last executing test programs: 1m33.800527254s ago: executing program 4 (id=500): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200000002"], 0x10) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/protocols\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$WG_CMD_GET_DEVICE(r2, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f0000003800)={0x600, 0x0, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x5bc, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}, {0x590, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x56c, 0x9, 0x0, 0x1, [{0x4}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x2}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x30}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x2}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}]}, {0xd0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}]}, {0xe8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2f}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}]}, {0xdc, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x21}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x6, @mcast1, 0x2}}]}]}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}]}, 0x600}, 0x1, 0x0, 0x0, 0x4015}, 0x58085) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) read$FUSE(r2, &(0x7f0000001080)={0x2020}, 0x2020) socket$inet6_tcp(0xa, 0x1, 0x0) 1m32.820810259s ago: executing program 4 (id=505): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_usb_connect(0x2, 0x24, &(0x7f0000000ec0)={{0x12, 0x1, 0x0, 0xef, 0xaa, 0x6e, 0x10, 0x1397, 0xbd, 0xc566, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe6, 0x2b, 0x3d}}]}}]}}, 0x0) 1m31.636057807s ago: executing program 4 (id=518): bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$kcm(0x10, 0x2, 0x10) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000600)={'vcan0\x00', 0x0}) connect$can_bcm(r2, &(0x7f00000000c0)={0x1d, r3}, 0x10) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0) sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="050000000808"], 0x80}}, 0x0) sendmmsg$inet(r2, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x40000000000003a, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x19, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@call={0x85, 0x0, 0x0, 0xf}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='signal_generate\x00', r5}, 0x18) shutdown(r1, 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20002000}, 0x4080) close_range(r6, 0xffffffffffffffff, 0x0) 1m3.623650504s ago: executing program 4 (id=518): bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$kcm(0x10, 0x2, 0x10) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000600)={'vcan0\x00', 0x0}) connect$can_bcm(r2, &(0x7f00000000c0)={0x1d, r3}, 0x10) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0) sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="050000000808"], 0x80}}, 0x0) sendmmsg$inet(r2, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x40000000000003a, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x19, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@call={0x85, 0x0, 0x0, 0xf}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='signal_generate\x00', r5}, 0x18) shutdown(r1, 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20002000}, 0x4080) close_range(r6, 0xffffffffffffffff, 0x0) 34.899905401s ago: executing program 4 (id=518): bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$kcm(0x10, 0x2, 0x10) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000600)={'vcan0\x00', 0x0}) connect$can_bcm(r2, &(0x7f00000000c0)={0x1d, r3}, 0x10) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0) sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="050000000808"], 0x80}}, 0x0) sendmmsg$inet(r2, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x40000000000003a, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x19, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@call={0x85, 0x0, 0x0, 0xf}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='signal_generate\x00', r5}, 0x18) shutdown(r1, 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20002000}, 0x4080) close_range(r6, 0xffffffffffffffff, 0x0) 9.881527501s ago: executing program 0 (id=803): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0xfffc, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, {0x14, 0x0, 0x0, @remote}}}}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 9.299898119s ago: executing program 0 (id=809): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000000)=0x0) r5 = landlock_create_ruleset(&(0x7f00000000c0)={0x501b, 0x2, 0x1}, 0x18, 0x0) landlock_restrict_self(r5, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) 7.440762247s ago: executing program 1 (id=816): openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x42, &(0x7f0000000040)={@broadcast, @remote, @void, {@arp={0x86dd, @ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0x4, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, @remote, @local}}}}, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020) r3 = socket$inet_smc(0x2b, 0x1, 0x0) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10) setsockopt$SO_BINDTODEVICE_wg(r3, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4) sendto$inet(r3, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0) 6.810297507s ago: executing program 0 (id=819): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x28}}, 0x0) r1 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000600)="3001fb90", 0x4}], 0x1}, 0x200048c0) 5.737411683s ago: executing program 1 (id=823): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r2, 0x1, 0x70bd26, 0x23c, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}]}, 0x1c}}, 0x0) write$nci(r0, &(0x7f0000000240)=@NCI_OP_RF_DEACTIVATE_NTF={0x1, 0x0, 0x3, 0x6, 0x2, {0x3, 0x4}}, 0x5) 5.703270203s ago: executing program 0 (id=824): listen(0xffffffffffffffff, 0x9) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) r1 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0) ioctl$HIDIOCSREPORT(r1, 0x4018480c, &(0x7f0000000080)={0x2, 0xffffffff, 0x10000}) 5.064542073s ago: executing program 3 (id=826): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000000c0)={r0, 0x800, {0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a7ddf8a69ea917ded5ba193b3e7772fd29f35239d2", "530bf65043114b2e53000006000000000010e200", [0x1000000000]}}) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38) 4.920105385s ago: executing program 1 (id=828): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_script(r2, 0x0, 0x0) 4.824666417s ago: executing program 1 (id=829): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r1) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000001080)={0x14, r2, 0x1, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x880) 4.824280926s ago: executing program 2 (id=830): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x7fffffff, 0x5, 0x1a00, 0x0, 0xffffffffffffffff, 0x2ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 4.762995527s ago: executing program 2 (id=831): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000400000014000500fc010000000000000000000000000800080002"], 0x4c}}, 0x4000) 4.762554047s ago: executing program 1 (id=832): socket$nl_sock_diag(0x10, 0x3, 0x4) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x10000, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in=@multicast1, @in6=@dev={0xfe, 0x80, '\x00', 0x12}, 0x40, 0x0, 0x3, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0xfffffffffffffffc, 0xd, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x33}, 0x0, @in6=@private1, 0x0, 0x3, 0x1, 0x7}}, 0xe4) getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000200), &(0x7f0000000280)=0xc) chdir(0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r4, 0x1, 0x20000000, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) 4.694988799s ago: executing program 3 (id=833): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502"], 0x3c}}, 0x10) 4.59648031s ago: executing program 3 (id=834): syz_emit_ethernet(0x0, 0x0, 0x0) fanotify_init(0x0, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x180000, 0x11a) r0 = socket(0x10, 0x803, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, 0x0, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) socket(0x10, 0x803, 0x0) socket$netlink(0x10, 0x3, 0x14) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001f000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000014010000033800001d13f8ff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 4.536350901s ago: executing program 2 (id=835): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000180)={0x1f, 0xffff, 0x4}, 0x6) write(r0, &(0x7f0000000140)='$\x00\x00\x00', 0x4) 4.506091642s ago: executing program 2 (id=836): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18) getsockopt$inet6_opts(r3, 0x29, 0x39, &(0x7f0000001cc0)=""/4096, &(0x7f00000000c0)=0x1000) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r4}, 0x18) r5 = syz_open_dev$sndpcmp(&(0x7f0000000280), 0x400, 0x400000) mmap$snddsp(&(0x7f0000704000/0x2000)=nil, 0x2000, 0x800002, 0x80010, r5, 0x4000) socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x28, 0x1411, 0x1, 0x70bd27, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x80) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}, 0x10000000}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@migrate={0xcc, 0x21, 0x1, 0x0, 0x0, {{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x4, 0x0, 0xfffe, 0xa, 0x0, 0x0, 0x32}}, [@migrate={0x50, 0x11, [{@in6=@loopback, @in=@multicast2, @in=@private=0xa0100ff, @in6=@local, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}, @user_kmaddress={0x2c, 0x13, {@in=@dev={0xac, 0x14, 0x14, 0x19}, @in6=@local, 0x0, 0x2}}]}, 0xcc}, 0x1, 0x0, 0x0, 0x10}, 0x0) 2.480504172s ago: executing program 3 (id=837): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000540)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200"/16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0) write$binfmt_aout(r5, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x3, "0062ba7d820000a75e0000000000fcff00"}) r6 = syz_open_pts(r5, 0x0) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000000)=0x44) bpf$PROG_LOAD_XDP(0x5, 0x0, 0xffbc) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) 2.464589162s ago: executing program 2 (id=838): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c) epoll_create1(0x0) epoll_create1(0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) socket(0x40000000015, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x7dc48146, 0x7fffffff, 0x5539e0cf}, 0x0, 0x0) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8) 1.522984597s ago: executing program 0 (id=839): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000780)={{0x7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, [0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0xd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x42, 0x0, 0xfffffffffffffffd, 0xa5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd453, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffc, 0x7785, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7fffffff, 0x0, 0x0, 0x80000000000, 0x79, 0x1, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0xfffffffffffffffd, 0x4000000000000, 0x200, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x34, 0x0, 0x4, 0x0, 0x400, 0x0, 0x8000000000000001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffffff8, 0x20b50d5c, 0xdcdc]}) recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) syz_emit_vhci(&(0x7f0000000840)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x1, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0xf, 0x4}, {0x8, 0x7}}}}, 0x11) 1.452559987s ago: executing program 2 (id=840): timer_settime(0x0, 0x0, 0x0, 0x0) syz_usb_connect(0x4, 0x0, 0x0, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0x9) 1.380552268s ago: executing program 3 (id=841): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4}) ioctl$FS_IOC_READ_VERITY_METADATA(r1, 0xc0286687, &(0x7f0000000340)={0x3, 0xa9, 0x0, 0x0}) 600.394221ms ago: executing program 4 (id=518): bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$kcm(0x10, 0x2, 0x10) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000600)={'vcan0\x00', 0x0}) connect$can_bcm(r2, &(0x7f00000000c0)={0x1d, r3}, 0x10) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0) sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="050000000808"], 0x80}}, 0x0) sendmmsg$inet(r2, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x40000000000003a, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x19, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@call={0x85, 0x0, 0x0, 0xf}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='signal_generate\x00', r5}, 0x18) shutdown(r1, 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20002000}, 0x4080) close_range(r6, 0xffffffffffffffff, 0x0) 53.665619ms ago: executing program 0 (id=842): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000540)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x24, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x24, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 503.109µs ago: executing program 1 (id=843): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/xfrm_stat\x00') r1 = socket$inet(0x10, 0x3, 0xb) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2) r6 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) ftruncate(r6, 0xffff) fcntl$addseals(r6, 0x409, 0x7) r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f0000000140)={r6, 0x0, 0x0, 0x4000}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x13, r7, 0x0) syz_clone3(&(0x7f0000002a40)={0x24888100, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) socket$netlink(0x10, 0x3, 0x0) pread64(r0, &(0x7f0000000080)=""/196, 0xc4, 0x3) 0s ago: executing program 3 (id=844): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) syz_usb_connect(0x2, 0x440, 0x0, 0x0) getresgid(&(0x7f00000001c0), 0x0, &(0x7f0000000380)) socket$nl_netfilter(0x10, 0x3, 0xc) fcntl$setlease(0xffffffffffffffff, 0x403, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, 0x0) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b9040a1d080211000000040000a118000200ff02000100000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5e835913b06218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f52eb4edbb57a5025ccca9e00360d8bcc00400040fad95667e0060000000000000080bb9ad809d5e1cace81b341139fe3cd4032e8edb12d1d2eb0c0ed0bff", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000580)=0x1, r6, 0x0, 0x2, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @empty, 0x7}, {0xa, 0x0, 0x0, @mcast2, 0xfffffffe}, r6}}, 0xfffffe10) kernel console output (not intermixed with test programs): 6,1):ocfs2_search_one_group:1684 ERROR: status = -30 [ 52.719013][ T4536] (syz.1.51,4536,1):ocfs2_claim_suballoc_bits:1920 ERROR: status = -30 [ 52.729158][ T4536] (syz.1.51,4536,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 52.746902][ T4536] (syz.1.51,4536,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 52.749210][ T4536] (syz.1.51,4536,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 52.757058][ T4536] (syz.1.51,4536,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 52.759251][ T4536] (syz.1.51,4536,1):ocfs2_mknod:385 ERROR: status = -30 [ 52.778238][ T4536] (syz.1.51,4536,1):ocfs2_mknod:502 ERROR: status = -30 [ 52.783223][ T4536] (syz.1.51,4536,1):ocfs2_create:676 ERROR: status = -30 [ 52.786080][ T4543] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 52.876160][ T4567] loop2: detected capacity change from 0 to 64 [ 52.895286][ T4296] ocfs2: Unmounting device (7,1) on (node local) [ 53.025470][ T4304] ocfs2: Unmounting device (7,4) on (node local) [ 53.104191][ T4573] netlink: 8 bytes leftover after parsing attributes in process `syz.4.61'. [ 53.111846][ T4573] netlink: 28 bytes leftover