last executing test programs: 35.575621543s ago: executing program 1: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) poll(0x0, 0x0, 0x100e7f1) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000100), 0xc) recvmsg$qrtr(r1, &(0x7f0000003600)={0x0, 0x0, 0x0}, 0x38, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) connect$qrtr(r1, &(0x7f0000000140), 0xc) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0) openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) r3 = socket$kcm(0x10, 0x2, 0x4) close(r3) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x900, &(0x7f0000000380)=[{&(0x7f0000000080)="5c00000013006bcd9e3fe3dc6e48aa31086b876c1d0000007ea6020af3653c000a003f00f8ff07001309686ce77df7edd6c3a0e69ee517d34488b26906a247f76c6f8dd5b59960bc24eab556a7050a84c9f5d1938037e786a6d0bdd7", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r5) sendmsg$IEEE802154_LLSEC_DEL_KEY(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)={0x28, r6, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x28}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b5090c00020000007b9af0ff00000000b509020000000000c39a00fe41000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018290000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000040000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write(r3, &(0x7f0000000140)="91c9221729d1b6c2ea683a0626152b", 0xf) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8) accept(r7, 0x0, 0x0) r8 = socket$phonet(0x23, 0x2, 0x1) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r8) 34.019119448s ago: executing program 1: socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x110) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x0, 0x0, 0x300}, 0x10) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x4c7, 0xd3, 0x1, 0x81}, 0x10) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000180)={'ip_vti0\x00', 0x0, 0x80, 0x8, 0x5, 0x8, {{0x14, 0x4, 0x3, 0x1, 0x50, 0x65, 0x0, 0x2, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1, {[@rr={0x7, 0x1b, 0x3d, [@rand_addr=0x64010100, @rand_addr=0x64010100, @broadcast, @empty, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x1e}]}, @lsrr={0x83, 0x7, 0x35, [@broadcast]}, @rr={0x7, 0x13, 0xc, [@local, @remote, @dev={0xac, 0x14, 0x14, 0x16}, @local]}, @rr={0x7, 0x7, 0x1f, [@loopback]}]}}}}}) socket$pppl2tp(0x18, 0x1, 0x1) socket(0xa, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)={0x44, r2, 0x1, 0x0, 0x0, {0x34}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x73}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x7}, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) unshare(0x22020600) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0xffdf) ioctl$sock_netdev_private(r4, 0x8924, &(0x7f0000000000)) 33.332739823s ago: executing program 1: r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000003c0)={0x48, 0x1, 0x0, 0x0, 0xfffffffffffffffa}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x1, 0x0, 0x0, 0xffffffffffffff01}) syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==") sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000003040)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xb0}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x2, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000002a00090000000000000000000400002c0c0016"], 0x20}, 0x1, 0x3000000}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x400448e1, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000440)=ANY=[], 0x0) r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) close(r3) r4 = syz_open_dev$dri(0x0, 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[0x0], 0x0, 0x0, 0x0, 0x1}) r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x402) ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000740)={0x0, 0x0, r5, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, {0x8001, 0x0, 0xc0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80000000, 0x3, 0x0, "65366a50432b7ee2c7feddd91df868e7cfc6fa7272f3bf0a71b5d0c19323a260"}}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7}) socket$nl_generic(0x10, 0x3, 0x10) 22.674021684s ago: executing program 0: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) pselect6(0x40, &(0x7f0000000a80), 0x0, &(0x7f0000000b00)={0x8}, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100), 0x4) 21.339016701s ago: executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x0, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000040)={@val={0x6f01, 0x800}, @val={0x1}, @mpls={[], @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, {0x0, 0x4e21, 0x4d, 0x0, @opaque="0c5030af9da3266af52f864706b63b7389cf476778daf646c151e6e4f3417473508c668cb6d473656ad7b75180eceedd55bd77a3b8fc26a1295df7e94f30f8fe5edd7a7852"}}}}, 0x6f) 19.602465652s ago: executing program 0: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) poll(0x0, 0x0, 0x100e7f1) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000100), 0xc) recvmsg$qrtr(r1, &(0x7f0000003600)={0x0, 0x0, 0x0}, 0x38, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) connect$qrtr(r1, &(0x7f0000000140), 0xc) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0) openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) r3 = socket$kcm(0x10, 0x2, 0x4) close(r3) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x900, &(0x7f0000000380)=[{&(0x7f0000000080)="5c00000013006bcd9e3fe3dc6e48aa31086b876c1d0000007ea6020af3653c000a003f00f8ff07001309686ce77df7edd6c3a0e69ee517d34488b26906a247f76c6f8dd5b59960bc24eab556a7050a84c9f5d1938037e786a6d0bdd7", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r5) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b5090c00020000007b9af0ff00000000b509020000000000c39a00fe41000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018290000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000040000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write(r3, &(0x7f0000000140)="91c9221729d1b6c2ea683a0626152b", 0xf) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8) accept(r7, 0x0, 0x0) r8 = socket$phonet(0x23, 0x2, 0x1) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r8) 18.247739395s ago: executing program 0: r0 = socket$kcm(0x10, 0x400000002, 0x0) recvmsg$kcm(r0, &(0x7f0000006480)={0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000180)=""/241, 0xf1}, {&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f0000006280)=""/108, 0x6c}, {&(0x7f00000008c0)=""/200, 0xc8}, {&(0x7f00000024c0)=""/4096, 0x1000}, {&(0x7f0000000a00)=""/97, 0x61}, {&(0x7f0000000a80)=""/224, 0xe0}, {&(0x7f0000000b80)=""/80, 0x50}, {&(0x7f0000000c00)=""/40, 0x28}], 0x9}, 0x0) recvmsg$kcm(r0, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029ea69801d76ab0a272a2a788bab6c95f79725074", 0x1c}], 0x1}, 0x0) 16.893946957s ago: executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x68}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0104000000000000"], 0x50}}, 0x0) sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, 0x17, 0xa, 0x101}, 0x14}}, 0x0) 15.903794143s ago: executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000340)=0x2, 0xa2) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f000000e0c0), 0x10010) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000200)=@gcm_256={{0x304}, "00e0f07600", "832b4d2434b35bca8c0b78d2afff6d70d2025c7f53123828322d5af0d5c6c3a5", '`\a-N', "298f0e6df9ae9b3d"}, 0x38) sendfile(r0, r1, &(0x7f0000000100), 0x5) 15.534717128s ago: executing program 0: openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, &(0x7f00000003c0)={0x48, 0x1, 0x0, 0x0, 0xfffffffffffffffa}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, &(0x7f0000000100)={0x48, 0x1, 0x0, 0x0, 0xffffffffffffff01}) syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==") sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000003040)=""/102392, 0x18ff8) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xb0}}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000480)='mptcp_subflow_get_send\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x3000000}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x400448e1, &(0x7f0000000240)={0x0, 0x0, "957008"}) syz_emit_ethernet(0x6e, &(0x7f0000000440)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adb91c4bf500fe800000000000000000000000000000ff0200000000000000000000000000010300"], 0x0) r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) close(r4) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[0x0], 0x0, 0x0, 0x0, 0x1}) r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x402) ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000740)={0x0, 0x0, r6, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, {0x8001, 0x0, 0xc0, 0x0, 0x0, 0x4, 0x0, 0xfffd, 0x4, 0x0, 0x0, 0x80000000, 0x3, 0xffffff66, "65366a50432b7ee2c7feddd91df868e7cfc6fa7272f3bf0a71b5d0c19323a260"}}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8}) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) 15.339680975s ago: executing program 1: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) poll(0x0, 0x0, 0x100e7f1) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000100), 0xc) recvmsg$qrtr(r1, &(0x7f0000003600)={0x0, 0x0, 0x0}, 0x38, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) connect$qrtr(r1, &(0x7f0000000140), 0xc) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0) openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) r3 = socket$kcm(0x10, 0x2, 0x4) close(r3) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x900, &(0x7f0000000380)=[{&(0x7f0000000080)="5c00000013006bcd9e3fe3dc6e48aa31086b876c1d0000007ea6020af3653c000a003f00f8ff07001309686ce77df7edd6c3a0e69ee517d34488b26906a247f76c6f8dd5b59960bc24eab556a7050a84c9f5d1938037e786a6d0bdd7", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r5) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b5090c00020000007b9af0ff00000000b509020000000000c39a00fe41000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018290000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000040000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write(r3, &(0x7f0000000140)="91c9221729d1b6c2ea683a0626152b", 0xf) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8) accept(r7, 0x0, 0x0) r8 = socket$phonet(0x23, 0x2, 0x1) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r8) 13.867999907s ago: executing program 1: r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000003c0)={0x48, 0x1, 0x0, 0x0, 0xfffffffffffffffa}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x1, 0x0, 0x0, 0xffffffffffffff01}) syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==") sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000003040)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xb0}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x2, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000002a00090000000000000000000400002c0c0016"], 0x20}, 0x1, 0x3000000}, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0) ioctl$HCIINQUIRY(0xffffffffffffffff, 0x400448e1, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000440)=ANY=[], 0x0) r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) close(r3) r4 = syz_open_dev$dri(0x0, 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[0x0], 0x0, 0x0, 0x0, 0x1}) r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x402) ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000740)={0x0, 0x0, r5, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, {0x8001, 0x0, 0xc0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80000000, 0x3, 0x0, "65366a50432b7ee2c7feddd91df868e7cfc6fa7272f3bf0a71b5d0c19323a260"}}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7}) socket$nl_generic(0x10, 0x3, 0x10) 8.517936918s ago: executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000340)=0x2, 0xa2) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f000000e0c0), 0x10010) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000200)=@gcm_256={{0x304}, "00e0f07600", "832b4d2434b35bca8c0b78d2afff6d70d2025c7f53123828322d5af0d5c6c3a5", '`\a-N', "298f0e6df9ae9b3d"}, 0x38) sendfile(r0, r1, &(0x7f0000000100), 0x5) 7.826021213s ago: executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000040)={@val={0x6f01, 0x800}, @val={0x1}, @mpls={[], @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, {0x0, 0x4e21, 0x4d, 0x0, @opaque="0c5030af9da3266af52f864706b63b7389cf476778daf646c151e6e4f3417473508c668cb6d473656ad7b75180eceedd55bd77a3b8fc26a1295df7e94f30f8fe5edd7a7852"}}}}, 0x6f) 7.576155669s ago: executing program 4: madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) madvise(&(0x7f0000433000/0x4000)=nil, 0x4000, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xfa, 0xcf, 0x1, 0x40, 0x56e, 0x4010, 0x201c, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0x55, 0xe7}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, &(0x7f0000000c40)=ANY=[@ANYBLOB='\x00\x00d\x00\x00\x00$'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f00000000c0)={0x0, 0x0, 0x2, "0400"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) syz_usb_control_io$printer(r0, 0x0, 0x0) 7.383883194s ago: executing program 3: socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x110) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x0, 0x0, 0x300}, 0x10) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x4c7, 0xd3, 0x1, 0x81}, 0x10) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000180)={'ip_vti0\x00', 0x0, 0x80, 0x8, 0x5, 0x8, {{0x14, 0x4, 0x3, 0x1, 0x50, 0x65, 0x0, 0x2, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1, {[@rr={0x7, 0x1b, 0x3d, [@rand_addr=0x64010100, @rand_addr=0x64010100, @broadcast, @empty, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x1e}]}, @lsrr={0x83, 0x7, 0x35, [@broadcast]}, @rr={0x7, 0x13, 0xc, [@local, @remote, @dev={0xac, 0x14, 0x14, 0x16}, @local]}, @rr={0x7, 0x7, 0x1f, [@loopback]}]}}}}}) socket$pppl2tp(0x18, 0x1, 0x1) socket(0xa, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)={0x44, r2, 0x1, 0x0, 0x0, {0x34}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x73}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x7}, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) unshare(0x22020600) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0xffdf) ioctl$sock_netdev_private(r4, 0x8924, &(0x7f0000000000)) 6.975221673s ago: executing program 3: ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r5 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) openat$cgroup_subtree(r5, &(0x7f00000001c0), 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000540)='mm_page_alloc\x00'}, 0x10) r6 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_MSFILTER(r6, 0x29, 0x30, 0x0, 0x5000) 4.371148113s ago: executing program 2: r0 = socket$kcm(0x10, 0x400000002, 0x0) recvmsg$kcm(r0, &(0x7f0000006480)={0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000180)=""/241, 0xf1}, {&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f0000006280)=""/108, 0x6c}, {&(0x7f00000008c0)=""/200, 0xc8}, {&(0x7f00000024c0)=""/4096, 0x1000}, {&(0x7f0000000a00)=""/97, 0x61}, {&(0x7f0000000a80)=""/224, 0xe0}, {&(0x7f0000000b80)=""/80, 0x50}, {&(0x7f0000000c00)=""/40, 0x28}], 0x9}, 0x0) recvmsg$kcm(r0, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r0, 0x0, 0x0) 4.230770376s ago: executing program 4: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) poll(0x0, 0x0, 0x100e7f1) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000100), 0xc) recvmsg$qrtr(r1, &(0x7f0000003600)={0x0, 0x0, 0x0}, 0x38, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) connect$qrtr(r1, &(0x7f0000000140), 0xc) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0) openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) r3 = socket$kcm(0x10, 0x2, 0x4) close(r3) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x900, &(0x7f0000000380)=[{&(0x7f0000000080)="5c00000013006bcd9e3fe3dc6e48aa31086b876c1d0000007ea6020af3653c000a003f00f8ff07001309686ce77df7edd6c3a0e69ee517d34488b26906a247f76c6f8dd5b59960bc24eab556a7050a84c9f5d1938037e786a6d0bdd7", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)={0x28, 0x0, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x28}}, 0x0) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b5090c00020000007b9af0ff00000000b509020000000000c39a00fe41000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018290000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000040000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write(r3, &(0x7f0000000140)="91c9221729d1b6c2ea683a0626152b", 0xf) socket$nl_route(0x10, 0x3, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8) accept(r7, 0x0, 0x0) r8 = socket$phonet(0x23, 0x2, 0x1) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r8) 