last executing test programs: 8m4.856557447s ago: executing program 4 (id=82): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x44, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x44}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a310000000005000100070000005c0008801c000780"], 0x8c}, 0x1, 0x0, 0x0, 0x10000182}, 0x4000080) 8m2.916142616s ago: executing program 4 (id=85): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="600000001000ffff27bd7000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="15010000000000003800128009000100"], 0x60}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002) 8m1.594405381s ago: executing program 4 (id=90): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, 0x0, 0x0) 7m59.832532227s ago: executing program 4 (id=94): syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x2000002, &(0x7f00000001c0)={[{@shortad}, {@adinicb}, {@unhide}, {}, {@noadinicb}, {@gid_ignore}, {@anchor={'anchor', 0x3d, 0xe}}, {@anchor}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {}, {@noadinicb}]}, 0x2, 0xc36, &(0x7f0000001a40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3cOefec+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveM97Lb+ZseqE9C48ebNqWvXFhqnXjy94eNbwx8OPXVk+NzI88ef65WdGB0bG79TpN5fvnbPDenabobHgSjieKR44Xs/Ta2IKGL356L+YMd+s4NVJ45VnZgYHas6Mt1pzSyWH17qnYgiotFXqdk7R1uPRdQGH2gftteMWCqbXzb4WNm98bnWfOvKdLtxqTW/2FnszM5cSt3Wlv1pRBFnU8RyRKwO3b27wSiiFim+c3gtXYmIgd55+GI1MXj7dhR72McdKNvZGIxYLh6BMdvHhqKI1yPFz947Glfzdaa61nwh4vUyfxDxTpmvRKTyi3Em4oMtvkc8mmpRxJ+X439uLU1V14PedeXC1xpfmbk221e2d135Je8Pd10pHtL94eCmfDBH3OfXpnoU0aqu+Gvp3n+zAwAAAAAAAAAAAAAAAMD9djCK+EykeO3f/qiaVxzVvPTD50Z+f/j/988Zf/Zj9lOWfTEiloqdzck9kCcGXkqXUnrIc4mfZPUo4o/z/L9vPezGAAAAAAAAAAAAAAAAAAAAPNGK+EmkePn9o2k5+tcU78xcb1xuXZnurgrbW/u3t2b6+vr6eiN1s5lzMudSzuWcKzlXc0aR6+ds5pzMuZRzOedKztWcMZDr52zmnMy5lHM550rO1ZxRy/VzNnNO5lzKuZxzJedqztgna/cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxOiijiF5Hi299YS5EiohkxGd1cGXrYrQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASkOpiO9HisYfNG9vq0VEqv7tOlr+ciaaB8r8ZDRHynwlmudztqqsNb/1ENrP7gymIn4cKYbq794e8Dz+g913t78G8c4377z7bK2bA70Phz8ceurI4XMjY7/27Hav01YNOHahM3PzVmNidGxsvG9zLR/9k33bhvNxi/vTdSJi4a2332xNT7fn7/1F+RXYRfVH6EWqPSk99aJ6EbV90YyH03eeAOX9/4NI8dvv/3vvht+9/9fj/3Xf3b7Dx8//5M79/+XNO9rh/b+2uV6+/5f39K3u/0/3bXs5/25ksBZRX7wxN3gkor7w1tvHOzda19vX2zNnTpz48sjIl0+fGDwQUb/WmW73vbovpwsAAAAAAAAAAAAAAADgwUlF/G6kaP14LTUi4lY1X2v43Mjzx58biIFqvtWGedtvjF8+33h19sbcfHthoT3VmJjpXJ2dau/0cPVqutfE6NiedOZjHdzj9h+svzo799Z85/ofLm75+aH6+SsLi/Otq1t/HAejiGj2bzlWNXhidKxq9HSnNVNVvbTlZPpf3mAq4j8ixdUzjfT5vC3P/988w3/D/P+lzTvao/n/n+jbVh4zpSJ+Hil+6y+ejc9X7TwUd52zXO5vIsWxs5/L5eJAWa7Xhu5zBbozA8uy/xMp/uEXG8v25kM+fafsyR2f2EdEOf6HI8X3/+y78et528bnP2w9/oc272iPxv+Zvm2HNjyvYNddJ4//8UjxytPvxm/kbR/1/I/eszeO5sK3n8+xR+P/qb5tw/m4v3l/ug4AAAAAAAAAAPBIG0xF/G2k+OFYLb2Ut+3k7/9Nbd7RHv39r0/3bZu6P+sVfeyLXZ9UAAAAANgnBlMRP4kU1xffvT2HeuP87775n79zZ/7naNr0afXnfL9SPTfgfv75X7/hfNzJ3XcbAAAAAAAAAAAAAAAAAAAA9pWUingpr6c+Wc3nn9p2PfWVSPHaf72Qy6UjZbneOvDD1a/1i7Mzx89PT89ebS22rky3G+Nzravtsu4zkWLtrz+X6xbV+uq99ea7a7zfWYt9PlKM/V2vbHct9t7a5M/0yi61T5ZlPxEp/vPvN5btrWP9qTv7PVWW/atI8fV/2rrskTtlT5dlvxspfvT1Rq/sobJs7/mon75T9sWrs8UejAoAAAAAAAAAAAAAAAAAAABPmsFUxJ9Giv++sXx7Ln9e/3+w723lnW/2rfe/ya1qnf/hav3/7V7fy/r/1XMFlrY7KgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJ5SFPF2pJi7uJZWhsr3XfULnZmbtyZGx7audjBVNQeq8uVP/eSp02e+9NLI2V5+dP377TPxxvjl841XZ2/MzbcXFtpTjYmZztXZqfaO97Db+psdq05A48abN6euXVtonHrx9IaPbw1/OPTUkeFzI88ff65XdmJ0bGy8r0xt8J6Pfpe0zfYDUcRfRooXvvfT9MOhiCJ2fy4+5ruz1w5WnThWdWJidKzqyHSnNbNYfnipdyKKiEZfpWbvHD2AsdiVZsRS2fyywcfK7o3PteZbV6bbjUut+cXOYmd25lLqtrbsTyOKOJsiliNideju3Q1GEW9Giu8cXkv/PBQx0DsPX7w4/tUTp7ZvR7GHfdyBsp2NwYjl4qPGbIsOs8FQFPGPkeJn7x2NfxmKqEX3J74Q8XqZP4h4J7rjncovxpmID5zWx0YtivjfcvzPraX3hsrrQe+6cuFrja/MXJvtK9u7rjzy94cHaZ/fT+pRxI+qK/5a+lf/XQMAAAAAAAAAAAAAAADsI0X8aqR4+f2jqZoffHtOcWfmeuNy68p0d1pfb+5fb870+vr6eiN1s5lzMudSzuWcKzlXc0aR6+dslllfX5/M75dyLudcybmaMwZy/ZzNnJM5l3Iu51zJuZozarl+zmbOyZxLOZdzruRczdmdJPnUQxwzAAAAAAAAAAAAAAAAAADgcVRU/6T49jfW0vpQtb70QO+zFeuBPvb+LwAA///wvPg9") mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 7m58.65296542s ago: executing program 4 (id=98): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300042e010203010902120001000000000904"], 0x0) ioctl$EVIOCRMFF(r0, 0x550c, 0x0) syz_usb_control_io$uac1(r1, 0x0, 0x0) syz_usb_control_io$uac1(r1, 0x0, 0x0) syz_usb_control_io$lan78xx(r1, 0x0, 0x0) 7m57.828586879s ago: executing program 4 (id=102): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_pressure(r0, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r1, &(0x7f0000000080)={'some', 0x20, 0x2000000008, 0x20, 0x10000000fffff}, 0x2f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='sched_kthread_stop_ret\x00'}, 0x10) close(r1) 7m55.476965904s ago: executing program 32 (id=102): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_pressure(r0, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r1, &(0x7f0000000080)={'some', 0x20, 0x2000000008, 0x20, 0x10000000fffff}, 0x2f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='sched_kthread_stop_ret\x00'}, 0x10) close(r1) 6m53.954070792s ago: executing program 2 (id=277): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x14, r0, 0x3141e0b2751b0f9b, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x68c5}, 0x80) 6m52.902077563s ago: executing program 2 (id=279): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x39, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) close(r4) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x110e22fff6) ioctl$TUNGETVNETLE(r4, 0x40047451, 0x0) 6m51.915216481s ago: executing program 2 (id=283): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x50}}, 0x4000850) sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0) 6m51.294216515s ago: executing program 2 (id=286): syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nocompress}, {@map_normal}]}, 0x3, 0x54c, &(0x7f0000000540)="$eJzs3M9uG8cZAPBZmXJUFTUKBI0dxYeN04MLNApJ1zKEAAW2q6W0CckldleBfSqCWgqESmmRpEDjmy9uC7QPkWufoKe+UdBjjwmWSzqOLdL/ksiIfz9AmuHutzPfrIgZkOIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhSne63V4Uhvl4/2a8WLpTFqMl5+ft/edbxZJ+Q4ian7C2Fi61hy69+s3pXzS/roSL7aOLYa0p1sKdn77283df7azMr1+S0A9gdZbs8cEnywOj8FX0QyX1/dg7/VbvZuO8KvJRspvFeVXE21tb3Xf2BlU8yIdZdauqs1GcdkJSF2V8Nf1V3NvevhZnm7eK/fHuTjLM5gdvvN3vdrfi9zYnWVJWxfid9zardC8fDvPx7jSmOd3E3GieiO/ndVxnySiOD4+OD649LvcmqPckQf3HBfW7/X6v1+/3tq5vX7/R7XYeOdB9SHgk4qyftJy173D2huczX/8BAACAH69o+h578/p/dfo+fBQG+TDrnnVaAAAAwHdo+p//i00x/TTbpRB5/Q8AAAA/Nn9/7B67avJK9N//hbJcje5Obv4yOkmauOTkXHvduYdbrAed6MKskWmx1Zk9SrPL0ett0Ovz6C9nxeHj8oieIoGNBQmEf4aNNmbjdlvenp9pe1kf5MNsMy2G7/ZCklxYqbOb9V8+PvprmA7/H+PRhSgcHh0fbP7hT8e3p7ncbVq5ezLbQPHIPooluXx2f9/jQyP+om1qtcklmvW73vbbfXD8K+3lK0/R573wRhvzxnpbrn97/GtNn73NRaNfj3423Uz3nCO/Fy63MZevvtUUb109JYv+aVmcnzU+3a33YBbPdC+eIItrS+5FODx6JYTwRFn8ZFEWAGflcNEqdH/9f3jd7TzDXPvN6v7b73F1vxfebGPe3JhOrJ2NU2b07vIZfb7G3j3/rKvbv8OVNubKPHjRGtv0+6/7/bar6nTx/2Jhv9WwHzV/qHOfnfw5vPbp53fePjr58KODjw4+7vevbXV/0+1e74fV6TBmxZJMAXh5ZeWX0Xr9t6gs88nve9vbvaTey+KySN+Py3xnN4vzcZ2V6V4y3s3iSVnURVoMm8oH+U5WxdX+ZFKUdTwoynhSVPnN6Te/xLOvfqmy8OtxnafVZJglVRanxbhO0jreyas0nuz/bphXe1k5vbiaZGk+yNOkzotx3Cn2yzTbjOMqyx4IzHeycZ0P8qY6jidlPkrKW/EHxXB/lMU7WZWW+aQu2gbnfeXjQVGOkjo/FzbP+mYDwAvi08/v/PHD4+ODT56w8v+vWk9z1aO9nj+LoQIAM8tWaQAAAAAAAAAAAAAA4MXwtPv/VFRensrKc7fTeQFGsbAynwROjTnbeQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATvN1AAAA//92jZ2z") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) statfs(&(0x7f0000000080)='./file0/file0\x00', 0x0) 6m47.700321546s ago: executing program 2 (id=291): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) sendmmsg$inet(r1, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="93", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f0000001380)='R', 0x1}], 0x1}}], 0x2, 0x4) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x2000c800}, 0x2400c800) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x8, 0x1b}, 0x9c) 6m46.421666694s ago: executing program 2 (id=294): landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x1}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x4498bda7e2139f51, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0xfffffffffffffffe, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x7fff, 0x8, 0xfffffffffffffffa, 0x2, 0x0, 0x6], 0x8080000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 6m44.116344241s ago: executing program 33 (id=294): landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180)={0x1}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x4498bda7e2139f51, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0xfffffffffffffffe, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x7fff, 0x8, 0xfffffffffffffffa, 0x2, 0x0, 0x6], 0x8080000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2m26.34157285s ago: executing program 3 (id=1072): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000006380)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba5234400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b60dd7710000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048636662867d08f50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x1d}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40) ioctl$sock_TIOCINQ(r1, 0x541b, 0x0) 2m24.456769932s ago: executing program 3 (id=1081): add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x32d15422}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x2000c044) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r6, &(0x7f0000000100)={0x0, 0xa6ff, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a010900000000000000000a0000010900020073797a31000000000900010073797a31"], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000) 2m19.587876361s ago: executing program 3 (id=1099): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0) pwritev(r2, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0) 2m18.75552692s ago: executing program 3 (id=1101): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_emit_ethernet(0x2e, &(0x7f00000008c0)={@link_local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @empty}, {0x0, 0x883e, 0xc, 0x0, @gue={{0x1, 0x1, 0x3, 0x7f, 0x100, @void}}}}}}}, 0x0) 2m17.975328365s ago: executing program 3 (id=1105): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b8, 0x0, 0x111, 0x4b4, 0x120, 0xd4feffff, 0x1e8, 0x20a, 0x278, 0x1e8, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @mcast1, [], [0x0, 0x0, 0xffff00, 0xff000000], 'veth1_vlan\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@inet=@socket3={{0x28}, 0x2}, @inet=@rpfilter={{0x28}, {0x4}}]}, @common=@unspec=@CLASSIFY={0x28}}, {{@ipv6={@loopback, @local, [0x0, 0x0, 0xff], [], 'syzkaller1\x00', 'pimreg1\x00', {}, {}, 0x3c, 0x0, 0x0, 0x8}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x318) 2m13.177006647s ago: executing program 3 (id=1126): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000340)="0a000300010000", 0x7) recvmmsg(r1, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}, 0x5}], 0x40001af, 0x12122, 0x0) 1m57.874690496s ago: executing program 34 (id=1126): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000340)="0a000300010000", 0x7) recvmmsg(r1, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}, 0x5}], 0x40001af, 0x12122, 0x0) 1m14.001901498s ago: executing program 0 (id=1384): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x20, 0x1, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x80) 1m13.224181937s ago: executing program 0 (id=1385): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r0) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, 0x0, 0x4044084) 1m12.502524317s ago: executing program 0 (id=1389): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x4) 1m11.604894179s ago: executing program 0 (id=1391): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000ffffffff00000000000000001801000011646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x108) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000780)='generic_add_lease\x00', r1}, 0x18) fcntl$setlease(r0, 0x400, 0x1) 1m10.651069075s ago: executing program 0 (id=1393): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) r2 = dup(r1) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 1m9.987301647s ago: executing program 0 (id=1397): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f0000000180), 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x6}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x7, 0x4, 0xc8, 0x1}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030010850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0), 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr") 54.664544143s ago: executing program 35 (id=1397): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f0000000180), 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x6}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x7, 0x4, 0xc8, 0x1}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030010850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0), 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr") 5.728757794s ago: executing program 5 (id=1671): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)=""/161, 0xa1}], 0x1}}], 0x1, 0x2, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000400)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x1, 0x5c, 0x0, 0x0, 0x5, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "4bd5ffa8e842cdd19baeb25d342579f7e63d2d1e5317517e", "b1fe94141226cc71e718e86db665dd4fbd49b20523893e8724968b868600ac13"}}}}}}, 0x0) 5.503224696s ago: executing program 7 (id=1672): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000040)="82", 0x1}, {0x0}], 0x2}}], 0x1, 0x4404c880) 4.929479859s ago: executing program 1 (id=1675): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x63eb, &(0x7f0000000000)={0x0, 0x5fc2, 0x8, 0x1, 0x1d7}) io_uring_register$IORING_REGISTER_IOWQ_AFF(r1, 0x11, &(0x7f0000000080)="ea", 0x1) 4.679694407s ago: executing program 7 (id=1676): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x200000081}, 0x18) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 4.611525237s ago: executing program 6 (id=1677): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8948, 0x0) mincore(&(0x7f0000ff8000/0x1000)=nil, 0x1000, &(0x7f0000000080)=""/138) 4.429629737s ago: executing program 8 (id=1678): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0xe, 0x0, [@mcast2, @mcast2, @local, @dev={0xfe, 0x80, '\x00', 0x44}, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @loopback]}, 0x68) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$TCSETSW2(r1, 0x5453, 0x0) ioctl$TIOCL_PASTESEL(r1, 0x541c, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x4f}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x6, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffa8, 0x0, 0x0, 0x0, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) creat(&(0x7f0000000080)='./bus\x00', 0x0) mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c) 4.237644469s ago: executing program 5 (id=1679): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x4}, 0x18) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0) 4.036679289s ago: executing program 1 (id=1680): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010c30000000003000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608000000000000180000000000000000000000000010009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94) 3.49015795s ago: executing program 6 (id=1681): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'wg0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000180)='\x00', 0x1, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x80, 0x6, @broadcast}, 0x14) 3.266241807s ago: executing program 8 (id=1682): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400080000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4004055}, 0x2) 2.797540931s ago: executing program 1 (id=1683): r0 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)}, 0x894) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 2.358272109s ago: executing program 5 (id=1684): mknod(0x0, 0x8001420, 0xffffffff) syz_io_uring_setup(0xbda, &(0x7f0000000100)={0x0, 0xec25, 0x8, 0x10000001, 0x40000333}, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0) syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000400)='./file0\x00', 0x800000, &(0x7f0000000040)=ANY=[@ANYBLOB="00fbfddc0bd5e8dee8d286b20b62086ce9b81b1660031b9dcba026117a79eba4a32d50e5c7b14c8e3f4d"], 0x1, 0x3ea, &(0x7f0000000c40)="$eJzs3M9OG0ccwPFZYleUSqhS1EAIh2nTAz3EWS/FyMppux6bSda7q5l1BKcqKhChQlo1qdRwabmkrdQ+RK59iL5R1L4B1f4xBWMw4U+Mou9HQjPe/c3Mb1bWjrxoVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEELdetOyLUUW9Vnixombh7yvl+f58dKU4ZVwgn+xOTk2K2ODR78//TnxSdzBSfZsRkVkyK3Y9uffzgZmWi3/6UhN6J5y93v32yvb3xw8DxytDMqrLy737u3WR39Toq0jbWXb+jpLaxbDYa7v2VtpVtHSq7ZlPVlYFRfhobuRB8IevN5qJUtbW4F3Vafqj6B5fvea7bkA9rifKNjaP7D2s2WNFhqKNOHpOdzmKWsy/iI53KVPldKTe3tjcWRyWZBdXPEuSNCvJcz6vXPa/eWGouLbtuxXM9eeSAO0AcazL+Ly3G65Lv4MD57ZfrPwAAAAAAeH85+TP27Pd/NX8O74i2DpU77rQAAAAAAMAlyv/zP5MV1aw2Kxx+/wMAAAAA8L757fAeuw+H7bGzyab4+x9hTNXZS1Y/d3b8LNzfEZW83Y3BHtP2nDNddpIXjUr5KVDzzu0i6HY/+k1ZbI7a6+ccS6AceTCBYofd/s9DEhB/iLkiaG69KNf7Z4pRpto6VLUgDh/Uhe9PT6RqNf3x2dZPIp/+71F32hGbW9sbtW++217Pc9nLetnbKTdQHNtHcfLFEC8O9j0On3E1fxBTjjtVjOsenv9E0XziLcZ8Je4UMXeminLq6PwnszHrtZNmX2ZRv+DMX4n5ImZ+4W5W3F0YkoU3KgvvcBbnuhZnyGJxVBaLF8wCAMZlc8Qq5Bxf+M9xl7u81f30O/qnB2G/CCEqc0Pu6O6oO7p7wdXtr2PvQDhpjc3G/XNgVX2dNXh94rg29JzsEt54sfO9uPX85e69rZ0nTzeebjzzvMWG+6XrLnmimk+jLFh7AABDKPPGmUp/dYzRydf1ZrPupytKmjh4JI1udZTUUapMsOJHHSUTE6dxEIdZ5bFuKSttL0lik8p2bGQSW72av/lFlq9+sarrR6kObBIq3yoZxFHqB6lsaRvIpPdVqO2KMnljm6hAt3XgpzqOpI17JlA1Ka1ShwJ1S0WpbuusGsnE6K5v1uTjOOx1lWwpGxidpHHRYX8sHbVj0827rY37YgMAcE0cvMHu7JVq2fTMrcY8RQAAMIBVGgAAAAAAAAAAAAAAAAAAAACA6+8c+//GXHGEENcgDSpULrvywXm/2PtXkM+470wArtp/AQAA//9YmqqZ") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180000005e0001008e57ce5bf9dbed56000000000000000003000000000000"], 