last executing test programs: 10.215537113s ago: executing program 1 (id=2640): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r1, &(0x7f0000000440), 0x10) listen(r1, 0x0) accept4$vsock_stream(r1, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000280)={0x28, 0x0, 0x0, @local}, 0x10) shutdown(r3, 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffc}, 0x0, 0x0) 9.408043138s ago: executing program 1 (id=2645): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x9, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000140)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="09000000180001000000200000000000021400000000000a0000000005001b0002000000"], 0x24}}, 0x4000000) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) syz_usb_connect(0x0, 0x5f, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30001000000900020073797a310000000014000380080001400000000008040000000000004800000016160101000b008000000000010000000900020073797a3100000000090001ad8e3abd2d9dbbfd001c000380180003801400010070676d36726567310000000000000000140000001000010000000000000000000000000a33dff2cf"], 0xd0}}, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x42}, 0x94) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080) recvmsg$kcm(r4, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) socket(0x400000000010, 0x80000, 0x4008000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x81&\xf5\t\x00\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xa9J3\x18\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V\x01\x00\x00\x00\x00\x00\x00\x00\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOe+\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\x99I\x9a9+r\x91\x06\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx', 0x3) sendfile(r5, r6, &(0x7f00000001c0), 0x8) fcntl$addseals(r6, 0x409, 0x8) syz_emit_ethernet(0x4a, &(0x7f0000001900)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6062d308001406fffc010000000000000000000000000000fe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB], 0x0) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x20000000) 7.947826555s ago: executing program 0 (id=2649): pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x2, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="4daa000000000000791098000000000018090000", @ANYRES32, @ANYRESOCT], &(0x7f0000000000)='GPL\x00'}, 0x94) 7.807110817s ago: executing program 0 (id=2650): r0 = creat(&(0x7f0000000200)='./file1\x00', 0x12e) bpf$PROG_LOAD(0x5, 0x0, 0x0) close(0x3) socket$alg(0x26, 0x5, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) r2 = fsopen(&(0x7f00000001c0)='exfat\x00', 0x1) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0xa, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 5.559536878s ago: executing program 3 (id=2653): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r1, &(0x7f0000000440), 0x10) listen(r1, 0x0) accept4$vsock_stream(r1, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000280)={0x28, 0x0, 0x0, @local}, 0x10) shutdown(r3, 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffc}, 0x0, 0x0) 5.496203139s ago: executing program 0 (id=2654): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000a1f70000000000000000000085000000270000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80) 5.197561425s ago: executing program 0 (id=2655): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100", @ANYRES16, @ANYRES32=r0], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$RTC_PIE_ON(r5, 0x7005) ioctl$RTC_IRQP_SET(r5, 0x4008700c, 0x80000000000725) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a88000000060a010400000000000000000a0000010900010073797a31000000005c000480580001800b0001007461726765740000480002802c0003009ac420002e2eafb9fdd672bad09dfb78c7699c74e82fa0c700"/114], 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040) syz_io_uring_setup(0x5001, &(0x7f0000000300)={0x0, 0x334e, 0x1, 0x3, 0x89}, &(0x7f00000003c0), &(0x7f0000000380)) 5.101614997s ago: executing program 3 (id=2657): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) r1 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0) flock(r1, 0x2) r2 = open(&(0x7f0000000300)='.\x00', 0x102000, 0x0) flock(r2, 0x1) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 4.104846075s ago: executing program 2 (id=2659): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, 0x0, 0x0) sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x8, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0) 3.993027757s ago: executing program 0 (id=2660): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="70000000020605a3cfc8647108024e0000000007120003006269746d61703a69702c6d616300000005000400010000000900020073797a3000000000240007800c00028008000140000000020c0001800800014000000004080008400000005c05000500020000000500"], 0x70}}, 0x8000) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x3, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) 2.773943989s ago: executing program 2 (id=2661): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000340)={r0, &(0x7f0000000000), &(0x7f0000000500)=""/215}, 0x20) 2.657343411s ago: executing program 1 (id=2662): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000"], 0x40}}, 0x0) sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x8, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0) 2.600914673s ago: executing program 3 (id=2663): mkdirat(0xffffffffffffff9c, 0x0, 0x158) syz_mount_image$hfsplus(&(0x7f0000000800), &(0x7f0000000600)='./file0\x00', 0xa00010, &(0x7f0000000840)=ANY=[], 0x6, 0x646, &(0x7f0000002a80)="$eJzs3c9rHOf9B/D3rFZryV9wlMRO/C2BihjSUlFbP1Ba5RK3lKJDKCE99FiELcfCayVISlFCKepv6KmH/AHpQbeeCr0b0nN7y1XHQKGXnHQoqMzsrLSWVop+xSu1r5d59nlmnplnnvnszLMzuxYT4H/W/ESaT1JkfuKt9XJ6a3OmvbU5c6Wubicpy42kmQyXs4rlpPg0uZtOyv+XM+vli8O28/HS3DuffbH1eWeqWadq+cZR6x3PRp0ynmSozvdp/eEk7Q13CmU79/q3dwLF7h6WAbvVDRwM2s4BGydZ/YznLXARFJ3PzQPGkqtJRurrgNSjQ+PZ9u78nWiUAwAAgEvque1sZz3XBt0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuEzq5/8XdWp0y+Mpus//b9XzUpcvtSeD7gAAAAAAAAAAnNUbyde3s531XOvO2imq3/xfrSauV6//lw+ymsWs5HbWs5C1rGUlU0nGetpqrS+sra1MHWPN6b5rTj+bXQYAAAAAAACA/1K/yvze7/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBIQ3VedIpFna53y2NpNJOMJGmVy20k/+iWL4mi38wnz74fAAAAcCYjp1jnue1sZz3XutM7RXXP/1J1vzySD7KctSxlLe0s5n59D13e9Te2NmfaW5szj8t0sN3v/etE3aha3P0aot+Wb1ZLjOZBlqo5t3Ov6sz9NKo1Sze7/enfr1+WfSrerB2zZ/frvNzYHw/7FmEgxqqIDO9GZLLuWxmN54+OxJe+O80jtzSVxu43P9e/gphfrfNyf353MWPeSBWJ6Z6j76WjI5F8469//snD9vKjhw9WJy7OLp3S/mNipicSL1/qSDRPuPxkFYkbu9Pz+WF+nImM5+2sZCk/y0LWspidun6hPp7L17GjI3X3qam3v6wnrfp96Yyix+nTeH5QlRbyarXutSylyHu5n8W8Xv2bzlS+k9nMZq7nHb5xaL+rfavO+sbJzvpb36wLo0l+X+eD1vlILeP6fE9ce8fcsaqud85elF44/7Gx+bW6UG7j13V+MeyPxFRPJF48OhJ/qs6N1fbyo5WHC+8f0v7GvunX6rw84n6771PipwMdVcrj5YWM1CPJ00dHWffi7ijzdLxa9S8unbrGgbobVV1RdM/UHx16prbqa7iDLU1XdS/3rZup6m721D11vZX30t69HgLgArv6raut0X+O/n30k9HfjD4cfWvk+1e+e+WVVob/NvxGc3LotcYrxV/ySX6xd/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc3uqHHz1aaLcXV/oXGodXnW+hqB/k8yy2pXDMwr93Os695e5DBM/c4N2LEajLXBhK0q+qfotO83BR4FK4s/b4/TurH3707aXHC+8uvru4PDw7Ozc5N/v6zJ0HS+3Fyc7roHsJfBX2PvT71xcX6jHMAAAAAAAAAAAAQI739zY79f//O/VfGgx6HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDLbX4izScpMjV5e7Kc3tqcaZepW95bspmk0UiKnyfFp8nddFLGepor3jxkOx8vzb3z2Rdbn++11ayWLxut8zPYqFPGkwzV+Xm1d+/M7RW7e1gG7FY3cDBo/wkAAP//7swGBw==") pwritev2(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0xe7b, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001040)=ANY=[], 0x841, 0x0) lgetxattr(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)=@known='trusted.overlay.upper\x00', &(0x7f0000000f40)=""/199, 0xffffff92) 2.500153374s ago: executing program 2 (id=2664): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x80001, 0x0) r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x5, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f0000000180)={"2486910284ed923431d4c5d5fbf514fd00", r3}) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r4, 0xffffffffffffffff, 0x0) 1.431987644s ago: executing program 2 (id=2665): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r1, &(0x7f0000000440), 0x10) listen(r1, 0x0) accept4$vsock_stream(r1, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000280)={0x28, 0x0, 0x0, @local}, 0x10) shutdown(r3, 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8000000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffc}, 0x0, 0x0) 1.416172094s ago: executing program 1 (id=2666): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 1.372214565s ago: executing program 3 (id=2667): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, &(0x7f0000000040)={{0x8000, 0x8000}, {0x7, 0x9808}, 0x4, 0x1}) 1.313404516s ago: executing program 1 (id=2668): r0 = open(&(0x7f0000000000)='./bus\x00', 0x40000, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$key(0xf, 0x3, 0x2) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x40, &(0x7f0000000280)={[{@noinit_itable}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@noload}, {@usrquota}, {@data_ordered}, {@dioread_nolock}]}, 0x0, 0x503, &(0x7f0000001140)="$eJzs3c9vHFcdAPDvjL2x67q1C5UKCKgphYCi7Nqb1qp6KhcQqiohVZw4uMbeWJZ3vZZ3XWoTqfb/gEQlDgi4cOaAxKFSThwR3OCWSzggBYhAMRKHRbM/HMfejU2y2U28n480mnnzZuf7Xlbz3uZre18AI2suIvYj4lJEfBARM+3zSXuLd1pbdt29uzdWDu/eWEmi0Xj/H0mzPjsXx16Teb59z8nsvt+J+GFyOm5td29juVwubbfLhXplq1Db3bu6XlleK62VNovFxYXF+beuvVnsW19frfzmzrfX3/3+p7/70u0/7X/zx1mzptt1x/vRT62u547iZMYj4t0nEWwIxtr9uTTshvBI0oj4TES81nz+Z2Ks+W6eT5fHGgB4BjQaM9GYOV4GAC66tJkDS9J8OxcwHWmaz7dyeC/HVFqu1upXrld3NldbubLZyKXX18ul+XaucDZySVZe+Dg7vl8uxoPlaxHxUkT8ZOK5Zjm/cv48AwDQX8+fmP//PdGa/wGAC27yrAuWBtMOAGBwzpz/AYALx/wPAKPH/A8Ao8f8DwCjx/wPAKPmVmf+Hxt2SwCAgfjee+9lW+Ow/f3Xqx/u7mxUP7y6Wqpt5Cs7K/mV6vZWfq1aXSuX8ivVyln3K1erWwtvxM5HhXqpVi/UdveWKtWdzfpS83u9l0q5gfQKAHiYl169+ZckIvbffq65xbG1HMzVcLGlw24AMDRy/jC6fAs3jC7/xwfOWsuz568If/IIwRofP8KLgH67/Hn5fxhV8v8wuuT/YXTJ/8PoajSSXmv+p0eXAAAXihw/MNCf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAFMd3cZo+V0zSfj3ghImYjl1xfL5fmI+LFiPjzRG4iKy8MtcUAwONL/5a01/+6PPP69MnaS8l/Jpr7iPjRz97/6UfL9fr2Qnb+n0fn65+0zxeH0X4A4Cydebozj3fcu3tjpbMNsj13vtVaXDSLe9jeWjXjMZ7t/jgZuYiY+lfSKrdln1fG+hB//yAiPtet/0kzNzLbXvn0ZPws9gsDjZ8+ED9t1rX22b/FZ0/deaJnzLPWeoVRcTMbf97p9vylMdfcT3Zd/HiyOUI9vs74d3hq/Os875PNsabb+Dd33hhv/P67PesOIr4w3i1+chQ/6RH/9XPGv/XFL7/Wq67xi4jL0T3+8ViFemWrUNvdu7peWV4rrZU2i8XFhcX5t669WSw0c9SFTqb6tL+/feXFnv3/dcRUj/iTZ/T/a/eLc7863bOjAfiX//3gB1/pFf8g4htf7f7+v/yQ+Nmc+PVenTpheeq3PZfvzuKvtvp/8P++/1fOGf/2X/dWz3kpADAAtd29jeVyubTd14Nc9PmGxw6SJ9TmZ/6g85H5aWnP03aQfR5/3Pu80k6Zdb3mDz//9JWscug97cvBUIclYADuP/TDbgkAAAAAAAAAAAAAANDLE/9zonTYPQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAi+18AAAD//zqXyDg=") mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff}) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x10, 0xfffffffffffffffe, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) ioctl$FIDEDUPERANGE(r4, 0xc0189436, &(0x7f00000005c0)=ANY=[@ANYBLOB="fdffffffffcf3b316b9cffffffffffff7f"]) sendmsg$key(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x10}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc) splice(r1, 0x0, r3, 0x0, 0x4ffe6, 0x8) getdents(r0, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r0, 0xc1004111, &(0x7f0000000080)={0x4, [0x97, 0xa, 0x4], [{0xf, 0x81, 0x1, 0x0, 0x1}, {0xe0, 0xfb4, 0x1, 0x1, 0x1}, {0x9, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x41fc, 0xe, 0x1, 0x1, 0x0, 0x1}, {0x5, 0x5, 0x1, 0x1, 0x0, 0x1}, {0x9, 0xffff47a1, 0x0, 0x1}, {0x3, 0x6, 0x0, 0x1, 0x0, 0x1}, {0xffff, 0x5, 0x0, 0x0, 0x1}, {0x9, 0x8, 0x1, 0x1, 0x0, 0x1}, {0xfffffc00, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5e3, 0x55, 0x1, 0x1, 0x0, 0x1}, {0x80000001, 0xf75, 0x0, 0x1, 0x1, 0x1}], 0x7fff}) msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000040)=""/24) 1.203678248s ago: executing program 2 (id=2669): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100", @ANYRES16, @ANYRES32=r0], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$RTC_PIE_ON(r5, 0x7005) ioctl$RTC_IRQP_SET(r5, 0x4008700c, 0x80000000000725) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a88000000060a010400000000000000000a0000010900010073797a31000000005c000480580001800b0001007461726765740000480002802c0003009ac420002e2eafb9fdd672bad09dfb78c7699c74e82fa0c700"/114], 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040) syz_io_uring_setup(0x5001, &(0x7f0000000300)={0x0, 0x334e, 0x1, 0x3, 0x89}, &(0x7f00000003c0), &(0x7f0000000380)) 1.11192758s ago: executing program 3 (id=2670): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, 0x0, 0x0) sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x8, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0) 250.292896ms ago: executing program 1 (id=2671): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x9, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000140)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="09000000180001000000200000000000021400000000000a0000000005001b0002000000"], 0x24}}, 0x4000000) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) syz_usb_connect(0x0, 0x5f, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30001000000900020073797a310000000014000380080001400000000008040000000000004800000016160101000b008000000000010000000900020073797a3100000000090001ad8e3abd2d9dbbfd001c000380180003801400010070676d36726567310000000000000000140000001000010000000000000000000000000a33dff2cf"], 0xd0}}, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x42}, 0x94) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080) recvmsg$kcm(r4, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) socket(0x400000000010, 0x80000, 0x4008000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x81&\xf5\t\x00\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xa9J3\x18\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V\x01\x00\x00\x00\x00\x00\x00\x00\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOe+\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\x99I\x9a9+r\x91\x06\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx', 0x3) sendfile(r5, r6, &(0x7f00000001c0), 0x8) fcntl$addseals(r6, 0x409, 0x8) syz_emit_ethernet(0x4a, &(0x7f0000001900)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6062d308001406fffc010000000000000000000000000000fe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB], 0x0) sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0xa, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x20000000) 235.710016ms ago: executing program 0 (id=2672): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) r1 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0) flock(r1, 0x2) r2 = open(&(0x7f0000000300)='.