after parsing attributes in process `syz.4.61'. [ 53.116524][ T4573] device geneve2 entered promiscuous mode [ 53.324740][ T4556] loop3: detected capacity change from 0 to 40427 [ 53.335545][ T4556] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 53.342103][ T4556] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 53.355803][ T4556] F2FS-fs (loop3): invalid crc value [ 53.409423][ T4556] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 53.497849][ T4556] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 53.500782][ T4556] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 53.549080][ T4593] FAULT_INJECTION: forcing a failure. [ 53.549080][ T4593] name failslab, interval 1, probability 0, space 0, times 0 [ 53.564370][ T4593] CPU: 0 PID: 4593 Comm: syz.4.67 Not tainted 6.1.141-syzkaller #0 [ 53.566745][ T4593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 53.569574][ T4593] Call trace: [ 53.570516][ T4593] dump_backtrace+0x1c8/0x1f4 [ 53.571821][ T4593] show_stack+0x2c/0x3c [ 53.573025][ T4593] __dump_stack+0x30/0x40 [ 53.574226][ T4593] dump_stack_lvl+0xf8/0x160 [ 53.575494][ T4593] dump_stack+0x1c/0x5c [ 53.576634][ T4593] should_fail_ex+0x3c4/0x520 [ 53.577932][ T4593] __should_failslab+0xc0/0x120 [ 53.579346][ T4593] should_failslab+0x10/0x28 [ 53.580689][ T4593] __kmem_cache_alloc_node+0x7c/0x320 [ 53.582287][ T4593] kmalloc_trace+0x48/0x94 [ 53.583510][ T4593] xfrm_policy_alloc+0x84/0x268 [ 53.584833][ T4593] xfrm_policy_construct+0x4c/0x740 [ 53.586341][ T4593] xfrm_add_policy+0x208/0x4e4 [ 53.587726][ T4593] xfrm_user_rcv_msg+0x410/0x654 [ 53.589145][ T4593] netlink_rcv_skb+0x208/0x3c4 [ 53.590587][ T4593] xfrm_netlink_rcv+0x80/0x9c [ 53.591937][ T4593] netlink_unicast+0x600/0x818 [ 53.593212][ T4593] netlink_sendmsg+0x6e8/0x9b0 [ 53.594606][ T4593] ____sys_sendmsg+0x5b8/0x918 [ 53.595902][ T4593] __sys_sendmsg+0x25c/0x320 [ 53.597175][ T4593] __arm64_sys_sendmsg+0x80/0x94 [ 53.598592][ T4593] invoke_syscall+0x98/0x2bc [ 53.599863][ T4593] el0_svc_common+0x138/0x258 [ 53.601132][ T4593] do_el0_svc+0x58/0x13c [ 53.602323][ T4593] el0_svc+0x58/0x138 [ 53.603422][ T4593] el0t_64_sync_handler+0x84/0xf0 [ 53.604918][ T4593] el0t_64_sync+0x18c/0x190 [ 53.620571][ T4303] syz-executor: attempt to access beyond end of device [ 53.620571][ T4303] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 53.852358][ T4599] netlink: 'syz.3.68': attribute type 6 has an invalid length. [ 53.985817][ T4583] loop2: detected capacity change from 0 to 40427 [ 54.014436][ T4583] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 54.016695][ T4583] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 54.056133][ T4583] F2FS-fs (loop2): Found nat_bits in checkpoint [ 54.092733][ T4608] netlink: 32 bytes leftover after parsing attributes in process `syz.3.72'. [ 54.127303][ T4583] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 54.129389][ T4583] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 54.553566][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 54.603852][ T4603] loop4: detected capacity change from 0 to 32768 [ 55.025695][ T4622] loop0: detected capacity change from 0 to 32768 [ 55.030940][ T4622] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.77 (4622) [ 55.053480][ T4622] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 55.059818][ T4622] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm [ 55.062335][ T4622] BTRFS info (device loop0): force clearing of disk cache [ 55.064356][ T4622] BTRFS info (device loop0): turning off barriers [ 55.066255][ T4622] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 55.069417][ T4622] BTRFS info (device loop0): force lzo compression, level 0 [ 55.072008][ T4313] Bluetooth: hci5: command 0x1003 tx timeout [ 55.074639][ T4297] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 55.089368][ T4622] BTRFS info (device loop0): enabling auto defrag [ 55.096236][ T4622] BTRFS info (device loop0): max_inline at 0 [ 55.097992][ T4622] BTRFS info (device loop0): enabling disk space caching [ 55.101044][ T4622] BTRFS info (device loop0): disk space caching is enabled [ 55.349170][ T4622] BTRFS info (device loop0): enabling ssd optimizations [ 55.359497][ T4622] BTRFS info (device loop0): rebuilding free space tree [ 55.470440][ T4622] BTRFS info (device loop0): disabling free space tree [ 55.472530][ T4622] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 55.505971][ T4622] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 55.637789][ T4428] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 55.788055][ T4650] loop4: detected capacity change from 0 to 40427 [ 55.804674][ T4650] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 55.806484][ T4650] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 55.835681][ T4650] F2FS-fs (loop4): invalid crc value [ 55.886969][ T4650] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 55.985507][ T4650] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 55.987505][ T4650] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 56.038271][ T4661] netlink: 24 bytes leftover after parsing attributes in process `syz.3.84'. [ 56.073910][ T4304] syz-executor: attempt to access beyond end of device [ 56.073910][ T4304] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 56.320728][ T4669] fuse: Invalid rootmode [ 56.372066][ T4302] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 56.453936][ T4675] FAULT_INJECTION: forcing a failure. [ 56.453936][ T4675] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 56.461626][ T4675] CPU: 1 PID: 4675 Comm: syz.3.91 Not tainted 6.1.141-syzkaller #0 [ 56.463853][ T4675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 56.466572][ T4675] Call trace: [ 56.467452][ T4675] dump_backtrace+0x1c8/0x1f4 [ 56.468714][ T4675] show_stack+0x2c/0x3c [ 56.470077][ T4675] __dump_stack+0x30/0x40 [ 56.471439][ T4675] dump_stack_lvl+0xf8/0x160 [ 56.472696][ T4675] dump_stack+0x1c/0x5c [ 56.473796][ T4675] should_fail_ex+0x3c4/0x520 [ 56.475084][ T4675] should_fail_alloc_page+0x74/0xb8 [ 56.476499][ T4675] prepare_alloc_pages+0x1c0/0x504 [ 56.477908][ T4675] __alloc_pages+0x134/0x53c [ 56.479173][ T4675] __folio_alloc+0x1c/0x44 [ 56.480423][ T4675] vma_alloc_folio+0x37c/0x8b4 [ 56.481765][ T4675] shmem_alloc_and_acct_folio+0x35c/0x8e4 [ 56.483319][ T4675] shmem_get_folio_gfp+0xcb0/0x2040 [ 56.484733][ T4675] shmem_write_begin+0xf4/0x46c [ 56.486090][ T4675] generic_perform_write+0x230/0x4b0 [ 56.487556][ T4675] __generic_file_write_iter+0x168/0x37c [ 56.489115][ T4675] generic_file_write_iter+0xb4/0x2b0 [ 56.490639][ T4675] vfs_write+0x5ac/0x7c4 [ 56.491811][ T4675] ksys_write+0x120/0x210 [ 56.492987][ T4675] __arm64_sys_write+0x7c/0x90 [ 56.494322][ T4675] invoke_syscall+0x98/0x2bc [ 56.495578][ T4675] el0_svc_common+0x138/0x258 [ 56.496863][ T4675] do_el0_svc+0x58/0x13c [ 56.498049][ T4675] el0_svc+0x58/0x138 [ 56.499117][ T4675] el0t_64_sync_handler+0x84/0xf0 [ 56.500442][ T4675] el0t_64_sync+0x18c/0x190 [ 56.760890][ T4686] loop4: detected capacity change from 0 to 4096 [ 56.763281][ T4686] ntfs3: Unknown parameter '0000000000000000000600000000000000000000005' [ 56.806858][ T4689] loop3: detected capacity change from 0 to 4096 [ 56.811745][ T4689] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 56.814911][ T4689] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 56.817360][ T4689] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 56.845519][ T4689] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 56.865240][ T4689] ntfs: volume version 3.1. [ 56.907911][ T4667] loop1: detected capacity change from 0 to 40427 [ 56.927579][ T4667] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3ffff [ 56.936277][ T4667] F2FS-fs (loop1): invalid crc value [ 56.960077][ T4667] F2FS-fs (loop1): Found nat_bits in checkpoint [ 57.008858][ T4667] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 57.055642][ T4667] syz.1.88: attempt to access beyond end of device [ 57.055642][ T4667] loop1: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 57.107988][ T4667] F2FS-fs (loop1) : inject slab alloc in f2fs_alloc_inode of new_inode_pseudo+0x68/0x1cc [ 57.130623][ T4667] netlink: 32 bytes leftover after parsing attributes in process `syz.1.88'. [ 57.847036][ T4713] loop0: detected capacity change from 0 to 32768 [ 57.947269][ T4713] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.101 (4713) [ 58.408089][ T4713] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 58.411312][ T4713] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm [ 58.413784][ T4713] BTRFS info (device loop0): using free space tree [ 58.550948][ T4697] loop2: detected capacity change from 0 to 40427 [ 58.555317][ T4697] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 58.557254][ T4697] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 58.581619][ T4713] BTRFS info (device loop0): enabling ssd optimizations [ 58.587798][ T4697] F2FS-fs (loop2): invalid crc value [ 58.640752][ T4697] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 58.800130][ T4697] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 58.802237][ T4697] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 58.866195][ T4302] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 59.101229][ T4752] netlink: 'syz.4.109': attribute type 1 has an invalid length. [ 59.116705][ T4752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.109'. [ 59.245472][ T4435] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 10 /dev/loop0 scanned by udevd (4435) [ 59.366941][ T4296] syz-executor: attempt to access beyond end of device [ 59.366941][ T4296] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 59.381257][ T4737] loop3: detected capacity change from 0 to 32768 [ 59.405830][ T4758] loop4: detected capacity change from 0 to 256 [ 59.408443][ T4758] exfat: Unknown parameter 'euid>0MVHԨPh' [ 59.420539][ T4737] read_mapping_page failed! [ 59.422440][ T4737] jfs_create: dtInsert returned -EIO [ 59.424047][ T4737] ERROR: (device loop3): txAbort: [ 59.424047][ T4737] [ 59.453860][ T4737] ERROR: (device loop3): remounting filesystem as read-only [ 59.521265][ T4737] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (36) [ 59.556364][ T4764] netlink: 8 bytes leftover after parsing attributes in process `syz.1.112'. [ 59.563025][ T4764] netlink: 28 bytes leftover after parsing attributes in process `syz.1.112'. [ 59.567696][ T4764] device geneve2 entered promiscuous mode [ 59.608867][ T4766] 9pnet_virtio: no channels available for device 127.0.0.1 [ 60.041761][ T4778] netlink: 8 bytes leftover after parsing attributes in process `syz.0.115'. [ 60.718321][ T4781] FAULT_INJECTION: forcing a failure. [ 60.718321][ T4781] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 60.739617][ T4781] CPU: 0 PID: 4781 Comm: syz.4.119 Not tainted 6.1.141-syzkaller #0 [ 60.742053][ T4781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 60.744929][ T4781] Call trace: [ 60.745862][ T4781] dump_backtrace+0x1c8/0x1f4 [ 60.747177][ T4781] show_stack+0x2c/0x3c [ 60.748369][ T4781] __dump_stack+0x30/0x40 [ 60.749624][ T4781] dump_stack_lvl+0xf8/0x160 [ 60.750963][ T4781] dump_stack+0x1c/0x5c [ 60.752169][ T4781] should_fail_ex+0x3c4/0x520 [ 60.753543][ T4781] should_fail_alloc_page+0x74/0xb8 [ 60.755048][ T4781] prepare_alloc_pages+0x1c0/0x504 [ 60.756563][ T4781] __alloc_pages+0x134/0x53c [ 60.757862][ T4781] __folio_alloc+0x1c/0x44 [ 60.759249][ T4781] vma_alloc_folio+0x37c/0x8b4 [ 60.760635][ T4781] shmem_alloc_and_acct_folio+0x35c/0x8e4 [ 60.762267][ T4781] shmem_get_folio_gfp+0xcb0/0x2040 [ 60.763728][ T4781] shmem_write_begin+0xf4/0x46c [ 60.765101][ T4781] generic_perform_write+0x230/0x4b0 [ 60.766558][ T4781] __generic_file_write_iter+0x168/0x37c [ 60.768170][ T4781] generic_file_write_iter+0xb4/0x2b0 [ 60.769677][ T4781] vfs_write+0x5ac/0x7c4 [ 60.770842][ T4781] ksys_write+0x120/0x210 [ 60.772019][ T4781] __arm64_sys_write+0x7c/0x90 [ 60.773389][ T4781] invoke_syscall+0x98/0x2bc [ 60.774795][ T4781] el0_svc_common+0x138/0x258 [ 60.776131][ T4781] do_el0_svc+0x58/0x13c [ 60.777327][ T4781] el0_svc+0x58/0x138 [ 60.778463][ T4781] el0t_64_sync_handler+0x84/0xf0 [ 60.779942][ T4781] el0t_64_sync+0x18c/0x190 [ 60.786063][ T4783] loop0: detected capacity change from 0 to 512 [ 60.788869][ T94] read_mapping_page failed! [ 60.791711][ T4783] UDF-fs: bad mount option " P }pvﶗd#F(yxVxttEw N4QcJH=Y_$OFbG1 [ƺ:W?v_Pzz [ 60.791711][ T4783] " q+[jy{:d99]80F/!ӆl:st$]z^ " or missing value [ 60.830385][ T4288] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 60.855366][ T4783] loop0: detected capacity change from 0 to 128 [ 60.858742][ T4783] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 60.882897][ T4783] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 60.962071][ T4772] loop1: detected capacity change from 0 to 40427 [ 60.969455][ T4772] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 60.972286][ T4772] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 60.975840][ T4772] F2FS-fs (loop1): invalid crc value [ 61.033540][ T4772] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 61.123473][ T4772] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 61.125529][ T4772] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 61.378890][ T4795] loop3: detected capacity change from 0 to 1024 [ 61.436506][ T4795] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 61.576850][ T4783] EXT4-fs error (device loop0): __ext4_find_entry:1696: inode #2: comm syz.0.120: checksumming directory block 0 [ 61.601966][ T4783] EXT4-fs error (device loop0): __ext4_find_entry:1696: inode #2: comm syz.0.120: checksumming directory block 0 [ 61.618102][ T4783] EXT4-fs error (device loop0): __ext4_find_entry:1696: inode #2: comm syz.0.120: checksumming directory block 0 [ 61.637782][ T4783] EXT4-fs error (device loop0): __ext4_find_entry:1696: inode #2: comm syz.0.120: checksumming directory block 0 [ 61.647276][ T4783] EXT4-fs error (device loop0): __ext4_find_entry:1696: inode #2: comm syz.0.120: checksumming directory block 0 [ 61.749158][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 61.829431][ T4801] loop1: detected capacity change from 0 to 2048 [ 61.897362][ T4801] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 62.011936][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 62.095221][ T4815] loop4: detected capacity change from 0 to 64 [ 62.102902][ T4813] netlink: 'syz.1.128': attribute type 1 has an invalid length. [ 62.111354][ T4813] netlink: 32 bytes leftover after parsing attributes in process `syz.1.128'. [ 62.116987][ T4817] netlink: 8 bytes leftover after parsing attributes in process `syz.2.130'. [ 62.140047][ T4817] netlink: 28 bytes leftover after parsing attributes in process `syz.2.130'. [ 62.182184][ T4408] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 62.198183][ T4303] EXT4-fs (loop3): unmounting filesystem. [ 62.234249][ T4819] netlink: 24 bytes leftover after parsing attributes in process `syz.1.131'. [ 62.423623][ T4831] input: syz1 as /devices/virtual/input/input2 [ 62.432524][ T4804] loop0: detected capacity change from 0 to 40427 [ 62.441695][ T4804] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff [ 62.455599][ T4804] F2FS-fs (loop0): invalid crc value [ 62.470296][ T4804] F2FS-fs (loop0): Found nat_bits in checkpoint [ 62.535893][ T4804] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 62.612321][ T4804] syz.0.123: attempt to access beyond end of device [ 62.612321][ T4804] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 62.619243][ T4838] netlink: 'syz.2.138': attribute type 5 has an invalid length. [ 62.650773][ T4804] F2FS-fs (loop0) : inject slab alloc in f2fs_alloc_inode of new_inode_pseudo+0x68/0x1cc [ 62.671739][ T4804] netlink: 32 bytes leftover after parsing attributes in process `syz.0.123'. [ 62.739982][ T4842] netlink: 16 bytes leftover after parsing attributes