0x18}], 0x1}, 0x0) r2 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r2, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) 2.190697602s ago: executing program 1 (id=1685): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r1, &(0x7f0000000240)=[{{&(0x7f00000007c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f0000000000)="53340081ba60ccbb9d000000000000", 0xf}], 0x2}}, {{&(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000780)="5825be06000000000000007ca2746314d1787b35", 0x14}, {&(0x7f0000000800)="696b487a92e473bb265f9a7a", 0xc}], 0x2}}], 0x2, 0x4004040) 2.096862845s ago: executing program 8 (id=1686): r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40) close_range(r2, 0xffffffffffffffff, 0x0) 1.592695746s ago: executing program 6 (id=1687): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@window={0x3, 0x7}, @sack_perm, @mss, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window, @window={0x3, 0x1, 0x9f}, @timestamp, @timestamp], 0x9) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 1.573789902s ago: executing program 7 (id=1688): r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) pwritev(r0, &(0x7f0000000980)=[{0x0}, {0x0}], 0x2, 0xfffeffff, 0xc) 1.4838284s ago: executing program 1 (id=1689): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)=""/161, 0xa1}], 0x1}}], 0x1, 0x2, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000400)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x1, 0x5c, 0x0, 0x0, 0x5, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "4bd5ffa8e842cdd19baeb25d342579f7e63d2d1e5317517e", "b1fe94141226cc71e718e86db665dd4fbd49b20523893e8724968b868600ac13"}}}}}}, 0x0) 1.388415805s ago: executing program 5 (id=1690): bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', 0xffffffffffffffff, 0x0, 0x8000000000000}, 0x9) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r1, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2}}, 0x10) 1.263073108s ago: executing program 8 (id=1691): mknod(0x0, 0x8001420, 0xffffffff) syz_io_uring_setup(0xbda, &(0x7f0000000100)={0x0, 0xec25, 0x8, 0x10000001, 0x40000333}, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0) syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000400)='./file0\x00', 0x800000, &(0x7f0000000040)=ANY=[@ANYBLOB="00fbfddc0bd5e8dee8d286b20b62086ce9b81b1660031b9dcba026117a79eba4a32d50e5c7b14c8e3f4d"], 0x1, 0x3ea, &(0x7f0000000c40)="$eJzs3M9OG0ccwPFZYleUSqhS1EAIh2nTAz3EWS/FyMppux6bSda7q5l1BKcqKhChQlo1qdRwabmkrdQ+RK59iL5R1L4B1f4xBWMw4U+Mou9HQjPe/c3Mb1bWjrxoVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEELdetOyLUUW9Vnixombh7yvl+f58dKU4ZVwgn+xOTk2K2ODR78//TnxSdzBSfZsRkVkyK3Y9uffzgZmWi3/6UhN6J5y93v32yvb3xw8DxytDMqrLy737u3WR39Toq0jbWXb+jpLaxbDYa7v2VtpVtHSq7ZlPVlYFRfhobuRB8IevN5qJUtbW4F3Vafqj6B5fvea7bkA9rifKNjaP7D2s2WNFhqKNOHpOdzmKWsy/iI53KVPldKTe3tjcWRyWZBdXPEuSNCvJcz6vXPa/eWGouLbtuxXM9eeSAO0AcazL+Ly3G65Lv4MD57ZfrPwAAAAAAeH85+TP27Pd/NX8O74i2DpU77rQAAAAAAMAlyv/zP5MV1aw2Kxx+/wMAAAAA8L757fAeuw+H7bGzyab4+x9hTNXZS1Y/d3b8LNzfEZW83Y3BHtP2nDNddpIXjUr5KVDzzu0i6HY/+k1ZbI7a6+ccS6AceTCBYofd/s9DEhB/iLkiaG69KNf7Z4pRpto6VLUgDh/Uhe9PT6RqNf3x2dZPIp/+71F32hGbW9sbtW++217Pc9nLetnbKTdQHNtHcfLFEC8O9j0On3E1fxBTjjtVjOsenv9E0XziLcZ8Je4UMXeminLq6PwnszHrtZNmX2ZRv+DMX4n5ImZ+4W5W3F0YkoU3KgvvcBbnuhZnyGJxVBaLF8wCAMZlc8Qq5Bxf+M9xl7u81f30O/qnB2G/CCEqc0Pu6O6oO7p7wdXtr2PvQDhpjc3G/XNgVX2dNXh94rg29JzsEt54sfO9uPX85e69rZ0nTzeebjzzvMWG+6XrLnmimk+jLFh7AABDKPPGmUp/dYzRydf1ZrPupytKmjh4JI1udZTUUapMsOJHHSUTE6dxEIdZ5bFuKSttL0lik8p2bGQSW72av/lFlq9+sarrR6kObBIq3yoZxFHqB6lsaRvIpPdVqO2KMnljm6hAt3XgpzqOpI17JlA1Ka1ShwJ1S0WpbuusGsnE6K5v1uTjOOx1lWwpGxidpHHRYX8sHbVj0827rY37YgMAcE0cvMHu7JVq2fTMrcY8RQAAMIBVGgAAAAAAAAAAAAAAAAAAAACA6+8c+//GXHGEENcgDSpULrvywXm/2PtXkM+470wArtp/AQAA//9YmqqZ") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180000005e0001008e57ce5bf9dbed56000000000000000003000000000000"], 0x18}], 0x1}, 0x0) r2 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r2, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) 1.199561558s ago: executing program 6 (id=1692): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x18) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) write$binfmt_script(r2, 0x0, 0xd9) 1.009003925s ago: executing program 7 (id=1693): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0xedc623580215bdcd, 0x12, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010c30000000003000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608000000000000180000000000000000000000000010009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94) 858.921381ms ago: executing program 5 (id=1694): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0) mount$bind(0x0, 0x0, 0x0, 0x803400, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) 774.294939ms ago: executing program 8 (id=1695): r0 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x894) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 616.684774ms ago: executing program 6 (id=1696): ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x7, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400080000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4004055}, 0x2) 473.080346ms ago: executing program 7 (id=1697): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000080)=@ethtool_regs={0x12}}) 262.537734ms ago: executing program 1 (id=1698): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000002500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) syz_emit_ethernet(0x7e, &(0x7f00000023c0)=ANY=[], 0x0) 188.944887ms ago: executing program 8 (id=1699): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffffff}, [@printk={@s}, @call={0x85, 0x0, 0x0, 0x7d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x2, 0x4}, 0x50) 188.585668ms ago: executing program 5 (id=1700): mknod(0x0, 0x8001420, 0xffffffff) syz_io_uring_setup(0xbda, &(0x7f0000000100)={0x0, 0xec25, 0x8, 0x10000001, 0x40000333}, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0) syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000400)='./file0\x00', 0x800000, &(0x7f0000000040)=ANY=[@ANYBLOB="00fbfddc0bd5e8dee8d286b20b62086ce9b81b1660031b9dcba026117a79eba4a32d50e5c7b14c8e3f4d"], 0x1, 0x3ea, &(0x7f0000000c40)="$eJzs3M9OG0ccwPFZYleUSqhS1EAIh2nTAz3EWS/FyMppux6bSda7q5l1BKcqKhChQlo1qdRwabmkrdQ+RK59iL5R1L4B1f4xBWMw4U+Mou9HQjPe/c3Mb1bWjrxoVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEELdetOyLUUW9Vnixombh7yvl+f58dKU4ZVwgn+xOTk2K2ODR78//TnxSdzBSfZsRkVkyK3Y9uffzgZmWi3/6UhN6J5y93v32yvb3xw8DxytDMqrLy737u3WR39Toq0jbWXb+jpLaxbDYa7v2VtpVtHSq7ZlPVlYFRfhobuRB8IevN5qJUtbW4F3Vafqj6B5fvea7bkA9rifKNjaP7D2s2WNFhqKNOHpOdzmKWsy/iI53KVPldKTe3tjcWRyWZBdXPEuSNCvJcz6vXPa/eWGouLbtuxXM9eeSAO0AcazL+Ly3G65Lv4MD57ZfrPwAAAAAAeH85+TP27Pd/NX8O74i2DpU77rQAAAAAAMAlyv/zP5MV1aw2Kxx+/wMAAAAA8L757fAeuw+H7bGzyab4+x9hTNXZS1Y/d3b8LNzfEZW83Y3BHtP2nDNddpIXjUr5KVDzzu0i6HY/+k1ZbI7a6+ccS6AceTCBYofd/s9DEhB/iLkiaG69KNf7Z4pRpto6VLUgDh/Uhe9PT6RqNf3x2dZPIp/+71F32hGbW9sbtW++217Pc9nLetnbKTdQHNtHcfLFEC8O9j0On3E1fxBTjjtVjOsenv9E0XziLcZ8Je4UMXeminLq6PwnszHrtZNmX2ZRv+DMX4n5ImZ+4W5W3F0YkoU3KgvvcBbnuhZnyGJxVBaLF8wCAMZlc8Qq5Bxf+M9xl7u81f30O/qnB2G/CCEqc0Pu6O6oO7p7wdXtr2PvQDhpjc3G/XNgVX2dNXh94rg29JzsEt54sfO9uPX85e69rZ0nTzeebjzzvMWG+6XrLnmimk+jLFh7AABDKPPGmUp/dYzRydf1ZrPupytKmjh4JI1udZTUUapMsOJHHSUTE6dxEIdZ5bFuKSttL0lik8p2bGQSW72av/lFlq9+sarrR6kObBIq3yoZxFHqB6lsaRvIpPdVqO2KMnljm6hAt3XgpzqOpI17JlA1Ka1ShwJ1S0WpbuusGsnE6K5v1uTjOOx1lWwpGxidpHHRYX8sHbVj0827rY37YgMAcE0cvMHu7JVq2fTMrcY8RQAAMIBVGgAAAAAAAAAAAAAAAAAAAACA6+8c+//GXHGEENcgDSpULrvywXm/2PtXkM+470wArtp/AQAA//9YmqqZ") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180000005e0001008e57ce5bf9dbed56000000000000000003000000000000"], 0x18}], 0x1}, 0x0) r2 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) r3 = dup(r2) fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) 64.168142ms ago: executing program 6 (id=1701): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000040)="b90103606989068c3c270040f0832f", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 0s ago: executing program 7 (id=1702): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@window={0x3, 0x7}, @sack_perm, @mss, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window, @window={0x3, 0x1, 0x9f}, @timestamp, @timestamp], 0x9) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) kernel console output (not intermixed with test programs): ce number 13 [ 423.953310][ T5854] usb usb1-port1: attempt power cycle [ 424.301664][ T5854] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 424.332099][ T5854] usb 1-1: device descriptor read/8, error -71 [ 424.571804][ T5854] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 424.629143][ T5854] usb 1-1: device descriptor read/8, error -71 [ 424.750021][ T5854] usb usb1-port1: unable to enumerate USB device [ 426.238287][ T7973] random: crng reseeded on system resumption [ 427.057499][ T5854] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 427.300112][ T5854] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 427.312254][ T5854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 427.324212][ T5854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 427.334875][ T5854] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 427.395830][ T5854] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 427.405766][ T5854] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 427.414281][ T5854] usb 4-1: Manufacturer: syz [ 427.429736][ T5854] usb 4-1: config 0 descriptor?? [ 427.448631][ T7989] mkiss: ax0: crc mode is auto. [ 427.867837][ T5854] appleir 0003:05AC:8243.000B: unknown main item tag 0x0 [ 428.233551][ T5854] appleir 0003:05AC:8243.000B: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 428.372351][ T7993] netlink: 36 bytes leftover after parsing attributes in process `syz.5.611'. [ 429.748732][ T7998] bridge_slave_0: left allmulticast mode [ 429.754754][ T7998] bridge_slave_0: left promiscuous mode [ 429.761894][ T7998] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.848156][ T7991] sg_write: process 123 (syz.6.610) changed security contexts after opening file descriptor, this is not allowed. [ 430.028106][ T7998] bridge_slave_1: left allmulticast mode [ 430.034147][ T7998] bridge_slave_1: left promiscuous mode [ 430.040856][ T7998] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.285910][ T7998] bond0: (slave bond_slave_0): Releasing backup interface [ 430.308700][ T7998] bond0: (slave bond_slave_1): Releasing backup interface [ 430.426190][ T42] usb 4-1: USB disconnect, device number 13 [ 430.518889][ T8000] fido_id[8000]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 430.624210][ T8006] netlink: 4 bytes leftover after parsing attributes in process `syz.5.611'. [ 430.732234][ T7998] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 430.743364][ T7998] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 430.844505][ T7998] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 430.852636][ T7998] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 430.890465][ T7998] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 433.525272][ T8029] random: crng reseeded on system resumption [ 436.174385][ T8061] loop6: detected capacity change from 0 to 1024 [ 436.272665][ T5854] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 436.557326][ T5854] usb 6-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 436.567023][ T5854] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 436.575458][ T5854] usb 6-1: Product: syz [ 436.581314][ T5854] usb 6-1: Manufacturer: syz [ 436.586102][ T5854] usb 6-1: SerialNumber: syz [ 437.251791][ T8069] random: crng reseeded on system resumption [ 437.461559][ T50] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 437.461662][ T5092] Bluetooth: hci2: command 0x0406 tx timeout [ 437.701970][ T5854] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 437.716941][ T5854] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 437.727440][ T5854] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 437.758717][ T5854] lan78xx 6-1:1.0: probe with driver lan78xx failed with error -71 [ 437.868711][ T5854] usb 6-1: USB disconnect, device number 14 [ 440.834669][ T8095] netlink: 36 bytes leftover after parsing attributes in process `syz.6.647'. [ 441.730548][ T8109] bridge_slave_0: left allmulticast mode [ 441.737114][ T8109] bridge_slave_0: left promiscuous mode [ 441.743667][ T8109] bridge0: port 1(bridge_slave_0) entered disabled state [ 441.925693][ T8109] bridge_slave_1: left allmulticast mode [ 441.931821][ T8109] bridge_slave_1: left promiscuous mode [ 441.938597][ T8109] bridge0: port 2(bridge_slave_1) entered disabled state [ 442.199239][ T8109] bond0: (slave bond_slave_0): Releasing backup interface [ 442.448771][ T8109] bond0: (slave bond_slave_1): Releasing backup interface [ 442.580173][ T8116] netlink: 4 bytes leftover after parsing attributes in process `syz.6.647'. [ 442.593861][ T8109] team0: Port device team_slave_0 removed [ 442.850681][ T8109] team0: Port device team_slave_1 removed [ 442.862697][ T8109] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 442.870274][ T8109] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 443.419728][ T8109] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 443.436454][ T8109] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 443.531914][ T8109] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 444.181236][ T50] Bluetooth: hci2: command 0x0406 tx timeout [ 444.182211][ T5092] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 447.730854][ T8145] syz_tun: entered allmulticast mode [ 447.896680][ T8148] loop6: detected capacity change from 0 to 512 [ 447.989187][ T8148] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 448.002444][ T8148] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 448.104424][ T8150] tipc: Enabled bearer , priority 0 [ 448.159243][ T8154] syzkaller0: entered promiscuous mode [ 448.165680][ T8154] syzkaller0: entered allmulticast mode [ 448.181247][ T30] audit: type=1800 audit(1761381086.214:76): pid=8148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.663" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 448.277471][ T8150] tipc: Resetting bearer [ 448.337664][ T8147] tipc: Resetting bearer [ 448.404929][ T8147] tipc: Disabling bearer [ 448.485734][ T8157] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 449.193508][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.505610][ T8170] overlayfs: missing 'workdir' [ 451.242736][ T8182] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 451.594765][ T8185] tipc: Enabled bearer , priority 0 [ 451.635427][ T8185] syzkaller0: entered promiscuous mode [ 451.641404][ T8185] syzkaller0: entered allmulticast mode [ 451.726852][ T8185] tipc: Resetting bearer [ 451.840206][ T8184] tipc: Resetting bearer [ 451.863679][ T8191] loop6: detected capacity change from 0 to 512 [ 451.883915][ T8184] tipc: Disabling bearer [ 452.105836][ T8191] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 452.119024][ T8191] ext4 filesystem being mounted at /62/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 452.304562][ T30] audit: type=1800 audit(1761381090.334:77): pid=8191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.681" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 453.084220][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 454.710688][ T8221] tipc: Started in network mode [ 454.716024][ T8221] tipc: Node identity 02f7f180b5cf, cluster identity 4711 [ 454.724530][ T8221] tipc: Enabled bearer , priority 0 [ 455.158450][ T8224] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 455.294942][ T8221] syzkaller0: mtu less than device minimum [ 455.493488][ T8220] tipc: Disabling bearer [ 456.975885][ T8229] tipc: Enabled bearer , priority 0 [ 457.135326][ T8229] syzkaller0: entered promiscuous mode [ 457.142096][ T8229] syzkaller0: entered allmulticast mode [ 457.407960][ T8229] tipc: Resetting bearer [ 457.485577][ T8227] tipc: Resetting bearer [ 457.564977][ T8227] tipc: Disabling bearer [ 458.767894][ T8236] loop1: detected capacity change from 0 to 512 [ 458.990062][ T8236] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 459.005926][ T8236] ext4 filesystem being mounted at /157/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 459.216731][ T30] audit: type=1800 audit(1761381097.214:78): pid=8236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.699" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 459.462686][ T2034] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 