4.006261675s ago: executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00'}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000040)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, {0x0, 0x0, 0x2b, 0x0, @opaque="0c5030af9da3266af52f864706b63b7389cf476778daf646c151e6e4f3417473508c66"}}}}, 0x4d) 2.977374391s ago: executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x68}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a01040000000000000000010000000800024000000002090001"], 0x50}}, 0x0) sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, 0x17, 0xa, 0x101}, 0x14}}, 0x0) 2.830529994s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES64], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r4}, 0x10) 2.477080552s ago: executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000340)=0x2, 0xa2) connect$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f000000e0c0), 0x10010) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000200)=@gcm_256={{0x304}, "00e0f07600", "832b4d2434b35bca8c0b78d2afff6d70d2025c7f53123828322d5af0d5c6c3a5", '`\a-N', "298f0e6df9ae9b3d"}, 0x38) sendfile(r0, r1, &(0x7f0000000100), 0x5) 2.44101541s ago: executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) r2 = epoll_create1(0x0) epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0, r3}, 0x10) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000cc0)}], 0x1) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 1.98067456s ago: executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000040)={@val={0x6f01, 0x800}, @val={0x1}, @mpls={[], @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, {0x0, 0x4e21, 0x4d, 0x0, @opaque="0c5030af9da3266af52f864706b63b7389cf476778daf646c151e6e4f3417473508c668cb6d473656ad7b75180eceedd55bd77a3b8fc26a1295df7e94f30f8fe5edd7a7852"}}}}, 0x6f) 1.7704856s ago: executing program 2: socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x110) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x0, 0x0, 0x300}, 0x10) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x4c7, 0xd3, 0x1, 0x81}, 0x10) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000180)={'ip_vti0\x00', 0x0, 0x80, 0x8, 0x5, 0x8, {{0x14, 0x4, 0x3, 0x1, 0x50, 0x65, 0x0, 0x2, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1, {[@rr={0x7, 0x1b, 0x3d, [@rand_addr=0x64010100, @rand_addr=0x64010100, @broadcast, @empty, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x1e}]}, @lsrr={0x83, 0x7, 0x35, [@broadcast]}, @rr={0x7, 0x13, 0xc, [@local, @remote, @dev={0xac, 0x14, 0x14, 0x16}, @local]}, @rr={0x7, 0x7, 0x1f, [@loopback]}]}}}}}) socket$pppl2tp(0x18, 0x1, 0x1) socket(0xa, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)={0x44, r2, 0x1, 0x0, 0x0, {0x34}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x73}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x7}, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) unshare(0x22020600) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0xffdf) ioctl$sock_netdev_private(r4, 0x8924, &(0x7f0000000000)) 1.46923405s ago: executing program 4: socket$netlink(0x10, 0x3, 0x0) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)='l', 0x1}], 0x1}, 0x400c005) sendmsg$inet(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000000c0)="04", 0x1}], 0x1}, 0x0) recvmsg(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}, 0x2) syz_emit_ethernet(0x52, &(0x7f0000000400)=ANY=[@ANYRES32=0x41424344, @ANYBLOB], 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x26) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001439) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x60, &(0x7f00000005c0)=ANY=[], 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) socket$l2tp6(0xa, 0x2, 0x73) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x80047c7, 0x4) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) 1.048027565s ago: executing program 2: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x4, &(0x7f0000000100)=[{0x0, 0x0, 0xf5, 0x2}, {0x3, 0x1, 0x1f, 0x7}, {0x101, 0x1, 0x2, 0x3ff}, {0xfd, 0x62, 0x1, 0x8}]}, 0x10) 693.781929ms ago: executing program 2: madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) madvise(&(0x7f0000433000/0x4000)=nil, 0x4000, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xfa, 0xcf, 0x1, 0x40, 0x56e, 0x4010, 0x201c, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0x55, 0xe7}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, &(0x7f0000000c40)=ANY=[@ANYBLOB='\x00\x00d\x00\x00\x00$'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f00000000c0)={0x0, 0x0, 0x2, "0400"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000ac0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)={0x20, 0x0, 0x1}}) 0s ago: executing program 4: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) listen(r0, 0x0) poll(&(0x7f0000000040)=[{r0, 0x2124}, {r0, 0xb0c4}], 0x2, 0x11ff) shutdown(r0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000006900000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4}, 0x48) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x806, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000280)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x800, 0x0, 0x103, 0xd}, 0x20) setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r3, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e22, 0x80000, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000003a80)=ANY=[@ANYBLOB="18000000000000002900000004000000000000000000000098000000000000002900000037"], 0xb0}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) kernel console output (not intermixed with test programs): ded to keep mac addresses unique to avoid problems! [ 654.360129][ T9241] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 654.483748][ T9241] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 654.496111][ T9241] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 654.506090][ T9241] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 654.515309][ T9241] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 655.599951][ T9399] loop0: detected capacity change from 0 to 256 [ 655.667570][ T9399] exfat: Deprecated parameter 'namecase' [ 655.674674][ T9399] exfat: Deprecated parameter 'utf8' [ 655.680255][ T9399] exfat: Deprecated parameter 'namecase' [ 655.911748][ T9399] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 666.139341][ T9416] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'. [ 667.776278][ T9425] loop0: detected capacity change from 0 to 4096 [ 668.028651][ T9428] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 668.745372][ T9437] loop4: detected capacity change from 0 to 8 [ 670.012807][ T9000] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 670.020997][ T9000] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 670.321015][ T9005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 670.329317][ T9005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 670.556989][ T9450] loop4: detected capacity change from 0 to 256 [ 670.594104][ T9450] exfat: Deprecated parameter 'namecase' [ 670.600889][ T9450] exfat: Deprecated parameter 'utf8' [ 670.607795][ T9450] exfat: Deprecated parameter 'namecase' [ 670.747430][ T9450] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 671.518073][ T9459] loop1: detected capacity change from 0 to 64 [ 672.159515][ T9464] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'. [ 672.409118][ T9462] loop4: detected capacity change from 0 to 1024 [ 672.489143][ T9462] EXT4-fs: Ignoring removed i_version option [ 672.508595][ T9462] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 672.638029][ T9462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 673.381339][ T9470] loop2: detected capacity change from 0 to 4096 [ 673.491721][ T6846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 673.980769][ T9476] loop0: detected capacity change from 0 to 8 [ 674.688416][ T9484] loop4: detected capacity change from 0 to 64 [ 674.720514][ T9484] hfs: dir_umask requires a value [ 674.726117][ T9484] hfs: unable to parse mount options [ 674.811326][ T9484] syz-executor.4: attempt to access beyond end of device [ 674.811326][ T9484] loop4: rw=0, sector=2, nr_sectors = 1 limit=0 [ 675.562545][ T9494] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. [ 675.669655][ T9492] loop0: detected capacity change from 0 to 256 [ 675.816907][ T9492] exfat: Deprecated parameter 'namecase' [ 675.823284][ T9492] exfat: Deprecated parameter 'utf8' [ 675.828731][ T9492] exfat: Deprecated parameter 'namecase' [ 676.081083][ T9492] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 676.564111][ T9500] loop4: detected capacity change from 0 to 64 [ 676.640310][ T9500] hfs: unable to change codepage [ 676.645684][ T9500] hfs: unable to parse mount options [ 676.943529][ T9505] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. [ 677.004573][ T9505] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 682.381548][ T9521] loop2: detected capacity change from 0 to 32768 [ 682.432020][ T9521] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (9521) [ 682.494363][ T9521] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 682.505905][ T9521] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm [ 682.515445][ T9521] BTRFS info (device loop2): using free-space-tree [ 683.534721][ T29] audit: type=1804 audit(1717680881.489:52): pid=9539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1310119638/syzkaller.KIJrme/10/file0/file0/bus" dev="loop2" ino=263 res=1 errno=0 [ 685.147639][ T9241] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 685.247737][ T9541] loop4: detected capacity change from 0 to 128 [ 685.572730][ T9541] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 685.794774][ T9541] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 687.003571][ T4433] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 687.013006][ T4433] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 687.022484][ T4433] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 687.040965][ T4433] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 687.088169][ T4433] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 687.099386][ T4433] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 688.122570][ T9545] chnl_net:caif_netlink_parms(): no params data found [ 688.572538][ T9569] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'. [ 688.618394][ T9569] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 688.639843][ T9571] loop2: detected capacity change from 0 to 8 [ 689.160926][ T4433] Bluetooth: hci3: command tx timeout [ 689.599436][ T9545] bridge0: port 1(bridge_slave_0) entered blocking state [ 689.607445][ T9545] bridge0: port 1(bridge_slave_0) entered disabled state [ 689.618172][ T9545] bridge_slave_0: entered allmulticast mode [ 689.627562][ T9545] bridge_slave_0: entered promiscuous mode [ 689.725473][ T9577] loop4: detected capacity change from 0 to 256 [ 689.784199][ T9545] bridge0: port 2(bridge_slave_1) entered blocking state [ 689.793395][ T9545] bridge0: port 2(bridge_slave_1) entered disabled state [ 689.801248][ T9545] bridge_slave_1: entered allmulticast mode [ 689.810398][ T9545] bridge_slave_1: entered promiscuous mode [ 689.859603][ T9577] exfat: Deprecated parameter 'namecase' [ 689.865970][ T9577] exfat: Deprecated parameter 'utf8' [ 689.871520][ T9577] exfat: Deprecated parameter 'namecase' [ 689.991614][ T9577] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 690.348699][ T9545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 690.477503][ T9545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 690.758960][ T9545] team0: Port device team_slave_0 added [ 690.823211][ T9545] team0: Port device team_slave_1 added [ 691.241785][ T4433] Bluetooth: hci3: command tx timeout [ 691.324448][ T9545] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 691.331739][ T9545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 691.362703][ T9545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 691.465787][ T9545] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 691.472960][ T9545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 691.499084][ T9545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 692.346662][ T8284] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 692.418038][ T9545] hsr_slave_0: entered promiscuous mode [ 692.481823][ T9545] hsr_slave_1: entered promiscuous mode [ 692.548182][ T9545] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 692.556368][ T9545] Cannot create hsr debugfs directory [ 692.606034][ T8284] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 692.798597][ T8284] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 692.986793][ T8284] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 693.320918][ T4433] Bluetooth: hci3: command tx timeout [ 693.886882][ T8284] bridge_slave_1: left allmulticast mode [ 693.893107][ T8284] bridge_slave_1: left promiscuous mode [ 693.899661][ T8284] bridge0: port 2(bridge_slave_1) entered disabled state [ 693.988348][ T8284] bridge_slave_0: left allmulticast mode [ 693.995192][ T8284] bridge_slave_0: left promiscuous mode [ 694.001949][ T8284] bridge0: port 1(bridge_slave_0) entered disabled state [ 694.572349][ T8284] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 694.597174][ T8284] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 694.669261][ T8284] bond0 (unregistering): Released all slaves [ 695.401941][ T5089] Bluetooth: hci3: command tx timeout [ 695.629303][ T8284] hsr_slave_0: left promiscuous mode [ 695.649936][ T8284] hsr_slave_1: left promiscuous mode [ 695.680303][ T8284] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 695.688323][ T8284] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 695.712459][ T8284] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 695.720210][ T8284] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 695.769446][ T8284] veth1_macvtap: left promiscuous mode [ 695.775526][ T8284] veth0_macvtap: left promiscuous mode [ 695.781732][ T8284] veth1_vlan: left promiscuous mode [ 695.787292][ T8284] veth0_vlan: left promiscuous mode [ 696.519561][ T9607] loop4: detected capacity change from 0 to 4096 [ 696.554941][ T8284] team0 (unregistering): Port device team_slave_1 removed [ 696.660064][ T8284] team0 (unregistering): Port device team_slave_0 removed [ 696.953007][ T9545] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 697.024144][ T9606] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. [ 697.038560][ T9545] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 697.103244][ T9608] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 697.144215][ T9545] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 697.256824][ T9545] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 697.743127][ T9619] loop2: detected capacity change from 0 to 128 [ 697.797797][ T9619] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 697.952562][ T9619] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 698.183768][ T9621] loop4: detected capacity change from 0 to 512 [ 698.639492][ T9545] 8021q: adding VLAN 0 to HW filter on device bond0 [ 698.901465][ T9545] 8021q: adding VLAN 0 to HW filter on device team0 [ 698.999298][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 699.006908][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 699.169280][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 699.177055][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 701.528440][ T9643] loop0: detected capacity change from 0 to 4096 [ 701.615512][ T9545] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 702.222990][ T9545] veth0_vlan: entered promiscuous mode [ 702.298412][ T4433] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 702.331540][ T4433] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 702.332730][ T9545] veth1_vlan: entered promiscuous mode [ 702.384397][ T4433] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 702.407718][ T4433] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 702.434146][ T4433] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 702.445896][ T4433] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 702.880071][ T9545] veth0_macvtap: entered promiscuous mode [ 703.059971][ T9545] veth1_macvtap: entered promiscuous mode [ 703.481533][ T9545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.492358][ T9545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.502572][ T9545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.513307][ T9545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.523435][ T9545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.534314][ T9545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.546723][ T9545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.558025][ T9545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.575534][ T9545] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 703.763301][ T9668] loop4: detected capacity change from 0 to 512 [ 703.778964][ T9653] chnl_net:caif_netlink_parms(): no params data found [ 703.808851][ T9545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 703.819957][ T9545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.830926][ T9545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 703.841677][ T9545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.854166][ T9545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 703.865465][ T9545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.875716][ T9545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 703.886538][ T9545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.901591][ T9545] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 704.000735][ T9545] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.009793][ T9545] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.018906][ T9545] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.028186][ T9545] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.078522][ T8284] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.217273][ T8284] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.452854][ T8284] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.521298][ T4433] Bluetooth: hci2: command tx timeout [ 704.579533][ T8284] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.907328][ T8284] bridge_slave_1: left allmulticast mode [ 704.913296][ T8284] bridge_slave_1: left promiscuous mode [ 704.919863][ T8284] bridge0: port 2(bridge_slave_1) entered disabled state [ 704.935736][ T8284] bridge_slave_0: left allmulticast mode [ 704.941714][ T8284] bridge_slave_0: left promiscuous mode [ 704.948286][ T8284] bridge0: port 1(bridge_slave_0) entered disabled state [ 705.272913][ T8284] dvmrp0 (unregistering): left allmulticast mode [ 705.634199][ T8284] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 705.684974][ T8284] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 705.714816][ T8284] bond0 (unregistering): Released all slaves [ 706.576285][ T8284] hsr_slave_0: left promiscuous mode [ 706.601178][ T4433] Bluetooth: hci2: command tx timeout [ 706.625718][ T8284] hsr_slave_1: left promiscuous mode [ 706.650036][ T8284] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 706.658193][ T8284] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 706.708467][ T8284] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 706.721661][ T8284] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 706.799545][ T8284] veth1_macvtap: left promiscuous mode [ 706.806337][ T8284] veth0_macvtap: left promiscuous mode [ 706.812742][ T8284] veth1_vlan: left promiscuous mode [ 706.821977][ T8284] veth0_vlan: left promiscuous mode [ 707.499265][ T9695] loop4: detected capacity change from 0 to 4096 [ 707.629017][ T8284] team0 (unregistering): Port device team_slave_1 removed [ 707.826705][ T8284] team0 (unregistering): Port device team_slave_0 removed [ 708.382953][ T9653] bridge0: port 1(bridge_slave_0) entered blocking state [ 708.390420][ T9653] bridge0: port 1(bridge_slave_0) entered disabled state [ 708.398100][ T9653] bridge_slave_0: entered allmulticast mode [ 708.406094][ T9653] bridge_slave_0: entered promiscuous mode [ 708.488872][ T9653] bridge0: port 2(bridge_slave_1) entered blocking state [ 708.496826][ T9653] bridge0: port 2(bridge_slave_1) entered disabled state [ 708.504601][ T9653] bridge_slave_1: entered allmulticast mode [ 708.512782][ T9653] bridge_slave_1: entered promiscuous mode [ 708.689540][ T4433] Bluetooth: hci2: command tx timeout [ 708.915593][ T9653] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 708.953929][ T9653] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 709.064126][ T9708] loop4: detected capacity change from 0 to 512 [ 709.125732][ T9653] team0: Port device team_slave_0 added [ 709.157024][ T9653] team0: Port device team_slave_1 added [ 709.298551][ T9653] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 709.306162][ T9653] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 709.334235][ T9653] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 709.485563][ T9653] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 709.492879][ T9653] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 709.519264][ T9653] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 709.854209][ T9653] hsr_slave_0: entered promiscuous mode [ 709.886193][ T9653] hsr_slave_1: entered promiscuous mode [ 709.928462][ T9653] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 709.936834][ T9653] Cannot create hsr debugfs directory [ 710.619713][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 710.626931][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 710.761330][ T4433] Bluetooth: hci2: command tx timeout [ 711.509642][ T9653] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 711.569620][ T9653] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 711.653568][ T9653] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 711.762576][ T9653] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 712.640263][ T9739] loop0: detected capacity change from 0 to 4096 [ 713.025573][ T9653] 8021q: adding VLAN 0 to HW filter on device bond0 [ 713.248897][ T9653] 8021q: adding VLAN 0 to HW filter on device team0 [ 713.353508][ T5134] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.361103][ T5134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 713.456966][ T5134] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.464574][ T5134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 713.872174][ T9752] loop0: detected capacity change from 0 to 512 [ 714.169802][ T8284] IPVS: stop unused estimator thread 0... [ 714.679289][ T8339] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 714.688265][ T8339] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 714.792429][ T6834] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 714.800757][ T6834] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 715.810157][ T9653] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 716.277202][ T9653] veth0_vlan: entered promiscuous mode [ 716.379170][ T9653] veth1_vlan: entered promiscuous mode [ 716.788212][ T9653] veth0_macvtap: entered promiscuous mode [ 716.916468][ T9653] veth1_macvtap: entered promiscuous mode [ 717.153902][ T9653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.169764][ T9653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.181230][ T9653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.193549][ T9653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.203594][ T9653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.214232][ T9653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.224307][ T9653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.234939][ T9653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.249048][ T9653] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 717.552255][ T9653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 717.563146][ T9653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.574453][ T9653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 717.585476][ T9653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.595655][ T9653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 717.606367][ T9653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.616515][ T9653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 717.627237][ T9653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.643832][ T9653] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 717.713858][ T9653] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.723064][ T9653] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.732174][ T9653] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.741274][ T9653] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.864797][ T9790] loop3: detected capacity change from 0 to 512 [ 720.828712][ T9835] loop3: detected capacity change from 0 to 512 [ 723.668486][ T8332] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 723.676722][ T8332] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 723.877788][ T8284] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 723.886213][ T8284] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 724.379718][ T9902] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'. [ 724.477580][ T9902] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 724.893302][ T9906] loop2: detected capacity change from 0 to 4096 [ 726.243842][ T9939] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'. [ 726.323419][ T9939] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 727.218515][ T9951] loop0: detected capacity change from 0 to 1024 [ 727.361206][ T9951] hfsplus: extend alloc file! (8192,65536,366) [ 727.536067][ T9949] loop1: detected capacity change from 0 to 4096 [ 728.348413][ T9974] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 728.411386][ T9974] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 728.421360][ T9977] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 728.511217][ T9978] loop4: detected capacity change from 0 to 512 [ 728.918416][ T9987] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 729.465608][ T9997] support for the xor transformation has been removed. [ 729.878646][ T29] audit: type=1326 audit(1717680927.919:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9998 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa50e07cf69 code=0x0 [ 730.095679][ T9999] loop1: detected capacity change from 0 to 4096 [ 730.569048][T10014] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 730.598051][T10014] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 730.954061][T10019] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 730.973196][T10021] loop4: detected capacity change from 0 to 512 [ 732.592463][T10055] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 732.628010][T10055] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 732.825320][T10058] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 732.926555][T10052] loop4: detected capacity change from 0 to 4096 [ 733.184968][T10067] loop0: detected capacity change from 0 to 512 [ 734.574824][ T5134] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 734.717696][T10095] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 734.790770][T10095] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 734.990494][ T5134] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 735.003201][ T5134] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 735.141837][ T5134] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 735.151459][ T5134] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 735.159720][ T5134] usb 1-1: SerialNumber: syz [ 735.239975][T10103] loop3: detected capacity change from 0 to 512 [ 735.275763][ T5134] usb 1-1: bad CDC descriptors [ 735.486359][ T5134] usb 1-1: USB disconnect, device number 12 [ 735.756394][T10106] loop4: detected capacity change from 0 to 4096 [ 736.391182][ T6570] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 736.804269][ T6570] usb 2-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=cd.35 [ 736.813784][ T6570] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 736.863433][ T6570] usb 2-1: config 0 descriptor?? [ 736.921171][ T6570] dw2102: su3000_identify_state [ 736.928938][ T6570] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state. [ 736.937001][ T6570] dw2102: su3000_power_ctrl: 1, initialized 0 [ 736.943476][ T6570] dvb-usb: bulk message failed: -22 (2/0) [ 736.984676][T10133] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 737.004947][ T6570] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 737.046076][T10133] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 737.065359][ T6570] dvb-usb: TeVii S482 (tuner 2) error while loading driver (-19) [ 737.114750][ T6570] usb 2-1: USB disconnect, device number 6 [ 737.514701][T10143] loop4: detected capacity change from 0 to 512 [ 738.558876][T10152] loop0: detected capacity change from 0 to 4096 [ 739.452432][T10174] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 739.502247][T10174] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 739.639453][T10180] loop3: detected capacity change from 0 to 512 [ 740.970875][T10195] loop1: detected capacity change from 0 to 4096 [ 741.083469][T10208] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 741.143802][T10208] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 741.183508][ T4433] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 741.193422][ T4433] CPU: 0 PID: 4433 Comm: kworker/u9:1 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 741.203602][ T4433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 741.213936][ T4433] Workqueue: hci1 hci_rx_work [ 741.218991][ T4433] Call Trace: [ 741.222457][ T4433] [ 741.225576][ T4433] dump_stack_lvl+0x216/0x2d0 [ 741.230589][ T4433] dump_stack+0x1e/0x30 [ 741.235058][ T4433] sysfs_create_dir_ns+0x45f/0x4c0 [ 741.240489][ T4433] kobject_add_internal+0xfe7/0x1900 [ 741.246073][ T4433] kobject_add+0x28c/0x3c0 [ 741.250828][ T4433] ? kmsan_get_metadata+0x146/0x1d0 [ 741.256318][ T4433] device_add+0xa93/0x1c90 [ 741.261038][ T4433] hci_conn_add_sysfs+0x161/0x2c0 [ 741.266388][ T4433] le_conn_complete_evt+0x1975/0x1f40 [ 741.272085][ T4433] ? kmsan_get_metadata+0x146/0x1d0 [ 741.277567][ T4433] hci_le_enh_conn_complete_evt+0x15e/0x210 [ 741.283813][ T4433] hci_le_meta_evt+0x600/0x850 [ 741.288884][ T4433] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 741.295643][ T4433] hci_event_packet+0x1118/0x1bc0 [ 741.300961][ T4433] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 741.306576][ T4433] hci_rx_work+0x687/0x1130 [ 741.311405][ T4433] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 741.317504][ T4433] ? __pfx_hci_rx_work+0x10/0x10 [ 741.322748][ T4433] ? __pfx_hci_rx_work+0x10/0x10 [ 741.327987][ T4433] process_scheduled_works+0xa81/0x1bd0 [ 741.333875][ T4433] worker_thread+0xea5/0x1560 [ 741.338846][ T4433] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 741.344964][ T4433] kthread+0x3e2/0x540 [ 741.349332][ T4433] ? __pfx_worker_thread+0x10/0x10 [ 741.354755][ T4433] ? __pfx_kthread+0x10/0x10 [ 741.359641][ T4433] ret_from_fork+0x6d/0x90 [ 741.364335][ T4433] ? __pfx_kthread+0x10/0x10 [ 741.369227][ T4433] ret_from_fork_asm+0x1a/0x30 [ 741.374307][ T4433] [ 741.388529][ T4433] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 741.406818][ T4433] Bluetooth: hci1: failed to register connection device [ 741.612247][T10220] loop4: detected capacity change from 0 to 512 [ 742.077835][ T4433] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 742.087936][ T4433] CPU: 0 PID: 4433 Comm: kworker/u9:1 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 742.098120][ T4433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 742.098237][ T4433] Workqueue: hci2 hci_rx_work [ 742.098410][ T4433] Call Trace: [ 742.098460][ T4433] [ 742.098511][ T4433] dump_stack_lvl+0x216/0x2d0 [ 742.098704][ T4433] dump_stack+0x1e/0x30 [ 742.098872][ T4433] sysfs_create_dir_ns+0x45f/0x4c0 [ 742.099053][ T4433] kobject_add_internal+0xfe7/0x1900 [ 742.099219][ T4433] kobject_add+0x28c/0x3c0 [ 742.099425][ T4433] ? kmsan_get_metadata+0x146/0x1d0 [ 742.099591][ T4433] device_add+0xa93/0x1c90 [ 742.099757][ T4433] hci_conn_add_sysfs+0x161/0x2c0 [ 742.099973][ T4433] le_conn_complete_evt+0x1975/0x1f40 [ 742.100169][ T4433] ? kmsan_get_metadata+0x146/0x1d0 [ 742.100345][ T4433] hci_le_enh_conn_complete_evt+0x15e/0x210 [ 742.100551][ T4433] hci_le_meta_evt+0x600/0x850 [ 742.100722][ T4433] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 742.189105][ T4433] hci_event_packet+0x1118/0x1bc0 [ 742.194415][ T4433] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 742.200017][ T4433] hci_rx_work+0x687/0x1130 [ 742.204800][ T4433] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 742.210875][ T4433] ? __pfx_hci_rx_work+0x10/0x10 [ 742.216084][ T4433] ? __pfx_hci_rx_work+0x10/0x10 [ 742.221286][ T4433] process_scheduled_works+0xa81/0x1bd0 [ 742.227134][ T4433] worker_thread+0xea5/0x1560 [ 742.232072][ T4433] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 742.238158][ T4433] kthread+0x3e2/0x540 [ 742.242492][ T4433] ? __pfx_worker_thread+0x10/0x10 [ 742.247870][ T4433] ? __pfx_kthread+0x10/0x10 [ 