 [ 786.296080][T13673] smb3: Bad value for 'uid' [ 786.310136][T13673] smb3: Bad value for 'uid' [ 786.358476][T13671] loop2: detected capacity change from 0 to 8192 [ 786.987529][T13656] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 787.871171][T13696] loop2: detected capacity change from 0 to 512 [ 787.913860][T13696] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 787.926395][T13696] EXT4-fs (loop2): orphan cleanup on readonly fs [ 787.936975][T13696] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.2055: Failed to acquire dquot type 1 [ 787.963968][T13696] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2055: bg 0: block 40: padding at end of block bitmap is not set [ 787.980024][T13696] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 787.989915][T13696] EXT4-fs (loop2): 1 truncate cleaned up [ 788.235808][T13696] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 788.248885][T13701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 788.275688][T10309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.288863][T13701] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 788.377311][T13705] loop2: detected capacity change from 0 to 128 [ 788.414017][T13705] FAT-fs (loop2): Directory bread(block 160) failed [ 788.426740][T13705] FAT-fs (loop2): Directory bread(block 161) failed [ 788.433937][T13705] FAT-fs (loop2): Directory bread(block 162) failed [ 788.443369][T13705] FAT-fs (loop2): Directory bread(block 163) failed [ 788.452442][T13705] FAT-fs (loop2): Directory bread(block 164) failed [ 788.461318][T13705] FAT-fs (loop2): Directory bread(block 165) failed [ 788.469115][T13705] FAT-fs (loop2): Directory bread(block 166) failed [ 788.475894][T13705] FAT-fs (loop2): Directory bread(block 167) failed [ 788.711103][T13711] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2061'. [ 788.818991][T13716] program syz.4.2062 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 789.915884][T13734] loop3: detected capacity change from 0 to 128 [ 789.924285][T13734] FAT-fs (loop3): Directory bread(block 160) failed [ 789.932676][T13733] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2068'. [ 789.937211][T13734] FAT-fs (loop3): Directory bread(block 161) failed [ 789.958276][T13734] FAT-fs (loop3): Directory bread(block 162) failed [ 789.966685][T13734] FAT-fs (loop3): Directory bread(block 163) failed [ 789.976281][T13734] FAT-fs (loop3): Directory bread(block 164) failed [ 789.983037][T13734] FAT-fs (loop3): Directory bread(block 165) failed [ 789.991084][T13734] FAT-fs (loop3): Directory bread(block 166) failed [ 789.998059][T13734] FAT-fs (loop3): Directory bread(block 167) failed [ 790.040458][ T12] Bluetooth: hci2: Frame reassembly failed (-84) [ 791.049932][T13748] loop1: detected capacity change from 0 to 16 [ 791.067283][T13748] erofs: Bad value for 'cache_strategy' [ 791.387189][T13764] loop2: detected capacity change from 0 to 64 [ 791.928243][T12093] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 791.971589][T13775] loop2: detected capacity change from 0 to 1024 [ 792.088667][T12157] Bluetooth: hci2: command 0x1003 tx timeout [ 792.096562][ T5238] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 792.125435][T12093] usb 5-1: Using ep0 maxpacket: 16 [ 792.168170][T12093] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 792.188704][T12093] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 792.198506][T12093] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 792.208473][T12093] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 792.218768][T12093] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 792.228591][T12093] usb 5-1: config 1 interface 0 has no altsetting 0 [ 792.235297][T12093] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 792.244565][T12093] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 792.285731][T12093] ums-sddr09 5-1:1.0: USB Mass Storage device detected [ 792.551534][T13779] bridge0: port 3(syz_tun) entered blocking state [ 792.558065][T13779] bridge0: port 3(syz_tun) entered disabled state [ 792.565053][T13779] syz_tun: entered allmulticast mode [ 792.570785][T13779] syz_tun: entered promiscuous mode [ 792.576153][T13779] bridge0: port 3(syz_tun) entered blocking state [ 792.582600][T13779] bridge0: port 3(syz_tun) entered forwarding state [ 792.606318][T13788] loop2: detected capacity change from 0 to 512 [ 792.613863][T13788] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 792.635002][T12093] ums-sddr09 5-1:1.0: probe with driver ums-sddr09 failed with error -22 [ 792.635355][T13788] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e12c, mo2=0002] [ 792.651656][T13788] EXT4-fs (loop2): orphan cleanup on readonly fs [ 792.677441][T12093] usb 5-1: USB disconnect, device number 11 [ 792.692758][T13788] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2088: bg 0: block 361: padding at end of block bitmap is not set [ 792.718958][T13788] EXT4-fs (loop2): Remounting filesystem read-only [ 792.725669][T13788] EXT4-fs (loop2): 1 truncate cleaned up [ 792.731988][T13788] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 792.929242][T13797] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.2088: dx entry: limit 0 != root limit 125 [ 792.981401][T13797] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.2088: Corrupt directory, running e2fsck is recommended [ 793.000476][T13793] loop1: detected capacity change from 0 to 8192 [ 794.277335][T13813] loop3: detected capacity change from 0 to 16 [ 794.323921][T10309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 794.334418][T13813] erofs: Unknown parameter 'ÿÿÿÿ' [ 794.560859][T13819] loop3: detected capacity change from 0 to 16 [ 794.976219][T13819] erofs: (device loop3): mounted with root inode @ nid 36. [ 795.322002][T13836] loop1: detected capacity change from 0 to 64 [ 795.376384][T13840] loop2: detected capacity change from 0 to 64 [ 795.495569][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 795.495586][ T29] audit: type=1326 audit(1728537054.240:6075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 795.552582][T13847] loop2: detected capacity change from 0 to 512 [ 795.559189][ T5286] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 795.576906][ T29] audit: type=1326 audit(1728537054.240:6076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 795.630874][T13847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 795.657960][ T29] audit: type=1326 audit(1728537054.250:6077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 795.701683][T13847] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 795.738042][ T5286] usb 4-1: Using ep0 maxpacket: 16 [ 795.741399][ T29] audit: type=1326 audit(1728537054.250:6078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 795.751089][ T5286] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 795.775716][ T5286] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 795.786102][ T5286] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 795.802614][ T5286] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 795.813628][ T5286] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 795.929997][ T5286] usb 4-1: config 1 interface 0 has no altsetting 0 [ 795.967225][ T29] audit: type=1326 audit(1728537054.260:6079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 795.972472][ T5286] usb 4-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 796.121179][ T5286] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 796.209382][ T29] audit: type=1326 audit(1728537054.260:6080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 796.218039][ T5286] ums-sddr09 4-1:1.0: USB Mass Storage device detected [ 796.376478][ T29] audit: type=1326 audit(1728537054.260:6081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 796.593059][T10309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 796.596312][ T29] audit: type=1326 audit(1728537054.260:6082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 796.625468][ T29] audit: type=1326 audit(1728537054.260:6083): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 796.648678][ T29] audit: type=1326 audit(1728537054.270:6084): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=13843 comm="syz.4.