459.686849][ T2034] usb 2-1: Using ep0 maxpacket: 32 [ 460.764764][ T2034] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 460.776049][ T2034] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 460.786265][ T2034] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 460.795718][ T2034] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 461.015244][ T8258] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 461.770442][ T2034] usb 2-1: config 0 descriptor?? [ 462.246060][ T2034] usb 2-1: can't set config #0, error -71 [ 462.269646][ T2034] usb 2-1: USB disconnect, device number 11 [ 462.336855][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 464.434865][ T8292] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 464.747110][ T5092] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 464.822584][ T5092] Bluetooth: hci2: command 0x0406 tx timeout [ 464.870440][ T8296] loop6: detected capacity change from 0 to 512 [ 465.070194][ T8296] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 465.083754][ T8296] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 465.264107][ T8308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.725'. [ 465.300296][ T30] audit: type=1800 audit(1761381103.324:79): pid=8296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.722" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 465.302143][ T8308] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 465.320960][ C1] vkms_vblank_simulate: vblank timer overrun [ 465.541798][ T42] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 465.751632][ T42] usb 7-1: Using ep0 maxpacket: 32 [ 465.785143][ T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 465.796646][ T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 465.806956][ T42] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 465.817147][ T42] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 465.886821][ T42] usb 7-1: config 0 descriptor?? [ 466.360228][ T42] savu 0003:1E7D:2D5A.000C: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0 [ 466.627039][ T8323] netlink: 36 bytes leftover after parsing attributes in process `syz.1.729'. [ 466.672854][ T42] usb 7-1: USB disconnect, device number 4 [ 466.914331][ T8329] batman_adv: batadv0: Interface deactivated: dummy0 [ 466.925281][ T8329] batman_adv: batadv0: Removing interface: dummy0 [ 466.975863][ T8329] bridge_slave_0: left allmulticast mode [ 466.982260][ T8329] bridge_slave_0: left promiscuous mode [ 466.991674][ T8329] bridge0: port 1(bridge_slave_0) entered disabled state [ 467.087525][ T8324] fido_id[8324]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 467.107354][ T8329] bridge_slave_1: left allmulticast mode [ 467.113511][ T8329] bridge_slave_1: left promiscuous mode [ 467.120240][ T8329] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.323407][ T8332] netlink: 64 bytes leftover after parsing attributes in process `syz.0.732'. [ 467.366659][ T8329] bond0: (slave bond_slave_0): Releasing backup interface [ 467.483159][ T8329] bond0: (slave bond_slave_1): Releasing backup interface [ 467.565856][ T8329] team0: Port device team_slave_0 removed [ 467.580669][ T8336] netlink: 4 bytes leftover after parsing attributes in process `syz.1.729'. [ 467.593849][ T8329] team0: Port device team_slave_1 removed [ 467.607207][ T8329] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 467.614979][ T8329] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 467.784160][ T8329] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 467.791889][ T8329] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 467.875475][ T8329] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 467.951443][ T5092] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 467.958870][ T5092] Bluetooth: hci2: command 0x0406 tx timeout [ 467.979386][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.779391][ T8342] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 470.241377][ T8355] mkiss: ax0: crc mode is auto. [ 470.305977][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 470.312967][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 470.393835][ T8355] Falling back ldisc for ttyS3. [ 470.474595][ T2034] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 470.765405][ T2034] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 470.775033][ T2034] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 470.784787][ T2034] usb 7-1: Product: syz [ 470.789558][ T2034] usb 7-1: Manufacturer: syz [ 470.794572][ T2034] usb 7-1: SerialNumber: syz [ 472.075960][ T2034] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 472.088602][ T2034] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 472.098957][ T2034] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 472.282855][ T2034] lan78xx 7-1:1.0: probe with driver lan78xx failed with error -71 [ 472.357142][ T5092] Bluetooth: hci3: command 0x0406 tx timeout [ 472.522415][ T2034] usb 7-1: USB disconnect, device number 5 [ 472.647901][ T8369] netlink: 64 bytes leftover after parsing attributes in process `syz.3.745'. [ 473.015537][ T8357] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 473.015537][ T8357] program syz.1.740 not setting count and/or reply_len properly [ 473.642820][ T8375] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 473.740198][ T8379] ip6t_srh: unknown srh invflags 4000 [ 474.600676][ T8386] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 474.610116][ T8386] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 475.848880][ T8397] netlink: 64 bytes leftover after parsing attributes in process `syz.3.758'. [ 477.576110][ T8405] tipc: Started in network mode [ 477.582134][ T8405] tipc: Node identity ba5e44e36a5c, cluster identity 4711 [ 477.592135][ T8405] tipc: Enabled bearer , priority 0 [ 477.626471][ T8405] syzkaller0: entered promiscuous mode [ 477.632538][ T8405] syzkaller0: entered allmulticast mode [ 477.795602][ T8405] tipc: Resetting bearer [ 477.917679][ T8404] tipc: Resetting bearer [ 478.030400][ T8413] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 478.031324][ T8404] tipc: Disabling bearer [ 479.361952][ T8418] loop0: detected capacity change from 0 to 512 [ 479.544042][ T8418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 479.557378][ T8418] ext4 filesystem being mounted at /164/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 479.623173][ T30] audit: type=1800 audit(1761381117.664:80): pid=8418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.765" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 479.779736][ T8420] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 479.902884][ T2034] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 480.126117][ T2034] usb 1-1: Using ep0 maxpacket: 32 [ 480.174172][ T2034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 480.186072][ T2034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 480.196903][ T2034] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 480.206576][ T2034] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 480.363383][ T8425] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 480.365024][ T2034] usb 1-1: config 0 descriptor?? [ 480.372512][ T8425] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 481.005797][ T2034] savu 0003:1E7D:2D5A.000D: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 481.032529][ T8432] netlink: 64 bytes leftover after parsing attributes in process `syz.3.770'. [ 481.260693][ T1866] usb 1-1: USB disconnect, device number 15 [ 481.680332][ T8433] fido_id[8433]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 482.097603][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.234011][ T8443] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 482.443050][ T8445] tipc: Enabled bearer , priority 0 [ 482.492712][ T8445] syzkaller0: entered promiscuous mode [ 482.498401][ T8445] syzkaller0: entered allmulticast mode [ 482.649941][ T8445] tipc: Resetting bearer [ 482.735611][ T8444] tipc: Resetting bearer [ 482.778738][ T8444] tipc: Disabling bearer [ 484.872007][ T8475] loop6: detected capacity change from 0 to 512 [ 485.055076][ T8475] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 485.068474][ T8475] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 485.089740][ T8481] tipc: Enabled bearer , priority 0 [ 485.099668][ T8481] syzkaller0: entered promiscuous mode [ 485.105612][ T8481] syzkaller0: entered allmulticast mode [ 485.137032][ T8481] tipc: Resetting bearer [ 485.149600][ T8480] tipc: Resetting bearer [ 485.169847][ T8480] tipc: Disabling bearer [ 485.260231][ T8484] Bluetooth: hci0: invalid length 0, exp 2 for type 24 [ 485.286010][ T30] audit: type=1800 audit(1761381123.324:81): pid=8475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.788" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 485.551690][ T2034] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 485.761658][ T2034] usb 7-1: Using ep0 maxpacket: 32 [ 485.803324][ T2034] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 485.814798][ T2034] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 485.825361][ T2034] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 485.836119][ T2034] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.953898][ T2034] usb 7-1: config 0 descriptor?? [ 486.586654][ T2034] savu 0003:1E7D:2D5A.000E: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0 [ 486.743649][ T2034] usb 7-1: USB disconnect, device number 6 [ 488.339883][ T8502] fido_id[8502]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 488.515523][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.492913][ T50] Bluetooth: hci1: unexpected event 0x03 length: 1 < 11 [ 491.316314][ T8530] 9pnet_virtio: no channels available for device syz [ 493.648537][ T8540] loop0: detected capacity change from 0 to 512 [ 494.275748][ T8540] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 494.289448][ T8540] ext4 filesystem being mounted at /173/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 494.591616][ T30] audit: type=1800 audit(1761381132.634:82): pid=8540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.811" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 494.824723][ T5440] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 495.052335][ T5440] usb 1-1: Using ep0 maxpacket: 32 [ 495.083441][ T5440] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 495.094918][ T5440] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 495.105154][ T5440] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 495.115308][ T5440] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.264157][ T5440] usb 1-1: config 0 descriptor?? [ 495.626242][ T8557] tipc: Started in network mode [ 495.631984][ T8557] tipc: Node identity 4aa83f94e4d2, cluster identity 4711 [ 495.640625][ T8557] tipc: Enabled bearer , priority 0 [ 495.753798][ T8557] syzkaller0: mtu less than device minimum [ 495.816634][ T5440] savu 0003:1E7D:2D5A.000F: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 495.869550][ T8556] tipc: Disabling bearer [ 496.056950][ T5440] usb 1-1: USB disconnect, device number 16 [ 496.846510][ T8564] EXT4-fs (nbd3): unable to read superblock [ 497.208008][ T30] audit: type=1326 audit(1761381134.964:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8560 comm="syz.3.818" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ffc0000 [ 497.230700][ T30] audit: type=1326 audit(1761381134.964:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8560 comm="syz.3.818" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x7ffc0000 [ 497.253333][ T30] audit: type=1326 audit(1761381134.974:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8560 comm="syz.3.818" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70dd539 code=0x7ffc0000 [ 498.336294][ T8562] fido_id[8562]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 498.614640][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.684083][ T8580] syzkaller0: entered promiscuous mode [ 498.689764][ T8580] syzkaller0: entered allmulticast mode [ 499.015559][ T8577] tipc: Enabled bearer , priority 0 [ 499.472070][ T8573] tipc: Resetting bearer [ 499.649480][ T8573] tipc: Disabling bearer [ 501.137389][ T8605] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 501.471843][ T8608] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 501.631605][ T8610] loop0: detected capacity change from 0 to 512 [ 501.870888][ T8610] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 501.884620][ T8610] ext4 filesystem being mounted at /176/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 502.489182][ T2034] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 502.873435][ T2034] usb 1-1: Using ep0 maxpacket: 32 [ 502.924019][ T2034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 502.930337][ T8624] tipc: Enabled bearer , priority 0 [ 502.938390][ T2034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 502.955890][ T2034] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 502.965390][ T2034] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 503.015205][ T8624] syzkaller0: entered promiscuous mode [ 503.021254][ T8624] syzkaller0: entered allmulticast mode [ 503.094171][ T2034] usb 1-1: config 0 descriptor?? [ 503.153804][ T8623] tipc: Resetting bearer [ 503.221953][ T8623] tipc: Disabling bearer [ 503.643534][ T2034] savu 0003:1E7D:2D5A.0010: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 503.839499][ T8634] tipc: Enabled bearer , priority 0 [ 503.899260][ T8633] syzkaller0: entered promiscuous mode [ 503.905223][ T8633] syzkaller0: entered allmulticast mode [ 503.936309][ T2034] usb 1-1: USB disconnect, device number 17 [ 504.135798][ T8633] syzkaller0: mtu less than device minimum [ 504.264577][ T8632] tipc: Resetting bearer [ 504.385899][ T8632] tipc: Disabling bearer [ 504.825660][ T8641] fido_id[8641]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 504.915076][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.105913][ T8662] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 507.114551][ T8662] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 508.794057][ T8678] EXT4-fs (nbd1): unable to read superblock [ 509.082051][ T30] audit: type=1326 audit(1761381146.914:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8674 comm="syz.1.853" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d539 code=0x7ffc0000 [ 509.104770][ T30] audit: type=1326 audit(1761381146.914:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8674 comm="syz.1.853" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d539 code=0x7ffc0000 [ 509.127023][ T30] audit: type=1326 audit(1761381146.924:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8674 comm="syz.1.853" exe="/root/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf701d539 code=0x7ffc0000 [ 511.199211][ T8687] loop0: detected capacity change from 0 to 512 [ 511.289006][ T8690] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 511.298346][ T8690] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 511.356275][ T1866] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 511.424135][ T8687] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 511.439886][ T8687] ext4 filesystem being mounted at /179/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 511.547005][ T1866] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 511.559443][ T1866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 511.569616][ T1866] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 511.696446][ T1866] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 511.708847][ T1866] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 511.717351][ T1866] usb 2-1: Manufacturer: syz [ 511.756491][ T2034] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 511.811833][ T1866] usb 2-1: config 0 descriptor?? [ 511.875176][ T1866] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 511.971909][ T2034] usb 1-1: Using ep0 maxpacket: 32 [ 512.044169][ T2034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 512.057076][ T2034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 512.067649][ T2034] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 512.077089][ T2034] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 512.208537][ T2034] usb 1-1: config 0 descriptor?? [ 512.692509][ T2034] savu 0003:1E7D:2D5A.0011: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 513.048896][ T2034] usb 1-1: USB disconnect, device number 18 [ 513.061902][ T8712] usb 1-1: string descriptor 0 read error: -19 [ 513.287479][ T8711] fido_id[8711]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 513.928845][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 514.427913][ T8730] 9pnet_fd: Insufficient options for proto=fd [ 514.501627][ T2034] usb 2-1: USB disconnect, device number 12 [ 516.429242][ T8752] loop1: detected capacity change from 0 to 512 [ 516.545787][ T8752] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 516.561624][ T8752] ext4 filesystem being mounted at /188/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 516.911590][ T2034] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 517.141537][ T2034] usb 2-1: Using ep0 maxpacket: 