in process `syz.1.140'. [ 62.818659][ T4825] loop4: detected capacity change from 0 to 32768 [ 62.824956][ T4840] loop3: detected capacity change from 0 to 4096 [ 62.836360][ T4840] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 62.845419][ T4840] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 62.847942][ T4840] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 62.857315][ T4825] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.129 (4825) [ 62.880825][ T4825] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 62.883904][ T4825] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 62.885020][ T4840] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 62.886520][ T4825] BTRFS info (device loop4): force zlib compression, level 3 [ 62.907197][ T4825] BTRFS info (device loop4): force clearing of disk cache [ 62.909212][ T4825] BTRFS info (device loop4): setting nodatasum [ 62.920334][ T4825] BTRFS info (device loop4): doing ref verification [ 62.922212][ T4825] BTRFS info (device loop4): allowing degraded mounts [ 62.924165][ T4825] BTRFS info (device loop4): using free space tree [ 62.929314][ T4840] ntfs: volume version 3.1. [ 62.963765][ T4850] FAULT_INJECTION: forcing a failure. [ 62.963765][ T4850] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 62.979000][ T4850] CPU: 0 PID: 4850 Comm: syz.1.142 Not tainted 6.1.141-syzkaller #0 [ 62.981312][ T4850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 62.984257][ T4850] Call trace: [ 62.985215][ T4850] dump_backtrace+0x1c8/0x1f4 [ 62.986510][ T4850] show_stack+0x2c/0x3c [ 62.987643][ T4850] __dump_stack+0x30/0x40 [ 62.988831][ T4850] dump_stack_lvl+0xf8/0x160 [ 62.990130][ T4850] dump_stack+0x1c/0x5c [ 62.991311][ T4850] should_fail_ex+0x3c4/0x520 [ 62.992679][ T4850] should_fail+0x14/0x24 [ 62.993886][ T4850] should_fail_usercopy+0x20/0x30 [ 62.995304][ T4850] simple_read_from_buffer+0xcc/0x240 [ 62.996790][ T4850] proc_fail_nth_read+0x194/0x230 [ 62.998177][ T4850] vfs_read+0x288/0x7c4 [ 62.999398][ T4850] ksys_read+0x120/0x210 [ 63.000584][ T4850] __arm64_sys_read+0x7c/0x90 [ 63.001931][ T4850] invoke_syscall+0x98/0x2bc [ 63.003217][ T4850] el0_svc_common+0x138/0x258 [ 63.004474][ T4850] do_el0_svc+0x58/0x13c [ 63.005699][ T4850] el0_svc+0x58/0x138 [ 63.006786][ T4850] el0t_64_sync_handler+0x84/0xf0 [ 63.008254][ T4850] el0t_64_sync+0x18c/0x190 [ 63.253698][ T4825] BTRFS info (device loop4): enabling ssd optimizations [ 63.258869][ T4825] BTRFS info (device loop4): rebuilding free space tree [ 63.269806][ T4866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.145'. [ 63.272422][ T4866] netlink: 28 bytes leftover after parsing attributes in process `syz.1.145'. [ 63.443409][ T4877] netlink: 24 bytes leftover after parsing attributes in process `syz.1.147'. [ 63.449109][ T4844] loop2: detected capacity change from 0 to 32768 [ 63.523110][ T4844] XFS (loop2): Mounting V5 Filesystem [ 63.662286][ T4844] XFS (loop2): log mount failed [ 63.788196][ T4302] syz-executor: attempt to access beyond end of device [ 63.788196][ T4302] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 63.866222][ T4304] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 64.122463][ T4900] netlink: 40 bytes leftover after parsing attributes in process `syz.2.153'. [ 64.317445][ T4914] loop3: detected capacity change from 0 to 1024 [ 64.364775][ T4914] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 64.415612][ T4914] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 64.472013][ T4914] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28 [ 64.487098][ T4914] EXT4-fs (loop3): This should not happen!! Data will be lost [ 64.487098][ T4914] [ 64.490978][ T4914] EXT4-fs (loop3): Total free blocks count 0 [ 64.492668][ T4914] EXT4-fs (loop3): Free/Dirty block details [ 64.494296][ T4914] EXT4-fs (loop3): free_blocks=4293918720 [ 64.495834][ T4914] EXT4-fs (loop3): dirty_blocks=80 [ 64.497191][ T4914] EXT4-fs (loop3): Block reservation details [ 64.498857][ T4914] EXT4-fs (loop3): i_reserved_data_blocks=5 [ 64.512121][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.514146][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.526452][ T4922] loop4: detected capacity change from 0 to 512 [ 64.544782][ T4924] loop2: detected capacity change from 0 to 64 [ 64.566245][ T4922] EXT2-fs (loop4): warning: mounting ext3 filesystem as ext2 [ 64.606723][ T4714] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 1: comm kworker/u4:11: lblock 1 mapped to illegal pblock 1 (length 3) [ 64.615399][ T4714] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117 [ 64.713918][ T4907] loop0: detected capacity change from 0 to 32768 [ 64.743503][ T4926] loop1: detected capacity change from 0 to 1024 [ 64.749377][ T4926] EXT4-fs: Invalid want_extra_isize 132 [ 64.806583][ T4907] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 64.809234][ T4907] XFS (loop0): Mounting V5 Filesystem [ 64.879064][ T4907] XFS (loop0): Ending clean mount [ 64.893434][ T4907] XFS (loop0): Quotacheck needed: Please wait. [ 64.896185][ T4941] loop3: detected capacity change from 0 to 128 [ 64.943846][ T4907] XFS (loop0): Quotacheck: Done. [ 66.048674][ T4949] loop4: detected capacity change from 0 to 512 [ 66.125834][ T4949] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 66.127845][ T4949] UDF-fs: Scanning with blocksize 512 failed [ 66.143334][ T4949] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 66.145449][ T4949] UDF-fs: Scanning with blocksize 1024 failed [ 66.164032][ T4949] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 66.166140][ T4949] UDF-fs: Scanning with blocksize 2048 failed [ 66.172329][ T4949] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 66.186270][ T4949] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 66.213046][ T4949] overlayfs: upper fs needs to support d_type. [ 66.216681][ T4949] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 66.218661][ T4949] overlayfs: failed to set xattr on upper [ 66.230024][ T4949] overlayfs: ...falling back to index=off,metacopy=off. [ 66.253920][ T4926] loop1: detected capacity change from 0 to 32768 [ 66.286860][ T4926] XFS: noattr2 mount option is deprecated. [ 66.339515][ T4926] XFS (loop1): Cannot mount a V5 filesystem as noattr2. attr2 is always enabled for V5 filesystems. [ 66.355218][ T4954] loop2: detected capacity change from 0 to 8192 [ 66.360007][ T4954] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 66.554670][ T4964] FAULT_INJECTION: forcing a failure. [ 66.554670][ T4964] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 66.558503][ T4964] CPU: 0 PID: 4964 Comm: syz.2.169 Not tainted 6.1.141-syzkaller #0 [ 66.560690][ T4964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 66.563541][ T4964] Call trace: [ 66.564468][ T4964] dump_backtrace+0x1c8/0x1f4 [ 66.565829][ T4964] show_stack+0x2c/0x3c [ 66.566931][ T4964] __dump_stack+0x30/0x40 [ 66.568147][ T4964] dump_stack_lvl+0xf8/0x160 [ 66.569426][ T4964] dump_stack+0x1c/0x5c [ 66.570616][ T4964] should_fail_ex+0x3c4/0x520 [ 66.571991][ T4964] should_fail+0x14/0x24 [ 66.573256][ T4964] should_fail_usercopy+0x20/0x30 [ 66.574692][ T4964] copy_page_from_iter_atomic+0x364/0x1240 [ 66.576347][ T4964] generic_perform_write+0x2b0/0x4b0 [ 66.577864][ T4964] __generic_file_write_iter+0x168/0x37c [ 66.579465][ T4964] generic_file_write_iter+0xb4/0x2b0 [ 66.581048][ T4964] vfs_write+0x5ac/0x7c4 [ 66.582274][ T4964] ksys_write+0x120/0x210 [ 66.583600][ T4964] __arm64_sys_write+0x7c/0x90 [ 66.584921][ T4964] invoke_syscall+0x98/0x2bc [ 66.586255][ T4964] el0_svc_common+0x138/0x258 [ 66.587642][ T4964] do_el0_svc+0x58/0x13c [ 66.588857][ T4964] el0_svc+0x58/0x138 [ 66.589996][ T4964] el0t_64_sync_handler+0x84/0xf0 [ 66.591434][ T4964] el0t_64_sync+0x18c/0x190 [ 66.827412][ T4302] XFS (loop0): Unmounting Filesystem [ 66.887339][ T4978] netlink: 'syz.2.175': attribute type 1 has an invalid length. [ 66.908448][ T4978] 8021q: adding VLAN 0 to HW filter on device bond1 [ 66.926224][ T4981] netlink: 'syz.2.175': attribute type 17 has an invalid length. [ 66.993799][ T4981] bond1: (slave gretap1): making interface the new active one [ 67.017547][ T4981] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 67.028096][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 67.222493][ T4988] loop4: detected capacity change from 0 to 512 [ 67.246778][ T4988] EXT2-fs (loop4): warning: mounting ext3 filesystem as ext2 [ 67.283998][ T4984] loop1: detected capacity change from 0 to 32768 [ 67.318889][ T4984] XFS (loop1): Mounting V5 Filesystem [ 67.427813][ T4984] XFS (loop1): Ending clean mount [ 67.430764][ T4984] XFS (loop1): Quotacheck needed: Please wait. [ 67.462905][ T5004] Cannot find add_set index 0 as target [ 67.468987][ T4984] XFS (loop1): Quotacheck: Done. [ 67.597186][ T5010] __nla_validate_parse: 2 callbacks suppressed [ 67.597209][ T5010] netlink: 152 bytes leftover after parsing attributes in process `syz.0.174'. [ 67.709172][ T5013] loop0: detected capacity change from 0 to 256 [ 67.779291][ T5013] netlink: 8 bytes leftover after parsing attributes in process `syz.0.184'. [ 68.228096][ T5005] loop3: detected capacity change from 0 to 40427 [ 68.250274][ T5005] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x3ffff [ 68.259429][ T5005] F2FS-fs (loop3): invalid crc value [ 68.274122][ T5005] F2FS-fs (loop3): Found nat_bits in checkpoint [ 68.301498][ T5005] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 68.497371][ T5016] loop2: detected capacity change from 0 to 40427 [ 68.511640][ T5016] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 68.516273][ T5016] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 68.517554][ T4296] XFS (loop1): Unmounting Filesystem [ 68.542895][ T5016] F2FS-fs (loop2): invalid crc value [ 68.568707][ T5016] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 68.627715][ T5016] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 68.630074][ T5016] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 68.669300][ T5030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.188'. [ 68.695461][ T5030] netlink: 28 bytes leftover after parsing attributes in process `syz.4.188'. [ 69.081248][ T4303] syz-executor: attempt to access beyond end of device [ 69.081248][ T4303] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 69.228106][ T5047] netlink: 16 bytes leftover after parsing attributes in process `syz.4.195'. [ 69.405299][ T5051] netlink: 'syz.2.197': attribute type 1 has an invalid length. [ 69.478065][ T5051] 8021q: adding VLAN 0 to HW filter on device bond2 [ 69.546780][ T5054] netlink: 'syz.2.197': attribute type 17 has an invalid length. [ 69.650717][ T1515] cfg80211: failed to load regulatory.db [ 69.930458][ T5066] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 70.001106][ T5068] netlink: 152 bytes leftover after parsing attributes in process `syz.0.202'. [ 70.071163][ T5070] netlink: 24 bytes leftover after parsing attributes in process `syz.3.203'. [ 70.397027][ T5080] loop1: detected capacity change from 0 to 256 [ 70.488806][ T5061] loop2: detected capacity change from 0 to 40427 [ 70.540147][ T5061] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 70.542113][ T5061] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 70.551624][ T5061] F2FS-fs (loop2): invalid crc value [ 70.590525][ T5061] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 70.665133][ T5061] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 70.667181][ T5061] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 70.697230][ T5084] loop3: detected capacity change from 0 to 4096 [ 70.826469][ T5084] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 70.830388][ T4313] Bluetooth: hci2: command 0x0409 tx timeout [ 70.871031][ T5084] ntfs3: loop3: ntfs_sync_fs r=9 failed, -22. [ 70.988025][ T5074] loop0: detected capacity change from 0 to 40427 [ 70.995919][ T5074] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x3ffff [ 71.004334][ T5074] F2FS-fs (loop0): invalid crc value [ 71.015538][ T5074] F2FS-fs (loop0): Found nat_bits in checkpoint [ 71.062038][ T5095] device gtp0 entered promiscuous mode [ 71.064383][ T5074] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 71.121341][ T5101] netlink: 4 bytes leftover after parsing attributes in process `syz.4.213'. [ 71.148833][ T5102] loop1: detected capacity change from 0 to 4096 [ 71.193506][ T5102] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 71.196716][ T5102] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 71.202145][ T4303] ntfs3: loop3: ntfs_sync_fs r=9 failed, -22. [ 71.206952][ T4303] ntfs3: loop3: ntfs_evict_inode r=9 failed, -22. [ 71.228905][ T5102] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 71.243230][ T5102] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 71.289039][ T5102] ntfs: volume version 3.1. [ 71.301968][ T5108] FAULT_INJECTION: forcing a failure. [ 71.301968][ T5108] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.305782][ T5108] CPU: 0 PID: 5108 Comm: syz.3.216 Not tainted 6.1.141-syzkaller #0 [ 71.307930][ T5108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 71.310840][ T5108] Call trace: [ 71.311793][ T5108] dump_backtrace+0x1c8/0x1f4 [ 71.313066][ T5108] show_stack+0x2c/0x3c [ 71.314232][ T5108] __dump_stack+0x30/0x40 [ 71.315443][ T5108] dump_stack_lvl+0xf8/0x160 [ 71.316729][ T5108] dump_stack+0x1c/0x5c [ 71.317907][ T5108] should_fail_ex+0x3c4/0x520 [ 71.319259][ T5108] should_fail+0x14/0x24 [ 71.320467][ T5108] should_fail_usercopy+0x20/0x30 [ 71.321837][ T5108] copy_page_from_iter_atomic+0x364/0x1240 [ 71.323520][ T5108] generic_perform_write+0x2b0/0x4b0 [ 71.325033][ T5108] __generic_file_write_iter+0x168/0x37c [ 71.326590][ T5108] generic_file_write_iter+0xb4/0x2b0 [ 71.328085][ T5108] vfs_write+0x5ac/0x7c4 [ 71.329306][ T5108] ksys_write+0x120/0x210 [ 71.330624][ T5108] __arm64_sys_write+0x7c/0x90 [ 71.332041][ T5108] invoke_syscall+0x98/0x2bc [ 71.333334][ T5108] el0_svc_common+0x138/0x258 [ 71.334633][ T5108] do_el0_svc+0x58/0x13c [ 71.335829][ T5108] el0_svc+0x58/0x138 [ 71.336911][ T5108] el0t_64_sync_handler+0x84/0xf0 [ 71.338331][ T5108] el0t_64_sync+0x18c/0x190 [ 71.503880][ T5105] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.215'. [ 71.660936][ T5116] netlink: 152 bytes leftover after parsing attributes in process `syz.2.220'. [ 71.793011][ T5121] loop2: detected capacity change from 0 to 512 [ 71.796243][ T5121] EXT4-fs: Ignoring removed nobh option [ 71.852431][ T5121] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.223: invalid indirect mapped block 256 (level 2) [ 71.910641][ T5121] EXT4-fs (loop2): 2 truncates cleaned up [ 71.912345][ T5121] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 71.964160][ T5121] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.223: bg 0: block 5: invalid block bitmap [ 72.019597][ T5121] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 72.046142][ T5121] EXT4-fs (loop2): This should not happen!! Data will be lost [ 72.046142][ T5121] [ 72.049004][ T5121] EXT4-fs (loop2): Total free blocks count 0 [ 72.059888][ T5121] EXT4-fs (loop2): Free/Dirty block details [ 72.061642][ T5121] EXT4-fs (loop2): free_blocks=0 [ 72.062910][ T5121] EXT4-fs (loop2): dirty_blocks=66 [ 72.065252][ T5121] EXT4-fs (loop2): Block reservation details [ 72.066870][ T5121] EXT4-fs (loop2): i_reserved_data_blocks=66 [ 72.127641][ T4302] syz-executor: attempt to access beyond end of device [ 72.127641][ T4302] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 72.199765][ T4300] EXT4-fs (loop2): unmounting filesystem. [ 72.256733][ T5129] device bridge_slave_1 left promiscuous mode [ 72.260159][ T5129] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.325007][ T5129] device bridge_slave_0 left promiscuous mode [ 72.329895][ T5129] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.482899][ T5118] loop3: detected capacity