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 796.678183][ T5286] scsi host1: usb-storage 4-1:1.0 [ 797.938813][ T5288] usb 4-1: USB disconnect, device number 11 [ 797.942807][T13867] loop2: detected capacity change from 0 to 16 [ 798.258564][T13867] erofs: Unknown parameter 'ÿÿÿÿ' [ 798.461678][T13873] loop2: detected capacity change from 0 to 16 [ 798.488028][T13873] erofs: (device loop2): mounted with root inode @ nid 36. [ 799.063306][ T8] IPVS: starting estimator thread 0... [ 799.072818][T13877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2110'. [ 799.218144][T13891] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2121'. [ 799.237995][T13885] IPVS: using max 45 ests per chain, 108000 per kthread [ 801.002921][T13925] loop1: detected capacity change from 0 to 512 [ 801.060003][T13925] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 801.122589][T13925] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0002] [ 801.131130][T13925] EXT4-fs (loop1): orphan cleanup on readonly fs [ 801.141007][T13925] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2133: bg 0: block 361: padding at end of block bitmap is not set [ 801.155349][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 801.155364][ T29] audit: type=1326 audit(1728537059.910:6128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13924 comm="syz.0.2134" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x0 [ 801.160309][T13925] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 801.279449][T13925] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.2133: attempt to clear invalid blocks 33619980 len 1 [ 801.314491][T13925] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2133: invalid indirect mapped block 1811939328 (level 0) [ 801.377157][T13925] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2133: invalid indirect mapped block 2185560079 (level 1) [ 801.416134][T13925] EXT4-fs (loop1): 1 truncate cleaned up [ 801.432871][T13925] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 801.457359][T13949] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2139'. [ 801.523088][T10306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 801.608031][T13959] loop3: detected capacity change from 0 to 512 [ 801.668938][T13959] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 801.685015][T13959] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 802.008553][T13972] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 802.040847][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.057252][T13972] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 802.069353][T13974] Invalid ELF header type: 2 != 1 [ 802.120248][T13972] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 802.160027][ T29] audit: type=1326 audit(1728537060.920:6129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 802.183224][ T29] audit: type=1326 audit(1728537060.920:6130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 802.268050][ T29] audit: type=1326 audit(1728537060.920:6131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 802.292472][ T29] audit: type=1326 audit(1728537060.920:6132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 802.315628][ T29] audit: type=1326 audit(1728537060.920:6133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 802.342472][ T29] audit: type=1326 audit(1728537060.920:6134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 802.478008][ T29] audit: type=1326 audit(1728537060.920:6135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 802.513024][T13962] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 802.697701][ T29] audit: type=1326 audit(1728537060.930:6136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 803.116391][ T29] audit: type=1326 audit(1728537060.960:6137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13962 comm="syz.4.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f837317dff9 code=0x7ffc0000 [ 803.882876][T13983] loop3: detected capacity change from 0 to 8192 [ 803.927056][T13998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2158'. [ 805.126118][T14018] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 805.286975][T14024] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2168'. [ 806.041500][T14059] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2182'. [ 806.135783][T14066] loop1: detected capacity change from 0 to 8 [ 806.171572][T14066] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.179223][T14066] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.186393][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 806.186407][ T29] audit: type=1800 audit(1728537064.950:6151): pid=14066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2186" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 806.231628][T14073] netlink: 'syz.0.2189': attribute type 4 has an invalid length. [ 806.248542][T14073] netlink: 'syz.0.2189': attribute type 4 has an invalid length. [ 806.279002][T14074] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.289156][T14074] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.299198][T14074] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.310104][T14074] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.322771][T14074] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.368273][T14074] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.385966][T14074] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.399031][T14074] SQUASHFS error: Failed to read block 0x4de: -5 [ 806.705458][T14056] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 806.869181][T14086] loop1: detected capacity change from 0 to 1024 [ 807.397518][T14110] loop2: detected capacity change from 0 to 1024 [ 808.744316][T14122] loop3: detected capacity change from 0 to 512 [ 808.810527][T14122] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 808.828220][T14122] ext4 filesystem being mounted at /211/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 808.889722][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.896244][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.290824][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 811.803372][T14189] loop2: detected capacity change from 0 to 1024 [ 812.385588][T14206] loop3: detected capacity change from 0 to 128 [ 812.395786][T14206] FAT-fs (loop3): Directory bread(block 160) failed [ 812.418098][T14206] FAT-fs (loop3): Directory bread(block 161) failed [ 812.436304][T14207] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2236'. [ 812.445869][T14206] FAT-fs (loop3): Directory bread(block 162) failed [ 812.461308][T14206] FAT-fs (loop3): Directory bread(block 163) failed [ 812.476208][T14206] FAT-fs (loop3): Directory bread(block 164) failed [ 812.496484][T14206] FAT-fs (loop3): Directory bread(block 165) failed [ 812.516749][T14206] FAT-fs (loop3): Directory bread(block 166) failed [ 812.535605][T14206] FAT-fs (loop3): Directory bread(block 167) failed [ 812.568318][ T71] Bluetooth: hci2: Frame reassembly failed (-84) [ 812.697281][T14218] loop1: detected capacity change from 0 to 1024 [ 814.648007][ T5238] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 818.168448][T14291] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 818.553826][T14307] loop1: detected capacity change from 0 to 512 [ 818.564512][T14307] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 818.594286][T14307] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e12c, mo2=0002] [ 818.602426][T14307] EXT4-fs (loop1): orphan cleanup on readonly fs [ 818.609094][T14307] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2273: bg 0: block 361: padding at end of block bitmap is not set [ 818.628414][T14307] EXT4-fs (loop1): Remounting filesystem read-only [ 818.635090][T14307] EXT4-fs (loop1): 1 truncate cleaned up [ 818.642208][T14307] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 819.174183][T14338] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.2273: dx entry: limit 0 != root limit 125 [ 819.182361][T14340] loop2: detected capacity change from 0 to 64 [ 819.191961][T14338] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.2273: Corrupt directory, running e2fsck is recommended [ 819.303199][ T29] audit: type=1800 audit(1728537078.070:6152): pid=14347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2283" name="/" dev="fuse" ino=1 res=0 errno=0 [ 819.383485][T10306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 820.488895][ T8] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 820.601673][T14382] loop2: detected capacity change from 0 to 512 [ 820.609485][T14382] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 820.620618][T14382] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e12c, mo2=0002] [ 820.629626][T14382] EXT4-fs (loop2): orphan cleanup on readonly fs [ 820.636510][T14382] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2299: bg 0: block 361: padding at end of block bitmap is not set [ 820.651821][T14382] EXT4-fs (loop2): Remounting filesystem read-only [ 820.658506][T14382] EXT4-fs (loop2): 1 truncate cleaned up [ 820.664444][T14382] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 820.667956][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 820.783621][ T8] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 820.794851][ T8] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 820.804442][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 820.815517][ T8] usb 4-1: Product: syz [ 820.823149][ T8] usb 4-1: Manufacturer: syz [ 820.829930][ T8] usb 4-1: SerialNumber: syz [ 820.837202][ T8] usb 4-1: config 0 descriptor?? [ 820.858156][T14386] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.2299: dx entry: limit 0 != root limit 125 [ 820.880773][T14386] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.2299: Corrupt directory, running e2fsck is recommended [ 821.072783][ T8] usb 4-1: USB disconnect, device number 12 [ 821.502062][T10309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 