32 [ 517.155140][ T2034] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 517.168248][ T2034] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 517.178849][ T2034] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 517.188233][ T2034] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.315463][ T2034] usb 2-1: config 0 descriptor?? [ 517.461593][ T1866] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 517.651332][ T1866] usb 6-1: Using ep0 maxpacket: 8 [ 517.734183][ T1866] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 517.744729][ T1866] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 517.857074][ T1866] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 517.866657][ T1866] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 517.875067][ T1866] usb 6-1: Product: syz [ 517.879428][ T1866] usb 6-1: Manufacturer: syz [ 517.886671][ T1866] usb 6-1: SerialNumber: syz [ 517.899990][ T1866] usb 6-1: config 0 descriptor?? [ 517.948495][ T2034] savu 0003:1E7D:2D5A.0012: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 519.244144][ T1866] usb 2-1: USB disconnect, device number 13 [ 521.197097][ T1866] usb 6-1: USB disconnect, device number 15 [ 521.213765][ T8779] fido_id[8779]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 521.705908][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 523.750340][ T8804] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 523.760337][ T8804] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 524.254614][ T1866] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 524.261402][ T2034] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 524.473026][ T2034] usb 1-1: Using ep0 maxpacket: 8 [ 524.486306][ T2034] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 524.494333][ T1866] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 524.495450][ T2034] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 524.504207][ T1866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 524.514169][ T2034] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 524.522425][ T1866] usb 4-1: Product: syz [ 524.532324][ T2034] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 524.536521][ T1866] usb 4-1: Manufacturer: syz [ 524.548285][ T2034] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 524.548514][ T2034] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 524.548658][ T2034] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 524.553787][ T1866] usb 4-1: SerialNumber: syz [ 524.681622][ T5440] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 524.913767][ T5440] usb 7-1: Using ep0 maxpacket: 8 [ 524.935139][ T2034] usb 1-1: GET_CAPABILITIES returned 0 [ 524.941309][ T2034] usbtmc 1-1:16.0: can't read capabilities [ 524.975331][ T5440] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 525.068966][ T5440] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 525.078961][ T5440] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.087422][ T5440] usb 7-1: Product: syz [ 525.091892][ T5440] usb 7-1: Manufacturer: syz [ 525.096672][ T5440] usb 7-1: SerialNumber: syz [ 525.143457][ T1866] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 525.159433][ T1866] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 525.170661][ T1866] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 525.272170][ T5440] usb 7-1: config 0 descriptor?? [ 525.309561][ T1866] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 525.309712][ T2034] usb 1-1: USB disconnect, device number 19 [ 525.353916][ T8824] fuse: Bad value for 'fd' [ 525.473791][ T1866] usb 4-1: USB disconnect, device number 14 [ 527.212750][ T2034] usb 7-1: USB disconnect, device number 7 [ 527.882052][ T8850] binder: 8849:8850 ioctl 4018620d 0 returned -22 [ 528.631447][ T2034] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 528.957983][ T2034] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 528.968043][ T2034] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 528.976921][ T2034] usb 7-1: Product: syz [ 528.981302][ T2034] usb 7-1: Manufacturer: syz [ 528.985992][ T2034] usb 7-1: SerialNumber: syz [ 530.117991][ T2034] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 530.130795][ T2034] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 530.141428][ T2034] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 530.196083][ T2034] lan78xx 7-1:1.0: probe with driver lan78xx failed with error -71 [ 530.314496][ T2034] usb 7-1: USB disconnect, device number 8 [ 530.521696][ T5440] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 530.741376][ T5440] usb 1-1: Using ep0 maxpacket: 8 [ 530.799801][ T5440] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 530.891609][ T5440] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 530.901178][ T5440] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 530.909392][ T5440] usb 1-1: Product: syz [ 530.914556][ T5440] usb 1-1: Manufacturer: syz [ 530.919346][ T5440] usb 1-1: SerialNumber: syz [ 531.026976][ T5440] usb 1-1: config 0 descriptor?? [ 531.736568][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 531.743996][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 535.165749][ T1866] usb 1-1: USB disconnect, device number 20 [ 535.922940][ T8910] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 535.947787][ T8915] netlink: 36 bytes leftover after parsing attributes in process `syz.0.941'. [ 536.263522][ T1866] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 538.570363][ T8920] team0: No ports can be present during mode change [ 538.631841][ T8920] netlink: 4 bytes leftover after parsing attributes in process `syz.0.941'. [ 538.747762][ T1866] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 538.757415][ T1866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 538.765953][ T1866] usb 4-1: Product: syz [ 538.770311][ T1866] usb 4-1: Manufacturer: syz [ 538.777396][ T1866] usb 4-1: SerialNumber: syz [ 539.009306][ T8920] team0 (unregistering): Port device team_slave_0 removed [ 539.035492][ T8920] team0 (unregistering): Port device team_slave_1 removed [ 539.567370][ T1866] usb 4-1: can't set config #1, error -71 [ 539.692415][ T1866] usb 4-1: USB disconnect, device number 15 [ 542.283210][ T8956] tipc: Enabling of bearer rejected, failed to enable media [ 542.772095][ T1866] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 545.122745][ T1866] usb 1-1: Using ep0 maxpacket: 8 [ 545.401766][ T8925] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 545.511606][ T1866] usb 1-1: device descriptor read/all, error -71 [ 545.593656][ T8925] usb 6-1: Using ep0 maxpacket: 32 [ 545.631302][ T8925] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 545.643207][ T8925] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 545.656625][ T8925] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 545.666940][ T8925] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 545.770310][ T8925] usb 6-1: config 0 descriptor?? [ 546.251533][ T8925] savu 0003:1E7D:2D5A.0013: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0 [ 546.381316][ T1866] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 546.646693][ T2034] usb 6-1: USB disconnect, device number 16 [ 547.241596][ T1866] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 547.250889][ T1866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 547.262260][ T1866] usb 1-1: Product: syz [ 547.266597][ T1866] usb 1-1: Manufacturer: syz [ 547.273617][ T1866] usb 1-1: SerialNumber: syz [ 548.342019][ T1866] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 548.354416][ T1866] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 548.364365][ T1866] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 548.471806][ T1866] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71 [ 548.541846][ T30] audit: type=1326 audit(1761381186.564:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d539 code=0x7ffc0000 [ 548.565087][ T30] audit: type=1326 audit(1761381186.564:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d539 code=0x7ffc0000 [ 548.587542][ T30] audit: type=1326 audit(1761381186.564:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8985 comm="syz.1.961" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf701d539 code=0x7ffc0000 [ 548.637776][ T8988] netlink: 36 bytes leftover after parsing attributes in process `syz.5.962'. [ 548.673766][ T1866] usb 1-1: USB disconnect, device number 22 [ 548.884691][ T8990] workqueue: Failed to create a rescuer kthread for wq "xfs-reclaim/nullb0": -EINTR [ 549.006335][ T8984] fido_id[8984]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 551.181697][ T9000] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nullb0": -EINTR [ 551.592752][ T30] audit: type=1326 audit(1761381187.794:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8991 comm="syz.6.963" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 551.624544][ T30] audit: type=1326 audit(1761381187.804:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8991 comm="syz.6.963" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 551.646761][ T30] audit: type=1326 audit(1761381187.804:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8991 comm="syz.6.963" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 553.562606][ T9011] tipc: Enabling of bearer rejected, failed to enable media [ 555.372297][ T9031] loop1: detected capacity change from 0 to 512 [ 555.464890][ T9031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 555.478606][ T9031] ext4 filesystem being mounted at /207/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 555.649318][ T30] audit: type=1800 audit(1761381193.684:95): pid=9031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.972" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 555.804157][ T9043] tipc: Enabled bearer , priority 0 [ 555.820355][ T9043] syzkaller0: entered promiscuous mode [ 555.829620][ T9043] syzkaller0: entered allmulticast mode [ 555.986100][ T9043] tipc: Resetting bearer [ 556.015795][ T8925] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 556.055680][ T9041] tipc: Resetting bearer [ 556.103791][ T9041] tipc: Disabling bearer [ 556.197239][ T8925] usb 2-1: Using ep0 maxpacket: 32 [ 556.230500][ T8925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 556.242621][ T8925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 556.252971][ T8925] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 556.262603][ T8925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 556.376519][ T8925] usb 2-1: config 0 descriptor?? [ 556.454800][ T9048] blktrace: Concurrent blktraces are not allowed on nullb0 [ 556.925515][ T8925] savu 0003:1E7D:2D5A.0014: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 557.212791][ T8925] usb 2-1: USB disconnect, device number 14 [ 557.718644][ T9057] fido_id[9057]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 558.214821][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 558.717807][ T9071] netlink: 36 bytes leftover after parsing attributes in process `syz.1.986'. [ 559.078447][ T9077] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 559.770295][ T9073] netlink: 4 bytes leftover after parsing attributes in process `syz.1.986'. [ 561.813207][ T9104] loop3: detected capacity change from 0 to 512 [ 562.073531][ T9104] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 562.086914][ T9104] ext4 filesystem being mounted at /202/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 562.314001][ T30] audit: type=1800 audit(1761381200.354:96): pid=9104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.996" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 562.601574][ T8925] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 563.136737][ T8925] usb 4-1: Using ep0 maxpacket: 32 [ 563.657595][ T8925] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 563.669185][ T8925] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 563.679421][ T8925] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 563.689403][ T8925] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 563.855458][ T8925] usb 4-1: config 0 descriptor?? [ 565.603658][ T8925] usbhid 4-1:0.0: can't add hid device: -71 [ 565.610276][ T8925] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 565.750854][ T8925] usb 4-1: USB disconnect, device number 16 [ 565.752476][ T5796] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.553949][ T9139] tipc: Enabled bearer , priority 0 [ 566.615062][ T9139] syzkaller0: entered promiscuous mode [ 566.620764][ T9139] syzkaller0: entered allmulticast mode [ 566.710682][ T9143] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1010'. [ 566.760877][ T9137] tipc: Resetting bearer [ 566.796307][ T9137] tipc: Disabling bearer [ 567.229732][ T9149] netlink: 'syz.3.1011': attribute type 1 has an invalid length. [ 567.995987][ T9157] loop1: detected capacity change from 0 to 512 [ 568.344056][ T9157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.357337][ T9157] ext4 filesystem being mounted at /213/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 568.493003][ T30] audit: type=1800 audit(1761381206.504:97): pid=9157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1016" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 568.734865][ T8925] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 568.932124][ T8925] usb 2-1: Using ep0 maxpacket: 32 [ 568.956557][ T8925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 568.967887][ T8925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 568.978101][ T8925] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 568.988929][ T9173] tipc: Enabled bearer , priority 0 [ 568.992494][ T9173] syzkaller0: entered promiscuous mode [ 568.996997][ T8925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 569.002800][ T9173] syzkaller0: entered allmulticast mode [ 569.152320][ T8925] usb 2-1: config 0 descriptor?? [ 569.170768][ T9172] tipc: Resetting bearer [ 569.282744][ T9172] tipc: Disabling bearer [ 569.673671][ T8925] savu 0003:1E7D:2D5A.0015: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 569.787714][ T9183] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 570.000770][ T2034] usb 2-1: USB disconnect, device number 15 [ 570.466395][ T9183] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1025'. [ 570.854327][ T9186] fido_id[9186]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 570.899386][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.092973][ T9221] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1038'. [ 573.686576][ T9225] loop3: detected capacity change from 0 to 512 [ 573.868127][ T9225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 573.881571][ T9225] ext4 filesystem being mounted at /211/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 574.046876][ T30] audit: type=1800 audit(1761381212.084:98): pid=9225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1040" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 574.364378][ T2034] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 574.541891][ T2034] usb 4-1: Using ep0 maxpacket: 32 [ 574.564376][ T2034] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 574.576095][ T2034] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 574.581975][ T8925] usb 6-1: new full-speed USB device number 17 using dummy_hcd [ 574.586432][ T2034] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 574.603419][ T2034] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 574.631770][ T2034] usb 4-1: config 0 descriptor?? [ 574.809057][ T8925] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 574.822168][ T8925] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 574.831960][ T8925] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 575.175502][ T9248] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 575.326302][ T2034] savu 0003:1E7D:2D5A.0016: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 575.520637][ T9250] team0: Mode changed to "loadbalance" [ 575.581232][ T2034] usb 4-1: USB disconnect, device number 17 [ 576.066979][ T9260] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 576.140369][ T9246] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1047'. [ 576.442198][ T9255] fido_id[9255]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 576.499878][ T9263] fuse: Unknown parameter 'group_id00000000000000000000' [ 576.542926][ T9260] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1050'. [ 576.637733][ T5796] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.352981][ T8925] usb 6-1: USB disconnect, device number 17 [ 579.980225][ T9292] loop6: detected capacity change from 0 to 512 [ 580.227534][ T9292] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 580.241515][ T9292] ext4 filesystem being mounted at /138/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 580.355518][ T30] audit: type=1800 audit(1761381218.374:99): pid=9292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1062" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 580.431800][ T9299] fuse: Unknown parameter 'group_id00000000000000000000' [ 580.581360][ T2034] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 580.584180][ T1866] usb 1-1: new full-speed