742.252738][ T4433] ret_from_fork+0x6d/0x90 [ 742.257412][ T4433] ? __pfx_kthread+0x10/0x10 [ 742.262275][ T4433] ret_from_fork_asm+0x1a/0x30 [ 742.267328][ T4433] [ 742.277875][ T4433] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 742.294381][ T4433] Bluetooth: hci2: failed to register connection device [ 743.230500][T10248] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 743.302006][T10248] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 743.485180][ T5089] Bluetooth: hci1: command tx timeout [ 743.573243][T10255] loop4: detected capacity change from 0 to 512 [ 743.731751][T10253] loop2: detected capacity change from 0 to 4096 [ 744.364295][ T5089] Bluetooth: hci2: command tx timeout [ 745.761830][T10295] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 745.777600][T10295] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 746.057401][T10297] loop0: detected capacity change from 0 to 512 [ 746.722515][T10300] loop2: detected capacity change from 0 to 4096 [ 747.735813][T10336] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 747.813907][T10338] loop2: detected capacity change from 0 to 512 [ 748.868237][T10355] syz-executor.4[10355] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 748.868790][T10355] syz-executor.4[10355] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 749.052184][T10352] loop3: detected capacity change from 0 to 4096 [ 749.081903][T10361] smc: net device ip6tnl0 applied user defined pnetid SYZ0 [ 749.602106][T10368] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 750.018208][T10375] loop1: detected capacity change from 0 to 512 [ 750.663715][T10392] loop4: detected capacity change from 0 to 256 [ 750.863508][T10392] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 750.932213][T10392] exFAT-fs (loop4): error, tried to truncate zeroed cluster. [ 750.939834][T10392] exFAT-fs (loop4): Filesystem has been set read-only [ 750.965370][T10392] syz-executor.4: attempt to access beyond end of device [ 750.965370][T10392] loop4: rw=0, sector=34359738488, nr_sectors = 1 limit=256 [ 750.986207][T10392] exFAT-fs (loop4): error, tried to truncate zeroed cluster. [ 751.218246][T10398] loop1: detected capacity change from 0 to 64 [ 751.994878][T10403] loop4: detected capacity change from 0 to 4096 [ 752.042944][T10410] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 752.256861][T10412] loop3: detected capacity change from 0 to 512 [ 752.570402][T10421] loop1: detected capacity change from 0 to 64 [ 753.644732][ T4433] Bluetooth: hci1: command 0x0406 tx timeout [ 753.699360][T10444] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 754.048787][T10449] loop2: detected capacity change from 0 to 512 [ 754.817060][T10455] loop1: detected capacity change from 0 to 4096 [ 755.705319][T10476] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 756.958044][T10505] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.3'. [ 756.968633][T10505] caif0 speed is unknown, defaulting to 1000 [ 756.977510][T10505] caif0 speed is unknown, defaulting to 1000 [ 756.987713][T10505] caif0 speed is unknown, defaulting to 1000 [ 757.496016][T10505] infiniband syz1: set down [ 757.500936][T10505] infiniband syz1: added caif0 [ 757.558588][ T5134] caif0 speed is unknown, defaulting to 1000 [ 757.776392][T10505] RDS/IB: syz1: added [ 757.783700][T10505] smc: adding ib device syz1 with port count 1 [ 757.790083][T10505] smc: ib device syz1 port 1 has pnetid [ 757.799338][T10505] caif0 speed is unknown, defaulting to 1000 [ 758.178899][T10525] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 758.365260][T10505] caif0 speed is unknown, defaulting to 1000 [ 758.902218][T10505] caif0 speed is unknown, defaulting to 1000 [ 759.456658][T10505] caif0 speed is unknown, defaulting to 1000 [ 759.856414][T10543] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'. [ 760.014620][T10505] caif0 speed is unknown, defaulting to 1000 [ 760.554111][ T5134] caif0 speed is unknown, defaulting to 1000 [ 760.936609][T10561] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 761.011435][T10561] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 761.741028][T10576] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 761.749358][T10576] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 761.757766][T10576] netlink: 'syz-executor.3': attribute type 7 has an invalid length. [ 761.823905][ T29] audit: type=1107 audit(1717680959.899:54): pid=10574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='63\m!iN͋E~8*ԎFE@P7+k' [ 762.727047][T10598] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'. [ 762.739880][T10598] rdma_rxe: rxe_newlink: failed to add caif0 [ 762.926534][T10603] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 762.998587][T10603] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 763.769246][T10623] xt_CT: You must specify a L4 protocol and not use inversions on it [ 763.797907][T10622] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 763.806425][T10622] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 763.815331][T10622] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 763.954616][ T29] audit: type=1107 audit(1717680962.029:55): pid=10617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='63\m!iN͋E~8*ԎFE@P7+k' [ 764.946035][T10645] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.3'. [ 764.955927][T10645] syz1: rxe_newlink: already configured on caif0 [ 765.024865][T10644] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 765.078448][ T5134] IPVS: starting estimator thread 0... [ 765.132358][T10644] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 765.201337][T10648] IPVS: using max 240 ests per chain, 12000 per kthread [ 765.915149][T10660] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 765.924568][T10660] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 765.936470][T10660] netlink: 'syz-executor.1': attribute type 7 has an invalid length. [ 766.139401][ T29] audit: type=1107 audit(1717680964.139:56): pid=10657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='63\m!iN͋E~8*ԎFE@P7+k' [ 767.154555][T10688] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 767.166631][ T5134] IPVS: starting estimator thread 0... [ 767.271052][T10690] IPVS: using max 240 ests per chain, 12000 per kthread [ 769.315196][T10720] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 771.311264][T10758] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 771.756174][T10767] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'. [ 771.758750][ T29] audit: type=1804 audit(1717680969.799:57): pid=10762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3425722715/syzkaller.UK63O0/248/cgroup.controllers" dev="sda1" ino=1937 res=1 errno=0 [ 771.795557][ T29] audit: type=1804 audit(1717680969.849:58): pid=10765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3425722715/syzkaller.UK63O0/248/cgroup.controllers" dev="sda1" ino=1937 res=1 errno=0 [ 772.079683][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 772.088117][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 773.417918][T10803] misc userio: No port type given on /dev/userio [ 773.520267][T10803] loop3: detected capacity change from 0 to 256 [ 773.567864][T10803] exfat: Deprecated parameter 'namecase' [ 773.574576][T10803] exfat: Deprecated parameter 'utf8' [ 773.580143][T10803] exfat: Deprecated parameter 'namecase' [ 773.599220][T10807] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 773.883940][T10803] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 774.021253][T10810] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'. [ 776.177915][T10841] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 776.200369][T10840] loop2: detected capacity change from 0 to 512 [ 776.273298][T10840] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: casefold flag without casefold feature [ 776.274434][T10847] loop1: detected capacity change from 0 to 256 [ 776.303593][T10840] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 776.340360][T10840] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 776.341489][T10847] exfat: Deprecated parameter 'namecase' [ 776.362426][T10847] exfat: Deprecated parameter 'utf8' [ 776.368029][T10847] exfat: Deprecated parameter 'namecase' [ 776.416780][T10847] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 776.773559][ T9241] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 776.818180][T10854] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'. [ 777.838298][T10881] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 778.182228][T10885] loop2: detected capacity change from 0 to 256 [ 778.280226][T10885] exfat: Deprecated parameter 'namecase' [ 778.286902][T10885] exfat: Deprecated parameter 'utf8' [ 778.292597][T10885] exfat: Deprecated parameter 'namecase' [ 778.848542][T10894] evm: overlay not supported [ 778.956918][T10885] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 780.287187][T10902] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'. [ 782.592522][T10923] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 783.453505][T10929] loop3: detected capacity change from 0 to 256 [ 783.513479][T10929] exfat: Deprecated parameter 'namecase' [ 783.521929][T10929] exfat: Deprecated parameter 'utf8' [ 783.527493][T10929] exfat: Deprecated parameter 'namecase' [ 783.704347][T10929] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 784.822887][T10943] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'. [ 785.266873][T10941] loop1: detected capacity change from 0 to 4096 [ 785.342203][T10941] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 787.277046][T10964] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 787.486883][T10967] loop3: detected capacity change from 0 to 256 [ 787.577004][T10967] exfat: Deprecated parameter 'namecase' [ 787.583826][T10967] exfat: Deprecated parameter 'utf8' [ 787.589389][T10967] exfat: Deprecated parameter 'namecase' [ 787.644056][ T29] audit: type=1800 audit(1717680985.559:59): pid=10968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1965 res=0 errno=0 [ 787.887057][T10967] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 789.567485][T10986] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.1'. [ 790.399370][T10997] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 790.437637][T11001] loop0: detected capacity change from 0 to 256 [ 790.504661][T11001] exfat: Deprecated parameter 'namecase' [ 790.512766][T11001] exfat: Deprecated parameter 'utf8' [ 790.518347][T11001] exfat: Deprecated parameter 'namecase' [ 790.710963][T11001] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 792.810175][T11025] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'. [ 794.266228][T11040] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 794.341195][T11040] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 794.395376][T11043] loop0: detected capacity change from 0 to 256 [ 794.426062][T11043] exfat: Deprecated parameter 'namecase' [ 794.432754][T11043] exfat: Deprecated parameter 'utf8' [ 794.438339][T11043] exfat: Deprecated parameter 'namecase' [ 794.471330][T11043] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 794.980269][T11056] loop4: detected capacity change from 0 to 512 [ 795.071931][ T25] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 795.124508][T11056] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 795.143865][T11056] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 795.162132][T11056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 795.691227][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 795.705631][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 795.716776][ T25] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 795.726219][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 795.827997][ T25] usb 4-1: config 0 descriptor?? [ 796.493847][T11069] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'. [ 797.278700][ T25] uclogic 0003:256C:006D.000B: v1 frame probing failed: -71 [ 797.288144][ T25] uclogic 0003:256C:006D.000B: failed probing parameters: -71 [ 797.296774][ T25] uclogic 0003:256C:006D.000B: probe with driver uclogic failed with error -71 [ 797.328343][ T6846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 797.429671][ T25] usb 4-1: USB disconnect, device number 9 [ 797.681780][T11081] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 797.733536][T11081] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 797.953167][T11086] loop2: detected capacity change from 0 to 256 [ 797.997879][T11086] exfat: Deprecated parameter 'namecase' [ 798.007285][T11086] exfat: Deprecated parameter 'utf8' [ 798.013112][T11086] exfat: Deprecated parameter 'namecase' [ 798.137375][T11086] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 798.662643][T11101] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'. [ 801.692137][ T29] audit: type=1800 audit(1717680999.739:60): pid=11122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1963 res=0 errno=0 [ 801.723128][T11123] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 801.798270][T11123] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 802.317757][T11127] loop2: detected capacity change from 0 to 256 [ 802.376836][T11127] exfat: Deprecated parameter 'namecase' [ 802.383583][T11127] exfat: Deprecated parameter 'utf8' [ 802.389162][T11127] exfat: Deprecated parameter 'namecase' [ 802.580534][T11137] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.1'. [ 802.606047][T11127] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 803.236384][T11146] IPv4: Oversized IP packet from 127.202.26.0 [ 803.661352][T11162] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. [ 803.707037][T11162] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 804.003644][ T25] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 804.393387][ T25] usb 2-1: config index 0 descriptor too short (expected 68, got 36) [ 804.402078][ T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 804.414314][ T25] usb 2-1: config 0 has no interfaces? [ 804.420083][ T25] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 804.429996][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 804.457213][ T25] usb 2-1: config 0 descriptor?? [ 804.618616][T11182] loop0: detected capacity change from 0 to 256 [ 804.661497][T11182] exfat: Deprecated parameter 'namecase' [ 804.667980][T11182] exfat: Deprecated parameter 'utf8' [ 804.673643][T11182] exfat: Deprecated parameter 'namecase' [ 804.715344][T11185] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.3'. [ 804.790938][T11182] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 804.870790][T11160] loop1: detected capacity change from 0 to 256 [ 805.485493][T11198] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'. [ 805.562893][T11198] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 805.879826][ T8] usb 2-1: USB disconnect, device number 7 [ 806.727272][T11223] misc userio: No port type given on /dev/userio [ 806.813522][T11223] loop3: detected capacity change from 0 to 256 [ 806.841334][T11223] exfat: Deprecated parameter 'namecase' [ 806.847846][T11223] exfat: Deprecated parameter 'utf8' [ 806.853854][T11223] exfat: Deprecated parameter 'namecase' [ 806.997870][T11223] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 808.548138][ T29] audit: type=1804 audit(1717681006.559:61): pid=11258 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1310119638/syzkaller.KIJrme/124/cgroup.controllers" dev="sda1" ino=1939 res=1 errno=0 [ 808.661174][ T29] audit: type=1804 audit(1717681006.659:62): pid=11260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1310119638/syzkaller.KIJrme/124/cgroup.controllers" dev="sda1" ino=1939 res=1 errno=0 [ 808.881799][T11272] misc userio: No port type given on /dev/userio [ 808.973179][T11272] loop4: detected capacity change from 0 to 256 [ 809.047016][T11272] exfat: Deprecated parameter 'namecase' [ 809.053971][T11272] exfat: Deprecated parameter 'utf8' [ 809.059591][T11272] exfat: Deprecated parameter 'namecase' [ 809.185777][T11272] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 809.918743][T11281] loop1: detected capacity change from 0 to 4096 [ 809.981716][T11247] Bluetooth: hci3: command 0x0406 tx timeout [ 810.871875][T11310] misc userio: No port type given on /dev/userio [ 810.939158][T11310] loop2: detected capacity change from 0 to 256 [ 810.975701][T11310] exfat: Deprecated parameter 'namecase' [ 810.982401][T11310] exfat: Deprecated parameter 'utf8' [ 810.987981][T11310] exfat: Deprecated parameter 'namecase' [ 811.127250][T11310] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 