821.868099][ T5286] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 822.027971][ T5286] usb 2-1: Using ep0 maxpacket: 16 [ 822.034419][ T5286] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 822.044938][ T5286] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 822.056970][ T5286] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 822.066778][ T5286] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 822.074890][ T5286] usb 2-1: Product: syz [ 822.079131][ T5286] usb 2-1: Manufacturer: syz [ 822.083742][ T5286] usb 2-1: SerialNumber: syz [ 822.097100][ T5286] usb 2-1: config 0 descriptor?? [ 822.478887][T14418] loop2: detected capacity change from 0 to 8192 [ 823.318824][ T8] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 823.548950][ T938] usb 2-1: USB disconnect, device number 14 [ 823.559490][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 823.566453][ T8] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 823.574628][ T8] usb 4-1: config 0 has no interface number 0 [ 823.585056][ T8] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 823.596847][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 823.605734][ T8] usb 4-1: Product: syz [ 823.612410][ T8] usb 4-1: Manufacturer: syz [ 823.619017][ T8] usb 4-1: SerialNumber: syz [ 823.627629][ T8] usb 4-1: config 0 descriptor?? [ 823.660729][ T8] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 823.684828][T14443] vlan2: entered promiscuous mode [ 823.934944][ T29] audit: type=1326 audit(1728537082.700:6153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.0.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 823.963673][T14460] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 823.972919][ T29] audit: type=1326 audit(1728537082.700:6154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.0.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 823.998503][ T29] audit: type=1800 audit(1728537082.730:6155): pid=14463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2319" name="/" dev="fuse" ino=1 res=0 errno=0 [ 824.020929][ T29] audit: type=1326 audit(1728537082.730:6156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.0.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 824.043690][ T29] audit: type=1326 audit(1728537082.730:6157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.0.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 824.066547][ T29] audit: type=1326 audit(1728537082.730:6158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.0.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 824.089819][ T29] audit: type=1326 audit(1728537082.730:6159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.0.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 824.113757][ T29] audit: type=1326 audit(1728537082.730:6160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.0.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 824.138401][ T29] audit: type=1326 audit(1728537082.730:6161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.0.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f192d17dff9 code=0x7ffc0000 [ 824.219737][ T8] gspca_spca1528: reg_w err -110 [ 824.241866][ T8] spca1528 4-1:0.1: probe with driver spca1528 failed with error -110 [ 824.384866][ T5286] usb 4-1: USB disconnect, device number 13 [ 824.849119][T10403] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 824.885614][T14476] loop2: detected capacity change from 0 to 512 [ 824.913218][T14476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 824.927948][T14476] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 825.500985][T10403] usb 2-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 825.510120][T10403] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 825.521816][T10403] usb 2-1: Product: syz [ 825.526013][T10403] usb 2-1: Manufacturer: syz [ 825.544355][T10403] usb 2-1: SerialNumber: syz [ 825.550443][T10403] usb 2-1: config 0 descriptor?? [ 825.556352][T10309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 825.570379][T10403] i2c-tiny-usb 2-1:0.0: version 6d.cc found at bus 002 address 015 [ 825.805579][T14468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 825.816835][T14468] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 825.831003][T14468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 825.844268][T14468] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 826.834981][T14506] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2337'. [ 826.878900][T14508] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 826.899261][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 826.899273][ T29] audit: type=1326 audit(1728537085.640:6165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 826.938196][ T29] audit: type=1326 audit(1728537085.640:6166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 826.981870][ T29] audit: type=1326 audit(1728537085.640:6167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 827.014661][ T29] audit: type=1326 audit(1728537085.640:6168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 827.037815][ T29] audit: type=1326 audit(1728537085.640:6169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 827.063354][ T29] audit: type=1326 audit(1728537085.650:6170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 827.453836][ T29] audit: type=1326 audit(1728537085.650:6171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 827.476965][ T29] audit: type=1326 audit(1728537085.650:6172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 827.502529][ T29] audit: type=1326 audit(1728537085.650:6173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 827.528805][ T29] audit: type=1326 audit(1728537085.650:6174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.2.2338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3637f7dff9 code=0x7ffc0000 [ 827.841864][T10403] (null): failure setting delay to 10us [ 827.858123][T10403] i2c-tiny-usb 2-1:0.0: probe with driver i2c-tiny-usb failed with error -5 [ 827.874781][T10403] usb 2-1: USB disconnect, device number 15 [ 827.974635][T14524] netlink: 47 bytes leftover after parsing attributes in process `syz.1.2343'. [ 828.561329][T14533] bridge0: port 1(veth1_to_bridge) entered blocking state [ 828.581424][T14534] loop3: detected capacity change from 0 to 64 [ 828.630374][T14533] bridge0: port 1(veth1_to_bridge) entered disabled state [ 828.643427][T14533] veth1_to_bridge: entered allmulticast mode [ 828.659216][T14533] veth1_to_bridge: entered promiscuous mode [ 828.740978][T14536] loop1: detected capacity change from 0 to 128 [ 828.751612][T14536] FAT-fs (loop1): Directory bread(block 160) failed [ 828.760015][T14536] FAT-fs (loop1): Directory bread(block 161) failed [ 828.766709][T14536] FAT-fs (loop1): Directory bread(block 162) failed [ 828.775645][T14536] FAT-fs (loop1): Directory bread(block 163) failed [ 828.782893][T14536] FAT-fs (loop1): Directory bread(block 164) failed [ 828.926105][T14536] FAT-fs (loop1): Directory bread(block 165) failed [ 828.933941][T14536] FAT-fs (loop1): Directory bread(block 166) failed [ 828.942570][T14536] FAT-fs (loop1): Directory bread(block 167) failed [ 829.002164][T12157] Bluetooth: hci2: sending frame failed (-49) [ 829.008432][ T5238] Bluetooth: hci2: Opcode 0x1003 failed: -49 [ 829.097509][T14546] loop2: detected capacity change from 0 to 512 [ 829.108086][T14546] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 829.209461][T14546] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e12c, mo2=0002] [ 829.217567][T14546] EXT4-fs (loop2): orphan cleanup on readonly fs [ 829.224948][T14546] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2349: bg 0: block 361: padding at end of block bitmap is not set [ 829.239589][T14546] EXT4-fs (loop2): Remounting filesystem read-only [ 829.246229][T14546] EXT4-fs (loop2): 1 truncate cleaned up [ 829.254085][T14546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 831.160213][T10309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 831.920339][T14608] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2368'. [ 834.069430][T14666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2388'. [ 835.622712][T14694] netlink: 'syz.1.2401': attribute type 21 has an invalid length. [ 835.631659][T14694] IPv6: NLM_F_CREATE should be specified when creating new route [ 835.657044][T14699] loop3: detected capacity change from 0 to 512 [ 835.669055][T14699] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 835.678076][T14694] IPv6: Can't replace route, no match found [ 835.696421][T14699] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e12c, mo2=0002] [ 835.705332][T14699] EXT4-fs (loop3): orphan cleanup on readonly fs [ 835.712209][T14699] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2404: bg 0: block 361: padding at end of block bitmap is not set [ 835.727061][T14699] EXT4-fs (loop3): Remounting filesystem read-only [ 835.733992][T14699] EXT4-fs (loop3): 1 truncate cleaned up [ 835.740304][T14699] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 