\x00', 0x102000, 0x0) flock(r2, 0x1) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 81.044459ms ago: executing program 2 (id=2673): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f00000002c0)=ANY=[], 0x81, 0x4ac, &(0x7f00000011c0)="$eJzs20tsG1UXwPFzPLbruPk+3Adpi6piCSRCS9skLmmrIKE8iEBqG0gaEBUPhdgJJk4cxSkkVUu7BHYsumTJlgUrxBZVYolYoCDUXemGjVeUHeiO52XXSewm8TT1/1e1dx7H7r33zMy914kFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIDL022NOrYdcCAAC00qWJ8Z4M4z8AAG3lMut/AACAdqJiyR+icnKurBft/YrEhfzC1ZXJkdH6L+tQUYmIZcebv4nevsyZl/vPnnPLjV+/3Y7I2MTlwfRwcX5xKVcq5bLpyYX8dDGba/gdtvr6WsftDkjPz13NzsyU0n2nMlWnV1L39+ztSg30vz8cd2MnR0ZHJwIx0dgj/+8PWW+GHxdLXhSVT374Ti+JSES23hebXDs7rcNuxHG7EZMjo3ZDCvmphWVzUiNOVKS6T+JuH7UgF1sSETH10vj2rNliYsmPojJ0uqxjImK5/XDC/mC4ofqEIWqWriLSLbsgZ4+xPWLJh6Jy53RK3nT61c5/XOR62JXDjos6939Ry/qW/Tww95N5bF54O/3GwkwxEKsR545qZnyocw+GPj600mP+bEqIJWP2HV/W8bArg5brEEvmRSX+9af2vELseelTA2ePPXs+OMM4tMn7mNhTzs3VyJgcc6YOGjF/HqHa2BYJteRPUXnwe8Le73Zyw08E2oRaUhCVf26UVWvWpVZgfe/Z7WvDna1/R2K4uLi6lJ/9eLnu+WRi8KPS8tLUdP3TlbWrFTyy2Tq2VqS5JVlSKyu+Lz4re69z1gD/q+z5tfn2un8tdNeUruD108h2w8+ZJuZRpk6qltwTlZkPDlfGGUk23TftwOR/VFRK5V/UzbST/2hlL5D/V/z+S2h16bFz+//K51ruXOLIlYPrHd+J/Js6mfy/KypDfx92PtOo5N+qiTVxXaLy3u2jTlwkbuKibnMq7ziTL+R6TOy/orL/ZzdW7NikE3vAj+01sSVR+fJOdexeJ/agH9tnYtdE5e5v9WOf9mMzJnbV5Otu2o1NmthjTmyXH3tquljIbtatJv99ovLOzdfVbfO6+Q/c/7dqSs9DOd94e7vynwocu+Xk9YqT/+gm+f9KVFb/Ouq22+5797LaZ//r59/Mlb+/XR3rTkb3+7G9jTYrbCb/+0Tl/qtrXpudtjm7foaC+X8mWl16/RpS/vcFjqWcesWb7It2VFq9NjdVKOSW2GCDDTa8jbCfTGgFM/6Pm1G931J3HuOM/52VPX/G9OBzf/wfqCk9IY3/+wPHBpxZSywqklieX4wdEkmUVq+dzM9PzeZmcwuZM/09fefP9GTOxeLu5M7farjvngQm/ydE5cZPv3rrmOr5X/35f7Km9ISU/wPBNlXNaxruirZk8t8pKv331rz15kbzf3f93/1cdendfyHl/2DgWMqpV2eTfQEAAAAAAAAAAAAAAAAAu0lSLXleVFbGX1L3O0SN/P5ftqb0hPT7X12BY9nt/16D+9WoqlONVh0AAAAAAAAAAKCVImLJN6LygpT1pjnQKXIxWOKJ9l8AAAD//16uQhc=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0) 0s ago: executing program 3 (id=2674): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f00050000000300"], 0x40}}, 0x0) sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x8, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0) kernel console output (not intermixed with test programs): =unconfined pid=7013 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 208.520611][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 208.520945][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 208.560320][ T27] audit: type=1326 audit(1759526569.555:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 208.599388][ T27] audit: type=1326 audit(1759526569.555:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 208.640916][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 208.641307][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 208.690956][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 208.707135][ T27] audit: type=1326 audit(1759526569.555:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 208.730005][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 208.738472][ T27] audit: type=1326 audit(1759526569.565:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 208.782351][ T27] audit: type=1326 audit(1759526569.565:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7013 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 208.809718][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 208.820437][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 208.860842][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 208.914408][ T7001] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 208.991832][ T7001] BTRFS error (device loop0): open_ctree failed: -12 [ 213.465185][ T27] kauditd_printk_skb: 13 callbacks suppressed [ 213.465198][ T27] audit: type=1326 audit(1759526576.185:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.095991][ T27] audit: type=1326 audit(1759526576.185:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.192115][ T27] audit: type=1326 audit(1759526576.185:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.214968][ T27] audit: type=1326 audit(1759526576.185:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.231900][ T7098] loop3: detected capacity change from 0 to 512 [ 214.249157][ T27] audit: type=1326 audit(1759526576.185:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.316542][ T7098] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.375: casefold flag without casefold feature [ 214.346116][ T27] audit: type=1326 audit(1759526576.185:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.382509][ T7098] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.375: couldn't read orphan inode 15 (err -117) [ 214.397710][ T27] audit: type=1326 audit(1759526576.185:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.443966][ T7098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 214.470464][ T27] audit: type=1326 audit(1759526576.185:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.540205][ T27] audit: type=1326 audit(1759526576.185:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.668295][ T27] audit: type=1326 audit(1759526576.185:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 214.975597][ T7111] loop1: detected capacity change from 0 to 128 [ 215.111841][ T7111] EXT4-fs (loop1): Test dummy encryption mode enabled [ 215.145952][ T7111] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 215.169146][ T7111] ext4 filesystem being mounted at /94/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 215.597882][ T5786] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 215.959514][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.480574][ T7158] loop0: detected capacity change from 0 to 32768 [ 219.522422][ T7158] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 219.561153][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 219.561168][ T27] audit: type=1326 audit(1759526582.275:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 219.624288][ T7158] XFS (loop0): Ending clean mount [ 219.635376][ T27] audit: type=1326 audit(1759526582.275:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 219.667898][ T27] audit: type=1326 audit(1759526582.285:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 219.668530][ T7158] XFS (loop0): Quotacheck needed: Please wait. [ 219.716000][ T27] audit: type=1326 audit(1759526582.285:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 219.839628][ T27] audit: type=1326 audit(1759526582.285:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 219.887344][ T7158] XFS (loop0): Quotacheck: Done. [ 219.902065][ T27] audit: type=1326 audit(1759526582.285:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 219.928292][ T27] audit: type=1326 audit(1759526582.285:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 220.133964][ T27] audit: type=1326 audit(1759526582.285:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 220.594802][ T27] audit: type=1326 audit(1759526582.285:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 220.617586][ T27] audit: type=1326 audit(1759526582.285:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 221.201607][ T5783] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 222.958319][ T7194] tipc: Started in network mode [ 222.977134][ T7194] tipc: Node identity ff0f00000000000008, cluster identity 3601 [ 225.098068][ T7213] loop0: detected capacity change from 0 to 512 [ 225.126096][ T7213] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.409: casefold flag without casefold feature [ 225.139555][ T7213] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.409: couldn't read orphan inode 15 (err -117) [ 225.172534][ T7213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.515722][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.535307][ T7227] tipc: Started in network mode [ 226.540715][ T7227] tipc: Node identity ff0f00000000000008, cluster identity 3601 [ 226.576699][ T7225] loop3: detected capacity change from 0 to 1024 [ 226.620807][ T7225] EXT4-fs: inline encryption not supported [ 226.637876][ T7225] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 226.904808][ T7225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 228.091542][ T7247] loop0: detected capacity change from 0 to 128 [ 228.129239][ T7247] EXT4-fs (loop0): Test dummy encryption mode enabled [ 228.171430][ T7225] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.415: Allocating blocks 449-513 which overlap fs metadata [ 228.457770][ T7247] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 228.483376][ T7225] EXT4-fs (loop3): Remounting filesystem read-only [ 228.502938][ T7247] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 228.673807][ T7223] EXT4-fs (loop3): pa ffff8880782ea9f8: logic 256, phys. 385, len 8 [ 229.454336][ T5783] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 229.493520][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.111942][ T7286] loop0: detected capacity change from 0 to 1024 [ 232.181604][ T7286] EXT4-fs: inline encryption not supported [ 232.239105][ T7286] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 232.510387][ T7286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 232.620471][ T7288] loop3: detected capacity change from 0 to 32768 [ 232.653614][ T7288] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 232.707374][ T7286] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4031: comm syz.0.429: Allocating blocks 449-513 which overlap fs metadata [ 232.916145][ T7286] EXT4-fs (loop0): Remounting filesystem read-only [ 233.279759][ T7288] XFS (loop3): Ending clean mount [ 233.307039][ T7288] XFS (loop3): Quotacheck needed: Please wait. [ 233.626538][ T7288] XFS (loop3): Quotacheck: Done. [ 233.683625][ T7285] EXT4-fs (loop0): pa ffff8880782eacb0: logic 256, phys. 385, len 8 [ 233.987817][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.500904][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 236.796728][ T7343] loop0: detected capacity change from 0 to 1024 [ 236.847899][ T7343] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 237.022504][ T7343] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.808167][ T7355] EXT4-fs warning (device loop0): empty_inline_dir:1846: bad inline directory (dir #12) - no `..' [ 239.101789][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.507331][ T7366] netlink: 108 bytes leftover after parsing attributes in process `syz.3.453'. [ 241.727980][ T7383] loop1: detected capacity change from 0 to 256 [ 241.756576][ T7383] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 241.802281][ T7383] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 241.878680][ T7383] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 242.067317][ T7393] netlink: 56 bytes leftover after parsing attributes in process `syz.2.461'. [ 245.270431][ T7428] netlink: 4 bytes leftover after parsing attributes in process `syz.3.474'. [ 248.769200][ T7476] fuse: Unknown parameter 'fd0x0000000000000005' [ 249.613904][ T7479] netlink: 108 bytes leftover after parsing attributes in process `syz.1.491'. [ 250.531204][ T7486] ieee802154 phy0 wpan0: encryption failed: -22 [ 250.810301][ T7492] loop1: detected capacity change from 0 to 1024 [ 250.836570][ T7492] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 250.896529][ T7492] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.534606][ T7492] EXT4-fs warning (device loop1): empty_inline_dir:1846: bad inline directory (dir #12) - no `..' [ 251.645294][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.258960][ T7503] loop1: detected capacity change from 0 to 32768 [ 252.299336][ T7503] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 scanned by syz.1.500 (7503) [ 252.433817][ T7503] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 252.454576][ T7503] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 252.479976][ T7503] BTRFS info (device loop1): turning off barriers [ 252.525562][ T7503] BTRFS info (device loop1): turning on flush-on-commit [ 252.550308][ T7503] BTRFS info (device loop1): using free space tree [ 252.794024][ T7503] BTRFS info (device loop1): enabling ssd optimizations [ 252.817110][ T7503] BTRFS info (device loop1): auto enabling async discard [ 253.237208][ T5786] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 253.640864][ T7548] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.156900][ T7565] loop3: detected capacity change from 0 to 1024 [ 255.872364][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.878710][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.975843][ T7565] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 256.024937][ T7565] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 256.173073][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.899475][ T7593] loop0: detected capacity change from 0 to 1024 [ 257.911983][ T7576] loop1: detected capacity change from 0 to 40427 [ 257.953045][ T7593] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 257.966041][ T7576] F2FS-fs (loop1): build fault injection attr: rate: 25, type: 0x7ffff [ 258.030673][ T7593] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.080401][ T7576] F2FS-fs (loop1): invalid crc value [ 258.128557][ T7576] F2FS-fs (loop1): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4552/0x6c20 [ 258.190297][ T7576] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-12) [ 258.239827][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.254462][ T7633] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.154948][ T7684] loop3: detected capacity change from 0 to 4096 [ 275.375562][ T7761] syz.3.588 (7761): drop_caches: 2 [ 278.414941][ T7803] loop3: detected capacity change from 0 to 262144 [ 278.448703][ T7803] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by syz.3.602 (7803) [ 278.472930][ T7803] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 278.483214][ T7803] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 278.492483][ T7803] BTRFS info (device loop3): using free space tree [ 278.511084][ T8] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 278.666505][ T7803] BTRFS info (device loop3): enabling ssd optimizations [ 278.714585][ T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 278.905491][ T7828] overlayfs: failed to clone upperpath [ 279.676589][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 279.686121][ T8] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 279.695328][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.707311][ T8] usb 1-1: config 0 descriptor?? [ 279.779220][ T8] usb 1-1: USB disconnect, device number 8 [ 279.870618][ T7803] BTRFS info (device loop3): balance: start -dsoft,vrange=7310315401411572256..8241978140405297006,limit=7958826364284444772,limit=540024932..1853058665 -msoft,vrange=7310315401411572256..8241978140405297006,limit=7958826364284444772,limit=540024932..1853058665 -ssoft,vrange=7310315401411572256..8241978140405297006,limit=7958826364284444772,limit=540024932..1853058665 [ 279.907818][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 279.907833][ T27] audit: type=1326 audit(1759526642.625:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 279.994010][ T7803] BTRFS info (device loop3): relocating block group 30408704 flags metadata|dup [ 280.053647][ T27] audit: type=1326 audit(1759526642.675:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 280.109561][ T27] audit: type=1326 audit(1759526642.675:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 280.160382][ T27] audit: type=1326 audit(1759526642.675:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 280.306761][ T27] audit: type=1326 audit(1759526642.675:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 280.329112][ T27] audit: type=1326 audit(1759526642.675:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 280.351372][ T27] audit: type=1326 audit(1759526642.675:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 280.373993][ T27] audit: type=1326 audit(1759526642.675:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 280.399566][ T27] audit: type=1326 audit(1759526642.675:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 280.426242][ T7803] BTRFS info (device loop3): balance: canceled [ 280.470546][ T5784] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 280.567259][ T27] audit: type=1326 audit(1759526642.675:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7831 comm="syz.2.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 284.021287][ T58] wlan1: Trigger new scan to find an IBSS to join [ 285.792768][ T7912] loop0: detected capacity change from 0 to 1024 [ 285.814496][ T7912] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 285.849093][ T7912] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.010799][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.046714][ T7923] trusted_key: syz.3.640 sent an empty control message without MSG_MORE. [ 287.488386][ T7942] syz.1.643: attempt to access beyond end of device [ 287.488386][ T7942] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 288.219991][ T3431] wlan1: Trigger new scan to find an IBSS to join [ 288.868952][ T7955] loop0: detected capacity change from 0 to 2048 [ 288.947261][ T7955] NILFS (loop0): unrecognized mount option "00000000000000000000072" [ 289.652108][ T2903] wlan1: Creating new IBSS network, BSSID aa:d7:52:8f:d7:b8 [ 289.724655][ T7958] loop3: detected capacity change from 0 to 1024 [ 289.741830][ T7958] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 289.845258][ T7958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.035407][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.369302][ T7989] syz.0.656: attempt to access beyond end of device [ 292.369302][ T7989] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 297.380899][ T8023] netlink: 8 bytes leftover after parsing attributes in process `syz.1.663'. [ 297.520963][ T27] kauditd_printk_skb: 26 callbacks suppressed [ 297.520977][ T27] audit: type=1326 audit(1759526660.245:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 297.579643][ T27] audit: type=1326 audit(1759526660.245:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 297.629663][ T27] audit: type=1326 audit(1759526660.275:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 297.807331][ T27] audit: type=1326 audit(1759526660.275:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 297.903937][ T27] audit: type=1326 audit(1759526660.275:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 297.962642][ T27] audit: type=1326 audit(1759526660.275:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 297.998220][ T27] audit: type=1326 audit(1759526660.285:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 298.026225][ T27] audit: type=1326 audit(1759526660.285:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 298.052971][ T27] audit: type=1326 audit(1759526660.285:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 298.086953][ T27] audit: type=1326 audit(1759526660.285:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8024 comm="syz.3.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 298.160715][ T8029] loop3: detected capacity change from 0 to 4096 [ 298.225191][ T8029] EXT4-fs (loop3): Test dummy encryption mode enabled [ 298.256518][ T8029] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 298.298463][ T8029] System zones: 0-5 [ 298.358043][ T8029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.113819][ T8029] fscrypt (loop3): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))") [ 300.721712][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.387377][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 304.387392][ T27] audit: type=1326 audit(1759526667.105:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 304.447005][ T27] audit: type=1326 audit(1759526667.135:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 304.512302][ T8088] ieee802154 phy0 wpan0: encryption failed: -22 [ 304.517296][ T27] audit: type=1326 audit(1759526667.145:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 304.645394][ T27] audit: type=1326 audit(1759526667.145:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 304.743631][ T27] audit: type=1326 audit(1759526667.145:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 304.832689][ T27] audit: type=1326 audit(1759526667.145:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 304.948916][ T27] audit: type=1326 audit(1759526667.145:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 304.987687][ T27] audit: type=1326 audit(1759526667.155:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 305.016163][ T27] audit: type=1326 audit(1759526667.155:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 305.046266][ T27] audit: type=1326 audit(1759526667.155:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8086 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 305.580504][ T8100] loop1: detected capacity change from 0 to 128 [ 307.740209][ T5834] usb 1-1: new low-speed USB device number 9 using dummy_hcd [ 308.079321][ T5834] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 308.120365][ T5834] usb 1-1: config 0 has no interface number 0 [ 308.130210][ T5834] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 308.141784][ T5834] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 308.152756][ T5834] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 308.162102][ T5834] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.173048][ T5834] usb 1-1: config 0 descriptor?? [ 308.180262][ T8102] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 308.212923][ T5834] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 308.432534][ C1] iowarrior 1-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1 [ 308.443730][ T5834] usb 1-1: USB disconnect, device number 9 [ 309.780279][ T5851] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 309.999897][ T5851] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 310.010685][ T5851] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 310.019815][ T5851] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 310.031762][ T5851] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.255205][ T8136] block nbd0: server does not support multiple connections per device. [ 310.276206][ T5851] usb 1-1: config 0 descriptor?? [ 310.446051][ T8136] block nbd0: shutting down sockets [ 310.456435][ T5851] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 310.602588][ T5851] dvb-usb: bulk message failed: -22 (3/0) [ 310.660977][ T5851] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 310.696962][ T5851] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 310.735198][ T5851] usb 1-1: media controller created [ 310.751879][ T5851] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 310.803895][ T5851] dvb-usb: bulk message failed: -22 (6/0) [ 310.821628][ T5851] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 310.875723][ T5851] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input9 [ 310.911996][ T5851] dvb-usb: schedule remote query interval to 150 msecs. [ 312.312548][ T8145] loop3: detected capacity change from 0 to 262144 [ 312.322281][ T5851] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 312.333076][ T5851] usb 1-1: USB disconnect, device number 10 [ 312.348823][ T8145] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by syz.3.707 (8145) [ 312.370471][ T8145] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 312.380687][ T8145] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 312.389905][ T8145] BTRFS info (device loop3): using free space tree [ 312.456924][ T5851] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 312.839984][ T8145] BTRFS info (device loop3): enabling ssd optimizations [ 312.938274][ T5784] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 314.474880][ T5776] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 9 /dev/loop3 scanned by udevd (5776) [ 314.597073][ T8182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.714'. [ 317.293380][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.313753][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.059966][ T8206] loop0: detected capacity change from 0 to 128 [ 319.693276][ T6209] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 322.020225][ T5834] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 322.206052][ T5834] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 322.230162][ T5834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 322.250186][ T5834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 322.270170][ T5834] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 322.301341][ T5834] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 322.320188][ T5834] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 322.328240][ T5834] usb 4-1: Manufacturer: syz [ 322.342617][ T5834] usb 4-1: config 0 descriptor?? [ 323.290240][ T5834] rc_core: IR keymap rc-hauppauge not found [ 323.310158][ T5834] Registered IR keymap rc-empty [ 323.338431][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 323.402200][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 323.443547][ T5834] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 323.488413][ T5834] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input10 [ 323.529839][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 323.580435][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 323.640313][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 323.691260][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 323.829685][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 324.012496][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 324.142083][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 325.000399][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 325.030320][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 325.064228][ T5834] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 325.112096][ T5834] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 325.130191][ T5834] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 325.183109][ T5834] usb 4-1: USB disconnect, device number 7 [ 326.832488][ T8295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.759'. [ 328.714917][ T8314] delete_channel: no stack [ 331.744447][ T8333] loop3: detected capacity change from 0 to 4096 [ 338.131084][ T8389] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 338.242484][ T8393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.791'. [ 341.376312][ T8432] netlink: 8 bytes leftover after parsing attributes in process `syz.2.804'. [ 342.346954][ T8444] loop3: detected capacity change from 0 to 128 [ 345.214040][ T8473] loop3: detected capacity change from 0 to 128 [ 346.476017][ T8485] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 346.496400][ T8486] netlink: 8 bytes leftover after parsing attributes in process `syz.1.821'. [ 351.419358][ T2903] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 351.656259][ T8534] netlink: 8 bytes leftover after parsing attributes in process `syz.3.838'. [ 357.581093][ T8584] ieee802154 phy0 wpan0: encryption failed: -22 [ 359.732450][ T8604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.864'. [ 364.808759][ T8662] ieee802154 phy0 wpan0: encryption failed: -22 [ 366.653057][ T8671] netlink: 8 bytes leftover after parsing attributes in process `syz.2.887'. [ 373.948421][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 373.948435][ T27] audit: type=1326 audit(1759526736.665:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.020228][ T27] audit: type=1326 audit(1759526736.665:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.425811][ T27] audit: type=1326 audit(1759526736.665:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.649046][ T27] audit: type=1326 audit(1759526736.665:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.743946][ T27] audit: type=1326 audit(1759526736.665:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.769924][ T27] audit: type=1326 audit(1759526736.665:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.794110][ T27] audit: type=1326 audit(1759526736.665:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.827638][ T27] audit: type=1326 audit(1759526736.665:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.870310][ T27] audit: type=1326 audit(1759526736.665:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 374.919531][ T27] audit: type=1326 audit(1759526736.705:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f8c27d8eec9 code=0x7ffc0000 [ 375.059555][ T8753] netlink: 8 bytes leftover after parsing attributes in process `syz.0.911'. [ 378.726951][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.733734][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.630777][ C1] hrtimer: interrupt took 39279 ns [ 380.056819][ T8796] ieee802154 phy0 wpan0: encryption failed: -22 [ 380.245514][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 380.245528][ T27] audit: type=1326 audit(1759526742.965:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 380.350277][ T27] audit: type=1326 audit(1759526742.965:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 380.419095][ T27] audit: type=1326 audit(1759526742.965:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 380.465998][ T27] audit: type=1326 audit(1759526742.965:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 380.488970][ T27] audit: type=1326 audit(1759526742.965:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 380.512062][ T27] audit: type=1326 audit(1759526742.965:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 380.549072][ T27] audit: type=1326 audit(1759526742.965:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 380.976530][ T27] audit: type=1326 audit(1759526742.975:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 381.210507][ T27] audit: type=1326 audit(1759526742.975:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 381.257743][ T27] audit: type=1326 audit(1759526742.975:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8801 comm="syz.1.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 381.760697][ T8818] netlink: 8 bytes leftover after parsing attributes in process `syz.3.932'. [ 382.884003][ T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 387.014268][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 387.014282][ T27] audit: type=1326 audit(1759526749.735:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8871 comm="syz.2.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 387.168921][ T27] audit: type=1326 audit(1759526749.765:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8871 comm="syz.2.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 387.287615][ T27] audit: type=1326 audit(1759526749.765:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8871 comm="syz.2.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 387.338375][ T27] audit: type=1326 audit(1759526749.775:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8871 comm="syz.2.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 390.206103][ T8912] netlink: 8 bytes leftover after parsing attributes in process `syz.0.963'. [ 390.321647][ T27] audit: type=1326 audit(1759526753.035:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8916 comm="syz.1.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 390.419900][ T27] audit: type=1326 audit(1759526753.035:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8916 comm="syz.1.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 390.991057][ T27] audit: type=1326 audit(1759526753.045:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8916 comm="syz.1.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 391.020061][ T27] audit: type=1326 audit(1759526753.045:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8916 comm="syz.1.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 391.065919][ T27] audit: type=1326 audit(1759526753.045:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8916 comm="syz.1.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 391.212606][ T27] audit: type=1326 audit(1759526753.045:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8916 comm="syz.1.967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 394.986269][ T27] kauditd_printk_skb: 5 callbacks suppressed [ 394.986283][ T27] audit: type=1326 audit(1759526757.705:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.020818][ T27] audit: type=1326 audit(1759526757.705:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.049570][ T27] audit: type=1326 audit(1759526757.735:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.081077][ T27] audit: type=1326 audit(1759526757.735:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.174328][ T27] audit: type=1326 audit(1759526757.735:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.243054][ T27] audit: type=1326 audit(1759526757.745:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.266614][ T27] audit: type=1326 audit(1759526757.745:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.299510][ T27] audit: type=1326 audit(1759526757.745:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.601129][ T27] audit: type=1326 audit(1759526757.865:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 395.629612][ T27] audit: type=1326 audit(1759526757.865:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8953 comm="syz.2.979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 397.016753][ T8990] netlink: 8 bytes leftover after parsing attributes in process `syz.2.988'. [ 401.038247][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 401.038261][ T27] audit: type=1326 audit(1759526763.745:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 401.144529][ T27] audit: type=1326 audit(1759526763.745:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 401.248152][ T27] audit: type=1326 audit(1759526763.745:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 401.398126][ T27] audit: type=1326 audit(1759526763.755:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 401.421650][ T27] audit: type=1326 audit(1759526763.755:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 401.487140][ T27] audit: type=1326 audit(1759526763.755:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 401.693232][ T27] audit: type=1326 audit(1759526763.755:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 401.750735][ T27] audit: type=1326 audit(1759526763.755:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 401.775037][ T27] audit: type=1326 audit(1759526763.755:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 402.365478][ T27] audit: type=1326 audit(1759526763.755:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.1.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 406.337658][ T9068] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1015'. [ 408.770656][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 408.770669][ T27] audit: type=1326 audit(1759526771.495:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 408.918077][ T27] audit: type=1326 audit(1759526771.525:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 409.053201][ T27] audit: type=1326 audit(1759526771.525:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 409.324609][ T27] audit: type=1326 audit(1759526771.535:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 409.354271][ T27] audit: type=1326 audit(1759526771.535:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 409.515415][ T27] audit: type=1326 audit(1759526771.535:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 409.710206][ T27] audit: type=1326 audit(1759526771.535:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 409.732686][ T27] audit: type=1326 audit(1759526771.545:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 409.759592][ T27] audit: type=1326 audit(1759526771.545:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 409.784885][ T27] audit: type=1326 audit(1759526771.545:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9091 comm="syz.2.