USB device number 23 using dummy_hcd [ 580.814050][ T1866] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 580.824933][ T1866] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 580.834482][ T1866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.961361][ T2034] usb 7-1: Using ep0 maxpacket: 32 [ 581.012657][ T2034] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 581.024458][ T2034] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 581.035181][ T2034] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 581.044560][ T2034] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 581.137171][ T2034] usb 7-1: config 0 descriptor?? [ 581.612079][ T2034] savu 0003:1E7D:2D5A.0017: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0 [ 581.949522][ T1866] usb 7-1: USB disconnect, device number 9 [ 582.924367][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 583.137817][ T9311] fido_id[9311]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 583.479766][ T2034] usb 1-1: USB disconnect, device number 23 [ 583.718807][ T9316] tipc: Enabled bearer , priority 0 [ 583.889254][ T9320] tipc: Resetting bearer [ 583.967412][ T9315] tipc: Disabling bearer [ 589.956731][ T9384] loop5: detected capacity change from 0 to 2048 [ 590.121969][ T9384] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 590.276912][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.286139][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.294719][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.302858][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.306878][ T9384] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, [ 590.310829][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.310872][ T9384] block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 590.336096][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.344314][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.352528][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.360536][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.368730][ T2034] hid-generic 0003:80000004:0000.0018: unknown main item tag 0x0 [ 590.597622][ T2034] hid-generic 0003:80000004:0000.0018: hidraw0: USB HID v0.00 Device [syz0] on syz0 [ 590.671977][ T6313] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.167637][ T9391] fido_id[9391]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 591.444296][ T9397] loop5: detected capacity change from 0 to 512 [ 591.585312][ T9397] EXT4-fs (loop5): orphan cleanup on readonly fs [ 591.687702][ T9397] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 591.698805][ T9397] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 591.709856][ T9397] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.1098: Failed to acquire dquot type 1 [ 591.801902][ T9397] EXT4-fs (loop5): 1 truncate cleaned up [ 591.843071][ T9397] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 592.264732][ T6313] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.179300][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 593.186287][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 593.396606][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 593.712708][ T9417] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1109'. [ 593.794184][ T9417] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1109'. [ 594.418343][ T9421] loop6: detected capacity change from 0 to 128 [ 594.831038][ T9425] loop5: detected capacity change from 0 to 128 [ 595.813676][ T9434] loop5: detected capacity change from 0 to 512 [ 595.855363][ T9434] EXT4-fs: Ignoring removed orlov option [ 595.911742][ T9434] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 595.973090][ T9434] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 596.025054][ T9434] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.1116: corrupted in-inode xattr: e_value size too large [ 596.133056][ T9434] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1116: couldn't read orphan inode 15 (err -117) [ 596.164743][ T9434] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 596.454004][ T9443] loop6: detected capacity change from 0 to 512 [ 596.503128][ T6313] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.517294][ T30] audit: type=1326 audit(1761381234.564:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9444 comm="syz.0.1120" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 596.600881][ T9443] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 596.603404][ T30] audit: type=1326 audit(1761381234.594:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9444 comm="syz.0.1120" exe="/root/syz-executor" sig=0 arch=40000003 syscall=51 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 596.614491][ T9443] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 596.638878][ T30] audit: type=1326 audit(1761381234.594:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9444 comm="syz.0.1120" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 597.042008][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 597.045508][ T9451] loop5: detected capacity change from 0 to 764 [ 597.289377][ T9454] serio: Serial port ptm0 [ 597.407961][ T9458] Bluetooth: MGMT ver 1.23 [ 598.000257][ T9466] loop0: detected capacity change from 0 to 512 [ 598.039027][ T9468] netlink: 'syz.6.1130': attribute type 12 has an invalid length. [ 598.053594][ T9466] journal_path: Lookup failure for './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' [ 598.079827][ T9466] EXT4-fs: error: could not find journal device path [ 598.592603][ T9472] pim6reg1: entered promiscuous mode [ 598.598184][ T9472] pim6reg1: entered allmulticast mode [ 598.639804][ T30] audit: type=1326 audit(1761381236.674:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9473 comm="syz.6.1133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 598.662489][ T30] audit: type=1326 audit(1761381236.684:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9473 comm="syz.6.1133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=162 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 598.686962][ T30] audit: type=1326 audit(1761381236.684:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9473 comm="syz.6.1133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 599.227069][ T9480] loop6: detected capacity change from 0 to 512 [ 599.263533][ T9480] EXT4-fs: Ignoring removed mblk_io_submit option [ 599.270436][ T9480] EXT4-fs: inline encryption not supported [ 599.277071][ T9480] EXT4-fs: Ignoring removed mblk_io_submit option [ 599.320211][ T9480] EXT4-fs (loop6): Test dummy encryption mode enabled [ 599.327603][ T9480] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 599.341151][ T9480] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 599.384946][ T9480] EXT4-fs (loop6): 1 truncate cleaned up [ 599.396171][ T9480] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 599.530678][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 599.955871][ T9492] loop6: detected capacity change from 0 to 512 [ 600.057596][ T9492] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.1139: bad orphan inode 15 [ 600.073504][ T9492] ext4_test_bit(bit=14, block=5) = 0 [ 600.081287][ T9492] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 600.153085][ T9492] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters [ 600.168371][ T9492] EXT4-fs error (device loop6): ext4_free_inode:354: comm syz.6.1139: bit already cleared for inode 13 [ 600.209325][ T9497] loop5: detected capacity change from 0 to 256 [ 600.374014][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 600.800668][ T9505] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 600.800668][ T9505] program syz.6.1145 not setting count and/or reply_len properly [ 601.936072][ T9524] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1154'. [ 601.945377][ T9524] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1154'. [ 602.919526][ T9532] loop6: detected capacity change from 0 to 512 [ 602.964721][ T9532] EXT4-fs: Ignoring removed bh option [ 603.031294][ T9532] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 603.040579][ T9532] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 603.169493][ T9532] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 603.207587][ T9532] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 603.240277][ T9532] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 603.266342][ T9535] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 353: padding at end of block bitmap is not set [ 603.369231][ T9532] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 603.665969][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 604.023787][ T9542] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1163'. [ 604.109711][ T9544] mmap: syz.6.1162 (9544) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 607.063785][ T9579] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1180'. [ 607.074504][ T9579] netlink: 'syz.1.1180': attribute type 1 has an invalid length. [ 607.471660][ T30] audit: type=1326 audit(1761381245.514:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9586 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 607.495400][ T30] audit: type=1326 audit(1761381245.524:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9586 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=258 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 607.518274][ T30] audit: type=1326 audit(1761381245.524:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9586 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 607.541236][ T30] audit: type=1326 audit(1761381245.554:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9586 comm="syz.0.1182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 607.567797][ T9589] loop5: detected capacity change from 0 to 512 [ 607.624238][ T9589] EXT4-fs: Ignoring removed nobh option [ 607.652989][ T9589] EXT4-fs (loop5): #clusters per group too big: 360448 [ 607.902287][ T30] audit: type=1326 audit(1761381245.914:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9588 comm="syz.5.1183" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45539 code=0x7ffc0000 [ 607.925206][ T30] audit: type=1326 audit(1761381245.914:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9588 comm="syz.5.1183" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f45539 code=0x7ffc0000 [ 607.948940][ T30] audit: type=1326 audit(1761381245.914:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9588 comm="syz.5.1183" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45539 code=0x7ffc0000 [ 607.971517][ T30] audit: type=1326 audit(1761381245.914:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9588 comm="syz.5.1183" exe="/root/syz-executor" sig=0 arch=40000003 syscall=372 compat=1 ip=0xf7f45539 code=0x7ffc0000 [ 607.994850][ T30] audit: type=1326 audit(1761381245.914:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9588 comm="syz.5.1183" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45539 code=0x7ffc0000 [ 608.039277][ T9592] tipc: Enabled bearer , priority 0 [ 608.091974][ T9591] tipc: Resetting bearer [ 608.298825][ T9591] tipc: Disabling bearer [ 608.620182][ T9598] loop5: detected capacity change from 0 to 512 [ 608.724323][ T9598] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 608.737549][ T9598] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 609.454121][ T6313] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.562383][ T9632] syz_tun: entered allmulticast mode [ 613.578970][ T9632] syz_tun: left allmulticast mode [ 613.699379][ T9633] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 614.161698][ T9638] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 614.178424][ T9638] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 614.189477][ T9638] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 614.212623][ T9638] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 614.247002][ T9638] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 614.810708][ T9645] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 615.080105][ T9645] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 615.220563][ T9650] loop0: detected capacity change from 0 to 512 [ 615.304497][ T9645] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 615.434727][ T9650] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 615.449381][ T9650] ext4 filesystem being mounted at /252/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 615.545866][ T9645] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 615.950498][ T3544] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.049989][ T3544] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.095067][ T3544] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.135509][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.187877][ T4374] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.312353][ T9637] chnl_net:caif_netlink_parms(): no params data found [ 616.351459][ T9638] Bluetooth: hci5: command tx timeout [ 617.303617][ T30] audit: type=1326 audit(1761381255.334:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9663 comm="syz.0.1208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 617.403538][ T30] audit: type=1326 audit(1761381255.384:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9663 comm="syz.0.1208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 617.427081][ T30] audit: type=1326 audit(1761381255.384:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9663 comm="syz.0.1208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 617.449985][ T30] audit: type=1326 audit(1761381255.434:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9663 comm="syz.0.1208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 617.472542][ T30] audit: type=1326 audit(1761381255.434:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9663 comm="syz.0.1208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 617.495074][ T30] audit: type=1326 audit(1761381255.434:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9663 comm="syz.0.1208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 617.697165][ T9675] loop5: detected capacity change from 0 to 1024 [ 617.839935][ T9637] bridge0: port 1(bridge_slave_0) entered blocking state [ 617.847993][ T9637] bridge0: port 1(bridge_slave_0) entered disabled state [ 617.852618][ T9675] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 617.855895][ T9637] bridge_slave_0: entered allmulticast mode [ 617.877212][ T9637] bridge_slave_0: entered promiscuous mode [ 617.895052][ T9637] bridge0: port 2(bridge_slave_1) entered blocking state [ 617.904901][ T9637] bridge0: port 2(bridge_slave_1) entered disabled state [ 617.912788][ T9637] bridge_slave_1: entered allmulticast mode [ 617.922811][ T9637] bridge_slave_1: entered promiscuous mode [ 618.041975][ T30] audit: type=1800 audit(1761381256.084:121): pid=9675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1211" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 618.056455][ T9637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 618.146823][ T9637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 618.375720][ T9637] team0: Port device team_slave_0 added [ 618.386008][ T6313] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 618.397125][ T9637] team0: Port device team_slave_1 added [ 618.446211][ T9638] Bluetooth: hci5: command tx timeout [ 618.511728][ T9637] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 618.518964][ T9637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 618.548512][ T9637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 618.569238][ T9637] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 618.577001][ T9637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 618.604926][ T9637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 619.085221][ T9637] hsr_slave_0: entered promiscuous mode [ 619.095735][ T9637] hsr_slave_1: entered promiscuous mode [ 619.104805][ T9637] debugfs: 'hsr0' already exists in 'hsr' [ 619.110719][ T9637] Cannot create hsr debugfs directory [ 620.253259][ T9637] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 620.566510][ T9637] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 620.576782][ T9638] Bluetooth: hci5: command tx timeout [ 620.654641][ T9637] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 620.742592][ T9637] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 620.948395][ T9700] netlink: 'syz.1.1219': attribute type 10 has an invalid length. [ 621.031175][ T9692] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.602482][ T9692] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.824682][ T9692] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.938676][ T9692] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 622.308313][ T9710] loop6: detected capacity change from 0 to 512 [ 622.336195][ T14] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.380376][ T9710] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 622.519465][ T14] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.546832][ T14] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.561980][ T14] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.666978][ T9638] Bluetooth: hci5: command tx timeout [ 622.692679][ T9710] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 622.694663][ T9637] 8021q: adding VLAN 0 to HW filter on device bond0 [ 622.705940][ T9710] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 622.765413][ T9637] 8021q: adding VLAN 0 to HW filter on device team0 [ 622.836431][ T4374] bridge0: port 1(bridge_slave_0) entered blocking state [ 622.844178][ T4374] bridge0: port 1(bridge_slave_0) entered forwarding state [ 622.973993][ T4374] bridge0: port 2(bridge_slave_1) entered blocking state [ 622.981635][ T4374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 623.628250][ T9722] loop5: detected capacity change from 0 to 256 [ 623.970386][ T9728] batman_adv: batadv0: adding TT local entry 06:e1:05:00:07:00 to non-existent VLAN 768 [ 624.019154][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 624.095115][ T9729] loop0: detected capacity change from 0 to 512 [ 624.363182][ T9729] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 624.376872][ T9729] ext4 filesystem being mounted at /257/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 625.004292][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 625.166649][ T9637] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 626.130069][ T2034] hid_parser_main: 8 callbacks suppressed [ 626.130170][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x4 [ 626.144297][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x2 [ 626.152520][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 626.160429][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 626.168998][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 626.177068][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 626.179308][ T9756] loop0: detected capacity change from 0 to 764 [ 626.185156][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 626.185329][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 626.185506][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 626.215749][ T2034] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 626.409036][ T2034] hid-generic 0000:3000000:0000.0019: hidraw0: HID v0.00 Device [sy] on syz0 [ 626.478957][ T30] audit: type=1326 audit(1761381264.524:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.598298][ T30] audit: type=1326 audit(1761381264.564:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=13 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.621170][ T30] audit: type=1326 audit(1761381264.564:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.647363][ T30] audit: type=1326 audit(1761381264.564:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.671108][ T30] audit: type=1326 audit(1761381264.584:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.693642][ T30] audit: type=1326 audit(1761381264.584:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.716093][ T30] audit: type=1326 audit(1761381264.584:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.739400][ T30] audit: type=1326 audit(1761381264.584:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.762166][ T30] audit: type=1326 audit(1761381264.604:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 626.784647][ T30] audit: type=1326 audit(1761381264.604:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.6.1239" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 627.454320][ T9773] loop1: detected capacity change from 0 to 512 [ 627.598095][ T9775] loop6: detected capacity change from 0 to 512 [ 627.665829][ T9775] EXT4-fs: Ignoring removed bh option [ 627.688150][ T9775] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 627.697814][ T9775] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 627.729899][ T9637] veth0_vlan: entered promiscuous mode [ 627.783132][ T9775] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 627.851568][ T9775] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 627.882263][ T9773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 627.895633][ T9773] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 627.900241][ T9637] veth1_vlan: entered promiscuous mode [ 627.921583][ T9775] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 628.014051][ T9775] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 628.277732][ T9637] veth0_macvtap: entered promiscuous mode [ 628.338847][ T9637] veth1_macvtap: entered promiscuous mode [ 628.345661][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 628.524358][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 628.604891][ T9637] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 628.716168][ T9637] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 628.765338][ T9789] loop0: detected capacity change from 0 to 256 [ 628.807177][ T59] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.821812][ T9789] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 628.841191][ T59] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.851308][ T4374] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 628.864218][ T4374] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.847816][ T9800] loop5: detected capacity change from 0 to 512 [ 630.039126][ T9800] EXT4-fs (loop5): failed to initialize system zone (-117) [ 630.059426][ T9800] EXT4-fs (loop5): mount failed [ 630.590796][ T9814] loop0: detected capacity change from 0 to 512 [ 630.651321][ T9814] EXT4-fs: Ignoring removed bh option [ 630.714208][ T9814] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 630.726835][ T9814] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 630.844269][ T9814] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 630.885315][ T9814] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 630.926828][ T9814] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 631.164283][ T9814] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 631.429233][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.851691][ T9831] loop0: detected capacity change from 0 to 128 [ 631.930456][ T9832] binfmt_misc: register: failed to install interpreter file ./file0 [ 632.535436][ T1866] kernel read not supported for file 451/task/452/projid_map (pid: 1866 comm: kworker/1:2) [ 633.181425][ T9850] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1269'. [ 633.191917][ T9850] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1269'. [ 633.202263][ T9850] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1269'. [ 634.436084][ T9866] loop6: detected capacity change from 0 to 128 [ 634.904345][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 634.912581][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.201596][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 635.209629][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.281508][ T9872] sctp: [Deprecated]: syz.6.1277 (pid 9872) Use of struct sctp_assoc_value in delayed_ack socket option. [ 635.281508][ T9872] Use struct sctp_sack_info instead [ 635.868686][ T9877] loop1: detected capacity change from 0 to 1764 [ 635.973586][ T9877] isofs_fill_super: get root inode failed [ 637.424540][ T9896] loop1: detected capacity change from 0 to 128 [ 637.541869][ T9899] ieee802154 phy0 wpan0: encryption failed: -22 [ 637.548007][ T9898] loop0: detected capacity change from 0 to 512 [ 637.611874][ T9898] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.1287: bad orphan inode 15 [ 637.625295][ T9898] ext4_test_bit(bit=14, block=5) = 0 [ 637.633705][ T9898] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 637.657991][ T9898] EXT4-fs error (device loop0): __ext4_new_inode:1073: comm syz.0.1287: reserved inode found cleared - inode=1 [ 638.133937][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.997235][ T9908] syzkaller0: entered promiscuous mode [ 639.003159][ T9908] syzkaller0: entered allmulticast mode [ 639.488033][ T9919] loop5: detected capacity change from 0 to 128 [ 639.588513][ T9922] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1296'. [ 639.626486][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 639.626562][ T30] audit: type=1326 audit(1761381277.674:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 639.740479][ T30] audit: type=1326 audit(1761381277.724:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 639.763030][ T30] audit: type=1326 audit(1761381277.774:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 639.785779][ T30] audit: type=1326 audit(1761381277.774:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 639.808260][ T30] audit: type=1326 audit(1761381277.784:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 639.830673][ T30] audit: type=1326 audit(1761381277.784:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 639.855402][ T30] audit: type=1326 audit(1761381277.784:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 640.415111][ T30] audit: type=1326 audit(1761381278.134:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 640.415355][ T30] audit: type=1326 audit(1761381278.134:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 640.415582][ T30] audit: type=1326 audit(1761381278.134:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.7.1297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 640.460474][ C1] vkms_vblank_simulate: vblank timer overrun [ 640.525692][ T9928] netlink: 'syz.7.1297': attribute type 6 has an invalid length. [ 640.528732][ T9928] netlink: 'syz.7.1297': attribute type 6 has an invalid length. [ 640.532136][ T9928] tipc: Started in network mode [ 640.532310][ T9928] tipc: Node identity ac14140f, cluster identity 4711 [ 640.533148][ T9928] tipc: New replicast peer: 255.255.255.83 [ 640.534271][ T9928] tipc: Enabled bearer , priority 10 [ 640.771370][ T9934] loop5: detected capacity change from 0 to 512 [ 640.779121][ T9934] EXT4-fs: Ignoring removed bh option [ 640.798501][ T9934] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 640.798606][ T9934] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 640.833201][ T9934] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 640.834514][ T9934] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 640.837329][ T9934] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 640.918629][ T9934] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 641.151243][ T6313] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 641.531714][ T1866] tipc: Node number set to 2886997007 [ 642.670778][ T9953] netlink: 'syz.6.1307': attribute type 12 has an invalid length. [ 642.724261][ T9957] loop5: detected capacity change from 0 to 136 [ 642.877175][ T9957] rock: directory entry would overflow storage [ 642.883705][ T9957] rock: sig=0x4f50, size=4, remaining=3 [ 642.889544][ T9957] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 643.278408][ T6313] rock: directory entry would overflow storage [ 643.285167][ T6313] rock: sig=0x4f50, size=4, remaining=3 [ 643.291079][ T6313] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 643.470642][ T6313] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 643.587401][ T9966] loop1: detected capacity change from 0 to 512 [ 643.635224][ T9966] EXT4-fs: Ignoring removed bh option [ 643.706377][ T9966] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 643.716851][ T9966] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 643.816579][ T9966] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 643.872361][ T9966] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 643.921101][ T9966] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 644.041792][ T9966] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 644.354190][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 644.845904][ T9982] futex_wake_op: syz.6.1318 tries to shift op by 144; fix this program [ 645.718806][ T9991] loop1: detected capacity change from 0 to 512 [ 645.860780][ T9991] __quota_error: 50 callbacks suppressed [ 645.860867][ T9991] Quota error (device loop1): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 645.877932][ T9991] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 645.890823][ T9991] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.1324: Failed to acquire dquot type 1 [ 645.986368][ T9991] EXT4-fs (loop1): 1 truncate cleaned up [ 645.994651][ T9991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 646.007745][ T9991] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 646.111156][ T9991] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 646.478690][ T30] audit: type=1326 audit(1761381284.524:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.6.1328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 646.503002][ T30] audit: type=1326 audit(1761381284.524:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.6.1328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 646.680466][ T30] audit: type=1326 audit(1761381284.604:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.6.1328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 646.704862][ T30] audit: type=1326 audit(1761381284.604:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.6.1328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 646.727950][ T30] audit: type=1326 audit(1761381284.604:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.6.1328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 646.750728][ T30] audit: type=1326 audit(1761381284.604:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.6.1328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 646.773500][ T30] audit: type=1326 audit(1761381284.614:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.6.1328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 646.796113][ T30] audit: type=1326 audit(1761381284.614:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10002 comm="syz.6.1328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f73539 code=0x7ffc0000 [ 646.932039][T10008] netlink: 240 bytes leftover after parsing attributes in process `syz.6.1328'. [ 646.980718][T10007] netlink: 276 bytes leftover after parsing attributes in process `syz.1.1330'. [ 647.127331][T10009] loop5: detected capacity change from 0 to 512 [ 647.176285][T10009] EXT4-fs: Ignoring removed bh option [ 647.293094][T10009] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 647.302522][T10009] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 647.424451][T10009] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 647.453295][T10009] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 647.473503][T10009] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 647.527263][T10009] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 647.843225][ T6313] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.687102][T10044] loop6: detected capacity change from 0 to 512 [ 649.734047][T10044] EXT4-fs: Ignoring removed bh option [ 649.770116][T10044] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 649.782163][T10044] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 649.975008][T10044] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 650.085263][T10044] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 650.186647][T10044] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 650.274046][T10044] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 650.608736][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.763623][T10093] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1365'. [ 652.898901][T10093] $Hÿ: renamed from bond0 (while UP) [ 652.982222][T10093] $Hÿ: entered promiscuous mode [ 654.650792][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 654.658605][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.748164][ T30] kauditd_printk_skb: 54 callbacks suppressed [ 654.748241][ T30] audit: type=1326 audit(1761381292.794:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10115 comm="syz.0.1376" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x0 [ 655.069686][ C0] hrtimer: interrupt took 370774 ns [ 655.704397][T10123] loop5: detected capacity change from 0 to 136 [ 655.876300][T10123] rock: directory entry would overflow storage [ 655.883009][T10123] rock: sig=0x4f50, size=4, remaining=3 [ 655.888734][T10123] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 656.118694][ T9458] syz_tun (unregistering): left allmulticast mode [ 656.234444][ T6313] rock: directory entry would overflow storage [ 656.240812][ T6313] rock: sig=0x4f50, size=4, remaining=3 [ 656.246897][ T6313] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 656.356885][ T6313] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 656.388041][ T1836] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 656.816941][ T1836] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 657.000879][T10130] infiniband syz2: set down [ 657.005749][T10130] infiniband syz2: added ipvlan0 [ 657.182651][ T1836] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 657.383870][ T1836] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 657.412488][T10130] RDS/IB: syz2: added [ 657.416705][T10130] smc: adding ib device syz2 with port count 1 [ 657.423634][T10130] smc: ib device syz2 port 1 has no pnetid [ 659.438169][ T1836] bridge_slave_1: left allmulticast mode [ 659.444268][ T1836] bridge_slave_1: left promiscuous mode [ 659.450835][ T1836] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.575827][ T1836] bridge_slave_0: left allmulticast mode [ 659.581856][ T1836] bridge_slave_0: left promiscuous mode [ 659.588441][ T1836] bridge0: port 1(bridge_slave_0) entered disabled state [ 660.274100][ T9] IPVS: starting estimator thread 0... [ 660.353400][ T1836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 660.401447][T10159] IPVS: using max 192 ests per chain, 9600 per kthread [ 660.453424][ T1836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 660.497264][ T1836] bond0 (unregistering): Released all slaves [ 660.542042][T10162] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1396'. [ 660.743030][ T1836] tipc: Left network mode [ 661.078992][T10166] loop0: detected capacity change from 0 to 1024 [ 661.148708][T10166] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 661.401708][T10166] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1397: Invalid block bitmap block 0 in block_group 0 [ 661.476031][T10166] Quota error (device loop0): write_blk: dquota write failed [ 661.484012][T10166] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 661.494443][T10166] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.1397: Failed to acquire dquot type 0 [ 661.555487][T10166] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.1397: Freeing blocks not in datazone - block = 0, count = 4096 [ 661.572731][T10166] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.1397: Invalid inode bitmap blk 0 in block_group 0 [ 661.614568][ T4699] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-8 [ 661.624057][ T4699] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:23: Failed to release dquot type 0 [ 661.772232][T10166] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 661.896228][T10166] EXT4-fs (loop0): 1 orphan inode deleted [ 661.909731][T10166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 662.493401][ T1836] hsr_slave_0: left promiscuous mode [ 662.531867][ T1836] hsr_slave_1: left promiscuous mode [ 662.548566][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 662.559453][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 662.614449][ T1836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 662.622620][ T1836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 662.682044][ T1836] veth1_macvtap: left promiscuous mode [ 662.687775][ T1836] veth0_macvtap: left promiscuous mode [ 662.693926][ T1836] veth1_vlan: left promiscuous mode [ 662.699568][ T1836] veth0_vlan: left promiscuous mode [ 662.735885][ T30] audit: type=1326 audit(1761381300.774:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.7.1403" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 662.761436][ T30] audit: type=1326 audit(1761381300.774:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.7.1403" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 662.784157][ T30] audit: type=1326 audit(1761381300.774:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.7.1403" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 662.808651][ T30] audit: type=1326 audit(1761381300.774:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.7.1403" exe="/root/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 662.832308][ T30] audit: type=1326 audit(1761381300.784:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.7.1403" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 662.855363][ T30] audit: type=1326 audit(1761381300.784:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.7.1403" exe="/root/syz-executor" sig=0 arch=40000003 syscall=263 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 662.877880][ T30] audit: type=1326 audit(1761381300.784:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.7.1403" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 663.693545][ T1836] team0 (unregistering): Port device virt_wifi0 removed [ 663.943632][ T1836] team0 (unregistering): Port device team_slave_1 removed [ 664.046869][ T1836] team0 (unregistering): Port device team_slave_0 removed [ 665.271189][T10207] sctp: [Deprecated]: syz.6.1415 (pid 10207) Use of struct sctp_assoc_value in delayed_ack socket option. [ 665.271189][T10207] Use struct sctp_sack_info instead [ 667.560853][T10235] 9pnet_fd: Insufficient options for proto=fd [ 667.835820][T10237] syz.1.1429 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 667.913032][ T30] audit: type=1326 audit(1761381305.954:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10203 comm="syz.7.1414" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 667.993989][ T30] audit: type=1326 audit(1761381306.014:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10203 comm="syz.7.1414" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 668.019100][ T30] audit: type=1326 audit(1761381306.024:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10203 comm="syz.7.1414" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 668.042606][ T30] audit: type=1326 audit(1761381306.024:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10203 comm="syz.7.1414" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 668.250838][T10240] IPv6: NLM_F_CREATE should be specified when creating new route [ 668.498930][T10244] loop1: detected capacity change from 0 to 136 [ 668.610183][T10244] rock: directory entry would overflow storage [ 668.620072][T10244] rock: sig=0x4f50, size=4, remaining=3 [ 668.626584][T10244] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 668.856160][ T5804] rock: directory entry would overflow storage [ 668.865676][ T5804] rock: sig=0x4f50, size=4, remaining=3 [ 668.871503][ T5804] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 668.957000][ T5804] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 669.318319][T10256] sctp: [Deprecated]: syz.5.1438 (pid 10256) Use of int in max_burst socket option deprecated. [ 669.318319][T10256] Use struct sctp_assoc_value instead [ 669.443217][ T30] audit: type=1326 audit(1761381307.494:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10253 comm="syz.6.1437" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f73539 code=0x0 [ 669.816534][T10259] loop5: detected capacity change from 0 to 512 [ 669.902362][T10259] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 670.244023][ T6313] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 670.666756][T10265] 9pnet_fd: Insufficient options for proto=fd [ 671.539663][T10277] loop5: detected capacity change from 0 to 136 [ 671.661255][T10277] rock: directory entry would overflow storage [ 671.667709][T10277] rock: sig=0x4f50, size=4, remaining=3 [ 671.673724][T10277] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 671.912762][ T6313] rock: directory entry would overflow storage [ 671.919602][ T6313] rock: sig=0x4f50, size=4, remaining=3 [ 671.925776][ T6313] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 672.030470][ T6313] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 672.422193][T10286] syzkaller0: entered promiscuous mode [ 672.428018][T10286] syzkaller0: entered allmulticast mode [ 673.652993][T10298] 9pnet_fd: Insufficient options for proto=fd [ 674.388938][T10307] loop6: detected capacity change from 0 to 136 [ 674.566617][T10307] rock: directory entry would overflow storage [ 674.573200][T10307] rock: sig=0x4f50, size=4, remaining=3 [ 674.578984][T10307] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 674.879742][ T6996] rock: directory entry would overflow storage [ 674.888924][ T6996] rock: sig=0x4f50, size=4, remaining=3 [ 674.894938][ T6996] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 675.029665][ T6996] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 675.805062][T10326] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1468'. [ 675.814816][T10326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1468'. [ 676.032077][T10330] 9pnet_fd: Insufficient options for proto=fd [ 676.616238][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 676.643449][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 676.657731][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 676.672251][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 676.712672][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 676.881589][T10339] netlink: 'syz.1.1473': attribute type 21 has an invalid length. [ 676.889746][T10339] netlink: 'syz.1.1473': attribute type 1 has an invalid length. [ 676.898536][T10339] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1473'. [ 678.742241][ T50] Bluetooth: hci0: command tx timeout [ 678.769530][T10332] chnl_net:caif_netlink_parms(): no params data found [ 678.832072][T10363] 9pnet_fd: Insufficient options for proto=fd [ 680.821705][ T50] Bluetooth: hci0: command tx timeout [ 680.882021][T10332] bridge0: port 1(bridge_slave_0) entered blocking state [ 680.889589][T10332] bridge0: port 1(bridge_slave_0) entered disabled state [ 680.897605][T10332] bridge_slave_0: entered allmulticast mode [ 680.910758][T10332] bridge_slave_0: entered promiscuous mode [ 681.045356][T10332] bridge0: port 2(bridge_slave_1) entered blocking state [ 681.053232][T10332] bridge0: port 2(bridge_slave_1) entered disabled state [ 681.061142][T10332] bridge_slave_1: entered allmulticast mode [ 681.070763][T10332] bridge_slave_1: entered promiscuous mode [ 681.491706][T10332] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 681.582225][T10332] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 681.897639][T10332] team0: Port device team_slave_0 added [ 681.982517][T10332] team0: Port device team_slave_1 added [ 682.388609][T10332] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 682.396388][T10332] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 682.423048][T10332] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 682.585092][T10332] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 682.592836][T10332] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 682.619608][T10332] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 682.901624][ T50] Bluetooth: hci0: command tx timeout [ 683.045432][T10332] hsr_slave_0: entered promiscuous mode [ 683.062232][T10332] hsr_slave_1: entered promiscuous mode [ 683.071741][T10332] debugfs: 'hsr0' already exists in 'hsr' [ 683.077674][T10332] Cannot create hsr debugfs directory [ 684.494103][T10421] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1509'. [ 684.710146][T10332] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 684.778235][T10332] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 684.883677][T10332] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 684.942768][T10332] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 684.987474][ T50] Bluetooth: hci0: command tx timeout [ 685.661302][T10332] 8021q: adding VLAN 0 to HW filter on device bond0 [ 685.783646][T10332] 8021q: adding VLAN 0 to HW filter on device team0 [ 685.858339][ T1836] bridge0: port 1(bridge_slave_0) entered blocking state [ 685.865953][ T1836] bridge0: port 1(bridge_slave_0) entered forwarding state [ 685.938416][ T1836] bridge0: port 2(bridge_slave_1) entered blocking state [ 685.946030][ T1836] bridge0: port 2(bridge_slave_1) entered forwarding state [ 686.758447][T10431] loop1: detected capacity change from 0 to 512 [ 686.799567][T10431] EXT4-fs: Ignoring removed bh option [ 686.867944][T10431] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 686.877656][T10431] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 687.017398][T10431] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 687.101760][T10431] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 687.194070][T10431] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 687.329815][T10431] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 687.461879][ T9638] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 687.482683][ T9638] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 687.494986][ T9638] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 687.528654][ T9638] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 687.541397][ T9638] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 687.799063][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 687.823669][T10332] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 689.631640][ T9638] Bluetooth: hci4: command tx timeout [ 690.108783][T10439] chnl_net:caif_netlink_parms(): no params data found [ 690.215355][T10332] veth0_vlan: entered promiscuous mode [ 690.407046][T10332] veth1_vlan: entered promiscuous mode [ 690.738801][T10332] veth0_macvtap: entered promiscuous mode [ 690.823668][T10332] veth1_macvtap: entered promiscuous mode [ 691.059987][T10332] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 691.176458][T10332] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 691.283085][ T4699] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.338820][ T4699] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.401652][ T4699] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.410683][ T4699] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.538128][T10473] loop1: detected capacity change from 0 to 136 [ 691.671539][T10439] bridge0: port 1(bridge_slave_0) entered blocking state [ 691.679069][T10439] bridge0: port 1(bridge_slave_0) entered disabled state [ 691.687252][T10439] bridge_slave_0: entered allmulticast mode [ 691.697126][T10439] bridge_slave_0: entered promiscuous mode [ 691.712798][ T9638] Bluetooth: hci4: command tx timeout [ 691.722865][T10439] bridge0: port 2(bridge_slave_1) entered blocking state [ 691.730411][T10439] bridge0: port 2(bridge_slave_1) entered disabled state [ 691.738492][T10439] bridge_slave_1: entered allmulticast mode [ 691.748591][T10439] bridge_slave_1: entered promiscuous mode [ 692.018145][T10439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 692.164882][T10439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 692.232259][ T5804] rock: directory entry would overflow storage [ 692.238606][ T5804] rock: sig=0x4f50, size=4, remaining=3 [ 692.244584][ T5804] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 692.412188][T10480] loop7: detected capacity change from 0 to 512 [ 692.426667][ T5804] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 692.482510][T10480] EXT4-fs: Ignoring removed bh option [ 692.541611][T10480] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 692.551446][T10480] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 692.597145][T10480] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended [ 692.607227][T10439] team0: Port device team_slave_0 added [ 692.670172][T10439] team0: Port device team_slave_1 added [ 692.671168][T10480] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 692.775811][T10480] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 692.830542][T10480] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 692.936068][T10439] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 692.944504][T10439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 692.970998][T10439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 693.092915][ T9637] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.116309][T10439] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 693.123808][T10439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 693.150553][T10439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 693.684606][T10439] hsr_slave_0: entered promiscuous mode [ 693.695145][T10439] hsr_slave_1: entered promiscuous mode [ 693.709499][T10439] debugfs: 'hsr0' already exists in 'hsr' [ 693.715684][T10439] Cannot create hsr debugfs directory [ 693.784926][ T9638] Bluetooth: hci4: command tx timeout [ 694.237121][T10496] ieee802154 phy0 wpan0: encryption failed: -22 [ 695.147540][T10439] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 695.276661][T10439] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 695.405474][T10439] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 695.564390][T10439] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 695.861848][ T9638] Bluetooth: hci4: command tx timeout [ 696.239084][T10439] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 696.253690][T10517] loop7: detected capacity change from 0 to 512 [ 696.273193][T10517] EXT4-fs: Ignoring removed bh option [ 696.309499][T10517] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 696.318946][T10517] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 696.340536][T10439] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 696.400481][T10517] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended [ 696.411738][T10439] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 696.444766][T10517] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 696.455149][T10439] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 696.500202][T10517] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 696.627755][T10517] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 696.969258][ T9637] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 697.498785][T10533] ieee802154 phy0 wpan0: encryption failed: -22 [ 697.557337][ T4374] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 