change from 0 to 40427 [ 72.495060][ T5118] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 72.496851][ T5118] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 72.513866][ T5118] F2FS-fs (loop3): invalid crc value [ 72.534804][ T5118] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 72.559850][ T5118] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 72.562374][ T5118] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 72.657817][ T5134] loop1: detected capacity change from 0 to 8192 [ 72.765997][ T5149] loop2: detected capacity change from 0 to 256 [ 72.774763][ T5134] loop1: p1 < > p3 < p5 > p4 [ 72.776381][ T5134] loop1: partition table partially beyond EOD, truncated [ 72.778533][ T5134] loop1: p1 start 4294967040 is beyond EOD, truncated [ 72.794846][ T5148] __nla_validate_parse: 1 callbacks suppressed [ 72.794859][ T5148] netlink: 8 bytes leftover after parsing attributes in process `syz.0.228'. [ 72.798954][ T5148] netlink: 28 bytes leftover after parsing attributes in process `syz.0.228'. [ 72.825157][ T5148] device geneve2 entered promiscuous mode [ 73.054504][ T5158] netlink: 32 bytes leftover after parsing attributes in process `syz.2.233'. [ 73.484187][ T5161] loop4: detected capacity change from 0 to 4096 [ 73.593310][ T5161] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 73.748007][ T5161] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 73.751354][ T5161] ntfs3: loop4: Failed to load $Extend. [ 73.869833][ T4313] Bluetooth: hci3: command 0x0409 tx timeout [ 74.299856][ T5178] netlink: 24 bytes leftover after parsing attributes in process `syz.2.242'. [ 74.390114][ T5155] loop0: detected capacity change from 0 to 40427 [ 74.394160][ T5155] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x3ffff [ 74.396876][ T5180] loop3: detected capacity change from 0 to 256 [ 74.397636][ T5155] F2FS-fs (loop0): invalid crc value [ 74.411306][ T5155] F2FS-fs (loop0): Found nat_bits in checkpoint [ 74.440113][ T5155] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 74.495583][ T4288] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 75.277680][ T4288] udevd[4288]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 75.284049][ T4407] udevd[4407]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory [ 75.287728][ T5196] loop1: detected capacity change from 0 to 1024 [ 75.291168][ T4408] udevd[4408]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 75.365628][ T5196] EXT4-fs: Ignoring removed bh option [ 75.384699][ T5196] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 75.444617][ T5196] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 75.556287][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 75.810427][ T5210] loop1: detected capacity change from 0 to 512 [ 75.829633][ T5213] FAULT_INJECTION: forcing a failure. [ 75.829633][ T5213] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 75.833886][ T5213] CPU: 0 PID: 5213 Comm: syz.4.254 Not tainted 6.1.141-syzkaller #0 [ 75.836213][ T5213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 75.839110][ T5213] Call trace: [ 75.840103][ T5213] dump_backtrace+0x1c8/0x1f4 [ 75.841500][ T5213] show_stack+0x2c/0x3c [ 75.842811][ T5213] __dump_stack+0x30/0x40 [ 75.843986][ T5213] dump_stack_lvl+0xf8/0x160 [ 75.845235][ T5213] dump_stack+0x1c/0x5c [ 75.846354][ T5213] should_fail_ex+0x3c4/0x520 [ 75.847732][ T5213] should_fail+0x14/0x24 [ 75.848934][ T5213] should_fail_usercopy+0x20/0x30 [ 75.850298][ T5213] copy_page_from_iter_atomic+0x364/0x1240 [ 75.851942][ T5213] generic_perform_write+0x2b0/0x4b0 [ 75.853407][ T5213] __generic_file_write_iter+0x168/0x37c [ 75.855163][ T5213] generic_file_write_iter+0xb4/0x2b0 [ 75.856685][ T5213] vfs_write+0x5ac/0x7c4 [ 75.857866][ T5213] ksys_write+0x120/0x210 [ 75.859108][ T5213] __arm64_sys_write+0x7c/0x90 [ 75.860411][ T5213] invoke_syscall+0x98/0x2bc [ 75.861730][ T5213] el0_svc_common+0x138/0x258 [ 75.863069][ T5213] do_el0_svc+0x58/0x13c [ 75.864176][ T5213] el0_svc+0x58/0x138 [ 75.865304][ T5213] el0t_64_sync_handler+0x84/0xf0 [ 75.866790][ T5213] el0t_64_sync+0x18c/0x190 [ 75.884061][ T5213] loop4: detected capacity change from 0 to 190 [ 75.886675][ T5213] ntfs: (device loop4): is_boot_sector_ntfs(): Invalid boot sector checksum. [ 75.907736][ T5213] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 75.915136][ T5213] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0x1, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 75.928722][ T5210] EXT4-fs (loop1): 1 orphan inode deleted [ 75.960136][ T5213] ntfs: (device loop4): check_mft_mirror(): Failed to read $MFTMirr. [ 75.962599][ T5213] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 75.967658][ T5210] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 75.987166][ T4564] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 75.991596][ T4564] EXT4-fs error (device loop1): ext4_release_dquot:6850: comm kworker/u4:10: Failed to release dquot type 1 [ 76.068638][ T5205] loop3: detected capacity change from 0 to 40427 [ 76.080871][ T5205] F2FS-fs (loop3): invalid crc value [ 76.111125][ T5205] F2FS-fs (loop3): Found nat_bits in checkpoint [ 76.127024][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 76.128999][ T4564] EXT4-fs error (device loop1): ext4_release_dquot:6850: comm kworker/u4:10: Failed to release dquot type 1 [ 76.159619][ T5205] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 76.207593][ T5205] F2FS-fs (loop3): Unrecognized mount option "bsdgroups" or missing value [ 76.268528][ T5226] loop0: detected capacity change from 0 to 16 [ 76.431429][ T4297] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 76.433942][ T4297] Bluetooth: hci0: Injecting HCI hardware error event [ 76.437157][ T4313] Bluetooth: hci0: hardware error 0x00 [ 77.084693][ T5230] loop1: detected capacity change from 0 to 40427 [ 77.109521][ T5230] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 77.118771][ T5230] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 77.134668][ T5230] F2FS-fs (loop1): invalid crc value [ 77.144902][ T5228] loop4: detected capacity change from 0 to 32768 [ 77.173640][ T5230] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 77.211953][ T5228] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 77.236929][ T5230] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 77.239070][ T5230] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 77.500491][ T5259] (syz.4.258,5259,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0 [ 77.505510][ T5259] (syz.4.258,5259,0):__ocfs2_delete_entry:1162 ERROR: status = -5 [ 77.507672][ T5259] (syz.4.258,5259,0):ocfs2_unlink:990 ERROR: status = -5 [ 77.509920][ T5259] (syz.4.258,5259,0):ocfs2_unlink:1042 ERROR: status = -5 [ 77.639041][ T5261] loop3: detected capacity change from 0 to 512 [ 77.709776][ T4297] Bluetooth: hci3: command 0x0409 tx timeout [ 77.729488][ T5261] EXT4-fs (loop3): 1 orphan inode deleted [ 77.736277][ T5261] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 77.775656][ T4564] __quota_error: 9 callbacks suppressed [ 77.775671][ T4564] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 77.800816][ T4564] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:10: Failed to release dquot type 1 [ 77.830639][ T5260] loop0: detected capacity change from 0 to 4096 [ 77.840251][ T4296] syz-executor: attempt to access beyond end of device [ 77.840251][ T4296] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 77.848635][ T5260] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 77.937196][ T4303] EXT4-fs (loop3): unmounting filesystem. [ 77.940031][ T449] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 77.942920][ T449] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:4: Failed to release dquot type 1 [ 78.022903][ T4304] ocfs2: Unmounting device (7,4) on (node local) [ 78.293488][ T5276] netlink: 'syz.1.274': attribute type 1 has an invalid length. [ 78.319381][ T5276] 8021q: adding VLAN 0 to HW filter on device bond1 [ 78.438767][ T5247] loop2: detected capacity change from 0 to 40427 [ 78.455727][ T5247] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff [ 78.465130][ T5247] F2FS-fs (loop2): invalid crc value [ 78.496752][ T5247] F2FS-fs (loop2): Found nat_bits in checkpoint [ 78.545599][ T5247] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 78.564169][ T5276] bond1: (slave gretap1): making interface the new active one [ 78.575917][ T5276] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 78.578670][ T4564] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 78.731119][ T5288] netlink: 1347 bytes leftover after parsing attributes in process `syz.3.277'. [ 78.759814][ T4313] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 78.773149][ T5292] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 78.777870][ T5291] netlink: 'syz.4.279': attribute type 1 has an invalid length. [ 78.821624][ T5291] 8021q: adding VLAN 0 to HW filter on device bond1 [ 78.828925][ T5297] loop1: detected capacity change from 0 to 256 [ 78.848825][ T5297] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 78.870554][ T5291] bond1: (slave gretap1): making interface the new active one [ 78.876250][ T5291] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 78.900004][ T4563] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 79.008654][ T5299] netlink: 24 bytes leftover after parsing attributes in process `syz.4.281'. [ 79.252657][ T5303] loop4: detected capacity change from 0 to 256 [ 79.420719][ T5296] loop3: detected capacity change from 0 to 40427 [ 79.473393][ T5296] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 79.478423][ T5296] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 79.487420][ T5296] F2FS-fs (loop3): invalid crc value [ 79.523277][ T5296] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 79.625317][ T5296] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 79.627378][ T5296] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 79.731360][ T4303] syz-executor: attempt to access beyond end of device [ 79.731360][ T4303] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 79.755739][ T5301] loop0: detected capacity change from 0 to 32768 [ 79.832367][ T5301] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 80.094125][ T5329] (syz.0.282,5329,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0 [ 80.098685][ T5329] (syz.0.282,5329,0):__ocfs2_delete_entry:1162 ERROR: status = -5 [ 80.101004][ T5329] (syz.0.282,5329,0):ocfs2_unlink:990 ERROR: status = -5 [ 80.103101][ T5329] (syz.0.282,5329,0):ocfs2_unlink:1042 ERROR: status = -5 [ 80.554058][ T4302] ocfs2: Unmounting device (7,0) on (node local) [ 80.597504][ T5342] loop4: detected capacity change from 0 to 256 [ 80.716545][ T5342] netlink: 828 bytes leftover after parsing attributes in process `syz.4.294'. [ 80.897922][ T5359] netlink: 24 bytes leftover after parsing attributes in process `syz.0.302'. [ 80.909942][ T4305] Bluetooth: hci4: command 0x0405 tx timeout [ 81.062912][ T5351] loop3: detected capacity change from 0 to 8192 [ 81.132918][ T5351] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 81.136939][ T5351] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 81.179269][ T5351] REISERFS (device loop3): using ordered data mode [ 81.183416][ T5351] reiserfs: using flush barriers [ 81.197812][ T5343] loop2: detected capacity change from 0 to 40427 [ 81.201056][ T5343] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff [ 81.205527][ T5343] F2FS-fs (loop2): invalid crc value [ 81.208790][ T5351] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 81.235036][ T5343] F2FS-fs (loop2): Found nat_bits in checkpoint [ 81.255185][ T5351] REISERFS (device loop3): checking transaction log (loop3) [ 81.279822][ T5351] REISERFS warning: reiserfs-5081 is_leaf: nr_item seems wrong: level=1, nr_items=32514, free_space=6 rdkey [ 81.293658][ T5351] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 81.302542][ T5351] REISERFS (device loop3): Remounting filesystem read-only [ 81.304688][ T5343] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 81.317360][ T5351] REISERFS error (device loop3): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 81.356342][ T5351] REISERFS warning (device loop3): reiserfs_fill_super: corrupt root inode, run fsck [ 81.412013][ T5373] FAULT_INJECTION: forcing a failure. [ 81.412013][ T5373] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 81.415722][ T5373] CPU: 0 PID: 5373 Comm: syz.1.306 Not tainted 6.1.141-syzkaller #0 [ 81.417938][ T5373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 81.420689][ T5373] Call trace: [ 81.421616][ T5373] dump_backtrace+0x1c8/0x1f4 [ 81.422948][ T5373] show_stack+0x2c/0x3c [ 81.424077][ T5373] __dump_stack+0x30/0x40 [ 81.425283][ T5373] dump_stack_lvl+0xf8/0x160 [ 81.426578][ T5373] dump_stack+0x1c/0x5c [ 81.427802][ T5373] should_fail_ex+0x3c4/0x520 [ 81.429134][ T5373] should_fail_alloc_page+0x74/0xb8 [ 81.430652][ T5373] prepare_alloc_pages+0x1c0/0x504 [ 81.432081][ T5373] __alloc_pages+0x134/0x53c [ 81.433413][ T5373] __folio_alloc+0x1c/0x44 [ 81.434643][ T5373] vma_alloc_folio+0x37c/0x8b4 [ 81.435996][ T5373] shmem_alloc_and_acct_folio+0x35c/0x8e4 [ 81.437579][ T5373] shmem_get_folio_gfp+0xcb0/0x2040 [ 81.439063][ T5373] shmem_write_begin+0xf4/0x46c [ 81.440475][ T5373] generic_perform_write+0x230/0x4b0 [ 81.441966][ T5373] __generic_file_write_iter+0x168/0x37c [ 81.443563][ T5373] generic_file_write_iter+0xb4/0x2b0 [ 81.445054][ T5373] vfs_write+0x5ac/0x7c4 [ 81.446276][ T5373] ksys_write+0x120/0x210 [ 81.447507][ T5373] __arm64_sys_write+0x7c/0x90 [ 81.448850][ T5373] invoke_syscall+0x98/0x2bc [ 81.450157][ T5373] el0_svc_common+0x138/0x258 [ 81.451497][ T5373] do_el0_svc+0x58/0x13c [ 81.452697][ T5373] el0_svc+0x58/0x138 [ 81.453815][ T5373] el0t_64_sync_handler+0x84/0xf0 [ 81.455221][ T5373] el0t_64_sync+0x18c/0x190 [ 81.469848][ T4313] Bluetooth: hci1: command 0x0409 tx timeout [ 81.509188][ T5375] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 81.525251][ T5375] FAT-fs (loop1): unable to read boot sector [ 81.808960][ T5379] overlayfs: invalid origin (000000790066696c6530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 81.925860][ T5371] loop4: detected capacity change from 0 to 32768 [ 81.979878][ T5371] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 82.244817][ T5383] (syz.4.305,5383,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0 [ 82.249629][ T5383] (syz.4.305,5383,0):__ocfs2_delete_entry:1162 ERROR: status = -5 [ 82.251941][ T5383] (syz.4.305,5383,0):ocfs2_unlink:990 ERROR: status = -5 [ 82.254159][ T5383] (syz.4.305,5383,0):ocfs2_unlink:1042 ERROR: status = -5 [ 82.565434][ T5386] loop1: detected capacity change from 0 to 256 [ 82.732255][ T5377] loop0: detected capacity change from 0 to 40427 [ 82.744553][ T5386] netlink: 828 bytes leftover after parsing attributes in process `syz.1.311'. [ 82.747897][ T5377] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 82.748985][ T4407] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 82.750733][ T5377] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 82.759816][ T4304] ocfs2: Unmounting device (7,4) on (node local) [ 82.777317][ T5377] F2FS-fs (loop0): invalid crc value [ 82.802385][ T5377] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 82.855505][ T5377] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 82.857889][ T5377] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 82.977846][ T5400] netlink: 12 bytes leftover after parsing attributes in process `syz.2.314'. [ 82.980598][ T5400] netlink: 68 bytes leftover after parsing attributes in process `syz.2.314'. [ 83.007803][ T5400] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 83.133883][ T5404] netlink: 32 bytes leftover after parsing attributes in process `syz.2.316'. [ 83.316766][ T5408] loop2: detected capacity change from 0 to 8 [ 84.189858][ T4313] Bluetooth: hci1: command 0x0409 tx timeout [ 93.686113][ T5377] netlink: 20 bytes leftover after parsing attributes in process `syz.0.308'. [ 93.805669][ T5413] netlink: 8 bytes leftover after parsing attributes in process `syz.4.321'. [ 93.808266][ T5413] netlink: 28 bytes leftover after parsing attributes in process `syz.4.321'. [ 94.399972][ T5417] loop2: detected capacity change from 0 to 32768 [ 94.446347][ T5415] loop1: detected capacity change from 0 to 40427 [ 94.466315][ T5415] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3ffff [ 94.486619][ T5417] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 94.502024][ T5415] F2FS-fs (loop1): invalid crc value [ 94.652674][ T5415] F2FS-fs (loop1): Found nat_bits in checkpoint [ 94.675888][ T5421] loop4: detected capacity change from 0 to 40427 [ 94.690349][ T5415] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 94.693318][ T5421] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 94.695072][ T5421] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 94.753717][ T5442] (syz.2.322,5442,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0 [ 94.758469][ T5442] (syz.2.322,5442,1):__ocfs2_delete_entry:1162 ERROR: status = -5 [ 94.760821][ T5442] (syz.2.322,5442,1):ocfs2_unlink:990 ERROR: status = -5 [ 94.763040][ T5442] (syz.2.322,5442,1):ocfs2_unlink:1042 ERROR: status = -5 [ 94.898697][ T5441] loop3: detected capacity change from 0 to 4096 [ 94.901198][ T5441] ntfs3: Invalid value for fmask. [ 94.971195][ T5421] F2FS-fs (loop4): invalid crc value [ 95.018753][ T5421] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 95.100252][ T5421] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 95.102231][ T5421] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 95.136616][ T5421] FAULT_INJECTION: forcing a failure. [ 95.136616][ T5421] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.169842][ T5421] CPU: 1 PID: 5421 Comm: syz.4.325 Not tainted 6.1.141-syzkaller #0 [ 95.172158][ T5421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 95.174970][ T5421] Call trace: [ 95.175857][ T5421] dump_backtrace+0x1c8/0x1f4 [ 95.177134][ T5421] show_stack+0x2c/0x3c [ 95.178314][ T5421] __dump_stack+0x30/0x40 [ 95.179493][ T5421] dump_stack_lvl+0xf8/0x160 [ 95.180715][ T5421] dump_stack+0x1c/0x5c [ 95.181869][ T5421] should_fail_ex+0x3c4/0x520 [ 95.183163][ T5421] should_fail+0x14/0x24 [ 95.184358][ T5421] should_fail_usercopy+0x20/0x30 [ 95.185748][ T5421] simple_read_from_buffer+0xcc/0x240 [ 95.187248][ T5421] proc_fail_nth_read+0x194/0x230 [ 95.188637][ T5421] vfs_read+0x288/0x7c4 [ 95.189830][ T5421] ksys_read+0x120/0x210 [ 95.190969][ T5421] __arm64_sys_read+0x7c/0x90 [ 95.192286][ T5421] invoke_syscall+0x98/0x2bc [ 95.193542][ T5421] el0_svc_common+0x138/0x258 [ 95.194856][ T5421] do_el0_svc+0x58/0x13c [ 95.196081][ T5421] el0_svc+0x58/0x138 [ 95.197162][ T5421] el0t_64_sync_handler+0x84/0xf0 [ 95.198558][ T5421] el0t_64_sync+0x18c/0x190 [ 95.228745][ T5443] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 95.253351][ T4300] ocfs2: Unmounting device (7,2) on (node local) [ 95.276134][ T4304] syz-executor: attempt to access beyond end of device [ 95.276134][ T4304] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 96.693086][ T5482] loop3: detected capacity change from 0 to 512 [ 96.697355][ T5482] EXT4-fs (loop3): bad geometry: block count 8192 exceeds size of device (64 blocks) [ 96.833468][ T5487] loop0: detected capacity change from 0 to 512 [ 96.852546][ T5487] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x20) [ 96.857743][ T5487] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 96.869971][ T5487] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 96.878514][ T5487] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 97.144865][ T5479] loop2: detected capacity change from 0 to 32768 [ 97.204005][ T4296] syz-executor: attempt to access beyond end of device [ 97.204005][ T4296] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 97.237279][ T5479] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 97.269908][ T5443] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 97.907290][ T5507] loop0: detected capacity change from 0 to 512 [ 97.933495][ T5492] loop4: detected capacity change from 0 to 40427 [ 97.946298][ T5492] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 97.953086][ T5507] EXT4-fs (loop0): 1 orphan inode deleted [ 97.954744][ T5507] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 97.966580][ T5492] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 97.986261][ T5492] F2FS-fs (loop4): invalid crc value [ 98.019532][ T5492] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 98.086093][ T4300] ocfs2: Unmounting device (7,2) on (node local) [ 98.100516][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 98.167837][ T5492] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 98.171202][ T5521] netlink: 'syz.0.351': attribute type 1 has an invalid length. [ 98.172133][ T5492] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 98.191054][ T5521] 8021q: adding VLAN 0 to HW filter on device bond1 [ 98.280964][ T5521] bond1: (slave gretap1): making interface the new active one [ 98.298560][ T5521] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 98.316256][ T4564] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 98.348790][ T5525] netlink: 'syz.2.353': attribute type 72 has an invalid length. [ 98.355725][ T5527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.354'. [ 98.364055][ T5527] netlink: 28 bytes leftover after parsing attributes in process `syz.3.354'. [ 98.380668][ T5527] device geneve2 entered promiscuous mode [ 98.398902][ T5525] netlink: 'syz.2.353': attribute type 8 has an invalid length. [ 98.423809][ T4304] syz-executor: attempt to access beyond end of device [ 98.423809][ T4304] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 98.652872][ T5542] netlink: 20 bytes leftover after parsing attributes in process `syz.3.359'. [ 100.214572][ T5548] loop9: detected capacity change from 0 to 8 [ 100.621131][ T5548] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 100.622733][ T5548] loop9: partition table partially beyond EOD, truncated [ 100.624849][ T5548] loop9: p1 size 81768186 extends beyond EOD, truncated [ 100.818177][ T4305] Bluetooth: hci1: Malformed LE Event: 0x0d [ 101.068074][ T5564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.097151][ T5564] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.127883][ T5570] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.150465][ T5570] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.324986][ T5435] udevd[5435]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 101.414458][ T4898] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 101.600756][ T4898] usb 1-1: Using ep0 maxpacket: 32 [ 101.971257][ T4898] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 101.976109][ T4898] usb 1-1: config 0 has no interface number 0 [ 102.177044][ T4898] usb 1-1: config 0 interface 1 altsetting 9 has an invalid endpoint with address 0x0, skipping [ 102.196923][ T4898] usb 1-1: config 0 interface 1 has no altsetting 0 [ 102.220817][ T4898] usb 1-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 102.223360][ T4898] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.247385][ T4898] usb 1-1: Product: syz [ 102.250466][ T4898] usb 1-1: Manufacturer: syz [ 102.251790][ T4898] usb 1-1: SerialNumber: syz [ 102.253892][ T5585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 102.256387][ T5585] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 102.273415][ T4898] usb 1-1: config 0 descriptor?? [ 102.526558][ T4898] cx231xx 1-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 103.931471][ T4898] cx231xx 1-1:0.1: Failed to read PCB config [ 103.933259][ T4898] cx231xx: probe of 1-1:0.1 failed with error -71 [ 103.963581][ T5595] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 103.966798][ T5595] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 103.997325][ T4898] usb 1-1: USB disconnect, device number 2 [ 104.609980][ T4898] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 105.084246][ T4898] usb 1-1: config 0 has an invalid interface number: 120 but max is 0 [ 105.086668][ T4898] usb 1-1: config 0 has no interface number 0 [ 105.088482][ T4898] usb 1-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 105.092713][ T4898] usb 1-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 105.095375][ T4898] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.452759][ T4898] usb 1-1: config 0 descriptor?? [ 105.595847][ T4898] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.120/input/input3 [ 105.730432][ T5633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 105.733729][ T5633] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.843227][ T4898] usb 1-1: USB disconnect, device number 3 [ 105.843266][ C0] usbtouchscreen 1-1:0.120: usbtouch_irq - usb_submit_urb failed with result: -19 [ 106.208308][ T5652] netlink: 24 bytes leftover after parsing attributes in process `syz.3.396'. [ 108.645834][ T5680] netlink: 100 bytes leftover after parsing attributes in process `syz.0.406'. [ 111.968884][ T5690] sctp: failed to load transform for md5: -4 [ 111.980135][ T5686] sctp: failed to load transform for md5: -2 [ 111.991654][ T5696] sctp: failed to load transform for md5: -2 [ 112.015703][ T5692] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 112.017788][ T5692] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 112.115859][ T5692] vhci_hcd vhci_hcd.0: Device attached [ 112.280749][ T5693] vhci_hcd: connection closed [ 112.287049][ T5631] vhci_hcd: stop threads [ 112.300602][ T5631] vhci_hcd: release socket [ 112.305402][ T5631] vhci_hcd: disconnect device [ 112.330152][ T4744] usb 8-1: new low-speed USB device number 2 using vhci_hcd [ 112.333257][ T4744] usb 8-1: enqueue for inactive port 0 [ 112.338305][ T5726] Illegal XDP return value 4294967294 on prog (id 28) dev N/A, expect packet loss! [ 112.409982][ T4744] vhci_hcd: vhci_device speed not set [ 112.427972][ T27] audit: type=1326 audit(112.390:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5728 comm="syz.4.416" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8455a8a8 code=0x0 [ 113.645164][ T5747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.647777][ T5747] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 113.859956][ T112] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 114.020351][ T5725] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 114.049272][ T5725] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 114.053298][ T112] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 114.056173][ T112] usb 1-1: config 0 interface 0 has no altsetting 0 [ 114.078098][ T112] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 114.081131][ T112] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 114.083402][ T112] usb 1-1: Product: syz [ 114.091169][ T112] usb 1-1: Manufacturer: syz [ 114.092617][ T112] usb 1-1: SerialNumber: syz [ 114.100694][ T112] usb 1-1: config 0 descriptor?? [ 114.114988][ T112] usb 1-1: selecting invalid altsetting 0 [ 114.321144][ T112] usb 1-1: USB disconnect, device number 4 [ 114.473202][ T5752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.475736][ T5752] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 114.810076][ T5725] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.812635][ T5725] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.815217][ T5725] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.817534][ T5725] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.828816][ T5762] netlink: 536 bytes leftover after parsing attributes in process `syz.1.429'. [ 115.831426][ T5762] netlink: 40 bytes leftover after parsing attributes in process `syz.1.429'. [ 116.068419][ T5770] ptrace attach of "./syz-executor exec"[4304] was attempted by "./syz-executor exec"[5770] [ 116.518845][ T27] audit: type=1326 audit(116.480:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.555935][ T27] audit: type=1326 audit(116.480:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.571204][ T5768] netlink: 20 bytes leftover after parsing attributes in process `syz.1.431'. [ 116.590055][ T5768] nbd: must specify a device to reconfigure [ 116.599365][ T27] audit: type=1326 audit(116.480:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.645558][ T27] audit: type=1326 audit(116.480:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.672954][ T27] audit: type=1326 audit(116.480:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.679552][ T27] audit: type=1326 audit(116.490:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.763547][ T27] audit: type=1326 audit(116.490:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.770348][ T27] audit: type=1326 audit(116.490:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.776605][ T27] audit: type=1326 audit(116.490:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.2.432" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff8635a8a8 code=0x7ffc0000 [ 116.839035][ T5783] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.849911][ T5783] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 116.853227][ T5783] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.855601][ T5783] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 117.418433][ T5794] netlink: set zone limit has 8 unknown bytes [ 117.898973][ T5802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 117.902330][ T5802] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.947596][ T5807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.019946][ T7] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 118.604581][ T5807] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.616162][ T7] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 118.619025][ T7] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 118.622912][ T7] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 118.625439][ T7] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 118.648791][ T7] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 118.655655][ T5807] Bluetooth: MGMT ver 1.22 [ 118.692819][ T7] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 118.704559][ T7] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 118.707017][ T7] usb 1-1: Product: syz [ 118.708235][ T7] usb 1-1: Manufacturer: syz [ 118.740477][ T7] cdc_wdm 1-1:1.0: skipping garbage [ 118.742064][ T7] cdc_wdm 1-1:1.0: skipping garbage [ 118.760276][ T7] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 118.762009][ T7] cdc_wdm 1-1:1.0: Unknown control protocol [ 118.809612][ T5818] tipc: Started in network mode [ 118.839175][ T5818] tipc: Node identity , cluster identity 4711 [ 118.844868][ T5818] tipc: Failed to obtain node identity [ 118.846480][ T5818] tipc: Enabling of bearer rejected, failed to enable media [ 118.900832][ T5822] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.911184][ T5822] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.995179][ T7] usb 1-1: USB disconnect, device number 5 [ 119.006100][ T5825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.008699][ T5825] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.118289][ T5826] netlink: 28 bytes leftover after parsing attributes in process `syz.1.450'. [ 119.828616][ T5828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.833771][ T5828] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.494551][ T4305] Bluetooth: hci4: command 0x0405 tx timeout [ 121.994129][ T5859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.003840][ T5859] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.016509][ T5859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.021587][ T5859] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.238451][ T5859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.244532][ T5859] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.845822][ T5861] Bluetooth: hci0: Opcode 0x080f failed: -4 [ 124.404840][ T5881] sctp: failed to load transform for md5: -2 [ 124.719887][ T5906] binder: 5895:5906 ioctl c018620c 20000380 returned -22 [ 125.462488][ T5918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.465087][ T5918] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 125.951514][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.953566][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 127.516714][ T5949] netlink: 28 bytes leftover after parsing attributes in process `syz.0.490'. [ 127.524991][ T5949] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'. [ 127.527814][ T5949] netlink: 4 bytes leftover after parsing attributes in process `syz.0.490'. [ 130.049670][ C0] sched: RT throttling activated [ 131.897568][ T4346] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 132.089758][ T4346] usb 1-1: Using ep0 maxpacket: 8 [ 132.094395][ T4346] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 132.097423][ T4346] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 132.129096][ T4346] usb 1-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 132.155547][ T4346] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.215191][ T4346] usb 1-1: Product: syz [ 132.216522][ T4346] usb 1-1: Manufacturer: syz [ 132.217843][ T4346] usb 1-1: SerialNumber: syz [ 132.230419][ T4346] usb 1-1: config 0 descriptor?? [ 132.664822][ T4346] usb 1-1: USB disconnect, device number 6 [ 132.857439][ T6030] netlink: 52 bytes leftover after parsing attributes in process `syz.2.514'. [ 132.867679][ T6030] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.870934][ T6030] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.049221][ T4313] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 134.056626][ T4313] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 134.060154][ T4313] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 134.064176][ T4313] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 134.066573][ T4313] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 134.069056][ T4313] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 134.074918][ T4564] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.109965][ T112] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 134.242000][ T4564] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.264039][ T6062] netlink: 8 bytes leftover after parsing attributes in process `syz.2.525'. [ 134.292551][ T112] usb 1-1: New USB device found, idVendor=1e7d, idProduct=3232, bcdDevice= 0.00 [ 134.295367][ T112] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.299352][ T112] usb 1-1: config 0 descriptor?? [ 134.439385][ T4564] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.802874][ T4564] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.395177][ T6052] chnl_net:caif_netlink_parms(): no params data found [ 135.426204][ T6052] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.428514][ T6052] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.431444][ T6052] device bridge_slave_0 entered promiscuous mode [ 135.434960][ T6052] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.436948][ T6052] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.439616][ T6052] device bridge_slave_1 entered promiscuous mode [ 136.111557][ T4313] Bluetooth: hci4: command 0x0409 tx timeout [ 136.278422][ T6052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 136.302704][ T6052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 136.385806][ T6052] team0: Port device team_slave_0 added [ 136.396365][ T6052] team0: Port device team_slave_1 added [ 136.439958][ T6090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.449663][ T6090] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.589234][ T6052] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 136.597316][ T6052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.622037][ T6052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.684390][ T6052] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 136.686650][ T6052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.700945][ T6052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 136.926155][ T6052] device hsr_slave_0 entered promiscuous mode [ 136.983444][ T6052] device hsr_slave_1 entered promiscuous mode [ 137.042960][ T6052] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 137.094037][ T6052] Cannot create hsr debugfs directory [ 137.780271][ T112] usbhid 1-1:0.0: can't add hid device: -71 [ 137.782025][ T112] usbhid: probe of 1-1:0.0 failed with error -71 [ 137.832338][ T112] usb 1-1: USB disconnect, device number 7 [ 138.877467][ T4305] Bluetooth: hci4: command 0x041b tx timeout [ 138.977819][ T6124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 138.992265][ T6124] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.275706][ T4564] bond1: (slave gretap1): Releasing active interface [ 140.706257][ T6171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 140.708823][ T6171] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 141.108747][ T4305] Bluetooth: hci4: command 0x040f tx timeout [ 141.436577][ T112] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 142.266863][ T112] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.270288][ T112] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 142.273112][ T112] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.351198][ T112] usb 1-1: config 0 descriptor?? [ 142.495719][ T6187] tmpfs: Unknown parameter 'quota' [ 142.712757][ T6201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 142.715531][ T6201] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 142.762477][ T112] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor [ 142.768463][ T112] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0001/input/input5 [ 142.831646][ T6052] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 142.921800][ T6052] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 142.946440][ T112] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 142.987649][ T4564] device hsr_slave_0 left promiscuous mode [ 143.041234][ T4564] device hsr_slave_1 left promiscuous mode [ 143.120029][ T4564] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 143.122538][ T4564] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 143.130348][ T4564] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 143.132928][ T4564] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 143.135925][ T4564] device bridge_slave_1 left promiscuous mode [ 143.142473][ T4564] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.149947][ T4313] Bluetooth: hci4: command 0x0419 tx timeout [ 143.187437][ T4564] device bridge_slave_0 left promiscuous mode [ 143.190165][ T4564] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.274567][ T4744] usb 1-1: USB disconnect, device number 8 [ 143.362107][ T6220] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 143.364762][ T6220] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.390761][ T4564] device veth1_macvtap left promiscuous mode [ 143.392968][ T4564] device veth0_macvtap left promiscuous mode [ 143.396135][ T4564] device veth1_vlan left promiscuous mode [ 143.397964][ T4564] device veth0_vlan left promiscuous mode [ 143.575503][ T6220] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 143.580044][ T6220] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 145.362199][ T4564] bond1 (unregistering): Released all slaves [ 145.433236][ T6251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 145.436566][ T6251] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 148.445465][ T4564] team0 (unregistering): Port device team_slave_1 removed [ 148.610832][ T4564] team0 (unregistering): Port device team_slave_0 removed [ 148.811179][ T4564] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 149.050571][ T4564] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 151.613946][ T4564] bond0 (unregistering): Released all slaves [ 151.863537][ T6052] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 151.912037][ T6052] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 152.188618][ T6052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 152.218499][ T5551] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 152.224033][ T5551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 152.238664][ T6052] 8021q: adding VLAN 0 to HW filter on device team0 [ 152.246779][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 152.250914][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 152.256896][ T4377] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.258877][ T4377] bridge0: port 1(bridge_slave_0) entered forwarding state [ 152.282646][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 152.286911][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 152.292220][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 152.297226][ T4377] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.299360][ T4377] bridge0: port 2(bridge_slave_1) entered forwarding state [ 152.314230][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 152.338625][ T6278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 152.347516][ T6278] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 153.060521][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 153.068094][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 153.105930][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 153.130651][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 153.136907][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 153.193738][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 153.213024][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 153.218965][ T6052] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 153.248971][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 153.260922][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 153.263824][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 153.272647][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 155.428251][ T6052] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 155.491288][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 155.493728][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 156.829196][ T6342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 156.871668][ T6342] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 157.441632][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 157.444561][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 157.516563][ T5551] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 157.519568][ T5551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 157.520493][ T6353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 157.525626][ T6353] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 157.543846][ T5551] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 157.546554][ T5551] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 157.579643][ T6052] device veth0_vlan entered promiscuous mode [ 157.588022][ T6052] device veth1_vlan entered promiscuous mode [ 157.653444][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 157.653590][ T6360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 157.656596][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 157.666859][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 157.672343][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 157.676289][ T6358] netlink: 'syz.1.594': attribute type 10 has an invalid length. [ 157.678935][ T6360] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 157.693323][ T6358] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 157.697720][ T6052] device veth0_macvtap entered promiscuous mode [ 157.703839][ T6052] device veth1_macvtap entered promiscuous mode [ 157.723565][ T6052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.727298][ T6052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.730959][ T6052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.733826][ T6052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.738189][ T6052] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 157.743572][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 157.746749][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 157.753806][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 157.761088][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 157.768260][ T6052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.772076][ T6052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.775068][ T6052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.777934][ T6052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.783042][ T6052] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 157.785488][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 157.788561][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 157.794590][ T6052] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.797282][ T6052] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.800493][ T6052] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.803311][ T6052] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.861818][ T4377] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.864307][ T4377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.872468][ T4564] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 157.894956][ T4564] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.897350][ T4564] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.904114][ T4377] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 157.970271][ T4287] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 158.114170][ T6376] process 'syz.3.602' launched './file1' with NULL argv: empty string added [ 158.165042][ T4287] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 158.168748][ T4287] usb 1-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00 [ 158.175885][ T4287] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.181868][ T4287] usb 1-1: config 0 descriptor?? [ 158.190822][ T6362] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 158.306795][ T6383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 158.325923][ T6383] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 158.873011][ T4287] input: THQ uDraw Game Tablet for PS3 Joypad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:20D6:CB17.0002/input/input6 [ 159.283267][ T4287] input: THQ uDraw Game Tablet for PS3 Touchpad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:20D6:CB17.0002/input/input7 [ 159.294175][ T4287] input: THQ uDraw Game Tablet for PS3 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:20D6:CB17.0002/input/input8 [ 159.299611][ T4287] input: THQ uDraw Game Tablet for PS3 Accelerometer as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:20D6:CB17.0002/input/input9 [ 159.306267][ T4287] hid-udraw 0003:20D6:CB17.0002: hidraw0: USB HID v1.01 Device [HID 20d6:cb17] on usb-dummy_hcd.0-1/input0 [ 159.316159][ T4287] usb 1-1: USB disconnect, device number 9 [ 159.633961][ T6411] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 159.637978][ T6411] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 160.060985][ T6413] netlink: 20 bytes leftover after parsing attributes in process `syz.2.612'. [ 160.780804][ T6429] netlink: 64 bytes leftover after parsing attributes in process `syz.2.625'. [ 161.497956][ T6440] binder: 6434:6440 ioctl c018620c 20000380 returned -22 [ 161.619871][ T4287] usb 1-1: new low-speed USB device number 10 using dummy_hcd [ 161.724097][ T4313] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 161.730004][ T4313] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 161.733535][ T4313] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 161.736299][ T4313] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 161.738987][ T4313] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 161.741406][ T4313] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 161.851242][ T4287] usb 1-1: config 0 has an invalid interface number: 55 but max is 0 [ 161.853604][ T4287] usb 1-1: config 0 has no interface number 0 [ 161.855495][ T4287] usb 1-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping [ 161.858423][ T4287] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 161.869751][ T4287] usb 1-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping [ 161.872832][ T4287] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 161.876382][ T4287] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 161.878845][ T4287] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.888778][ T4287] usb 1-1: config 0 descriptor?? [ 161.891048][ T6422] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 161.893208][ T6422] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 161.896751][ T4287] ldusb 1-1:0.55: Interrupt in endpoint not found [ 162.144191][ T5551] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.164907][ T4679] usb 1-1: USB disconnect, device number 10 [ 163.789761][ T4305] Bluetooth: hci4: command 0x0409 tx timeout [ 163.870780][ T4297] Bluetooth: hci1: command 0x0406 tx timeout [ 163.872658][ T4297] Bluetooth: hci2: command 0x0406 tx timeout [ 163.874352][ T4305] Bluetooth: hci3: command 0x0406 tx timeout [ 164.301966][ T5551] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.461584][ T5551] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.593505][ T6464] fido_id[6464]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 164.722801][ T5551] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.005968][ T6449] chnl_net:caif_netlink_parms(): no params data found [ 165.036069][ T6498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 165.038778][ T6498] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.210951][ T4744] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 165.399899][ T4744] usb 1-1: Using ep0 maxpacket: 32 [ 165.407116][ T4744] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 165.410137][ T4744] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.424166][ T4744] usb 1-1: config 0 descriptor?? [ 165.462289][ T4744] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 165.729551][ T6449] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.734257][ T6449] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.749561][ T6449] device bridge_slave_0 entered promiscuous mode [ 165.847941][ T6449] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.850618][ T6449] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.856122][ T6449] device bridge_slave_1 entered promiscuous mode [ 165.869798][ T4305] Bluetooth: hci4: command 0x041b tx timeout [ 165.998564][ T6449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.020686][ T6525] block device autoloading is deprecated and will be removed. [ 166.030731][ T6449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 166.167224][ T6449] team0: Port device team_slave_0 added [ 166.190885][ T6449] team0: Port device team_slave_1 added [ 166.327623][ T6449] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.329628][ T6449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.355313][ T6449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.368324][ T6449] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 166.380810][ T6449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.403531][ T6449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 166.849130][ T6449] device hsr_slave_0 entered promiscuous mode [ 167.247652][ T4744] gspca_nw80x: reg_w err -71 [ 167.249012][ T4744] nw80x: probe of 1-1:0.0 failed with error -71 [ 167.253839][ T4744] usb 1-1: USB disconnect, device number 11 [ 167.282090][ T6449] device hsr_slave_1 entered promiscuous mode [ 167.309846][ T6449] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 167.312346][ T6449] Cannot create hsr debugfs directory [ 167.891751][ T4297] Bluetooth: hci5: command 0x1003 tx timeout [ 167.894127][ T4313] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 167.949807][ T4305] Bluetooth: hci4: command 0x040f tx timeout [ 168.246698][ T6550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 168.249393][ T6550] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 168.383733][ T4679] kernel write not supported for file /input/mice (pid: 4679 comm: kworker/0:8) [ 168.463513][ T6550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 168.466043][ T6550] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 169.458710][ T27] kauditd_printk_skb: 18 callbacks suppressed [ 169.458722][ T27] audit: type=1326 audit(170.376:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.466336][ T27] audit: type=1326 audit(170.376:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.481422][ T27] audit: type=1326 audit(170.376:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.487240][ T27] audit: type=1326 audit(170.376:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.493956][ T27] audit: type=1326 audit(170.376:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.500053][ T27] audit: type=1326 audit(170.386:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.506076][ T27] audit: type=1326 audit(170.386:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.512082][ T27] audit: type=1326 audit(170.386:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.518208][ T27] audit: type=1326 audit(170.386:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 169.572384][ T27] audit: type=1326 audit(170.386:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6563 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d35a8a8 code=0x7fc00000 [ 170.031288][ T4297] Bluetooth: hci4: command 0x0419 tx timeout [ 172.493980][ T5551] device hsr_slave_0 left promiscuous mode [ 172.564934][ T5551] device hsr_slave_1 left promiscuous mode [ 172.650889][ T5551] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 172.652996][ T5551] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 172.656514][ T5551] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 172.658588][ T5551] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 172.677771][ T5551] device bridge_slave_1 left promiscuous mode [ 172.679576][ T5551] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.727977][ T6626] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 172.729859][ T6626] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 172.734010][ T5551] device bridge_slave_0 left promiscuous mode [ 172.735956][ T5551] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.746840][ T6626] vhci_hcd vhci_hcd.0: Device attached [ 172.885119][ T5551] device veth1_macvtap left promiscuous mode [ 172.886933][ T5551] device veth0_macvtap left promiscuous mode [ 172.888862][ T5551] device veth1_vlan left promiscuous mode [ 172.891266][ T5551] device veth0_vlan left promiscuous mode [ 173.009805][ T4679] usb 2-1: new high-speed USB device number 2 using vhci_hcd [ 173.147709][ T6628] vhci_hcd: connection reset by peer [ 173.151879][ T1677] vhci_hcd: stop threads [ 173.153247][ T1677] vhci_hcd: release socket [ 173.155169][ T1677] vhci_hcd: disconnect device [ 174.054868][ T6642] netlink: 332 bytes leftover after parsing attributes in process `syz.1.670'. [ 174.057715][ T6642] netlink: 'syz.1.670': attribute type 9 has an invalid length. [ 174.060132][ T6642] netlink: 108 bytes leftover after parsing attributes in process `syz.1.670'. [ 174.062708][ T6642] netlink: 32 bytes leftover after parsing attributes in process `syz.1.670'. [ 174.071381][ T6642] Cannot find add_set index 0 as target [ 176.624072][ T5551] team0 (unregistering): Port device team_slave_1 removed [ 176.842426][ T5551] team0 (unregistering): Port device team_slave_0 removed [ 177.066681][ T5551] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 177.156452][ T4297] Bluetooth: hci1: command 0x2016 tx timeout [ 177.291159][ T5551] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 178.109958][ T4679] vhci_hcd: vhci_device speed not set [ 179.743487][ T5551] bond0 (unregistering): Released all slaves [ 180.107451][ T6661] netlink: 12 bytes leftover after parsing attributes in process `syz.0.677'. [ 180.175664][ T6674] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 180.186694][ T6674] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 181.216728][ T6449] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 181.310698][ T6449] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 181.355033][ T6449] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 181.390685][ T6449] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 181.645537][ T6708] ieee802154 phy0 wpan0: encryption failed: -22 [ 182.423778][ T6449] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.447100][ T6449] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.520194][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 182.522864][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 182.525383][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 182.528096][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 182.544024][ T55] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.545955][ T55] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.576371][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 182.599254][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 182.663527][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.665700][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.960557][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 182.986954][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 183.191762][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 183.263173][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 183.276933][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 183.327745][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 183.331275][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 183.339082][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 183.363407][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 183.366834][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 183.373106][ T6449] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 183.383646][ T6449] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 183.411957][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 183.415529][ T55] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 183.785543][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 183.787990][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 183.940438][ T6449] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 184.825506][ T6755] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 184.828238][ T6755] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.058731][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 185.078406][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 185.159636][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 185.167230][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 185.171524][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 185.178274][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 185.195101][ T6449] device veth0_vlan entered promiscuous mode [ 185.929308][ T6449] device veth1_vlan entered promiscuous mode [ 185.948750][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 185.951653][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 185.954225][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 185.957587][ T4945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 186.023830][ T6449] device veth0_macvtap entered promiscuous mode [ 186.028161][ T6449] device veth1_macvtap entered promiscuous mode [ 186.075361][ T4564] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 186.078139][ T4564] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 186.114766][ T6449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.172670][ T6449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.186072][ T6449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.188970][ T6449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.245448][ T6449] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 186.259505][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 186.263745][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 186.299180][ T6449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.316311][ T6449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.670103][ T6449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.681534][ T6449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.875143][ T6449] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.005398][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 187.008586][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 187.037241][ T6449] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.044189][ T6449] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.046584][ T6449] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.048967][ T6449] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.062518][ T6780] trusted_key: encrypted_key: insufficient parameters specified [ 187.490631][ T2059] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.493699][ T2059] ieee802154 phy1 wpan1: encryption failed: -22 [ 188.037423][ T5580] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.052999][ T5580] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.058899][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 188.172017][ T4945] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.174549][ T4945] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.180546][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 189.839832][ T6826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.848417][ T6826] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 190.232981][ T4297] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 190.237853][ T4297] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 190.255574][ T4297] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 190.258566][ T4297] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 190.262372][ T4297] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 190.264844][ T4297] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 190.391444][ T5455] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.604354][ T5455] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.343046][ T5455] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.433435][ T6864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 191.447776][ T6864] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 191.525361][ T5455] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.793866][ T6839] chnl_net:caif_netlink_parms(): no params data found [ 192.122346][ T6839] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.131229][ T6839] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.144703][ T6839] device bridge_slave_0 entered promiscuous mode [ 192.180420][ T6839] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.202798][ T6839] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.214664][ T6839] device bridge_slave_1 entered promiscuous mode [ 192.287875][ T6839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.351111][ T4305] Bluetooth: hci4: command 0x0409 tx timeout [ 192.967589][ T6839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 193.266156][ T6916] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 193.268156][ T6916] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 193.300367][ T6916] vhci_hcd vhci_hcd.0: Device attached [ 193.304184][ T6925] vhci_hcd: connection closed [ 193.450164][ T4714] vhci_hcd: stop threads [ 193.452720][ T4714] vhci_hcd: release socket [ 193.453971][ T4714] vhci_hcd: disconnect device [ 194.028567][ T6839] team0: Port