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81d7f8eec9 code=0x7ffc0000 [ 414.319497][ T9153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1040'. [ 415.718761][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 415.718774][ T27] audit: type=1326 audit(1759526778.435:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 415.949448][ T38] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 415.984416][ T27] audit: type=1326 audit(1759526778.465:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 416.070402][ T27] audit: type=1326 audit(1759526778.465:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 416.096257][ T27] audit: type=1326 audit(1759526778.465:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 416.148063][ T27] audit: type=1326 audit(1759526778.475:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 416.257759][ T27] audit: type=1326 audit(1759526778.475:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 416.291920][ T27] audit: type=1326 audit(1759526778.475:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 416.470411][ T27] audit: type=1326 audit(1759526778.475:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 417.176368][ T27] audit: type=1326 audit(1759526778.475:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 417.303223][ T27] audit: type=1326 audit(1759526778.475:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.1047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 423.916004][ T9231] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1065'. [ 424.796001][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 424.796015][ T27] audit: type=1326 audit(1759526787.515:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 425.640147][ T27] audit: type=1326 audit(1759526787.555:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 425.663954][ T27] audit: type=1326 audit(1759526787.555:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 425.706670][ T27] audit: type=1326 audit(1759526787.555:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 425.966900][ T27] audit: type=1326 audit(1759526787.555:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 426.224662][ T27] audit: type=1326 audit(1759526787.555:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 426.247531][ T27] audit: type=1326 audit(1759526787.555:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 426.360443][ T27] audit: type=1326 audit(1759526787.995:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 426.480629][ T27] audit: type=1326 audit(1759526788.305:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 426.891165][ T27] audit: type=1326 audit(1759526788.305:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9241 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 435.433918][ T9344] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1096'. [ 440.369638][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.376830][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.576252][ T9419] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'. [ 448.266189][ T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 451.022064][ T9501] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1145'. [ 459.184730][ T9577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1167'. [ 464.971737][ T9603] loop3: detected capacity change from 0 to 262144 [ 465.061864][ T9603] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 465.072234][ T9603] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 465.081794][ T9603] BTRFS info (device loop3): using free space tree [ 465.161185][ T9603] BTRFS info (device loop3): enabling ssd optimizations [ 465.277092][ T9603] BTRFS info (device loop3): balance: start -d -m -s [ 465.288874][ T9603] BTRFS info (device loop3): relocating block group 30408704 flags metadata|dup [ 465.347574][ T9603] BTRFS info (device loop3): found 3 extents, stage: move data extents [ 465.389752][ T9603] BTRFS info (device loop3): relocating block group 22020096 flags system|dup [ 465.433037][ T9603] BTRFS info (device loop3): balance: canceled [ 465.500941][ T5784] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 469.364628][ T9664] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1191'. [ 475.627241][ T9715] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1206'. [ 480.777191][ T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 483.248397][ T9776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1223'. [ 490.927614][ T9848] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1243'. [ 491.804722][ T9854] loop3: detected capacity change from 0 to 128 [ 498.132041][ T9903] netlink: 'syz.3.1259': attribute type 1 has an invalid length. [ 498.192862][ T9903] 8021q: adding VLAN 0 to HW filter on device bond1 [ 498.224132][ T9906] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1261'. [ 498.239929][ T9907] bond1: (slave ip6gretap1): making interface the new active one [ 498.388666][ T9907] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 498.517823][ T9903] veth3: entered promiscuous mode [ 498.549478][ T9903] bond1: (slave veth3): Enslaving as an active interface with a down link [ 498.620940][ T9907] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 500.028659][ T9924] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1266'. [ 501.970525][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.987012][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.593271][ T9950] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1273'. [ 505.334532][ T9989] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1284'. [ 509.339928][T10024] netlink: 'syz.3.1294': attribute type 1 has an invalid length. [ 510.101940][T10024] bond2: entered promiscuous mode [ 510.107339][T10024] 8021q: adding VLAN 0 to HW filter on device bond2 [ 510.122543][T10027] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1294'. [ 510.247140][T10027] bond2: (slave bridge0): making interface the new active one [ 510.290160][T10027] bridge0: entered promiscuous mode [ 510.300760][T10027] bond2: (slave bridge0): Enslaving as an active interface with an up link [ 510.870263][ T5851] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 511.074937][ T5851] usb 4-1: config index 0 descriptor too short (expected 65274, got 45) [ 511.212305][ T5851] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 511.340803][ T5851] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 511.533239][ T5851] usb 4-1: Product: syz [ 511.537482][ T5851] usb 4-1: Manufacturer: syz [ 511.570115][ T5851] usb 4-1: SerialNumber: syz [ 513.033726][ T5851] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 513.050568][ T5851] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 513.071241][ T5851] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 513.090139][ T5851] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 513.110725][ T5851] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 513.131868][ T5851] lan78xx: probe of 4-1:1.0 failed with error -71 [ 513.173078][ T5851] usb 4-1: USB disconnect, device number 8 [ 513.993964][ T2903] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 515.274479][T10089] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1316'. [ 519.778319][ T5798] Bluetooth: hci3: unexpected subevent 0x01 length: 37 > 18 [ 519.787245][ T5798] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 519.798377][ T5798] CPU: 1 PID: 5798 Comm: kworker/u5:7 Not tainted syzkaller #0 [ 519.805971][ T5798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 519.816057][ T5798] Workqueue: hci3 hci_rx_work [ 519.820791][ T5798] Call Trace: [ 519.824135][ T5798] [ 519.827100][ T5798] dump_stack_lvl+0x16c/0x230 [ 519.831821][ T5798] ? show_regs_print_info+0x20/0x20 [ 519.837069][ T5798] ? load_image+0x3b0/0x3b0 [ 519.841629][ T5798] sysfs_create_dir_ns+0x256/0x280 [ 519.846787][ T5798] ? hci_rx_work+0x43a/0xd80 [ 519.851403][ T5798] ? sysfs_warn_dup+0xa0/0xa0 [ 519.856096][ T5798] ? do_raw_spin_unlock+0x121/0x230 [ 519.861354][ T5798] kobject_add_internal+0x6b8/0xc70 [ 519.866556][ T5798] kobject_add+0x156/0x220 [ 519.870975][ T5798] ? __rwlock_init+0x150/0x150 [ 519.875741][ T5798] ? kobject_init+0x1e0/0x1e0 [ 519.880433][ T5798] ? _raw_spin_unlock+0x28/0x40 [ 519.885284][ T5798] ? get_device_parent+0x366/0x390 [ 519.890420][ T5798] device_add+0x408/0xc20 [ 519.894774][ T5798] hci_conn_add_sysfs+0xd5/0x1e0 [ 519.899716][ T5798] le_conn_complete_evt+0xf36/0x1500 [ 519.905034][ T5798] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 519.911275][ T5798] ? bt_info+0x160/0x160 [ 519.915518][ T5798] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 519.921169][ T5798] ? skb_pull_data+0xfb/0x200 [ 519.925851][ T5798] hci_le_conn_complete_evt+0x187/0x440 [ 519.931397][ T5798] ? hci_remote_host_features_evt+0x160/0x160 [ 519.937467][ T5798] hci_event_packet+0x795/0x1210 [ 519.942420][ T5798] ? bis_list+0x290/0x290 [ 519.946752][ T5798] ? lockdep_hardirqs_on+0x98/0x150 [ 519.951958][ T5798] ? hci_send_to_monitor+0xd7/0x4f0 [ 519.957164][ T5798] hci_rx_work+0x43a/0xd80 [ 519.961596][ T5798] ? process_scheduled_works+0x957/0x15b0 [ 519.967318][ T5798] process_scheduled_works+0xa45/0x15b0 [ 519.972905][ T5798] ? assign_work+0x400/0x400 [ 519.977499][ T5798] ? assign_work+0x39e/0x400 [ 519.982103][ T5798] worker_thread+0xa55/0xfc0 [ 519.986712][ T5798] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 519.992624][ T5798] ? _raw_spin_unlock+0x40/0x40 [ 519.997471][ T5798] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 520.003394][ T5798] kthread+0x2fa/0x390 [ 520.007461][ T5798] ? pr_cont_work+0x560/0x560 [ 520.012157][ T5798] ? kthread_blkcg+0xd0/0xd0 [ 520.016740][ T5798] ret_from_fork+0x48/0x80 [ 520.021177][ T5798] ? kthread_blkcg+0xd0/0xd0 [ 520.025762][ T5798] ret_from_fork_asm+0x11/0x20 [ 520.030542][ T5798] [ 520.042008][ T5798] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 520.056514][ T5798] Bluetooth: hci3: failed to register connection device [ 523.993642][T10142] autofs4:pid:10142:autofs_fill_super: called with bogus options [ 524.983567][T10150] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 525.328170][T10164] veth0_to_team: entered promiscuous mode [ 525.920756][ T5798] Bluetooth: hci3: Malformed LE Event: 0x0b [ 530.928462][ T9] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 534.561737][T10213] orangefs_mount: mount request failed with -4 [ 535.850380][ T5852] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 536.630819][ T5852] usb 4-1: Using ep0 maxpacket: 16 [ 536.644871][ T5852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 536.706562][ T5852] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 536.890217][ T5852] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 536.898244][ T5852] usb 4-1: Product: syz [ 537.743687][ T5852] usb 4-1: Manufacturer: syz [ 537.760443][ T5852] usb 4-1: SerialNumber: syz [ 537.781046][ T5852] usb 4-1: config 0 descriptor?? [ 537.788178][ T5852] hub 4-1:0.0: bad descriptor, ignoring hub [ 537.810092][ T5852] hub: probe of 4-1:0.0 failed with error -5 [ 537.819608][ T5852] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input11 [ 537.847249][ T27] audit: type=1326 audit(1759526900.565:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 537.870195][ T27] audit: type=1326 audit(1759526900.565:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 537.903484][ T27] audit: type=1326 audit(1759526900.625:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 537.930592][ T27] audit: type=1326 audit(1759526900.625:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 538.000976][ T27] audit: type=1326 audit(1759526900.625:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 538.077403][ T27] audit: type=1326 audit(1759526900.685:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 538.134652][ T27] audit: type=1326 audit(1759526900.685:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.1.1365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 538.626188][ T42] usb 4-1: USB disconnect, device number 10 [ 540.820453][T10247] overlayfs: failed to resolve './file0': -2 [ 543.053797][T10289] (null): rxe_set_mtu: Set mtu to 1024 [ 543.973063][T10289] infiniband syz1: set down [ 543.983151][T10289] infiniband syz1: added ipvlan0 [ 544.021523][T10289] syz1: rxe_create_cq: returned err = -12 [ 544.034915][T10289] infiniband syz1: Couldn't create ib_mad CQ [ 544.057848][T10289] infiniband syz1: Couldn't open port 1 [ 544.267191][T10289] RDS/IB: syz1: added [ 544.273140][T10289] smc: adding ib device syz1 with port count 1 [ 544.287070][T10289] smc: ib device syz1 port 1 has pnetid [ 545.180727][ T1134] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 550.373586][ T27] audit: type=1326 audit(1759526913.045:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.373827][ T27] audit: type=1326 audit(1759526913.055:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.373985][ T27] audit: type=1326 audit(1759526913.055:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.374182][ T27] audit: type=1326 audit(1759526913.055:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.374369][ T27] audit: type=1326 audit(1759526913.055:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.374558][ T27] audit: type=1326 audit(1759526913.055:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.374744][ T27] audit: type=1326 audit(1759526913.055:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.374929][ T27] audit: type=1326 audit(1759526913.055:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.375120][ T27] audit: type=1326 audit(1759526913.065:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 550.375298][ T27] audit: type=1326 audit(1759526913.065:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.3.