835.995902][T14708] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.2404: dx entry: limit 0 != root limit 125 [ 836.092567][T14708] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2404: Corrupt directory, running e2fsck is recommended [ 836.227196][T14717] loop1: detected capacity change from 0 to 512 [ 836.265665][T14717] ext2: Unknown parameter 'subj_type' [ 836.473103][T14722] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2412'. [ 836.482740][T14722] syz_tun: left allmulticast mode [ 836.488144][T14722] syz_tun: left promiscuous mode [ 836.494224][T14722] bridge0: port 3(syz_tun) entered disabled state [ 837.013589][T14722] bridge_slave_1: left allmulticast mode [ 837.019328][T14722] bridge_slave_1: left promiscuous mode [ 837.025019][T14722] bridge0: port 2(bridge_slave_1) entered disabled state [ 837.043054][T14722] bridge_slave_0: left allmulticast mode [ 837.048838][T14722] bridge_slave_0: left promiscuous mode [ 837.054514][T14722] bridge0: port 1(bridge_slave_0) entered disabled state [ 837.085104][T14702] loop2: detected capacity change from 0 to 40427 [ 837.407153][T14702] F2FS-fs (loop2): Found nat_bits in checkpoint [ 837.583289][T14702] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 838.336087][T14752] loop1: detected capacity change from 0 to 1024 [ 838.374436][T10314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 838.818608][T14762] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2422'. [ 838.829283][T10309] syz-executor: attempt to access beyond end of device [ 838.829283][T10309] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 838.844543][T10309] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 839.103473][T14772] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2428'. [ 842.589815][T12534] hfsplus: b-tree write err: -5, ino 4 [ 853.412608][T14820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2444'. [ 857.562081][T12157] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 857.571799][T12157] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 857.585576][T12157] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 857.602097][T10308] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 857.673049][T10304] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 857.684357][T10304] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 857.697119][T10308] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 857.703355][T10304] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 857.716294][T10308] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 857.716410][T10304] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 857.796246][T10304] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 857.804733][T10304] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 857.811957][ T5288] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 858.198185][ T5288] usb 4-1: Using ep0 maxpacket: 32 [ 858.213241][ T5288] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 858.222901][ T5288] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 858.238005][ T5288] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 858.250664][ T5288] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 858.262245][ T5288] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 858.276661][ T5288] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 858.291674][ T5288] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 858.302650][ T5288] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 858.346165][ T5288] usb 4-1: config 0 descriptor?? [ 861.919121][ T5238] Bluetooth: hci2: command tx timeout [ 861.919229][T10304] Bluetooth: hci3: command tx timeout [ 861.947375][ T5288] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 863.715789][ T5288] usb 4-1: USB disconnect, device number 14 [ 863.814649][ T5288] usblp0: removed [ 863.970271][T10304] Bluetooth: hci2: command tx timeout [ 864.034042][T10304] Bluetooth: hci3: command tx timeout [ 866.107990][T10304] Bluetooth: hci2: command tx timeout [ 866.113553][T10304] Bluetooth: hci3: command tx timeout [ 868.168329][T10304] Bluetooth: hci2: command tx timeout [ 868.173935][ T5238] Bluetooth: hci3: command tx timeout [ 869.806501][T12534] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 870.380291][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.387430][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.404327][T10304] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 871.441595][T10304] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 871.474142][T12534] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.486950][T10304] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 871.597934][T10304] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 871.621705][T10304] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 871.685597][T10304] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 872.714751][T12534] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 873.219126][T12534] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 874.291429][ T5238] Bluetooth: hci4: command tx timeout [ 876.398954][T10304] Bluetooth: hci4: command tx timeout [ 879.204439][T10304] Bluetooth: hci4: command tx timeout [ 881.303257][ T5238] Bluetooth: hci4: command tx timeout [ 889.731305][T14832] chnl_net:caif_netlink_parms(): no params data found [ 889.790752][T12534] veth1_to_bridge: left allmulticast mode [ 889.796545][T12534] veth1_to_bridge: left promiscuous mode [ 889.806407][ T5238] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 889.815054][ T5238] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 889.823096][ T5238] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 889.833571][ T5238] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 889.840869][ T5238] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 889.841338][T12534] bridge0: port 1(veth1_to_bridge) entered disabled state [ 889.856353][ T5238] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 889.859754][T10308] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 889.864134][ T5238] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 889.872676][T10308] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 889.887568][T10308] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 889.897428][T10308] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 889.905000][T10308] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 890.012338][T12534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 890.023046][T12534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 890.033592][T12534] bond0 (unregistering): Released all slaves [ 890.057316][T14830] chnl_net:caif_netlink_parms(): no params data found [ 890.194826][T14832] bridge0: port 1(bridge_slave_0) entered blocking state [ 890.203568][T14832] bridge0: port 1(bridge_slave_0) entered disabled state [ 890.211084][T14832] bridge_slave_0: entered allmulticast mode [ 890.217460][T14832] bridge_slave_0: entered promiscuous mode [ 890.224995][T14832] bridge0: port 2(bridge_slave_1) entered blocking state [ 890.232355][T14832] bridge0: port 2(bridge_slave_1) entered disabled state [ 890.239677][T14832] bridge_slave_1: entered allmulticast mode [ 890.246053][T14832] bridge_slave_1: entered promiscuous mode [ 890.273158][T14830] bridge0: port 1(bridge_slave_0) entered blocking state [ 890.280500][T14830] bridge0: port 1(bridge_slave_0) entered disabled state [ 890.287628][T14830] bridge_slave_0: entered allmulticast mode [ 890.294438][T14830] bridge_slave_0: entered promiscuous mode [ 890.318833][T14832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 890.328069][T14830] bridge0: port 2(bridge_slave_1) entered blocking state [ 890.335191][T14830] bridge0: port 2(bridge_slave_1) entered disabled state [ 890.342575][T14830] bridge_slave_1: entered allmulticast mode [ 890.350006][T14830] bridge_slave_1: entered promiscuous mode [ 890.376971][T14832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 890.404433][T14830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 890.417009][T14830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 890.454454][T14859] chnl_net:caif_netlink_parms(): no params data found [ 890.465147][T14832] team0: Port device team_slave_0 added [ 890.472541][T14832] team0: Port device team_slave_1 added [ 890.481102][T12534] hsr_slave_0: left promiscuous mode [ 890.486703][T12534] hsr_slave_1: left promiscuous mode [ 890.492831][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 890.500448][T12534] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 890.509963][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 890.517358][T12534] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 890.526291][T12534] veth1_macvtap: left promiscuous mode [ 890.532097][T12534] veth0_macvtap: left promiscuous mode [ 890.537593][T12534] veth1_vlan: left promiscuous mode [ 890.543076][T12534] veth0_vlan: left promiscuous mode [ 890.622705][T12534] team0 (unregistering): Port device team_slave_1 removed [ 890.632782][T12534] team0 (unregistering): Port device team_slave_0 removed [ 