811.405215][T11319] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 0 (only 8 groups) [ 811.520449][T11320] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 812.937397][T11332] loop2: detected capacity change from 0 to 4096 [ 813.100251][T11343] misc userio: Invalid payload size [ 813.168893][T11343] misc userio: No port type given on /dev/userio [ 813.250782][T11343] loop4: detected capacity change from 0 to 256 [ 813.368877][T11343] exfat: Deprecated parameter 'namecase' [ 813.375696][T11343] exfat: Deprecated parameter 'utf8' [ 813.381395][T11343] exfat: Deprecated parameter 'namecase' [ 813.510334][T11343] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 813.665254][T11353] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 814.757424][T11370] ax25_connect(): syz-executor.2 uses autobind, please contact jreuter@yaina.de [ 815.286365][T11384] misc userio: Invalid payload size [ 815.301362][T11384] misc userio: No port type given on /dev/userio [ 815.333933][T11386] syz-executor.1: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 815.350391][T11386] CPU: 0 PID: 11386 Comm: syz-executor.1 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 815.360738][T11386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 815.370699][T11384] loop4: detected capacity change from 0 to 256 [ 815.370922][T11386] Call Trace: [ 815.370978][T11386] [ 815.383781][T11386] dump_stack_lvl+0x216/0x2d0 [ 815.387930][T11384] exfat: Deprecated parameter 'namecase' [ 815.388693][T11386] dump_stack+0x1e/0x30 [ 815.395057][T11384] exfat: Deprecated parameter 'utf8' [ 815.398572][T11386] warn_alloc+0x455/0x650 [ 815.404836][T11384] exfat: Deprecated parameter 'namecase' [ 815.408279][T11386] ? __vmalloc_node_range+0xd6/0x28b0 [ 815.419841][T11386] __vmalloc_node_range+0x130/0x28b0 [ 815.425445][T11386] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 815.431555][T11386] ? should_fail_ex+0x4a/0x800 [ 815.436620][T11386] ? kmsan_get_metadata+0x146/0x1d0 [ 815.442110][T11386] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 815.448222][T11386] ? kmsan_get_metadata+0x146/0x1d0 [ 815.453707][T11386] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 815.459800][T11386] vmalloc_user+0x90/0xb0 [ 815.464444][T11386] ? xskq_create+0x105/0x270 [ 815.469389][T11386] xskq_create+0x105/0x270 [ 815.474068][T11386] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 815.480164][T11386] xsk_init_queue+0x115/0x1f0 [ 815.485166][T11386] xsk_setsockopt+0x710/0xcc0 [ 815.490170][T11386] do_sock_setsockopt+0x4bb/0x7d0 [ 815.495502][T11386] ? __pfx_xsk_setsockopt+0x10/0x10 [ 815.501027][T11386] __sys_setsockopt+0x33a/0x4b0 [ 815.506191][T11386] __x64_sys_setsockopt+0xe8/0x170 [ 815.511613][T11386] x64_sys_call+0x13bb/0x3b50 [ 815.516605][T11386] do_syscall_64+0xcf/0x1e0 [ 815.521095][T11384] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 815.521324][T11386] ? clear_bhb_loop+0x25/0x80 [ 815.538361][T11386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.544589][T11386] RIP: 0033:0x7f5c3e87cf69 [ 815.549248][T11386] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 815.569155][T11386] RSP: 002b:00007f5c3e3ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 815.577876][T11386] RAX: ffffffffffffffda RBX: 00007f5c3e9b3f80 RCX: 00007f5c3e87cf69 [ 815.586108][T11386] RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000004 [ 815.594312][T11386] RBP: 00007f5c3e8da6fe R08: 0000000000000004 R09: 0000000000000000 [ 815.602519][T11386] R10: 0000000020000840 R11: 0000000000000246 R12: 0000000000000000 [ 815.610727][T11386] R13: 000000000000000b R14: 00007f5c3e9b3f80 R15: 00007ffd284fb3e8 [ 815.618957][T11386] [ 815.633742][T11386] Mem-Info: [ 815.637074][T11386] active_anon:17223 inactive_anon:0 isolated_anon:0 [ 815.637074][T11386] active_file:0 inactive_file:46439 isolated_file:0 [ 815.637074][T11386] unevictable:768 dirty:38 writeback:0 [ 815.637074][T11386] slab_reclaimable:4481 slab_unreclaimable:23972 [ 815.637074][T11386] mapped:18495 shmem:4572 pagetables:657 [ 815.637074][T11386] sec_pagetables:0 bounce:0 [ 815.637074][T11386] kernel_misc_reclaimable:0 [ 815.637074][T11386] free:409598 free_pcp:1252 free_cma:0 [ 815.692563][T11386] Node 0 active_anon:68892kB inactive_anon:0kB active_file:0kB inactive_file:185676kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:73980kB dirty:148kB writeback:0kB shmem:16752kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5232kB pagetables:2628kB sec_pagetables:0kB all_unreclaimable? no [ 815.735267][T11386] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:0kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 815.770884][T11386] Node 0 DMA free:4096kB boost:0kB min:160kB low:200kB high:240kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 815.776529][T11379] loop0: detected capacity change from 0 to 4096 [ 815.808443][T11386] lowmem_reserve[]: 0 895 1208 1208 1208 [ 815.816766][T11386] Node 0 DMA32 free:628576kB boost:0kB min:36112kB low:45140kB high:54168kB reserved_highatomic:0KB active_anon:28264kB inactive_anon:0kB active_file:0kB inactive_file:101904kB unevictable:0kB writepending:56kB present:3129332kB managed:955484kB mlocked:0kB bounce:0kB free_pcp:1788kB local_pcp:952kB free_cma:0kB [ 815.849652][T11386] lowmem_reserve[]: 0 0 313 313 313 [ 815.855527][T11386] Node 0 Normal free:15476kB boost:0kB min:12648kB low:15808kB high:18968kB reserved_highatomic:0KB active_anon:40628kB inactive_anon:0kB active_file:0kB inactive_file:83772kB unevictable:1536kB writepending:92kB present:1048576kB managed:321032kB mlocked:0kB bounce:0kB free_pcp:3060kB local_pcp:604kB free_cma:0kB [ 815.895607][T11386] lowmem_reserve[]: 0 0 0 0 0 [ 815.903163][T11386] Node 1 Normal free:990244kB boost:0kB min:41188kB low:51484kB high:61780kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:4kB present:4194304kB managed:1045456kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 815.935263][T11386] lowmem_reserve[]: 0 0 0 0 0 [ 815.940461][T11386] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB [ 815.964628][T11386] Node 0 DMA32: 10*4kB (UME) 397*8kB (ME) 335*16kB (UME) 237*32kB (UME) 105*64kB (UME) 56*128kB (M) 40*256kB (UM) 33*512kB (UM) 12*1024kB (UM) 3*2048kB (UM) 135*4096kB (ME) = 628576kB [ 815.991942][T11386] Node 0 Normal: 59*4kB (UME) 17*8kB (UE) 34*16kB (UME) 45*32kB (UME) 15*64kB (UM) 35*128kB (UME) 10*256kB (UM) 2*512kB (UE) 2*1024kB (ME) 1*2048kB (U) 0*4096kB = 15476kB [ 816.015595][T11386] Node 1 Normal: 3*4kB (UM) 5*8kB (UM) 9*16kB (UM) 11*32kB (UM) 8*64kB (UM) 8*128kB (UM) 4*256kB (UM) 4*512kB (UM) 4*1024kB (UM) 3*2048kB (M) 238*4096kB (UM) = 990244kB [ 816.034409][T11386] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 816.051123][T11386] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 816.060846][T11386] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 816.073777][T11386] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 816.090764][T11386] 50945 total pagecache pages [ 816.095622][T11386] 0 pages in swap cache [ 816.099948][T11386] Free swap = 124440kB [ 816.109262][T11386] Total swap = 124996kB [ 816.113737][T11386] 2097051 pages RAM [ 816.117734][T11386] 0 pages HighMem/MovableOnly [ 816.122853][T11386] 1515534 pages reserved [ 816.127265][T11386] 0 pages cma reserved [ 817.050313][T11413] ax25_connect(): syz-executor.4 uses autobind, please contact jreuter@yaina.de [ 817.477096][T11421] misc userio: Invalid payload size [ 817.503945][T11421] misc userio: No port type given on /dev/userio [ 817.622063][T11421] loop4: detected capacity change from 0 to 256 [ 817.660512][T11421] exfat: Deprecated parameter 'namecase' [ 817.667287][T11421] exfat: Deprecated parameter 'utf8' [ 817.673420][T11421] exfat: Deprecated parameter 'namecase' [ 817.840016][T11421] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 817.891834][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 818.475555][T11431] loop3: detected capacity change from 0 to 4096 [ 818.841614][T11446] ax25_connect(): syz-executor.0 uses autobind, please contact jreuter@yaina.de [ 819.665447][T11464] bridge0: port 3(vlan2) entered blocking state [ 819.672602][T11464] bridge0: port 3(vlan2) entered disabled state [ 819.679580][T11464] vlan2: entered allmulticast mode [ 819.696491][T11467] misc userio: No port type given on /dev/userio [ 819.726749][T11464] vlan2: left allmulticast mode [ 819.786834][T11467] loop4: detected capacity change from 0 to 256 [ 819.826887][T11467] exfat: Deprecated parameter 'namecase' [ 819.833531][T11467] exfat: Deprecated parameter 'utf8' [ 819.845840][T11467] exfat: Deprecated parameter 'namecase' [ 820.104790][T11467] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 821.067619][T11481] loop0: detected capacity change from 0 to 4096 [ 822.775763][T11529] misc userio: No port type given on /dev/userio [ 822.951526][T11529] loop2: detected capacity change from 0 to 256 [ 823.055118][T11529] exfat: Deprecated parameter 'namecase' [ 823.061800][T11529] exfat: Deprecated parameter 'utf8' [ 823.067386][T11529] exfat: Deprecated parameter 'namecase' [ 823.240091][T11529] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 823.800520][T11538] loop4: detected capacity change from 0 to 4096 [ 824.878805][T11570] misc userio: No port type given on /dev/userio [ 824.954989][T11570] loop4: detected capacity change from 0 to 256 [ 824.985559][T11570] exfat: Deprecated parameter 'namecase' [ 825.004001][T11570] exfat: Deprecated parameter 'utf8' [ 825.009597][T11570] exfat: Deprecated parameter 'namecase' [ 825.195297][T11570] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 825.322716][T11247] Bluetooth: hci2: command 0x0406 tx timeout [ 825.620674][T11578] netlink: 'syz-executor.3': attribute type 5 has an invalid length. [ 826.356769][T11586] loop4: detected capacity change from 0 to 4096 [ 827.643028][T11622] loop3: detected capacity change from 0 to 256 [ 827.712468][T11622] exfat: Deprecated parameter 'namecase' [ 827.718994][T11622] exfat: Deprecated parameter 'utf8' [ 827.727766][T11622] exfat: Deprecated parameter 'namecase' [ 827.872591][T11622] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 829.293259][T11641] loop1: detected capacity change from 0 to 4096 [ 829.657265][T11662] loop4: detected capacity change from 0 to 256 [ 829.707567][T11662] exfat: Deprecated parameter 'namecase' [ 829.714281][T11662] exfat: Deprecated parameter 'utf8' [ 829.719858][T11662] exfat: Deprecated parameter 'namecase' [ 829.818968][T11662] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 830.584097][T11673] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 830.592712][T11673] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 830.720233][T11673] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 830.890185][T11673] xt_l2tp: invalid flags combination: c [ 831.409038][T11694] loop0: detected capacity change from 0 to 256 [ 831.482690][T11694] exfat: Deprecated parameter 'namecase' [ 831.489192][T11694] exfat: Deprecated parameter 'utf8' [ 831.495010][T11694] exfat: Deprecated parameter 'namecase' [ 831.674161][T11694] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 831.987943][T11695] loop2: detected capacity change from 0 to 4096 [ 833.504061][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 833.511097][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 833.585547][T11738] netlink: 524 bytes leftover after parsing attributes in process `syz-executor.3'. [ 833.624124][T11737] misc userio: Invalid payload size [ 833.723100][T11737] loop1: detected capacity change from 0 to 256 [ 833.786922][T11737] exfat: Deprecated parameter 'namecase' [ 833.793644][T11737] exfat: Deprecated parameter 'utf8' [ 833.806655][T11737] exfat: Deprecated parameter 'namecase' [ 834.079205][T11737] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 834.483615][T11744] loop3: detected capacity change from 0 to 4096 [ 834.653344][T11755] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.4'. [ 835.789402][T11782] misc userio: Invalid payload size [ 835.864797][T11782] loop1: detected capacity change from 0 to 256 [ 835.901220][T11782] exfat: Deprecated parameter 'namecase' [ 835.907734][T11782] exfat: Deprecated parameter 'utf8' [ 835.913476][T11782] exfat: Deprecated parameter 'namecase' [ 836.145241][T11782] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 836.825029][T11793] loop4: detected capacity change from 0 to 4096 [ 837.858239][T11825] misc userio: Invalid payload size [ 837.933129][T11825] loop2: detected capacity change from 0 to 256 [ 838.072852][T11825] exfat: Deprecated parameter 'namecase' [ 838.080089][T11825] exfat: Deprecated parameter 'utf8' [ 838.086610][T11825] exfat: Deprecated parameter 'namecase' [ 838.242167][T11825] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 839.871272][T11857] loop2: detected capacity change from 0 to 4096 [ 840.077124][T11873] loop4: detected capacity change from 0 to 256 [ 840.126379][T11874] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20003 [ 840.173176][T11873] exfat: Deprecated parameter 'namecase' [ 840.179686][T11873] exfat: Deprecated parameter 'utf8' [ 840.186075][T11873] exfat: Deprecated parameter 'namecase' [ 840.415678][T11873] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 842.576121][T11918] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20003 [ 842.639025][T11924] loop0: detected capacity change from 0 to 256 [ 842.657340][T11924] exfat: Deprecated parameter 'namecase' [ 842.664063][T11924] exfat: Deprecated parameter 'utf8' [ 842.669646][T11924] exfat: Deprecated parameter 'namecase' [ 842.837200][T11924] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 844.031177][T11948] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 844.047909][T11948] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 844.077441][T11948] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 845.064696][T11965] loop4: detected capacity change from 0 to 256 [ 845.145606][T11965] exfat: Deprecated parameter 'namecase' [ 845.153066][T11965] exfat: Deprecated parameter 'utf8' [ 845.158647][T11965] exfat: Deprecated parameter 'namecase' [ 845.179562][T11966] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20003 [ 845.283962][T11965] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 848.619720][T12036] macvlan2: entered promiscuous mode [ 848.626607][T12036] vlan1: entered promiscuous mode [ 848.657740][T12036] team0: Port device macvlan2 added [ 850.455105][T12067] xt_CT: You must specify a L4 protocol and not use inversions on it [ 851.506442][T12086] caif0 speed is unknown, defaulting to 1000 [ 851.642763][T12087] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'. [ 853.488029][T12102] xt_CT: You must specify a L4 protocol and not use inversions on it [ 854.872880][T12118] xt_TCPMSS: Only works on TCP SYN packets [ 854.920231][T11247] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 854.935319][T11247] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 854.963191][T11247] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 855.003230][T11247] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 855.023969][T11247] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 855.057354][T11247] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 855.251250][T12126] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 855.432151][T12121] caif0 speed is unknown, defaulting to 1000 [ 856.581544][T12145] xt_CT: You must specify a L4 protocol and not use inversions on it [ 857.082170][T12121] chnl_net:caif_netlink_parms(): no params data found [ 857.163318][T11247] Bluetooth: hci4: command tx timeout [ 857.879745][T12163] loop0: detected capacity change from 0 to 128 [ 858.706299][T12121] bridge0: port 1(bridge_slave_0) entered blocking state [ 858.714173][T12121] bridge0: port 1(bridge_slave_0) entered disabled state [ 858.722176][T12121] bridge_slave_0: entered allmulticast mode [ 858.731588][T12121] bridge_slave_0: entered promiscuous mode [ 858.838097][T12121] bridge0: port 2(bridge_slave_1) entered blocking state [ 858.846166][T12121] bridge0: port 2(bridge_slave_1) entered disabled state [ 858.854429][T12121] bridge_slave_1: entered allmulticast mode [ 858.863617][T12121] bridge_slave_1: entered promiscuous mode [ 859.232795][T12121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 859.254518][ T5089] Bluetooth: hci4: command tx timeout [ 859.357614][T12121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 859.484723][ T29] audit: type=1804 audit(1717681057.539:63): pid=12180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1948764627/syzkaller.axkTrv/168/bus" dev="sda1" ino=1960 res=1 