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53c578eec9 code=0x7ffc0000 [ 557.206114][ T5790] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 557.286197][ T5790] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 560.368486][T10409] (null): rxe_set_mtu: Set mtu to 1024 [ 560.382985][T10409] rdma_rxe: rxe_newlink: failed to add ipvlan0 [ 561.687376][T10427] overlayfs: failed to clone upperpath [ 563.070856][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.077383][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.088814][T10451] loop3: detected capacity change from 0 to 4096 [ 564.376734][T10458] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 564.408564][T10451] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 565.081666][T10451] NILFS (loop3): mounting fs with errors [ 568.675040][T10503] loop3: detected capacity change from 0 to 8 [ 572.610437][T10526] loop3: detected capacity change from 0 to 128 [ 578.356806][ T38] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 579.331201][T10592] sctp: failed to load transform for md5: -2 [ 583.042622][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 583.042638][ T27] audit: type=1326 audit(1759526945.755:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 583.570208][ T27] audit: type=1326 audit(1759526945.755:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 583.603170][ T27] audit: type=1326 audit(1759526945.755:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 583.625900][ T27] audit: type=1326 audit(1759526945.755:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 583.750092][ T27] audit: type=1326 audit(1759526945.755:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 583.772745][ T27] audit: type=1326 audit(1759526945.755:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 583.812172][ T27] audit: type=1326 audit(1759526945.755:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 583.842530][ T27] audit: type=1326 audit(1759526945.755:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 583.986985][ T27] audit: type=1326 audit(1759526945.755:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 584.011514][ T27] audit: type=1326 audit(1759526945.755:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7baff8eec9 code=0x7ffc0000 [ 600.447367][T10800] Device name cannot be null; rc = [-22] [ 609.689378][ T1134] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 620.361104][T10936] syz.0.1578 (10936) used greatest stack depth: 17040 bytes left [ 622.201650][T10956] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 623.594356][T10945] overlayfs: failed to clone upperpath [ 624.484193][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.491339][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 631.337078][T11065] 9pnet_fd: Insufficient options for proto=fd [ 635.752268][T11124] capability: warning: `syz.1.1644' uses deprecated v2 capabilities in a way that may be insecure [ 640.491530][T11176] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1659'. [ 642.708821][T11205] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1671'. [ 642.835439][T11209] syz.1.1672 uses obsolete (PF_INET,SOCK_PACKET) [ 643.152423][T11214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1673'. [ 644.660579][ T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 644.798864][T11232] 9pnet_fd: Insufficient options for proto=fd [ 647.212945][T11267] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1694'. [ 648.376000][T11284] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1697'. [ 649.227430][T11299] netlink: 'syz.2.1707': attribute type 30 has an invalid length. [ 649.430177][T11304] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1708'. [ 651.481527][T11325] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1718'. [ 651.670161][T11330] fuse: Bad value for 'fd' [ 651.937453][T11340] netlink: 165 bytes leftover after parsing attributes in process `syz.1.1721'. [ 653.986521][T11357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1730'. [ 659.063701][T11458] 9pnet_fd: Insufficient options for proto=fd [ 667.610822][T11631] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1843'. [ 667.639972][T11631] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1843'. [ 668.791389][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 668.791404][ T27] audit: type=1326 audit(1759527032.510:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.2.1862" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f81d7f8eec9 code=0x0 [ 672.664380][T11750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1895'. [ 674.180445][T11781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1907'. [ 674.933602][T11806] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1919'. [ 675.844766][ T58] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 678.628261][T11862] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1941'. [ 680.090525][T11899] batadv_slave_1: entered promiscuous mode [ 680.119778][T11898] batadv_slave_1: left promiscuous mode [ 680.406765][T11908] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1960'. [ 681.189396][T11933] 9pnet_fd: Insufficient options for proto=fd [ 684.681196][T12015] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2008'. [ 685.970647][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.977748][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.870116][T12117] netlink: 'syz.3.2053': attribute type 32 has an invalid length. [ 699.906404][T12303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2117'. [ 701.631798][T12328] veth0_to_team: left promiscuous mode [ 702.688032][T12330] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2132'. [ 702.809058][T12334] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2134'. [ 704.926980][T12375] netlink: 'syz.0.2152': attribute type 1 has an invalid length. [ 705.390188][T12386] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2155'. [ 706.897576][ T3455] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 709.924428][T12448] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2179'. [ 710.087120][T10122] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 710.100914][T10122] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 710.110892][T10122] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 710.120243][T10122] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 710.133490][T10122] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 710.145245][T10122] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 710.447876][T12462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2182'. [ 711.862754][T12450] chnl_net:caif_netlink_parms(): no params data found [ 712.142454][T12450] bridge0: port 1(bridge_slave_0) entered blocking state [ 712.150167][T12450] bridge0: port 1(bridge_slave_0) entered disabled state [ 712.157541][T12450] bridge_slave_0: entered allmulticast mode [ 712.168439][T12450] bridge_slave_0: entered promiscuous mode [ 712.178925][T12450] bridge0: port 2(bridge_slave_1) entered blocking state [ 712.186393][T12450] bridge0: port 2(bridge_slave_1) entered disabled state [ 712.194138][T12450] bridge_slave_1: entered allmulticast mode [ 712.201486][T12450] bridge_slave_1: entered promiscuous mode [ 712.237837][T12450] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 712.252197][T12450] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 712.259196][ T5798] Bluetooth: hci2: command tx timeout [ 712.384022][T12450] team0: Port device team_slave_0 added [ 712.423506][T12450] team0: Port device team_slave_1 added [ 712.459081][T12450] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 712.466399][T12450] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 712.492759][T12450] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 712.508912][T12450] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 712.517103][T12450] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 712.543394][T12450] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 712.649224][T12450] hsr_slave_0: entered promiscuous mode [ 712.656604][T12450] hsr_slave_1: entered promiscuous mode [ 712.664008][T12450] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 712.672010][T12450] Cannot create hsr debugfs directory [ 712.840609][T12490] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2191'. [ 713.191162][T12450] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 713.360293][T12450] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 713.507627][T12450] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 713.696845][T12450] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 714.127735][T12450] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 714.202078][T12450] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 714.238659][T12450] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 714.277141][T12450] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 714.320028][ T5798] Bluetooth: hci2: command tx timeout [ 715.146495][T12450] 8021q: adding VLAN 0 to HW filter on device bond0 [ 715.267397][T12450] 8021q: adding VLAN 0 to HW filter on device team0 [ 715.337235][ T38] bridge0: port 1(bridge_slave_0) entered blocking state [ 715.344500][ T38] bridge0: port 1(bridge_slave_0) entered forwarding state [ 715.405805][ T38] bridge0: port 2(bridge_slave_1) entered blocking state [ 715.413035][ T38] bridge0: port 2(bridge_slave_1) entered forwarding state [ 716.440463][ T5798] Bluetooth: hci2: command tx timeout [ 716.879697][T12450] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 717.009915][T12450] veth0_vlan: entered promiscuous mode [ 717.038857][T12450] veth1_vlan: entered promiscuous mode [ 717.117670][T12450] veth0_macvtap: entered promiscuous mode [ 717.144154][T12450] veth1_macvtap: entered promiscuous mode [ 717.180389][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.199198][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.210790][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.239079][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.267705][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.289313][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.299198][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 717.332171][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.367130][T12450] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 717.447106][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 717.473329][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.501639][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 717.541094][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.558582][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 717.579089][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.598794][T12450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 717.621520][T12450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 717.634141][T12450] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 717.656892][T12450] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.675919][T12450] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.695354][T12450] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.714818][T12450] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.956268][ T6209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 717.986242][ T6209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 718.059327][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 718.067301][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 718.212462][T12552] 9pnet_fd: Insufficient options for proto=fd [ 718.223101][T12550] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2209'. [ 718.479224][ T5798] Bluetooth: hci2: command tx timeout [ 719.553842][T12575] loop2: detected capacity change from 0 to 256 [ 719.654714][T12579] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2221'. [ 719.696490][T12575] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d) [ 720.184107][T12597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2226'. [ 724.400196][T12661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2251'. [ 727.178205][T12688] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2260'. [ 729.337923][T12713] loop2: detected capacity change from 0 to 512 [ 729.351242][T12713] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 729.394657][T12713] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 729.435600][T12713] EXT4-fs (loop2): 1 truncate cleaned up [ 729.446870][T12713] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.114230][T12450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.508362][T12733] loop2: detected capacity change from 0 to 1024 [ 730.527748][T12733] EXT4-fs: Ignoring removed nobh option [ 730.546770][T12733] EXT4-fs: Ignoring removed bh option [ 730.580266][T12733] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 730.642895][T12733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 730.874488][T12450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 732.711215][T12782] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2295'. [ 732.729949][T12784] fuse: Bad value for 'fd' [ 733.249543][T12808] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2307'. [ 