890.681748][T14830] team0: Port device team_slave_0 added [ 890.688980][T14830] team0: Port device team_slave_1 added [ 890.765403][T14832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 890.773284][T14832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 890.799242][T14832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 890.813180][T14832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 890.821398][T14832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 890.847941][T14832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 890.859595][T14830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 890.866962][T14830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 890.893454][T14830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 890.919727][T14830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 890.926689][T14830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 890.952936][T14830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 891.009818][T14859] bridge0: port 1(bridge_slave_0) entered blocking state [ 891.017048][T14859] bridge0: port 1(bridge_slave_0) entered disabled state [ 891.024642][T14859] bridge_slave_0: entered allmulticast mode [ 891.031680][T14859] bridge_slave_0: entered promiscuous mode [ 891.054273][T14830] hsr_slave_0: entered promiscuous mode [ 891.060500][T14830] hsr_slave_1: entered promiscuous mode [ 891.066432][T14830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 891.074467][T14830] Cannot create hsr debugfs directory [ 891.087639][T14859] bridge0: port 2(bridge_slave_1) entered blocking state [ 891.094953][T14859] bridge0: port 2(bridge_slave_1) entered disabled state [ 891.102498][T14859] bridge_slave_1: entered allmulticast mode [ 891.110025][T14859] bridge_slave_1: entered promiscuous mode [ 891.116268][T14887] chnl_net:caif_netlink_parms(): no params data found [ 891.131654][T14832] hsr_slave_0: entered promiscuous mode [ 891.137779][T14832] hsr_slave_1: entered promiscuous mode [ 891.145123][T14832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 891.152856][T14832] Cannot create hsr debugfs directory [ 891.229138][T14859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 891.245885][T14884] chnl_net:caif_netlink_parms(): no params data found [ 891.268992][T14859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 891.343624][T14859] team0: Port device team_slave_0 added [ 891.390053][T14859] team0: Port device team_slave_1 added [ 891.395976][T14887] bridge0: port 1(bridge_slave_0) entered blocking state [ 891.405202][T14887] bridge0: port 1(bridge_slave_0) entered disabled state [ 891.412508][T14887] bridge_slave_0: entered allmulticast mode [ 891.419541][T14887] bridge_slave_0: entered promiscuous mode [ 891.454740][T14887] bridge0: port 2(bridge_slave_1) entered blocking state [ 891.462138][T14887] bridge0: port 2(bridge_slave_1) entered disabled state [ 891.469552][T14887] bridge_slave_1: entered allmulticast mode [ 891.475964][T14887] bridge_slave_1: entered promiscuous mode [ 891.518389][T14859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 891.525372][T14859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 891.551586][T14859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 891.569810][T14887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 891.608395][T14859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 891.615357][T14859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 891.642532][T14859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 891.667414][T14887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 891.690749][T14884] bridge0: port 1(bridge_slave_0) entered blocking state [ 891.698128][T14884] bridge0: port 1(bridge_slave_0) entered disabled state [ 891.705337][T14884] bridge_slave_0: entered allmulticast mode [ 891.712603][T14884] bridge_slave_0: entered promiscuous mode [ 891.723737][T14859] hsr_slave_0: entered promiscuous mode [ 891.730399][T14859] hsr_slave_1: entered promiscuous mode [ 891.736383][T14859] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 891.743958][T14859] Cannot create hsr debugfs directory [ 891.761804][T14887] team0: Port device team_slave_0 added [ 891.768178][T14884] bridge0: port 2(bridge_slave_1) entered blocking state [ 891.775298][T14884] bridge0: port 2(bridge_slave_1) entered disabled state [ 891.782758][T14884] bridge_slave_1: entered allmulticast mode [ 891.791763][T14884] bridge_slave_1: entered promiscuous mode [ 891.809456][T14887] team0: Port device team_slave_1 added [ 891.837116][T14884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 891.865439][T12534] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 891.877664][T14884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 891.903969][T12534] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 891.928132][T12157] Bluetooth: hci0: command tx timeout [ 891.933623][T10308] Bluetooth: hci1: command tx timeout [ 891.953751][T14887] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 891.960933][T14887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 891.986939][T14887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 892.001067][T14887] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 892.008079][T14887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 892.034083][T14887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 892.045853][T14884] team0: Port device team_slave_0 added [ 892.055294][T14884] team0: Port device team_slave_1 added [ 892.066537][T12534] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.113831][T14887] hsr_slave_0: entered promiscuous mode [ 892.120295][T14887] hsr_slave_1: entered promiscuous mode [ 892.126223][T14887] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 892.133875][T14887] Cannot create hsr debugfs directory [ 892.145501][T14884] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 892.152502][T14884] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 892.179278][T14884] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 892.192235][T14830] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.206604][T12534] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.225610][T14884] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 892.232582][T14884] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 892.259030][T14884] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 892.276717][T14830] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.312769][T14884] hsr_slave_0: entered promiscuous mode [ 892.318942][T14884] hsr_slave_1: entered promiscuous mode [ 892.325004][T14884] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 892.332848][T14884] Cannot create hsr debugfs directory [ 892.352533][T14830] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.413942][T14830] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.479285][T12534] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.514171][T14830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 892.525249][T14830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 892.541484][T12534] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.554120][T14830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 892.566683][T14830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 892.590075][T12534] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.616407][T14832] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 892.632850][T14832] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 892.656684][T12534] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.669618][T14832] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 892.692399][T14832] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 892.748245][T14830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 892.923402][T12534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 892.935247][T12534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 892.944907][T12534] bond0 (unregistering): Released all slaves [ 892.957125][T12534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 892.967356][T12534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 892.977393][T12534] bond0 (unregistering): Released all slaves [ 892.987060][T12534] bond1 (unregistering): Released all slaves [ 892.997733][T12534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 893.009425][T12534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 893.020020][T12534] bond0 (unregistering): Released all slaves [ 893.031566][T14830] 8021q: adding VLAN 0 to HW filter on device team0 [ 893.072774][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 893.079915][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 893.096221][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 893.103458][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 893.193337][T14832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 893.216809][T14832] 8021q: adding VLAN 0 to HW filter on device team0 [ 893.240975][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 893.248112][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 