errno=0 [ 859.512579][ T29] audit: type=1800 audit(1717681057.539:64): pid=12180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1960 res=0 errno=0 [ 859.677794][T12121] team0: Port device team_slave_0 added [ 859.697387][T12121] team0: Port device team_slave_1 added [ 859.823818][T12121] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 859.831093][T12121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 859.860764][T12121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 859.892637][T12121] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 859.899795][T12121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 859.936500][T12121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 860.076078][T12180] Invalid ELF header magic: != ELF [ 860.236217][T12121] hsr_slave_0: entered promiscuous mode [ 860.277632][T12121] hsr_slave_1: entered promiscuous mode [ 860.314871][T12121] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 860.332921][T12121] Cannot create hsr debugfs directory [ 861.322671][ T5089] Bluetooth: hci4: command tx timeout [ 861.376958][T12121] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 861.652424][T12121] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 861.834916][T12121] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 861.869327][T12201] loop3: detected capacity change from 0 to 512 [ 861.913460][T12201] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 862.015652][T12201] EXT4-fs (loop3): 1 truncate cleaned up [ 862.021802][T12201] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 862.025750][T12121] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 862.334581][ T29] audit: type=1804 audit(1717681060.359:65): pid=12209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1535173119/syzkaller.NWo2yh/376/file0" dev="sda1" ino=1941 res=1 errno=0 [ 862.557498][T12121] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 862.599225][T12201] loop3: detected capacity change from 512 to 64 [ 862.620167][T12213] syz-executor.3: attempt to access beyond end of device [ 862.620167][T12213] loop3: rw=34817, sector=487, nr_sectors = 1 limit=64 [ 862.675300][T12121] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 862.783950][T12121] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 862.851921][T12121] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 862.909957][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 862.969947][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 863.039925][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 863.107435][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 863.145242][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 863.165043][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 863.227405][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 863.268568][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 863.332781][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 863.406335][ T5089] Bluetooth: hci4: command tx timeout [ 863.554285][ T9545] EXT4-fs warning (device loop3): ext4_empty_dir:3116: inode #11: lblock 5: comm syz-executor.3: error -12 reading directory block [ 864.682111][T12121] 8021q: adding VLAN 0 to HW filter on device bond0 [ 865.034716][T12121] 8021q: adding VLAN 0 to HW filter on device team0 [ 865.182694][ T6574] bridge0: port 1(bridge_slave_0) entered blocking state [ 865.190373][ T6574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 865.553109][ T6574] bridge0: port 2(bridge_slave_1) entered blocking state [ 865.560925][ T6574] bridge0: port 2(bridge_slave_1) entered forwarding state [ 865.862807][ T9545] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 866.778216][ T8339] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 866.957428][ T8339] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 867.148581][ T8339] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 867.369356][ T8339] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 867.717648][ T8339] bridge_slave_1: left allmulticast mode [ 867.723769][ T8339] bridge_slave_1: left promiscuous mode [ 867.730318][ T8339] bridge0: port 2(bridge_slave_1) entered disabled state [ 867.779164][ T8339] bridge_slave_0: left allmulticast mode [ 867.788001][ T8339] bridge_slave_0: left promiscuous mode [ 867.804990][ T8339] bridge0: port 1(bridge_slave_0) entered disabled state [ 868.452744][ T8339] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 868.524222][ T8339] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 868.570041][ T8339] bond0 (unregistering): Released all slaves [ 868.927851][T12121] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 869.962214][T12121] veth0_vlan: entered promiscuous mode [ 870.315046][T12121] veth1_vlan: entered promiscuous mode [ 870.511019][ T8339] hsr_slave_0: left promiscuous mode [ 870.551356][ T8339] hsr_slave_1: left promiscuous mode [ 870.597056][ T8339] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 870.605419][ T8339] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 870.670044][ T8339] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 870.678219][ T8339] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 870.789496][ T8339] veth1_macvtap: left promiscuous mode [ 870.795428][ T8339] veth0_macvtap: left promiscuous mode [ 870.801884][ T8339] veth1_vlan: left promiscuous mode [ 870.807442][ T8339] veth0_vlan: left promiscuous mode [ 870.844558][T11247] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 870.860922][T11247] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 870.878554][T11247] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 870.895390][T11247] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 870.908567][T11247] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 870.918799][T11247] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 872.148605][ T8339] team0 (unregistering): Port device team_slave_1 removed [ 872.229542][ T8339] team0 (unregistering): Port device team_slave_0 removed [ 872.394998][ T8332] smc: removing ib device syz1 [ 873.425886][T11247] Bluetooth: hci1: command tx timeout [ 874.114529][T12121] veth0_macvtap: entered promiscuous mode [ 874.349676][T12121] veth1_macvtap: entered promiscuous mode [ 874.543136][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 874.556097][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.566849][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 874.577764][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.587984][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 874.598706][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.608974][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 874.619713][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.634734][T12121] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 874.945146][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 874.956015][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.968214][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 874.979495][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 874.989810][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 875.000794][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 875.010969][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 875.021703][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 875.036365][T12121] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 875.482335][T11247] Bluetooth: hci1: command tx timeout [ 875.618657][T12283] chnl_net:caif_netlink_parms(): no params data found [ 875.678160][T12121] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 875.687372][T12121] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 875.696504][T12121] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 875.705986][T12121] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 877.474436][T12283] bridge0: port 1(bridge_slave_0) entered blocking state [ 877.483367][T12283] bridge0: port 1(bridge_slave_0) entered disabled state [ 877.491389][T12283] bridge_slave_0: entered allmulticast mode [ 877.501598][T12283] bridge_slave_0: entered promiscuous mode [ 877.591925][T11247] Bluetooth: hci1: command tx timeout [ 877.654985][T12283] bridge0: port 2(bridge_slave_1) entered blocking state [ 877.662945][T12283] bridge0: port 2(bridge_slave_1) entered disabled state [ 877.671048][T12283] bridge_slave_1: entered allmulticast mode [ 877.680156][T12283] bridge_slave_1: entered promiscuous mode [ 878.370953][T12283] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 878.445606][T12283] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 878.958685][T12283] team0: Port device team_slave_0 added [ 879.112638][T12283] team0: Port device team_slave_1 added [ 879.543792][T12283] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 879.552171][T12283] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 879.588217][T12283] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 879.699118][T11247] Bluetooth: hci1: command tx timeout [ 879.975703][T12283] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 879.985197][T12283] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 880.012083][T12283] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 880.859272][T12283] hsr_slave_0: entered promiscuous mode [ 880.922224][T12283] hsr_slave_1: entered promiscuous mode [ 880.970716][T12283] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 880.978514][T12283] Cannot create hsr debugfs directory [ 881.921324][ T8284] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 881.970000][ T8339] IPVS: stop unused estimator thread 0... [ 882.815678][T12283] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 882.873557][T12283] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 882.942831][T12283] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 883.028161][T12283] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 884.251977][ T5134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 884.260142][ T5134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 884.323236][T12283] 8021q: adding VLAN 0 to HW filter on device bond0 [ 884.548079][T12283] 8021q: adding VLAN 0 to HW filter on device team0 [ 884.577018][ T6574] bridge0: port 1(bridge_slave_0) entered blocking state [ 884.584812][ T6574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 884.675800][ T3059] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 884.688486][ T3059] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 884.801691][ T6574] bridge0: port 2(bridge_slave_1) entered blocking state [ 884.809373][ T6574] bridge0: port 2(bridge_slave_1) entered forwarding state [ 885.349912][T12283] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 886.963704][ T3059] bridge_slave_1: left allmulticast mode [ 886.969691][ T3059] bridge_slave_1: left promiscuous mode [ 886.976388][ T3059] bridge0: port 2(bridge_slave_1) entered disabled state [ 887.048009][ T3059] bridge_slave_0: left allmulticast mode [ 887.054193][ T3059] bridge_slave_0: left promiscuous mode [ 887.061026][ T3059] bridge0: port 1(bridge_slave_0) entered disabled state [ 887.567798][ T3059] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 887.601052][ T3059] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 887.644626][ T3059] bond0 (unregistering): Released all slaves [ 887.806677][ T9003] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 888.733622][T12428] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 888.835502][ T3059] hsr_slave_0: left promiscuous mode [ 888.846231][ T3059] hsr_slave_1: left promiscuous mode [ 888.857825][ T3059] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 888.865871][ T3059] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 888.897156][ T3059] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 888.906488][ T3059] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 888.983293][ T3059] veth1_macvtap: left promiscuous mode [ 888.994487][ T3059] veth0_macvtap: left promiscuous mode [ 889.000399][ T3059] veth1_vlan: left promiscuous mode [ 889.009196][ T3059] veth0_vlan: left promiscuous mode [ 889.949500][ T3059] team0 (unregistering): Port device team_slave_1 removed [ 890.004240][ T3059] team0 (unregistering): Port device team_slave_0 removed [ 890.666099][T12283] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 891.512238][T12283] veth0_vlan: entered promiscuous mode [ 891.689325][T12283] veth1_vlan: entered promiscuous mode [ 892.546788][T12283] veth0_macvtap: entered promiscuous mode [ 892.689743][T12283] veth1_macvtap: entered promiscuous mode [ 893.160184][T12283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 893.173174][T12283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 893.183911][T12283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 893.199699][T12283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 893.211444][T12283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 893.222447][T12283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 893.232579][T12283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 893.243359][T12283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 893.258204][T12283] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 893.858582][T12283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 893.869875][T12283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 893.880050][T12283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 893.890867][T12283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 893.901020][T12283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 893.915089][T12283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 893.926021][T12283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 893.936735][T12283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 893.952021][T12283] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 894.028831][T12283] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.038780][T12283] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.048897][T12283] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.058000][T12283] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 894.949097][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 894.955907][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 897.000264][ T3059] IPVS: stop unused estimator thread 0... [ 900.656950][ T9644] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 900.668205][ T9644] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 900.689388][T12523] loop0: detected capacity change from 0 to 4096 [ 900.787820][ T6570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 900.796062][ T6570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 900.843996][T12523] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 901.180900][T12523] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 902.145275][ T8303] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 902.331195][ T8303] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 902.575776][ T8303] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 902.754190][ T8303] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 903.131169][ T8303] bridge_slave_1: left allmulticast mode [ 903.137120][ T8303] bridge_slave_1: left promiscuous mode [ 903.143938][ T8303] bridge0: port 2(bridge_slave_1) entered disabled state [ 903.261484][ T8303] bridge_slave_0: left allmulticast mode [ 903.267390][ T8303] bridge_slave_0: left promiscuous mode [ 903.274275][ T8303] bridge0: port 1(bridge_slave_0) entered disabled state [ 904.205299][ T8303] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 904.358274][ T8303] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 904.406439][ T8303] bond0 (unregistering): Released all slaves [ 904.642688][ T8303] tipc: Left network mode [ 905.478454][ T8303] hsr_slave_0: left promiscuous mode [ 905.492377][ T8303] hsr_slave_1: left promiscuous mode [ 905.537682][ T8303] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 905.546154][ T8303] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 905.621579][ T8303] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 905.630009][ T8303] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 905.732020][ T8303] veth1_macvtap: left promiscuous mode [ 905.737889][ T8303] veth0_macvtap: left promiscuous mode [ 905.744084][ T8303] veth1_vlan: left promiscuous mode [ 905.749643][ T8303] veth0_vlan: left promiscuous mode [ 905.793096][ T5089] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 905.812526][ T5089] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 905.861519][ T5089] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 