device team_slave_0 added [ 194.232582][ T6940] netlink: 8 bytes leftover after parsing attributes in process `syz.2.738'. [ 194.266766][ T6839] team0: Port device team_slave_1 added [ 194.429886][ T4297] Bluetooth: hci4: command 0x041b tx timeout [ 194.502505][ T6950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 194.505201][ T6950] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 194.524464][ T6839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.526462][ T6839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.563520][ T6839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.658493][ T6839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.660856][ T6839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.678158][ T6839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.861778][ T6839] device hsr_slave_0 entered promiscuous mode [ 194.900197][ T6839] device hsr_slave_1 entered promiscuous mode [ 194.940158][ T6839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 194.942547][ T6839] Cannot create hsr debugfs directory [ 195.142533][ T6973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 195.145175][ T6973] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 196.519706][ T4305] Bluetooth: hci4: command 0x040f tx timeout [ 198.322261][ T7015] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 198.329981][ T7016] loop8: detected capacity change from 0 to 16384 [ 198.337703][ T7015] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 198.450683][ T5455] device hsr_slave_0 left promiscuous mode [ 198.502825][ T5455] device hsr_slave_1 left promiscuous mode [ 198.580020][ T5455] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.582173][ T5455] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 198.589582][ T5455] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.592367][ T4297] Bluetooth: hci4: command 0x0419 tx timeout [ 198.604586][ T5455] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.620318][ T5455] device bridge_slave_1 left promiscuous mode [ 198.632104][ T5455] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.680973][ T5455] device bridge_slave_0 left promiscuous mode [ 198.682950][ T5455] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.871702][ T5455] device veth1_macvtap left promiscuous mode [ 198.873444][ T5455] device veth0_macvtap left promiscuous mode [ 198.875187][ T5455] device veth1_vlan left promiscuous mode [ 198.915822][ T5455] device veth0_vlan left promiscuous mode [ 199.018147][ T7021] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 199.027946][ T7021] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 199.035265][ T7023] netlink: set zone limit has 8 unknown bytes [ 200.962431][ T4343] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 201.281026][ T4343] usb 1-1: Using ep0 maxpacket: 16 [ 201.339713][ T4343] usb 1-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 32, changing to 9 [ 201.450641][ T4343] usb 1-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.635764][ T4343] usb 1-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 201.649491][ T4343] usb 1-1: config 0 interface 0 has no altsetting 0 [ 201.652848][ T4343] usb 1-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00 [ 201.655457][ T4343] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.731029][ T4343] usb 1-1: config 0 descriptor?? [ 201.849000][ T7057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 201.851644][ T7057] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 202.970895][ T7065] hub 8-0:1.0: USB hub found [ 202.974011][ T7065] hub 8-0:1.0: 8 ports detected [ 203.444433][ T4343] asus 0003:0B05:17E0.0003: unknown main item tag 0x0 [ 203.459881][ T4343] asus 0003:0B05:17E0.0003: hidraw0: USB HID v0.00 Device [HID 0b05:17e0] on usb-dummy_hcd.0-1/input0 [ 203.462916][ T4343] asus 0003:0B05:17E0.0003: Asus input not registered [ 203.466466][ T4343] asus: probe of 0003:0B05:17E0.0003 failed with error -12 [ 203.503956][ T7069] tmpfs: Unknown parameter 'grpquota_inode_hardlimit' [ 203.663828][ T4678] usb 1-1: USB disconnect, device number 12 [ 207.189818][ T7108] 9pnet_fd: Insufficient options for proto=fd [ 207.859490][ T5455] team0 (unregistering): Port device team_slave_1 removed [ 208.046545][ T5455] team0 (unregistering): Port device team_slave_0 removed [ 208.236130][ T5455] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 208.501179][ T5455] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 209.082416][ T7122] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 209.085111][ T7122] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 211.123633][ T5455] bond0 (unregistering): Released all slaves [ 212.479608][ T6839] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 212.515648][ T7151] netlink: 'syz.0.796': attribute type 29 has an invalid length. [ 212.563139][ T7151] netlink: 'syz.0.796': attribute type 29 has an invalid length. [ 212.574793][ T6839] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 212.621510][ T6839] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 212.668361][ T6839] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 213.126628][ T7161] binder: 7155:7161 IncRefs 0 refcount change on invalid ref 0 ret -22 [ 213.763170][ T6839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.855159][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 213.857851][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 213.893562][ T6839] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.932668][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 213.937649][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 213.948571][ T4430] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.950808][ T4430] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.109643][ T7176] netlink: 16 bytes leftover after parsing attributes in process `syz.3.801'. [ 214.140541][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 214.328330][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 214.470913][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 214.601642][ T4430] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.603784][ T4430] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.700082][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 214.713333][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 214.739635][ T7179] netlink: 80 bytes leftover after parsing attributes in process `syz.2.799'. [ 214.742202][ T7179] netlink: 80 bytes leftover after parsing attributes in process `syz.2.799'. [ 214.745932][ T7179] netlink: 80 bytes leftover after parsing attributes in process `syz.2.799'. [ 214.758710][ T6839] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 214.797727][ T6839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 214.907653][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 214.912181][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 214.914912][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 214.918849][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 214.948020][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 214.956093][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 214.969051][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 214.975641][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 214.991240][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 214.997033][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 216.556853][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 216.559129][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 216.575098][ T6839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 216.594033][ T7225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 216.605820][ T7225] netlink: 'syz.2.813': attribute type 10 has an invalid length. [ 216.716045][ T7225] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 216.888394][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 216.892371][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 216.914620][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 216.917427][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 216.924286][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 216.927420][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 216.934695][ T6839] device veth0_vlan entered promiscuous mode [ 216.948664][ T6839] device veth1_vlan entered promiscuous mode [ 216.975540][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 216.978345][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 216.984425][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 216.987955][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 216.996093][ T6839] device veth0_macvtap entered promiscuous mode [ 217.011880][ T6839] device veth1_macvtap entered promiscuous mode [ 217.037098][ T6839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 217.043196][ T6839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.045914][ T6839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 217.048931][ T6839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.056249][ T6839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 217.067918][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 217.073802][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 217.076508][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 217.083517][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 217.089411][ T6839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 217.092949][ T6839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.095694][ T6839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 217.098577][ T6839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.108029][ T6839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 217.112092][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 217.114940][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 217.169939][ T6839] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.172602][ T6839] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.175020][ T6839] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.177418][ T6839] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.309471][ T4428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.312105][ T4428] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.317871][ T5897] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 217.359580][ T5897] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.371562][ T5897] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.382748][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 217.478286][ T7243] binder: 7242:7243 ioctl 400c620e 20000000 returned -22 [ 219.663916][ T4744] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 219.851607][ T4744] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 219.854748][ T4744] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 219.867509][ T4744] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 219.874216][ T4744] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.884415][ T4744] usb 1-1: config 0 descriptor?? [ 219.887194][ T7278] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 219.894418][ T4744] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 219.968089][ T7294] netlink: 28 bytes leftover after parsing attributes in process `syz.2.831'. [ 222.010895][ T7310] tipc: Started in network mode [ 222.012386][ T7310] tipc: Node identity 7f000001, cluster identity 4711 [ 222.015324][ T7310] tipc: Enabled bearer , priority 10 [ 223.125845][ T4343] tipc: Node number set to 2130706433 [ 223.155610][ T4744] usb 1-1: USB disconnect, device number 13 [ 224.363937][ T449] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.452259][ T449] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.543019][ T449] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.632908][ T449] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.776810][ T4297] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 224.781802][ T4313] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 224.785020][ T4297] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 224.787801][ T4297] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 224.790587][ T4297] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 224.793003][ T4297] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 225.544527][ T4343] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 225.544554][ T7336] page:00000000f56e2d0e refcount:4 mapcount:1 mapping:000000005d382aca index:0x2 pfn:0x138b3d [ 225.550292][ T7336] memcg:ffff0000cae2a000 [ 225.551522][ T7336] aops:shmem_aops ino:97 [ 225.552675][ T7336] flags: 0x5ffd80000080015(locked|uptodate|lru|swapbacked|node=0|zone=2|lastcpupid=0x7ff) [ 225.555433][ T7336] raw: 05ffd80000080015 fffffc0003e2cf08 fffffc0003e20c08 ffff0000d1441658 [ 225.557775][ T7336] raw: 0000000000000002 0000000000000000 0000000400000000 ffff0000cae2a000 [ 225.560169][ T7336] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio)) [ 225.562312][ T7336] ------------[ cut here ]------------ [ 225.563775][ T7336] kernel BUG at mm/filemap.c:153! [ 225.565713][ T7336] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP [ 225.567910][ T7336] Modules linked in: [ 225.569023][ T7336] CPU: 0 PID: 7336 Comm: syz.1.843 Not tainted 6.1.141-syzkaller #0 [ 225.571344][ T7336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 225.574134][ T7336] pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 225.576361][ T7336] pc : filemap_unaccount_folio+0x464/0x50c [ 225.577954][ T7336] lr : filemap_unaccount_folio+0x464/0x50c [ 225.579638][ T7336] sp : ffff800022617140 [ 225.580857][ T7336] x29: ffff800022617150 x28: ffff8000226174d0 x27: dfff800000000000 [ 225.583210][ T7336] x26: ffff7000044c2e3c x25: 0000000000000003 x24: ffff8000226174d0 [ 225.585420][ T7336] x23: ffff800022617200 x22: ffff0000d1441658 x21: fffffc0003e2cf58 [ 225.587632][ T7336] x20: ffff0000d1441658 x19: fffffc0003e2cf40 x18: 0000000000000000 [ 225.589940][ T7336] x17: 0000000000000000 x16: ffff8000082e743c x15: 0000000000000000 [ 225.592209][ T7336] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 [ 225.594473][ T7336] x11: ff008000087ad688 x10: 0000000000000000 x9 : ffff8000087ad688 [ 225.596860][ T7336] x8 : ffff0000f6fd3780 x7 : 0000000000000001 x6 : 0000000000000001 [ 225.599565][ T7336] x5 : ffff800022616b78 x4 : ffff800015154700 x3 : ffff80000852da40 [ 225.601894][ T7336] x2 : 0000000000000001 x1 : 0000000100000002 x0 : 0000000000000039 [ 225.604198][ T7336] Call trace: [ 225.605180][ T7336] filemap_unaccount_folio+0x464/0x50c [ 225.606786][ T7336] __filemap_remove_folio+0xc0/0x4d4 [ 225.608352][ T7336] filemap_remove_folio+0xcc/0x1bc [ 225.609760][ T7336] truncate_inode_folio+0x6c/0x84 [ 225.611178][ T7336] shmem_undo_range+0x400/0x1610 [ 225.612599][ T7336] shmem_evict_inode+0x204/0x8a0 [ 225.614000][ T7336] evict+0x3c8/0x810 [ 225.615094][ T7336] iput+0x764/0x7f4 [ 225.616208][ T7336] dentry_unlink_inode+0x360/0x438 [ 225.617729][ T7336] __dentry_kill+0x320/0x598 [ 225.619084][ T7336] dentry_kill+0xc8/0x248 [ 225.620323][ T7336] dput+0x238/0x454 [ 225.621451][ T7336] __fput+0x480/0x7c0 [ 225.622605][ T7336] ____fput+0x20/0x30 [ 225.623767][ T7336] task_work_run+0x1ec/0x270 [ 225.625128][ T7336] do_notify_resume+0x1f70/0x2b0c [ 225.626541][ T7336] el0_svc+0x98/0x138 [ 225.627700][ T7336] el0t_64_sync_handler+0x84/0xf0 [ 225.629138][ T7336] el0t_64_sync+0x18c/0x190 [ 225.630455][ T7336] Code: 9004a141 911c0021 aa1303e0 94037abd (d4210000) [ 225.632440][ T7336] ---[ end trace 0000000000000000 ]--- [ 226.236525][ T7336] Kernel panic - not syncing: Oops - BUG: Fatal exception [ 226.238598][ T7336] SMP: stopping secondary CPUs [ 226.239955][ T7336] Kernel Offset: disabled [ 226.241214][ T7336] CPU features: 0x080000,02070084,26017203 [ 226.242903][ T7336] Memory Limit: none [ 226.840828][ T7336] Rebooting in 86400 seconds..