893.273985][T14850] bridge0: port 2(bridge_slave_1) entered blocking state [ 893.281104][T14850] bridge0: port 2(bridge_slave_1) entered forwarding state [ 893.372595][T14830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 893.471044][T14859] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 893.509075][T14859] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 893.518819][T14859] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 893.545588][T14830] veth0_vlan: entered promiscuous mode [ 893.551906][T14859] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 893.571418][T14830] veth1_vlan: entered promiscuous mode [ 893.591752][T14832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 893.616295][T14830] veth0_macvtap: entered promiscuous mode [ 893.666416][T12534] hsr_slave_0: left promiscuous mode [ 893.674351][T12534] hsr_slave_1: left promiscuous mode [ 893.683909][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 893.691999][T12534] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 893.699989][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 893.707439][T12534] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 893.721012][T12534] hsr_slave_0: left promiscuous mode [ 893.726799][T12534] hsr_slave_1: left promiscuous mode [ 893.733007][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 893.741497][T12534] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 893.749279][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 893.756665][T12534] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 893.766434][T12534] hsr_slave_0: left promiscuous mode [ 893.773290][T12534] hsr_slave_1: left promiscuous mode [ 893.780616][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 893.788215][T12534] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 893.795790][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 893.803728][T12534] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 893.814338][T12534] veth1_macvtap: left promiscuous mode [ 893.820043][T12534] veth0_macvtap: left promiscuous mode [ 893.825547][T12534] veth1_vlan: left promiscuous mode [ 893.831238][T12534] veth0_vlan: left promiscuous mode [ 893.837096][T12534] veth1_macvtap: left promiscuous mode [ 893.843687][T12534] veth0_macvtap: left promiscuous mode [ 893.849395][T12534] veth1_vlan: left promiscuous mode [ 893.854641][T12534] veth0_vlan: left promiscuous mode [ 893.862448][T12534] veth1_macvtap: left promiscuous mode [ 893.868110][T12534] veth0_macvtap: left promiscuous mode [ 893.873602][T12534] veth1_vlan: left promiscuous mode [ 893.879242][T12534] veth0_vlan: left promiscuous mode [ 894.008192][T12157] Bluetooth: hci0: command tx timeout [ 894.012399][T10308] Bluetooth: hci1: command tx timeout [ 894.034175][T12534] team0 (unregistering): Port device team_slave_1 removed [ 894.046366][T12534] team0 (unregistering): Port device team_slave_0 removed [ 894.136175][T12534] team0 (unregistering): Port device team_slave_1 removed [ 894.146627][T12534] team0 (unregistering): Port device team_slave_0 removed [ 894.235795][T12534] team0 (unregistering): Port device team_slave_1 removed [ 894.246522][T12534] team0 (unregistering): Port device team_slave_0 removed [ 894.310816][T14830] veth1_macvtap: entered promiscuous mode [ 894.333880][T14832] veth0_vlan: entered promiscuous mode [ 894.346871][T14832] veth1_vlan: entered promiscuous mode [ 894.369449][T14830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 894.380761][T14830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 894.393226][T14830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 894.402508][T14830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 894.414460][T14830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 894.425079][T14830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 894.449741][T14830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.458595][T14830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.467283][T14830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.476423][T14830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.493074][T14859] 8021q: adding VLAN 0 to HW filter on device bond0 [ 894.500459][T14832] veth0_macvtap: entered promiscuous mode [ 894.524077][T14832] veth1_macvtap: entered promiscuous mode [ 894.542800][T14884] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 894.563521][T14887] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 894.572123][T14887] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 894.585788][T14859] 8021q: adding VLAN 0 to HW filter on device team0 [ 894.595544][T14850] bridge0: port 1(bridge_slave_0) entered blocking state [ 894.602641][T14850] bridge0: port 1(bridge_slave_0) entered forwarding state [ 894.610493][T14887] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 894.619540][T14887] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 894.629830][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 894.640650][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 894.651209][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 894.662170][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 894.673051][T14832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 894.705236][T14884] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 894.722106][T14850] bridge0: port 2(bridge_slave_1) entered blocking state [ 894.729226][T14850] bridge0: port 2(bridge_slave_1) entered forwarding state [ 894.744359][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 894.755081][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 894.765146][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 894.775663][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 894.786446][T14832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 894.799886][T14884] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 894.816839][T14832] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.826679][T14832] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.836042][T14832] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.845012][T14832] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.866425][ T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 894.874468][ T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 894.883574][T14884] bond0: (slave netdevsim0): Releasing backup interface [ 894.892023][T14884] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 894.944842][T14873] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 894.956078][T14873] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 895.012329][T14887] 8021q: adding VLAN 0 to HW filter on device bond0 [ 895.061193][T14873] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 895.098951][T14873] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 895.125805][T14887] 8021q: adding VLAN 0 to HW filter on device team0 [ 895.169365][T14801] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 895.267183][T14801] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 895.310350][T14873] bridge0: port 1(bridge_slave_0) entered blocking state [ 895.317467][T14873] bridge0: port 1(bridge_slave_0) entered forwarding state [ 895.443261][T14884] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 895.497759][T14859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 895.569046][T14873] bridge0: port 2(bridge_slave_1) entered blocking state [ 895.576178][T14873] bridge0: port 2(bridge_slave_1) entered forwarding state [ 895.631350][T14887] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 895.694799][T14884] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 895.745434][T14884] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 895.787427][T14884] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 896.014206][T14887] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 896.049484][T12534] IPVS: stop unused estimator thread 0... [ 896.991967][T10308] Bluetooth: hci1: command tx timeout [ 896.994872][T12157] Bluetooth: hci0: command tx timeout [ 897.439053][T14887] veth0_vlan: entered promiscuous mode [ 897.470437][T14884] 8021q: adding VLAN 0 to HW filter on device bond0 [ 897.717376][T14887] veth1_vlan: entered promiscuous mode [ 897.821423][T14859] veth0_vlan: entered promiscuous mode [ 897.866230][T14884] 8021q: adding VLAN 0 to HW filter on device team0 [ 897.963034][T14887] veth0_macvtap: entered promiscuous mode [ 897.976767][T14887] veth1_macvtap: entered promiscuous mode [ 897.992766][T15054] loop1: detected capacity change from 0 to 64 [ 898.013589][T14859] veth1_vlan: entered promiscuous mode [ 898.069003][T15054] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2471'. [ 898.103601][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 898.110756][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 898.154181][T14887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 898.219486][T14887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 898.252742][T14887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 898.263562][T14887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 