697.566333][ T4374] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 697.771213][ T4699] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 697.779390][ T4699] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 697.821844][T10439] 8021q: adding VLAN 0 to HW filter on device bond0 [ 698.011059][T10439] 8021q: adding VLAN 0 to HW filter on device team0 [ 698.078185][ T4699] bridge0: port 1(bridge_slave_0) entered blocking state [ 698.085798][ T4699] bridge0: port 1(bridge_slave_0) entered forwarding state [ 698.181455][ T4699] bridge0: port 2(bridge_slave_1) entered blocking state [ 698.188965][ T4699] bridge0: port 2(bridge_slave_1) entered forwarding state [ 699.312850][T10548] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1545'. [ 699.930246][T10557] loop8: detected capacity change from 0 to 512 [ 699.993546][T10557] EXT4-fs: Ignoring removed bh option [ 700.042989][T10557] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended [ 700.056763][T10557] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem [ 700.135514][T10557] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended [ 700.181464][T10557] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 700.293073][T10565] ieee802154 phy0 wpan0: encryption failed: -22 [ 700.295680][T10557] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 700.410297][T10557] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 700.456007][T10439] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 700.756546][T10332] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 702.756585][T10439] veth0_vlan: entered promiscuous mode [ 702.900540][T10439] veth1_vlan: entered promiscuous mode [ 703.108584][T10604] loop7: detected capacity change from 0 to 512 [ 703.243859][T10603] loop6: detected capacity change from 0 to 512 [ 703.280089][T10439] veth0_macvtap: entered promiscuous mode [ 703.288700][T10604] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.1564: bad orphan inode 15 [ 703.296787][T10603] EXT4-fs: Ignoring removed bh option [ 703.344363][T10439] veth1_macvtap: entered promiscuous mode [ 703.351522][T10603] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 703.360752][T10603] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 703.417958][T10439] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 703.457022][T10604] ext4_test_bit(bit=14, block=5) = 0 [ 703.465686][T10604] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 703.503231][T10439] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 703.529308][T10603] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 703.603993][ T4374] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 703.619096][ T4374] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 703.619720][T10603] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 703.670734][ T4374] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 703.749152][ T4374] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 703.765355][T10603] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 703.887293][T10603] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 704.134181][ T9637] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 704.413727][ T6996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 706.546895][T10644] loop1: detected capacity change from 0 to 512 [ 706.703631][T10645] loop8: detected capacity change from 0 to 512 [ 706.741239][T10644] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1578: bad orphan inode 15 [ 706.777502][T10645] EXT4-fs: Ignoring removed bh option [ 706.824063][T10644] ext4_test_bit(bit=14, block=5) = 0 [ 706.832459][T10644] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 706.832899][T10645] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended [ 706.854942][T10645] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem [ 706.893811][T10645] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended [ 706.916401][T10645] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 707.034584][T10645] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 707.161987][T10645] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 707.333102][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 707.534457][T10332] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 709.647113][T10691] loop7: detected capacity change from 0 to 512 [ 709.712034][T10691] EXT4-fs: Ignoring removed bh option [ 709.731746][T10691] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended [ 709.741853][T10691] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 709.778787][T10691] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended [ 709.818077][T10691] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 709.919134][ T3544] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 709.927446][ T3544] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 709.989560][T10691] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 710.036961][ T4125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 710.045444][ T4125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 710.072134][T10691] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 710.379715][ T9637] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 712.456438][T10726] loop8: detected capacity change from 0 to 512 [ 712.497990][T10726] EXT4-fs: Ignoring removed bh option [ 712.541564][T10726] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended [ 712.555429][T10726] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem [ 712.619231][T10726] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended [ 712.664670][T10726] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 712.682360][T10726] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 712.770717][T10726] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 713.114595][T10332] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 716.055667][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 716.062790][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 719.337437][T10163] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 719.432740][ T30] audit: type=1326 audit(1761381357.474:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.7.1639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 719.455303][ T30] audit: type=1326 audit(1761381357.474:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.7.1639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 719.649468][ T30] audit: type=1326 audit(1761381357.534:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.7.1639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=236 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 719.672307][ T30] audit: type=1326 audit(1761381357.534:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.7.1639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 719.695205][ T30] audit: type=1326 audit(1761381357.534:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10794 comm="syz.7.1639" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 722.952403][ T137] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 723.148700][ T137] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 723.325680][ T137] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 723.449238][ T137] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 724.060437][ T137] bridge_slave_1: left allmulticast mode [ 724.066584][ T137] bridge_slave_1: left promiscuous mode [ 724.068087][T10851] loop8: detected capacity change from 0 to 136 [ 724.073457][ T137] bridge0: port 2(bridge_slave_1) entered disabled state [ 724.158419][ T137] bridge_slave_0: left allmulticast mode [ 724.167778][ T137] bridge_slave_0: left promiscuous mode [ 724.174458][ T137] bridge0: port 1(bridge_slave_0) entered disabled state [ 724.712899][ T137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 724.778522][ T137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 724.805163][ T137] bond0 (unregistering): Released all slaves [ 724.970316][ T137] tipc: Left network mode [ 725.914801][ T137] hsr_slave_0: left promiscuous mode [ 725.923165][ T137] hsr_slave_1: left promiscuous mode [ 725.931121][ T137] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 725.938670][ T137] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 726.012894][ T137] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 726.020488][ T137] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 726.121794][ T137] veth1_macvtap: left promiscuous mode [ 726.127534][ T137] veth0_macvtap: left promiscuous mode [ 726.134192][ T137] veth1_vlan: left promiscuous mode [ 726.139734][ T137] veth0_vlan: left promiscuous mode [ 728.483268][T10899] loop5: detected capacity change from 0 to 136 [ 729.307434][T10913] loop8: detected capacity change from 0 to 136 [ 729.807570][T10920] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1694'. [ 730.475521][T10932] loop5: detected capacity change from 0 to 136 [ 730.497598][T10934] ===================================================== [ 730.505034][T10934] BUG: KMSAN: uninit-value in batadv_get_vid+0x2d0/0x3b0 [ 730.512366][T10934] batadv_get_vid+0x2d0/0x3b0 [ 730.517229][T10934] batadv_interface_tx+0x2e5/0x1e60 [ 730.522751][T10934] dev_hard_start_xmit+0x22f/0xa30 [ 730.528099][T10934] __dev_queue_xmit+0x3c51/0x5e60 [ 730.533445][T10934] __bpf_redirect+0x162d/0x1760 [ 730.538513][T10934] bpf_clone_redirect+0x366/0x530 [ 730.543915][T10934] ___bpf_prog_run+0x1297/0xeba0 [ 730.549019][T10934] __bpf_prog_run512+0xc5/0x100 [ 730.554161][T10934] bpf_test_run+0x496/0xd80 [ 730.558862][T10934] bpf_prog_test_run_skb+0x18c1/0x26a0 [ 730.564648][T10934] bpf_prog_test_run+0x5c2/0xa40 [ 730.569770][T10934] __sys_bpf+0x873/0xeb0 [ 730.574293][T10934] __ia32_sys_bpf+0xa4/0xf0 [ 730.579003][T10934] ia32_sys_call+0xadf/0x4310 [ 730.584006][T10934] __do_fast_syscall_32+0xb0/0x150 [ 730.589304][T10934] do_fast_syscall_32+0x38/0x80 [ 730.594467][T10934] do_SYSENTER_32+0x1f/0x30 [ 730.599272][T10934] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 730.605957][T10934] [ 730.608368][T10934] Uninit was created at: [ 730.612978][T10934] kmem_cache_alloc_node_noprof+0x989/0x16b0 [ 730.619158][T10934] kmalloc_reserve+0x13c/0x4b0 [ 730.624251][T10934] pskb_expand_head+0x1fc/0x1610 [ 730.629396][T10934] skb_ensure_writable+0x44e/0x510 [ 730.634841][T10934] bpf_clone_redirect+0x1c1/0x530 [ 730.640093][T10934] ___bpf_prog_run+0x1297/0xeba0 [ 730.645319][T10934] __bpf_prog_run512+0xc5/0x100 [ 730.650353][T10934] bpf_test_run+0x496/0xd80 [ 730.655160][T10934] bpf_prog_test_run_skb+0x18c1/0x26a0 [ 730.660841][T10934] bpf_prog_test_run+0x5c2/0xa40 [ 730.666092][T10934] __sys_bpf+0x873/0xeb0 [ 730.670479][T10934] __ia32_sys_bpf+0xa4/0xf0 [ 730.675320][T10934] ia32_sys_call+0xadf/0x4310 [ 730.680204][T10934] __do_fast_syscall_32+0xb0/0x150 [ 730.685669][T10934] do_fast_syscall_32+0x38/0x80 [ 730.690767][T10934] do_SYSENTER_32+0x1f/0x30 [ 730.695621][T10934] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 730.702282][T10934] [ 730.704738][T10934] CPU: 1 UID: 0 PID: 10934 Comm: syz.6.1701 Not tainted syzkaller #0 PREEMPT(none) [ 730.714492][T10934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 730.724791][T10934] ===================================================== [ 730.731929][T10934] Disabling lock debugging due to kernel taint [ 730.738219][T10934] Kernel panic - not syncing: kmsan.panic set ... [ 730.744776][T10934] CPU: 1 UID: 0 PID: 10934 Comm: syz.6.1701 Tainted: G B syzkaller #0 PREEMPT(none) [ 730.755911][T10934] Tainted: [B]=BAD_PAGE [ 730.760141][T10934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 730.770332][T10934] Call Trace: [ 730.773711][T10934] [ 730.776736][T10934] __dump_stack+0x26/0x30 [ 730.781247][T10934] dump_stack_lvl+0x53/0x270 [ 730.786027][T10934] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 730.792038][T10934] dump_stack+0x1e/0x25 [ 730.796358][T10934] vpanic+0x435/0xd30 [ 730.800525][T10934] panic+0x15d/0x160 [ 730.804635][T10934] kmsan_report+0x31c/0x320 [ 730.809297][T10934] ? __msan_warning+0x1b/0x30 [ 730.814096][T10934] ? batadv_get_vid+0x2d0/0x3b0 [ 730.819107][T10934] ? batadv_interface_tx+0x2e5/0x1e60 [ 730.824647][T10934] ? dev_hard_start_xmit+0x22f/0xa30 [ 730.830113][T10934] ? __dev_queue_xmit+0x3c51/0x5e60 [ 730.835507][T10934] ? __bpf_redirect+0x162d/0x1760 [ 730.840715][T10934] ? bpf_clone_redirect+0x366/0x530 [ 730.846117][T10934] ? ___bpf_prog_run+0x1297/0xeba0 [ 730.851390][T10934] ? __bpf_prog_run512+0xc5/0x100 [ 730.856562][T10934] ? bpf_test_run+0x496/0xd80 [ 730.861422][T10934] ? bpf_prog_test_run_skb+0x18c1/0x26a0 [ 730.867277][T10934] ? bpf_prog_test_run+0x5c2/0xa40 [ 730.872565][T10934] ? __sys_bpf+0x873/0xeb0 [ 730.877145][T10934] ? __ia32_sys_bpf+0xa4/0xf0 [ 730.882041][T10934] ? ia32_sys_call+0xadf/0x4310 [ 730.887095][T10934] ? __do_fast_syscall_32+0xb0/0x150 [ 730.892564][T10934] ? do_fast_syscall_32+0x38/0x80 [ 730.897814][T10934] ? do_SYSENTER_32+0x1f/0x30 [ 730.902671][T10934] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 730.909355][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 730.914615][T10934] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 730.920590][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 730.925858][T10934] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 730.931841][T10934] ? batadv_interface_tx+0xb1/0x1e60 [ 730.937303][T10934] ? filter_irq_stacks+0x49/0x190 [ 730.942538][T10934] ? stack_depot_save_flags+0x35/0x7b0 [ 730.948156][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 730.953425][T10934] __msan_warning+0x1b/0x30 [ 730.958065][T10934] batadv_get_vid+0x2d0/0x3b0 [ 730.962907][T10934] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 730.968885][T10934] batadv_interface_tx+0x2e5/0x1e60 [ 730.974258][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 730.979538][T10934] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 730.986099][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 730.991384][T10934] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 730.997352][T10934] ? __pfx_batadv_interface_tx+0x10/0x10 [ 731.003165][T10934] dev_hard_start_xmit+0x22f/0xa30 [ 731.008492][T10934] __dev_queue_xmit+0x3c51/0x5e60 [ 731.013707][T10934] ? skb_release_data+0xa12/0xac0 [ 731.018911][T10934] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 731.025374][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 731.030651][T10934] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 731.036621][T10934] ? __dev_queue_xmit+0x30c/0x5e60 [ 731.041956][T10934] __bpf_redirect+0x162d/0x1760 [ 731.047005][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 731.052287][T10934] bpf_clone_redirect+0x366/0x530 [ 731.057530][T10934] ___bpf_prog_run+0x1297/0xeba0 [ 731.062658][T10934] __bpf_prog_run512+0xc5/0x100 [ 731.067679][T10934] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 731.074313][T10934] ? kmsan_internal_poison_memory+0x7f/0xa0 [ 731.080416][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 731.085698][T10934] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 731.092244][T10934] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 731.098535][T10934] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 731.104690][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 731.109954][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 731.115214][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 731.120481][T10934] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 731.127030][T10934] ? kmsan_get_metadata+0x150/0x160 [ 731.132378][T10934] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 731.138613][T10934] ? __pfx___bpf_prog_run512+0x10/0x10 [ 731.144234][T10934] ? __pfx___bpf_prog_run512+0x10/0x10 [ 731.149842][T10934] bpf_test_run+0x496/0xd80 [ 731.154520][T10934] ? kmsan_get_metadata+0xfb/0x160 [ 731.159811][T10934] ? bpf_test_run+0x2f7/0xd80 [ 731.164679][T10934] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 731.170662][T10934] bpf_prog_test_run_skb+0x18c1/0x26a0 [ 731.176350][T10934] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 731.182343][T10934] bpf_prog_test_run+0x5c2/0xa40 [ 731.188021][T10934] __sys_bpf+0x873/0xeb0 [ 731.192450][T10934] __ia32_sys_bpf+0xa4/0xf0 [ 731.197165][T10934] ia32_sys_call+0xadf/0x4310 [ 731.202045][T10934] __do_fast_syscall_32+0xb0/0x150 [ 731.207356][T10934] do_fast_syscall_32+0x38/0x80 [ 731.212382][T10934] do_SYSENTER_32+0x1f/0x30 [ 731.217063][T10934] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 731.223581][T10934] RIP: 0023:0xf7f73539 [ 731.227768][T10934] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 731.247535][T10934] RSP: 002b:00000000f546655c EFLAGS: 00000206 ORIG_RAX: 0000000000000165 [ 731.256102][T10934] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080 [ 731.264185][T10934] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 731.272256][T10934] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 731.280329][T10934] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 731.288402][T10934] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 731.296517][T10934] [ 731.299918][T10934] Kernel Offset: disabled [ 731.304293][T10934] Rebooting in 86400 seconds..