905.890498][ T5089] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 905.903913][ T5089] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 905.923160][ T5089] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 906.661288][ T8303] team0 (unregistering): Port device team_slave_1 removed [ 908.131349][ T5089] Bluetooth: hci3: command tx timeout [ 908.270404][T12595] chnl_net:caif_netlink_parms(): no params data found [ 909.517279][T12595] bridge0: port 1(bridge_slave_0) entered blocking state [ 909.525344][T12595] bridge0: port 1(bridge_slave_0) entered disabled state [ 909.533155][T12595] bridge_slave_0: entered allmulticast mode [ 909.542147][T12595] bridge_slave_0: entered promiscuous mode [ 909.588742][T12595] bridge0: port 2(bridge_slave_1) entered blocking state [ 909.596547][T12595] bridge0: port 2(bridge_slave_1) entered disabled state [ 909.604404][T12595] bridge_slave_1: entered allmulticast mode [ 909.613730][T12595] bridge_slave_1: entered promiscuous mode [ 909.891414][T12595] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 909.971895][T12595] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 910.202176][ T5089] Bluetooth: hci3: command tx timeout [ 910.263136][T12595] team0: Port device team_slave_0 added [ 910.333272][T12595] team0: Port device team_slave_1 added [ 910.762105][T12595] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 910.769282][T12595] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 910.796154][T12595] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 910.913859][ T8303] IPVS: stop unused estimator thread 0... [ 910.935166][T12595] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 910.942497][T12595] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 910.969000][T12595] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 911.290284][T12595] hsr_slave_0: entered promiscuous mode [ 911.327637][T12595] hsr_slave_1: entered promiscuous mode [ 912.307243][ T5089] Bluetooth: hci3: command tx timeout [ 912.991190][T12584] xt_CT: You must specify a L4 protocol and not use inversions on it [ 913.316472][T12595] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 913.402724][T12595] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 913.506662][T12595] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 913.624168][T12595] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 914.360802][ T5089] Bluetooth: hci3: command tx timeout [ 914.520296][T12685] loop2: detected capacity change from 0 to 2048 [ 914.608120][T12685] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 914.630220][T12686] loop1: detected capacity change from 0 to 512 [ 914.766050][T12595] 8021q: adding VLAN 0 to HW filter on device bond0 [ 914.777752][T12686] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 914.791589][T12686] ext4 filesystem being mounted at /root/syzkaller-testdir1948764627/syzkaller.axkTrv/200/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 914.943121][ T8303] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 915.049093][T12595] 8021q: adding VLAN 0 to HW filter on device team0 [ 915.114474][ T6574] bridge0: port 1(bridge_slave_0) entered blocking state [ 915.122380][ T6574] bridge0: port 1(bridge_slave_0) entered forwarding state [ 915.195504][ T6574] bridge0: port 2(bridge_slave_1) entered blocking state [ 915.203321][ T6574] bridge0: port 2(bridge_slave_1) entered forwarding state [ 915.468649][ T9653] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 916.179604][T12713] loop4: detected capacity change from 0 to 16 [ 916.653274][T12718] Cannot find add_set index 0 as target [ 917.496958][T12595] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 918.016932][T12595] veth0_vlan: entered promiscuous mode [ 918.143350][T12595] veth1_vlan: entered promiscuous mode [ 918.468844][T12595] veth0_macvtap: entered promiscuous mode [ 918.522959][T12595] veth1_macvtap: entered promiscuous mode [ 918.701327][T12595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 918.712281][T12595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.722416][T12595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 918.733141][T12595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.743335][T12595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 918.754061][T12595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.764201][T12595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 918.775004][T12595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.794986][T12595] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 918.929226][T12595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 918.940228][T12595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.950536][T12595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 918.961922][T12595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.972430][T12595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 918.983280][T12595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.997362][T12595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 919.009277][T12595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 919.024327][T12595] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 919.267558][T12595] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 919.276892][T12595] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 919.286066][T12595] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 919.295217][T12595] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 919.346027][T12760] Cannot find add_set index 0 as target [ 923.750176][T12814] loop4: detected capacity change from 0 to 128 [ 923.954865][ T29] audit: type=1326 audit(1717681121.979:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 923.978424][ T29] audit: type=1326 audit(1717681121.979:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 924.002648][ T29] audit: type=1326 audit(1717681122.009:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 924.029099][ T29] audit: type=1326 audit(1717681122.009:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 924.053420][ T29] audit: type=1326 audit(1717681122.019:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 924.076772][ T29] audit: type=1326 audit(1717681122.019:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 924.100045][ T29] audit: type=1326 audit(1717681122.029:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 924.126315][ T29] audit: type=1326 audit(1717681122.029:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 924.151219][ T29] audit: type=1326 audit(1717681122.029:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12813 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593ec7cf69 code=0x7ffc0000 [ 924.455834][T12823] loop2: detected capacity change from 0 to 512 [ 924.591052][T12823] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent [ 925.125462][ T5140] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 925.307547][T12840] loop3: detected capacity change from 0 to 256 [ 925.371715][T12840] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 925.380987][ T5140] usb 3-1: Using ep0 maxpacket: 8 [ 925.411252][T12840] exFAT-fs (loop3): error, tried to truncate zeroed cluster. [ 925.418915][T12840] exFAT-fs (loop3): Filesystem has been set read-only [ 925.533860][ T5140] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 117, changing to 10 [ 925.550122][ T5140] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 25380, setting to 1024 [ 925.562878][ T5140] usb 3-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8 [ 925.574035][ T5140] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 925.630455][ T5140] usb 3-1: config 0 descriptor?? [ 925.696734][ T5140] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 925.707836][ T5140] usb 3-1: Detected SIO [ 925.755098][ T5140] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 925.886489][ T5140] usb 3-1: USB disconnect, device number 4 [ 925.938512][ T5140] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 925.950010][ T5140] ftdi_sio 3-1:0.0: device disconnected [ 926.106572][ T8346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 926.114950][ T8346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 926.340038][ T6570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 926.340203][T12854] loop4: detected capacity change from 0 to 64 [ 926.348194][ T6570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 926.548926][T12854] overlayfs: upper fs needs to support d_type. [ 926.560025][T12854] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 926.568462][T12854] overlayfs: failed to set xattr on upper [ 926.578063][T12854] overlayfs: ...falling back to redirect_dir=nofollow. [ 926.586386][T12854] overlayfs: ...falling back to index=off. [ 926.593355][T12854] overlayfs: ...falling back to uuid=null. [ 926.886506][ T6846] Trying to free block not in datazone [ 926.893329][ T6846] Trying to free block not in datazone [ 926.898984][ T6846] Trying to free block not in datazone [ 926.904810][ T6846] Trying to free block not in datazone [ 926.910431][ T6846] Trying to free block not in datazone [ 926.916217][ T6846] minix_free_block (loop4:6): bit already cleared [ 926.925949][ T6846] Trying to free block not in datazone [ 926.931785][ T6846] Trying to free block not in datazone [ 928.640235][T12899] loop1: detected capacity change from 0 to 512 [ 928.654733][T12903] hsr_slave_0: left promiscuous mode [ 928.680172][T12903] hsr_slave_1: left promiscuous mode [ 928.743401][T12899] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 928.893622][T12899] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: iget: bad i_size value: -67835469387268086 [ 928.950136][T12899] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 928.984324][T12899] EXT4-fs (loop1): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 928.997519][T12899] ext2 filesystem being mounted at /root/syzkaller-testdir1948764627/syzkaller.axkTrv/211/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 930.492904][ T9653] EXT4-fs (loop1): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 932.801046][ T6574] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 933.080296][ T6574] usb 1-1: Using ep0 maxpacket: 8 [ 933.211734][ T6574] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 933.221961][ T6574] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xA7, skipping [ 933.502165][ T6574] usb 1-1: New USB device found, idVendor=05c6, idProduct=9225, bcdDevice=1c.b6 [ 933.511625][ T6574] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 933.519886][ T6574] usb 1-1: Product: syz [ 933.524384][ T6574] usb 1-1: Manufacturer: syz [ 933.529214][ T6574] usb 1-1: SerialNumber: syz [ 933.631019][ T6574] usb 1-1: config 0 descriptor?? [ 933.924076][T12992] loop1: detected capacity change from 0 to 512 [ 933.936233][T12992] EXT4-fs: Ignoring removed oldalloc option [ 933.947579][ T5140] usb 1-1: USB disconnect, device number 13 [ 933.955702][T12992] journal_path: Lookup failure for './file0' [ 933.966008][T12992] EXT4-fs: error: could not find journal device path [ 934.205096][T12996] loop2: detected capacity change from 0 to 512 [ 934.276200][T12996] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 934.376652][T12996] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: iget: bad i_size value: -67835469387268086 [ 934.430170][T12996] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 934.491709][T12996] EXT4-fs (loop2): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 934.504867][T12996] ext2 filesystem being mounted at /root/syzkaller-testdir2363751154/syzkaller.IGds6C/38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 941.832565][T13105] loop4: detected capacity change from 0 to 256 [ 941.875212][T13105] exfat: Deprecated parameter 'utf8' [ 941.881372][T13105] exfat: Deprecated parameter 'namecase' [ 941.938971][T13105] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1806556a, utbl_chksum : 0xe619d30d) [ 942.247189][T13111] loop0: detected capacity change from 0 to 2048 [ 942.918886][T13120] loop3: detected capacity change from 0 to 2048 [ 943.085052][T13120] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 943.265577][T12121] EXT4-fs (loop2): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 946.058527][T12283] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 946.567893][T13162] loop0: detected capacity change from 0 to 2048 [ 946.803232][T13162] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 952.998178][T12595] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 956.498904][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 956.506336][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 962.354759][T13273] loop4: detected capacity change from 0 to 256 [ 962.417698][T13276] loop2: detected capacity change from 0 to 256 [ 962.423059][T13273] exfat: Unknown parameter 'H' [ 962.462417][T13276] exfat: Unknown parameter 'H' [ 962.530072][T13275] loop1: detected capacity change from 0 to 128 [ 962.698680][T13275] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 962.845686][T13275] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 974.761433][T11247] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 974.779010][T11247] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 974.792654][T11247] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 974.834274][T11247] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 974.874688][T11247] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 974.884194][T11247] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 976.289473][ T3059] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 976.496189][ T3059] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 976.651127][ T3059] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 977.012157][ T5089] Bluetooth: hci5: command tx timeout [ 977.033701][ T3059] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 977.179397][T13366] chnl_net:caif_netlink_parms(): no params data found [ 977.581412][ T3059] bridge_slave_1: left allmulticast mode [ 977.587453][ T3059] bridge_slave_1: left promiscuous mode [ 977.599360][ T3059] bridge0: port 2(bridge_slave_1) entered disabled state [ 977.686939][ T3059] bridge_slave_0: left allmulticast mode [ 977.693937][ T3059] bridge_slave_0: left promiscuous mode [ 977.701033][ T3059] bridge0: port 1(bridge_slave_0) entered disabled state [ 977.859571][T13391] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 978.346373][ T3059] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 978.436702][ T3059] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 978.503726][ T3059] bond0 (unregistering): Released all slaves [ 978.921384][ T5089] Bluetooth: hci4: command 0x0406 tx timeout [ 979.082059][T11247] Bluetooth: hci5: command tx timeout [ 979.310107][ T3059] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 979.320804][ T3059] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 979.341943][ T3059] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 979.349550][ T3059] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 979.425166][ T3059] veth1_macvtap: left promiscuous mode [ 979.430951][ T3059] veth0_macvtap: left promiscuous mode [ 979.436685][ T3059] veth1_vlan: left promiscuous mode [ 979.442374][ T3059] veth0_vlan: left promiscuous mode [ 980.323437][ T3059] team0 (unregistering): Port device team_slave_1 removed [ 980.361898][ T3059] team0 (unregistering): Port device team_slave_0 removed [ 980.948741][T13366] bridge0: port 1(bridge_slave_0) entered blocking state [ 980.956900][T13366] bridge0: port 1(bridge_slave_0) entered disabled state [ 980.966124][T13366] bridge_slave_0: entered allmulticast mode [ 980.974273][T13366] bridge_slave_0: entered promiscuous mode [ 981.096168][T13366] bridge0: port 2(bridge_slave_1) entered blocking state [ 981.103937][T13366] bridge0: port 2(bridge_slave_1) entered disabled state [ 981.111633][T13366] bridge_slave_1: entered allmulticast mode [ 981.119620][T13366] bridge_slave_1: entered promiscuous mode [ 981.161709][T11247] Bluetooth: hci5: command tx timeout [ 981.480298][T13366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 981.548376][T13366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 981.770798][T13366] team0: Port device team_slave_0 added [ 981.797651][T13366] team0: Port device team_slave_1 added [ 981.987968][T13427] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 982.190309][T13366] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 982.198355][T13366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 982.224775][T13366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 