898.275764][T14887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 898.286709][T14887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 898.394885][T14887] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 898.404663][T14859] veth0_macvtap: entered promiscuous mode [ 898.428964][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 898.436093][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 898.461329][T14859] veth1_macvtap: entered promiscuous mode [ 899.085286][T12157] Bluetooth: hci1: command tx timeout [ 899.091075][T12157] Bluetooth: hci0: command tx timeout [ 899.156505][T14887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.174447][T14887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.393420][T14887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.408480][T14887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.422312][T14887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.433999][T14887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.445222][T14887] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 899.461215][T14859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 899.473939][T14859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.484626][T14859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 899.496987][T14859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.507096][T14859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 899.520843][T14859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.531090][T14859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 899.541590][T14859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.552495][T14859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 899.562093][T14859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.573256][T14859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.583911][T14859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.594519][T14859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.604346][T14859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.615141][T14859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.625000][T14859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.635523][T14859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.646317][T14859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 899.659337][T14887] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.680370][T14887] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.690301][T14887] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.699707][T14887] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.725350][T14859] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.735113][T14859] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.746019][T14859] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.755195][T14859] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 900.125155][T15084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2477'. [ 900.134241][T15084] bridge_slave_1: left allmulticast mode [ 900.139937][T15084] bridge_slave_1: left promiscuous mode [ 900.145618][T15084] bridge0: port 2(bridge_slave_1) entered disabled state [ 900.219949][T15084] bridge_slave_0: left allmulticast mode [ 900.225653][T15084] bridge_slave_0: left promiscuous mode [ 900.231834][T15084] bridge0: port 1(bridge_slave_0) entered disabled state [ 900.316613][T12534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 900.328250][T12534] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 900.343980][T15086] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2480'. [ 900.352962][ T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 900.352982][ T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 900.370553][T14884] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 900.423688][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 900.437835][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 900.465254][T14884] veth0_vlan: entered promiscuous mode [ 900.483975][T12534] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 900.493847][T14884] veth1_vlan: entered promiscuous mode [ 900.503726][T12534] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 900.549920][T14884] veth0_macvtap: entered promiscuous mode [ 900.609602][T14884] veth1_macvtap: entered promiscuous mode [ 900.659578][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 900.701555][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 900.724103][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 900.753485][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 900.765435][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 900.782569][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 900.794641][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 900.807636][T15115] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2489'. [ 900.821136][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 900.831880][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 900.844789][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 900.858141][T14884] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 900.877589][T15119] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 900.895885][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 900.928220][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 900.950546][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 900.975922][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 900.998165][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 901.019774][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 901.038639][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 901.050162][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 901.060234][T14884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 901.072124][T14884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 901.083151][T14884] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 901.221819][T14884] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 901.271044][T14884] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 901.451262][T14884] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 901.613930][T14884] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 901.666436][T15137] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2494'. [ 901.675435][T15137] bridge_slave_1: left allmulticast mode [ 901.681129][T15137] bridge_slave_1: left promiscuous mode [ 901.686823][T15137] bridge0: port 2(bridge_slave_1) entered disabled state [ 901.709249][T15137] bridge_slave_0: left allmulticast mode [ 901.715004][T15137] bridge_slave_0: left promiscuous mode [ 901.722076][T15137] bridge0: port 1(bridge_slave_0) entered disabled state [ 901.852551][T12534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 901.886069][T12534] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 902.016220][T14873] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 902.042661][T14873] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 902.054425][T15151] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2502'. [ 902.143030][T15158] loop3: detected capacity change from 0 to 512 [ 902.172232][T15158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 902.188317][T15158] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 902.659467][T14884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 902.711355][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 902.711375][ T29] audit: type=1326 audit(1728537161.460:6176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15180 comm="syz.0.2513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70b097dff9 code=0x7ffc0000 [ 902.749184][ C1] BUG: unable to handle page fault for address: fffffbfffbc00000 [ 902.756939][ C1] #PF: supervisor read access in kernel mode [ 902.762910][ C1] #PF: error_code(0x0000) - not-present page [ 902.768861][ C1] PGD 23ffe4067 P4D 23ffe4067 PUD 23ffe3067 PMD 0 [ 902.775349][ C1] Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI [ 902.781402][ C1] CPU: 1 UID: 0 PID: 15116 Comm: syz.1.2486 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 902.791612][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 902.801646][ C1] RIP: 0010:kasan_check_range+0x82/0x290 [ 902.807262][ C1] Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 [ 902.826931][ C1] RSP: 0018:ffffc90000a189b8 EFLAGS: 00010286 [ 902.832973][ C1] RAX: 0000000000000001 RBX: 1ffffffffbc00000 RCX: ffffffff81cf65ff [ 902.840922][ C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffffde000000 [ 902.848867][ C1] RBP: ffffffffffffffff R08: ffffffffde000003 R09: 1ffffffffbc00000 [ 902.856812][ C1] R10: dffffc0000000000 R11: fffffbfffbc00000 R12: ffffffffde000000 [ 902.864757][ C1] R13: 0000000000000004 R14: dffffc0000000001 R15: fffffbfffbc00001 [ 902.872711][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 902.881623][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 902.888200][ C1] CR2: fffffbfffbc00000 CR3: 0000000011f3e000 CR4: 00000000003526f0 [ 902.896179][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 