982.364884][T13366] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 982.372173][T13366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 982.402269][T13366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 982.649968][T13435] loop4: detected capacity change from 0 to 256 [ 982.718437][T13435] exfat: Unknown parameter 'H' [ 982.777108][T13366] hsr_slave_0: entered promiscuous mode [ 982.853563][T13366] hsr_slave_1: entered promiscuous mode [ 982.894423][T13366] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 982.903506][T13366] Cannot create hsr debugfs directory [ 983.254096][T11247] Bluetooth: hci5: command tx timeout [ 984.243667][T13451] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 984.297241][T13451] batman_adv: batadv0: Adding interface: team0 [ 984.303939][T13451] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 984.337330][T13451] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 984.556802][T13453] loop1: detected capacity change from 0 to 256 [ 984.571356][T13453] exfat: Unknown parameter 'H' [ 984.674720][T13366] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 984.782688][T13366] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 984.927926][T13366] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 985.002972][T13366] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 986.414860][T13366] 8021q: adding VLAN 0 to HW filter on device bond0 [ 986.582388][T13366] 8021q: adding VLAN 0 to HW filter on device team0 [ 986.672752][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 986.680481][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 986.760186][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 986.768184][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 987.237733][ T29] audit: type=1800 audit(1717681185.279:75): pid=13474 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1951 res=0 errno=0 [ 987.259933][ T29] audit: type=1804 audit(1717681185.299:76): pid=13474 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2363751154/syzkaller.IGds6C/56/file1" dev="sda1" ino=1951 res=1 errno=0 [ 987.285534][ C0] vkms_vblank_simulate: vblank timer overrun [ 987.341567][T13474] loop2: detected capacity change from 0 to 256 [ 987.595675][T13474] FAT-fs (loop2): Directory bread(block 64) failed [ 987.612439][T13474] FAT-fs (loop2): Directory bread(block 65) failed [ 987.620877][T13474] FAT-fs (loop2): Directory bread(block 66) failed [ 987.627563][T13474] FAT-fs (loop2): Directory bread(block 67) failed [ 987.634470][T13474] FAT-fs (loop2): Directory bread(block 68) failed [ 987.641397][T13474] FAT-fs (loop2): Directory bread(block 69) failed [ 987.648240][T13474] FAT-fs (loop2): Directory bread(block 70) failed [ 987.654962][T13474] FAT-fs (loop2): Directory bread(block 71) failed [ 987.661830][T13474] FAT-fs (loop2): Directory bread(block 72) failed [ 987.670932][T13474] FAT-fs (loop2): Directory bread(block 73) failed [ 987.949774][ T29] audit: type=1800 audit(1717681185.989:77): pid=13474 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file2" dev="loop2" ino=1048651 res=0 errno=0 [ 988.065670][ T29] audit: type=1800 audit(1717681186.109:78): pid=13474 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file2" dev="loop2" ino=1048651 res=0 errno=0 [ 988.833353][T13366] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 989.450138][T13366] veth0_vlan: entered promiscuous mode [ 989.595518][T13366] veth1_vlan: entered promiscuous mode [ 989.879165][T13366] veth0_macvtap: entered promiscuous mode [ 989.965445][T13366] veth1_macvtap: entered promiscuous mode [ 990.119863][T13366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 990.131291][T13366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 990.141317][T13366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 990.151990][T13366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 990.165115][T13366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 990.179611][T13366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 990.189732][T13366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 990.200432][T13366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 990.219349][T13366] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 990.492679][T13366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 990.503382][T13366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 990.513440][T13366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 990.524131][T13366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 990.534187][T13366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 990.545389][T13366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 990.558176][T13366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 990.573554][T13366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 990.596763][T13366] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 990.810065][T13366] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 990.819245][T13366] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 990.828479][T13366] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 990.837636][T13366] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 991.775372][T13510] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 992.110166][T13514] vivid-000: disconnect [ 992.136220][T13513] vivid-000: reconnect [ 992.801900][ T29] audit: type=1800 audit(1717681190.819:79): pid=13518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1959 res=0 errno=0 [ 992.824162][T13518] loop2: detected capacity change from 0 to 256 [ 992.835201][ T29] audit: type=1804 audit(1717681190.889:80): pid=13518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2363751154/syzkaller.IGds6C/61/file1" dev="sda1" ino=1959 res=1 errno=0 [ 993.074953][T13518] FAT-fs (loop2): Directory bread(block 64) failed [ 993.082135][T13518] FAT-fs (loop2): Directory bread(block 65) failed [ 993.089024][T13518] FAT-fs (loop2): Directory bread(block 66) failed [ 993.095770][T13518] FAT-fs (loop2): Directory bread(block 67) failed [ 993.102881][T13518] FAT-fs (loop2): Directory bread(block 68) failed [ 993.109526][T13518] FAT-fs (loop2): Directory bread(block 69) failed [ 993.116401][T13518] FAT-fs (loop2): Directory bread(block 70) failed [ 993.123235][T13518] FAT-fs (loop2): Directory bread(block 71) failed [ 993.134123][T13518] FAT-fs (loop2): Directory bread(block 72) failed [ 993.141827][T13518] FAT-fs (loop2): Directory bread(block 73) failed [ 993.312694][ T29] audit: type=1800 audit(1717681191.339:81): pid=13518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file2" dev="loop2" ino=1048652 res=0 errno=0 [ 993.561601][ T29] audit: type=1800 audit(1717681191.539:82): pid=13518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file2" dev="loop2" ino=1048652 res=0 errno=0 [ 996.888715][T13562] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 997.493988][T13566] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 997.537620][T13566] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 997.571847][ T8346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 997.579968][ T8346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 997.805966][ T8346] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 997.815517][ T8346] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1001.655615][T13602] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1002.733156][T13625] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 1002.798633][T13625] batman_adv: batadv0: Adding interface: team0 [ 1002.805312][T13625] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1002.831278][T13625] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 1003.736041][ T9644] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 1003.922087][T13644] loop1: detected capacity change from 0 to 256 [ 1003.994768][T13644] exfat: Unknown parameter 'H' [ 1004.151421][ T9644] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 1004.160960][ T9644] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1004.235208][ T9644] usb 4-1: config 0 descriptor?? [ 1005.912779][ T9644] pegasus 4-1:0.0: can't reset MAC [ 1005.918873][ T9644] pegasus 4-1:0.0: probe with driver pegasus failed with error -5 [ 1006.021426][ T9644] usb 4-1: USB disconnect, device number 10 [ 1006.919562][T13675] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1010.091121][ T6574] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 1010.502086][ T6834] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 1010.676727][ T6574] usb 3-1: config 1 interface 0 altsetting 63 bulk endpoint 0x82 has invalid maxpacket 1024 [ 1010.687259][ T6574] usb 3-1: config 1 interface 0 altsetting 63 bulk endpoint 0x3 has invalid maxpacket 1023 [ 1010.697703][ T6574] usb 3-1: config 1 interface 0 has no altsetting 0 [ 1010.921370][ T6834] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 1010.931069][ T6834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1010.972588][ T6834] usb 5-1: config 0 descriptor?? [ 1012.577843][ T6834] pegasus 5-1:0.0: can't reset MAC [ 1012.585407][ T6834] pegasus 5-1:0.0: probe with driver pegasus failed with error -5 [ 1012.648312][ T6834] usb 5-1: USB disconnect, device number 6 [ 1013.572161][ T6574] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1013.581708][ T6574] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1013.589969][ T6574] usb 3-1: Product: 髗殘멮冃矍ᠱ벎癨ͭ퇛䧢ỗ믶廌睖뢎뛑Ⰷ짛⊁堇魼㡐ﱆ羭ẑꀼ⻕ね岹㘧䥚쁟⭷ֈ꯺撇渙꟭쿯ꋪ匓ଖ⒎壦죤溰⑅湭埕쐒돠鼾岭↫尿ꔿ腚쌝ꆉ䷪䕭嬈꣜턳ล㒧胥ᗨᙺ蘪彦僴텊綁 [ 1013.706645][ T6574] usb 3-1: can't set config #1, error -71 [ 1013.794910][ T6574] usb 3-1: USB disconnect, device number 5 [ 1015.542484][ T9644] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 1016.021278][ T9644] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1016.033870][ T9644] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 1016.045450][ T9644] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1016.058802][ T9644] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1016.072137][ T9644] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1016.163895][ T9644] usb 4-1: config 0 descriptor?? [ 1016.192219][T13742] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1017.246540][ T9644] plantronics 0003:047F:FFFF.000C: unknown main item tag 0xd [ 1017.310312][ T6834] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 1017.369829][ T9644] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving [ 1017.492409][ T9644] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 1017.592722][ T9644] usb 4-1: USB disconnect, device number 11 [ 1017.681187][ T6834] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 1017.690834][ T6834] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1017.732026][ T6834] usb 3-1: config 0 descriptor?? [ 1017.834123][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 1017.839502][T13763] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 1017.840832][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 1017.881365][T13763] ===================================================== [ 1017.888486][T13763] BUG: KMSAN: uninit-value in __bpf_strtoull+0x245/0x5b0 [ 1017.895716][T13763] __bpf_strtoull+0x245/0x5b0 [ 1017.900711][T13763] bpf_strtol+0x7c/0x270 [ 1017.905143][T13763] ___bpf_prog_run+0x13fe/0xe0f0 [ 1017.910289][T13763] __bpf_prog_run96+0xb5/0xe0 [ 1017.915214][T13763] bpf_test_run_xdp_live+0x10a9/0x2f70 [ 1017.920893][T13763] bpf_prog_test_run_xdp+0xf02/0x1a40 [ 1017.926389][T13763] bpf_prog_test_run+0x6b7/0xad0 [ 1017.931659][T13763] __sys_bpf+0x6aa/0xd90 [ 1017.936119][T13763] __x64_sys_bpf+0xa0/0xe0 [ 1017.940772][T13763] x64_sys_call+0x96b/0x3b50 [ 1017.945484][T13763] do_syscall_64+0xcf/0x1e0 [ 1017.950104][T13763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.956200][T13763] [ 1017.958565][T13763] Local variable stack created at: [ 1017.963810][T13763] __bpf_prog_run96+0x45/0xe0 [ 1017.968595][T13763] bpf_test_run_xdp_live+0x10a9/0x2f70 [ 1017.974257][T13763] [ 1017.976632][T13763] CPU: 0 PID: 13763 Comm: syz-executor.4 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 1017.986870][T13763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 1017.997163][T13763] ===================================================== [ 1018.004247][T13763] Disabling lock debugging due to kernel taint [ 1018.010447][T13763] Kernel panic - not syncing: kmsan.panic set ... [ 1018.016922][T13763] CPU: 0 PID: 13763 Comm: syz-executor.4 Tainted: G B 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 1018.028572][T13763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 1018.038704][T13763] Call Trace: [ 1018.042037][T13763] [ 1018.045021][T13763] dump_stack_lvl+0x216/0x2d0 [ 1018.049840][T13763] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.055775][T13763] dump_stack+0x1e/0x30 [ 1018.060080][T13763] panic+0x4e2/0xcd0 [ 1018.064088][T13763] ? kmsan_get_metadata+0xf1/0x1d0 [ 1018.069310][T13763] kmsan_report+0x2d5/0x2e0 [ 1018.073938][T13763] ? __msan_warning+0x95/0x120 [ 1018.078798][T13763] ? __bpf_strtoull+0x245/0x5b0 [ 1018.083761][T13763] ? bpf_strtol+0x7c/0x270 [ 1018.088298][T13763] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 1018.093537][T13763] ? __bpf_prog_run96+0xb5/0xe0 [ 1018.098498][T13763] ? bpf_test_run_xdp_live+0x10a9/0x2f70 [ 1018.104269][T13763] ? bpf_prog_test_run_xdp+0xf02/0x1a40 [ 1018.109948][T13763] ? bpf_prog_test_run+0x6b7/0xad0 [ 1018.115204][T13763] ? __sys_bpf+0x6aa/0xd90 [ 1018.119785][T13763] ? __x64_sys_bpf+0xa0/0xe0 [ 1018.124477][T13763] ? x64_sys_call+0x96b/0x3b50 [ 1018.129357][T13763] ? do_syscall_64+0xcf/0x1e0 [ 1018.134236][T13763] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.140427][T13763] ? stack_depot_save+0x12/0x20 [ 1018.145392][T13763] ? kmsan_internal_chain_origin+0xb0/0xd0 [ 1018.151334][T13763] ? kmsan_get_metadata+0x146/0x1d0 [ 1018.156633][T13763] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.162546][T13763] ? __bpf_strtoull+0x80/0x5b0 [ 1018.167421][T13763] ? filter_irq_stacks+0x60/0x1a0 [ 1018.172578][T13763] ? stack_depot_save_flags+0x2c/0x6e0 [ 1018.178138][T13763] ? kmsan_get_metadata+0x146/0x1d0 [ 1018.183434][T13763] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 1018.189808][T13763] ? kmsan_get_metadata+0x146/0x1d0 [ 1018.195108][T13763] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.201018][T13763] __msan_warning+0x95/0x120 [ 1018.205696][T13763] __bpf_strtoull+0x245/0x5b0 [ 1018.210485][T13763] ? bpf_strtol+0x5c/0x270 [ 1018.215099][T13763] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 1018.220328][T13763] bpf_strtol+0x7c/0x270 [ 1018.224699][T13763] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.230620][T13763] ___bpf_prog_run+0x13fe/0xe0f0 [ 1018.235663][T13763] ? kmsan_get_metadata+0x146/0x1d0 [ 1018.240970][T13763] __bpf_prog_run96+0xb5/0xe0 [ 1018.245764][T13763] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.251680][T13763] ? __pfx___bpf_prog_run96+0x10/0x10 [ 1018.257182][T13763] bpf_test_run_xdp_live+0x10a9/0x2f70 [ 1018.262803][T13763] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 1018.268812][T13763] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1018.275010][T13763] ? bpf_test_run_xdp_live+0x7ed/0x2f70 [ 1018.280684][T13763] ? _copy_from_user+0x10c/0x160 [ 1018.285752][T13763] ? kmsan_get_metadata+0x146/0x1d0 [ 1018.291051][T13763] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1018.296965][T13763] bpf_prog_test_run_xdp+0xf02/0x1a40 [ 1018.302489][T13763] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 1018.308425][T13763] bpf_prog_test_run+0x6b7/0xad0 [ 1018.313483][T13763] __sys_bpf+0x6aa/0xd90 [ 1018.317865][T13763] __x64_sys_bpf+0xa0/0xe0 [ 1018.322406][T13763] x64_sys_call+0x96b/0x3b50 [ 1018.327146][T13763] do_syscall_64+0xcf/0x1e0 [ 1018.331767][T13763] ? clear_bhb_loop+0x25/0x80 [ 1018.336565][T13763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.342580][T13763] RIP: 0033:0x7f593ec7cf69 [ 1018.347071][T13763] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1018.366791][T13763] RSP: 002b:00007f593fa610c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1018.375391][T13763] RAX: ffffffffffffffda RBX: 00007f593edb3f80 RCX: 00007f593ec7cf69 [ 1018.383465][T13763] RDX: 0000000000000050 RSI: 0000000020000640 RDI: 000000000000000a [ 1018.391508][T13763] RBP: 00007f593ecda6fe R08: 0000000000000000 R09: 0000000000000000 [ 1018.399555][T13763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1018.407597][T13763] R13: 000000000000000b R14: 00007f593edb3f80 R15: 00007ffc98662b18 [ 1018.415681][T13763] [ 1018.419628][T13763] Kernel Offset: disabled [ 1018.424013][T13763] Rebooting in 86400 seconds..