902.904138][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 902.912090][ C1] Call Trace: [ 902.915354][ C1] [ 902.918197][ C1] ? __die_body+0x5f/0xb0 [ 902.922519][ C1] ? page_fault_oops+0x8e4/0xcc0 [ 902.927439][ C1] ? __pfx_page_fault_oops+0x10/0x10 [ 902.932704][ C1] ? is_prefetch+0x4ed/0x780 [ 902.937275][ C1] ? deref_stack_reg+0x17c/0x210 [ 902.942190][ C1] ? __pfx_is_prefetch+0x10/0x10 [ 902.947113][ C1] ? __bad_area_nosemaphore+0x118/0x770 [ 902.952647][ C1] ? __kernel_text_address+0xd/0x40 [ 902.957826][ C1] ? __pfx___bad_area_nosemaphore+0x10/0x10 [ 902.963698][ C1] ? spurious_kernel_fault+0x119/0x5a0 [ 902.969225][ C1] ? exc_page_fault+0x5c8/0x8c0 [ 902.974054][ C1] ? asm_exc_page_fault+0x26/0x30 [ 902.979057][ C1] ? copy_from_kernel_nofault+0x6f/0x2f0 [ 902.984753][ C1] ? kasan_check_range+0x82/0x290 [ 902.989775][ C1] copy_from_kernel_nofault+0x6f/0x2f0 [ 902.995212][ C1] bpf_probe_read_compat+0x10f/0x180 [ 903.000476][ C1] ? bpf_trace_run3+0x24c/0x5a0 [ 903.005320][ C1] bpf_prog_19cf62d422e78662+0x43/0x45 [ 903.010762][ C1] bpf_trace_run3+0x33a/0x5a0 [ 903.015416][ C1] ? lock_acquire+0xe3/0x550 [ 903.019998][ C1] ? __pfx_slab_free_after_rcu_debug+0x10/0x10 [ 903.026127][ C1] ? __pfx_bpf_trace_run3+0x10/0x10 [ 903.031306][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 903.036301][ C1] ? debug_object_deactivate+0x2d5/0x390 [ 903.041913][ C1] ? rcu_core+0xaaa/0x17a0 [ 903.046333][ C1] ? __pfx_debug_object_deactivate+0x10/0x10 [ 903.052292][ C1] ? rcu_core+0xaaa/0x17a0 [ 903.056684][ C1] ? rcu_core+0xaaa/0x17a0 [ 903.061073][ C1] kmem_cache_free+0x355/0x420 [ 903.065818][ C1] ? slab_free_after_rcu_debug+0x11c/0x290 [ 903.071601][ C1] ? rcu_core+0xa37/0x17a0 [ 903.075991][ C1] ? __pfx___d_free+0x10/0x10 [ 903.080645][ C1] rcu_core+0xaaa/0x17a0 [ 903.084869][ C1] ? __pfx_rcu_core+0x10/0x10 [ 903.089520][ C1] ? kvm_sched_clock_read+0x11/0x20 [ 903.094691][ C1] ? sched_clock+0x4a/0x70 [ 903.099088][ C1] ? sched_clock_cpu+0x76/0x490 [ 903.103936][ C1] ? __pfx_sched_clock_cpu+0x10/0x10 [ 903.109196][ C1] ? __irq_exit_rcu+0xf4/0x1c0 [ 903.113937][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 903.119809][ C1] ? seqcount_lockdep_reader_access+0x1c1/0x220 [ 903.126028][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 903.132351][ C1] handle_softirqs+0x2c5/0x980 [ 903.137093][ C1] ? __irq_exit_rcu+0xf4/0x1c0 [ 903.141860][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 903.147184][ C1] ? sched_clock_cpu+0x76/0x490 [ 903.152128][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 903.157312][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 903.161890][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 903.167087][ C1] ? rcu_is_watching+0x15/0xb0 [ 903.171831][ C1] irq_exit_rcu+0x9/0x30 [ 903.176050][ C1] sysvec_call_function_single+0xa3/0xc0 [ 903.181665][ C1] [ 903.184572][ C1] [ 903.187481][ C1] asm_sysvec_call_function_single+0x1a/0x20 [ 903.193439][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 [ 903.199917][ C1] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 0e 06 2b f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 c3 99 8f f5 65 8b 05 b4 32 30 74 85 c0 74 43 48 c7 04 24 0e 36 [ 903.219501][ C1] RSP: 0018:ffffc90002dcf0c0 EFLAGS: 00000206 [ 903.225548][ C1] RAX: a11900854ea21c00 RBX: 1ffff920005b9e1c RCX: ffffffff819cb7ec [ 903.233498][ C1] RDX: dffffc0000000000 RSI: ffffffff8c611440 RDI: 0000000000000001 [ 903.241457][ C1] RBP: ffffc90002dcf150 R08: ffffffff901d3f2f R09: 1ffffffff203a7e5 [ 903.249412][ C1] R10: dffffc0000000000 R11: fffffbfff203a7e6 R12: dffffc0000000000 [ 903.257358][ C1] R13: 1ffff920005b9e18 R14: ffffc90002dcf0e0 R15: 0000000000000246 [ 903.265312][ C1] ? trace_irq_enable+0x2c/0x120 [ 903.270236][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 903.276538][ C1] ? lock_release+0xbf/0xa30 [ 903.281105][ C1] folios_put_refs+0x708/0x860 [ 903.285847][ C1] ? __pfx_folios_put_refs+0x10/0x10 [ 903.291109][ C1] ? folio_batch_remove_exceptionals+0x18a/0x1f0 [ 903.297412][ C1] shmem_undo_range+0x64c/0x1cf0 [ 903.302330][ C1] ? __pfx_shmem_undo_range+0x10/0x10 [ 903.307675][ C1] ? lock_release+0xbf/0xa30 [ 903.312244][ C1] ? rcu_is_watching+0x15/0xb0 [ 903.316991][ C1] ? preempt_count_add+0x93/0x190 [ 903.322006][ C1] ? 0xffffffffa0001ad8 [ 903.326135][ C1] ? percpu_counter_add_batch+0xff/0x1f0 [ 903.331748][ C1] shmem_evict_inode+0x29b/0xa80 [ 903.336665][ C1] ? inode_wait_for_writeback+0x111/0x2a0 [ 903.342375][ C1] ? __pfx_shmem_evict_inode+0x10/0x10 [ 903.347813][ C1] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 903.353859][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 903.359034][ C1] ? __pfx_shmem_evict_inode+0x10/0x10 [ 903.364473][ C1] evict+0x4e8/0x9b0 [ 903.368346][ C1] ? __pfx_evict+0x10/0x10 [ 903.372737][ C1] ? iput+0x713/0xa50 [ 903.376713][ C1] __dentry_kill+0x20d/0x630 [ 903.381284][ C1] ? dput+0x37/0x2b0 [ 903.385157][ C1] dput+0x19f/0x2b0 [ 903.388946][ C1] __fput+0x5d2/0x880 [ 903.392910][ C1] task_work_run+0x24f/0x310 [ 903.397478][ C1] ? __pfx_task_work_run+0x10/0x10 [ 903.402580][ C1] ? switch_task_namespaces+0xe4/0x110 [ 903.408016][ C1] do_exit+0xa2f/0x28e0 [ 903.412148][ C1] ? rcu_is_watching+0x15/0xb0 [ 903.416890][ C1] ? __pfx_do_exit+0x10/0x10 [ 903.421453][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 903.426802][ C1] ? __pfx_lock_release+0x10/0x10 [ 903.431800][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 903.438194][ C1] ? cgroup_freezing+0x2a8/0x350 [ 903.443109][ C1] do_group_exit+0x207/0x2c0 [ 903.447688][ C1] get_signal+0x16a3/0x1740 [ 903.453041][ C1] ? __pfx_get_signal+0x10/0x10 [ 903.457869][ C1] arch_do_signal_or_restart+0x96/0x860 [ 903.463394][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 903.469527][ C1] ? rcu_is_watching+0x15/0xb0 [ 903.474266][ C1] syscall_exit_to_user_mode+0xc9/0x370 [ 903.479787][ C1] do_syscall_64+0x100/0x230 [ 903.484351][ C1] ? clear_bhb_loop+0x35/0x90 [ 903.489005][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 903.494887][ C1] RIP: 0033:0x7f5928f7dff9 [ 903.499277][ C1] Code: Unable to access opcode bytes at 0x7f5928f7dfcf. [ 903.506266][ C1] RSP: 002b:00007f5929c99038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 903.514653][ C1] RAX: 0000000000010106 RBX: 00007f5929136058 RCX: 00007f5928f7dff9 [ 903.522600][ C1] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003 [ 903.530545][ C1] RBP: 00007f5928ff0296 R08: 0000000000000000 R09: 0000000000000000 [ 903.538491][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 903.546450][ C1] R13: 0000000000000000 R14: 00007f5929136058 R15: 00007ffdf7e13558 [ 903.554405][ C1] [ 903.557400][ C1] Modules linked in: [ 903.561283][ C1] CR2: fffffbfffbc00000 [ 903.565421][ C1] ---[ end trace 0000000000000000 ]--- [ 903.565463][T15181] BUG: unable to handle page fault for address: fffffbfffbc00000 [ 903.570856][ C1] RIP: 0010:kasan_check_range+0x82/0x290 [ 903.578557][T15181] #PF: supervisor read access in kernel mode [ 903.584246][ C1] Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 [ 903.590192][T15181] #PF: error_code(0x0000) - not-present page [ 903.609764][ C1] RSP: 0018:ffffc90000a189b8 EFLAGS: 00010286 [ 903.615716][T15181] PGD 23ffe4067 P4D 23ffe4067 [ 903.621755][ C1] [ 903.621767][T15181] PUD 23ffe3067 [ 903.626498][ C1] RAX: 0000000000000001 RBX: 1ffffffffbc00000 RCX: ffffffff81cf65ff [ 903.628799][T15181] PMD 0 [ 903.632313][ C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffffde000000 [ 903.640254][T15181] Oops: Oops: 0000 [#2] PREEMPT SMP KASAN PTI [ 903.643075][ C1] RBP: ffffffffffffffff R08: ffffffffde000003 R09: 1ffffffffbc00000 [ 903.651026][T15181] CPU: 0 UID: 0 PID: 15181 Comm: syz.0.2513 Tainted: G D 6.12.0-rc2-next-20241008-syzkaller #0 [ 903.657054][ C1] R10: dffffc0000000000 R11: fffffbfffbc00000 R12: ffffffffde000000 [ 903.664999][T15181] Tainted: [D]=DIE [ 903.676678][ C1] R13: 0000000000000004 R14: dffffc0000000001 R15: fffffbfffbc00001 [ 903.684883][T15181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 903.688942][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 903.696888][T15181] RIP: 0010:kasan_check_range+0x82/0x290 [ 903.706935][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 903.715834][T15181] Code: 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd <41> 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 [ 903.721434][ C1] CR2: fffffbfffbc00000 CR3: 0000000011f3e000 CR4: 00000000003526f0 [ 903.727990][T15181] RSP: 0018:ffffc90003f3f9f8 EFLAGS: 00010286 [ 903.747652][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 903.755592][T15181] [ 903.755600][T15181] RAX: 0000000000000001 RBX: 1ffffffffbc00000 RCX: ffffffff81cf65ff [ 903.761630][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 903.769577][T15181] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffffde000000 [ 903.771882][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 904.876080][ C1] Shutting down cpus with NMI [ 904.904228][ C1] Kernel Offset: disabled [ 904.908536][ C1] Rebooting in 86400 seconds..