734.083722][T12816] loop2: detected capacity change from 0 to 512 [ 734.578186][T12825] loop2: detected capacity change from 0 to 128 [ 734.854042][T12825] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 734.935273][T12825] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 735.219912][T12450] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 738.796210][T12908] kvm: emulating exchange as write [ 739.025605][T12915] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2347'. [ 739.496294][ T1134] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 739.898371][T12927] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2352'. [ 739.907876][T12927] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2352'. [ 746.605980][T13048] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2394'. [ 747.458037][T10122] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 747.472515][T10122] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 747.481687][T10122] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 747.491243][T10122] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 747.505525][T10122] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 747.513003][T10122] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 747.753581][ T58] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 747.997078][ T58] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 748.250347][T13070] mmap: syz.3.2401 (13070) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 748.651101][ T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 748.968481][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.974836][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 749.078893][T13077] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2404'. [ 749.100398][ T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 749.402213][T13084] loop2: detected capacity change from 0 to 2048 [ 749.527990][T13084] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 749.732647][ T5798] Bluetooth: hci1: command tx timeout [ 749.937937][T13094] loop2: detected capacity change from 0 to 256 [ 749.971674][T13055] chnl_net:caif_netlink_parms(): no params data found [ 750.402383][T13107] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2414'. [ 751.328320][T13055] bridge0: port 1(bridge_slave_0) entered blocking state [ 751.349434][T13055] bridge0: port 1(bridge_slave_0) entered disabled state [ 751.356911][T13055] bridge_slave_0: entered allmulticast mode [ 751.371205][T13055] bridge_slave_0: entered promiscuous mode [ 751.613253][T13055] bridge0: port 2(bridge_slave_1) entered blocking state [ 751.630021][T13055] bridge0: port 2(bridge_slave_1) entered disabled state [ 751.637348][T13055] bridge_slave_1: entered allmulticast mode [ 751.661196][T13055] bridge_slave_1: entered promiscuous mode [ 751.688831][T13127] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 751.957430][ T5798] Bluetooth: hci1: command tx timeout [ 751.988485][T13055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 752.007791][T13055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 752.079903][T13140] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2423'. [ 752.128881][T13055] team0: Port device team_slave_0 added [ 752.278730][T13055] team0: Port device team_slave_1 added [ 752.361281][T13055] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 752.383421][T13055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 752.423245][T13055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 752.541703][T13055] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 752.563308][T13055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 752.593555][T13055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 753.662791][T13055] hsr_slave_0: entered promiscuous mode [ 753.726838][T13055] hsr_slave_1: entered promiscuous mode [ 753.742267][T13055] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 753.785563][T13055] Cannot create hsr debugfs directory [ 753.907759][T13173] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2431'. [ 753.966097][T13161] bridge0: port 2(bridge_slave_1) entered disabled state [ 753.975190][T13161] bridge0: port 1(bridge_slave_0) entered disabled state [ 754.182086][ T5798] Bluetooth: hci1: command tx timeout [ 754.222679][T13184] loop2: detected capacity change from 0 to 128 [ 754.250181][T13184] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 755.143611][ T58] hsr_slave_0: left promiscuous mode [ 755.175177][ T58] hsr_slave_1: left promiscuous mode [ 755.190346][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 755.197887][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 755.252899][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 755.286331][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 755.302977][ T58] bridge_slave_1: left allmulticast mode [ 755.311652][ T58] bridge_slave_1: left promiscuous mode [ 755.320503][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 755.383115][ T58] bridge_slave_0: left allmulticast mode [ 755.388838][ T58] bridge_slave_0: left promiscuous mode [ 755.414889][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 755.682565][ T27] audit: type=1804 audit(1759527118.321:522): pid=13205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2439" name="bus" dev="ramfs" ino=26150 res=1 errno=0 [ 755.745898][ T27] audit: type=1804 audit(1759527118.349:523): pid=13205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2439" name="bus" dev="ramfs" ino=26150 res=1 errno=0 [ 755.767847][ T58] veth1_macvtap: left promiscuous mode [ 755.774029][ T58] veth0_macvtap: left promiscuous mode [ 755.820778][ T58] veth1_vlan: left promiscuous mode [ 755.826462][ T58] veth0_vlan: left promiscuous mode [ 756.400322][ T5798] Bluetooth: hci1: command tx timeout [ 756.522153][T13219] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2442'. [ 757.492079][ T58] team0 (unregistering): Port device team_slave_1 removed [ 757.597763][ T58] team0 (unregistering): Port device team_slave_0 removed [ 757.662065][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 757.749250][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 758.340827][ T58] bond0 (unregistering): Released all slaves [ 760.212203][T13246] loop2: detected capacity change from 0 to 8192 [ 760.266494][ T27] audit: type=1800 audit(1759527122.652:524): pid=13246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2449" name="bus" dev="loop2" ino=1048621 res=0 errno=0 [ 760.425827][T13055] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 760.436825][T13055] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 760.495319][T13055] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 760.583224][T13055] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 761.916782][T13273] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2453'. [ 762.052238][T13279] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2456'. [ 762.079321][T13055] 8021q: adding VLAN 0 to HW filter on device bond0 [ 762.198406][T13055] 8021q: adding VLAN 0 to HW filter on device team0 [ 762.241290][ T3455] bridge0: port 1(bridge_slave_0) entered blocking state [ 762.248596][ T3455] bridge0: port 1(bridge_slave_0) entered forwarding state [ 762.304748][ T3455] bridge0: port 2(bridge_slave_1) entered blocking state [ 762.311997][ T3455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 763.920888][T13320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2463'. [ 764.252599][T13055] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 764.370739][T13055] veth0_vlan: entered promiscuous mode [ 764.392456][T13055] veth1_vlan: entered promiscuous mode [ 764.481400][T13055] veth0_macvtap: entered promiscuous mode [ 764.567285][T13055] veth1_macvtap: entered promiscuous mode [ 764.700566][T13055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 764.729786][T13055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.763906][T13055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 764.797598][T13055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.808061][T13055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 764.819141][T13055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.840029][T13055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 764.864110][T13055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 764.885689][T13055] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 764.919582][T13055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 764.984085][T13055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 765.030013][T13055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 765.050825][T13055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 765.082722][T13055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 765.116239][T13055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 765.146533][T13055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 765.167141][T13055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 765.188844][T13055] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 765.229164][T13055] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 765.249532][T13055] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 765.278767][T13055] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 765.308524][T13055] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.687202][ T38] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 766.716466][ T38] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 766.797972][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 766.859150][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 770.393033][T10122] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 770.405698][T10122] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 770.414709][T10122] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 770.425467][T10122] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 770.447962][T10122] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 770.455506][T10122] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 770.619402][ T6209] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 770.809889][ T6209] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 771.004315][ T6209] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 771.214691][ T6209] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 771.434001][T13407] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2479'. [ 772.590422][ T6209] tipc: Left network mode [ 772.647798][T10122] Bluetooth: hci3: command tx timeout [ 772.885120][ T38] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 773.029403][T13448] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2484'. [ 773.998497][T13397] chnl_net:caif_netlink_parms(): no params data found [ 774.946118][T10122] Bluetooth: hci3: command tx timeout [ 775.250962][T13397] bridge0: port 1(bridge_slave_0) entered blocking state [ 775.275977][T13397] bridge0: port 1(bridge_slave_0) entered disabled state [ 775.291847][T13397] bridge_slave_0: entered allmulticast mode [ 775.310608][T13397] bridge_slave_0: entered promiscuous mode [ 775.360335][T13397] bridge0: port 2(bridge_slave_1) entered blocking state [ 775.383155][T13397] bridge0: port 2(bridge_slave_1) entered disabled state [ 775.413197][T13397] bridge_slave_1: entered allmulticast mode [ 775.435708][T13397] bridge_slave_1: entered promiscuous mode [ 775.795327][T13397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 775.858417][T13397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 776.363654][T13397] team0: Port device team_slave_0 added [ 776.436887][T13397] team0: Port device team_slave_1 added [ 776.679592][T13489] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2494'. [ 776.845262][T13397] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 776.893387][T13397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 776.957663][T13397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 777.159760][T10122] Bluetooth: hci3: command tx timeout [ 777.317714][T13397] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 777.470623][T13397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 777.718133][T13397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 778.005935][T13397] hsr_slave_0: entered promiscuous mode [ 778.049244][T13397] hsr_slave_1: entered promiscuous mode [ 778.158338][ T6209] hsr_slave_0: left promiscuous mode [ 778.183541][ T6209] hsr_slave_1: left promiscuous mode [ 778.208100][ T6209] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 778.226544][ T6209] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 778.245652][ T6209] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 778.283695][ T6209] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 778.313343][T13524] loop0: detected capacity change from 0 to 1024 [ 778.325195][ T6209] bridge_slave_1: left allmulticast mode [ 778.330902][ T6209] bridge_slave_1: left promiscuous mode [ 778.337721][ T6209] bridge0: port 2(bridge_slave_1) entered disabled state [ 778.349025][ T6209] bridge_slave_0: left allmulticast mode [ 778.354720][ T6209] bridge_slave_0: left promiscuous mode [ 778.361211][ T6209] bridge0: port 1(bridge_slave_0) entered disabled state [ 778.368888][T13524] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 778.384198][T13524] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 778.693909][T13524] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869) [ 779.096293][T13524] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 779.106598][T13524] EXT4-fs error (device loop0): ext4_get_journal_inode:5807: comm syz.0.2502: inode #1: comm syz.0.2502: iget: illegal inode # [ 779.136159][T13533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2503'. [ 779.146038][T13524] EXT4-fs (loop0): no journal found [ 779.416981][T10122] Bluetooth: hci3: command tx timeout [ 779.599328][ T6209] veth1_macvtap: left promiscuous mode [ 779.604935][ T6209] veth0_macvtap: left promiscuous mode [ 779.618024][ T6209] veth1_vlan: left promiscuous mode [ 779.626060][ T6209] veth0_vlan: left promiscuous mode [ 781.846685][T13548] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2506'. [ 782.305515][ T2903] smc: removing ib device syz1 [ 783.824545][T13567] loop0: detected capacity change from 0 to 2048 [ 783.903973][T13567] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 783.982211][ T27] audit: type=1800 audit(1759527144.839:525): pid=13567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2514" name="file2" dev="loop0" ino=1416 res=0 errno=0 [ 784.140008][ T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 784.388882][ T8] usb 3-1: config 0 has an invalid interface number: 64 but max is 0 [ 784.418941][ T8] usb 3-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 784.608700][ T8] usb 3-1: config 0 has no interface number 0 [ 784.767290][ T8] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 784.985356][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 784.993398][ T8] usb 3-1: Product: syz [ 785.035030][ T8] usb 3-1: Manufacturer: syz [ 785.066874][ T8] usb 3-1: SerialNumber: syz [ 785.129083][ T8] usb 3-1: config 0 descriptor?? [ 785.539958][T13583] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2520'. [ 785.669223][ T8] usb 3-1: Found UVC 0.00 device syz (046d:0823) [ 785.695733][ T6209] team0 (unregistering): Port device team_slave_1 removed [ 785.700500][ T8] usb 3-1: No valid video chain found. [ 785.776480][T13578] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2519'. [ 785.936035][ T8] usb 3-1: USB disconnect, device number 3 [ 786.052006][ T6209] team0 (unregistering): Port device team_slave_0 removed [ 786.256411][ T6209] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 786.430731][ T6209] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 788.262866][T13610] loop2: detected capacity change from 0 to 512 [ 788.298308][T13610] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 788.355420][T13610] EXT4-fs (loop2): 1 truncate cleaned up [ 788.365563][T13610] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 788.440677][T13610] EXT4-fs error (device loop2): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.2.2526: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 788.653068][T13610] EXT4-fs (loop2): Remounting filesystem read-only [ 790.016725][T13623] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2529'. [ 790.028596][ T6209] bond0 (unregistering): Released all slaves [ 791.273527][T12450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 791.858797][ T5851] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 792.085640][ T5851] usb 1-1: Using ep0 maxpacket: 32 [ 792.103631][ T5851] usb 1-1: New USB device found, idVendor=04f2, idProduct=1123, bcdDevice= 0.00 [ 792.132855][ T5851] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 792.175042][ T5851] usb 1-1: config 0 descriptor?? [ 792.829063][ T5851] chicony 0003:04F2:1123.0002: unbalanced collection at end of report description [ 793.085506][ T5851] chicony 0003:04F2:1123.0002: Chicony hid parse failed: -22 [ 793.104698][ T5851] chicony: probe of 0003:04F2:1123.0002 failed with error -22 [ 793.130811][ T5851] usb 1-1: USB disconnect, device number 11 [ 793.212692][T13397] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 793.264410][T13397] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 793.297025][T13397] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 793.332058][T13397] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 793.599995][T13397] 8021q: adding VLAN 0 to HW filter on device bond0 [ 793.673745][T13397] 8021q: adding VLAN 0 to HW filter on device team0 [ 793.885758][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 793.892939][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 794.655705][T13678] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2540'. [ 794.812833][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 794.820181][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 794.929823][T13662] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2538'. [ 797.684456][T13397] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 797.902699][T13397] veth0_vlan: entered promiscuous mode [ 798.116088][T13397] veth1_vlan: entered promiscuous mode [ 798.878665][T13397] veth0_macvtap: entered promiscuous mode [ 798.916053][T13397] veth1_macvtap: entered promiscuous mode [ 798.955328][T13397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 799.002915][T13397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 799.019711][T13397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 799.032091][T13397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 799.041983][T13397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 799.086045][T13397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 799.095935][T13397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 799.150057][T13397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 799.183488][T13397] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 799.384659][T13397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 799.413445][T13397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 799.423489][T13397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 799.448784][T13397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 799.458755][T13397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 799.469254][T13397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 799.490436][T13735] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2552'. [ 799.613184][T13397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 799.657260][T13397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 799.712879][T13397] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 799.774677][T13397] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.800438][T13397] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.831287][T13397] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.855708][T13397] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.954024][T13742] binder: 13741:13742 ioctl 400c620e 0 returned -14 [ 800.009286][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 800.049958][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 800.271544][ T38] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 800.301350][ T38] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 801.678311][T13759] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2561'. [ 803.236518][ T5798] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 803.247876][ T5798] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 803.256402][ T5798] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 803.266598][ T5798] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 803.275083][ T5798] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 803.312833][ T5798] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 803.548075][T13776] loop1: detected capacity change from 0 to 256 [ 803.565373][T13768] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2565'. [ 803.677509][T13088] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 803.901847][ T2903] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.074688][ T2903] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.116178][T13782] loop2: detected capacity change from 0 to 512 [ 804.137284][T13782] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal [ 804.574202][ T2903] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 805.574785][ T5798] Bluetooth: hci4: command tx timeout [ 806.306299][ T2903] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 806.517972][T13773] chnl_net:caif_netlink_parms(): no params data found [ 806.955670][T13773] bridge0: port 1(bridge_slave_0) entered blocking state [ 806.976872][T13773] bridge0: port 1(bridge_slave_0) entered disabled state [ 806.997040][T13773] bridge_slave_0: entered allmulticast mode [ 807.006800][T13773] bridge_slave_0: entered promiscuous mode [ 807.033168][T13773] bridge0: port 2(bridge_slave_1) entered blocking state [ 807.046836][T13773] bridge0: port 2(bridge_slave_1) entered disabled state [ 807.057140][T13773] bridge_slave_1: entered allmulticast mode [ 807.069646][T13773] bridge_slave_1: entered promiscuous mode [ 807.278487][T13773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 807.883282][ T5798] Bluetooth: hci4: command tx timeout [ 808.160415][T13773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 808.251278][ T2903] tipc: Left network mode [ 808.375857][T13773] team0: Port device team_slave_0 added [ 809.504874][T13839] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2585'. [ 809.605819][ T2903] bond1: (slave ip6gretap1): Releasing active interface [ 809.631763][ T2903] bond1: (slave ip6gretap1): the permanent HWaddr of slave - e2:e0:ef:b3:55:fa - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 809.886181][T13773] team0: Port device team_slave_1 added [ 809.990590][T13773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 810.118196][ T5798] Bluetooth: hci4: command tx timeout [ 810.158631][T13773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 810.197670][T13773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 811.160202][T13773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 811.218490][T13773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 811.279899][T13773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 811.724651][T13773] hsr_slave_0: entered promiscuous mode [ 811.749271][T13773] hsr_slave_1: entered promiscuous mode [ 811.793054][T13773] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 811.813838][T13773] Cannot create hsr debugfs directory [ 812.417055][ T5798] Bluetooth: hci4: command tx timeout [ 812.950605][T13866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2589'. [ 814.645776][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.653038][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 815.291318][T13911] loop0: detected capacity change from 0 to 512 [ 815.466317][T13911] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 815.947716][T13911] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 816.519802][ T2903] hsr_slave_0: left promiscuous mode [ 817.882306][ T2903] hsr_slave_1: left promiscuous mode [ 817.896984][T13055] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 817.907800][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 817.915875][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 817.944625][ T2903] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 817.952104][ T2903] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 818.130071][T13913] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2605'. [ 818.179769][ T2903] veth1_macvtap: left promiscuous mode [ 818.185381][ T2903] veth0_macvtap: left promiscuous mode [ 818.203795][ T2903] veth1_vlan: left promiscuous mode [ 818.297190][ T2903] veth0_vlan: left promiscuous mode [ 819.310477][ T2903] bond2 (unregistering): (slave bridge0): Releasing backup interface [ 819.319029][ T2903] bridge0 (unregistering): left promiscuous mode [ 819.604993][T13949] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2612'. [ 819.719596][T13951] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2613'. [ 820.405658][ T2903] bond2 (unregistering): Released all slaves [ 820.600815][ T2903] bond1 (unregistering): (slave veth3): Releasing active interface [ 821.030102][ T2903] bond1 (unregistering): Released all slaves [ 821.999240][ T2903] team0 (unregistering): Port device team_slave_1 removed [ 822.061879][ T2903] team0 (unregistering): Port device team_slave_0 removed [ 822.122815][ T2903] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 822.202355][ T2903] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 822.706543][T13962] loop1: detected capacity change from 0 to 128 [ 822.717748][T13962] EXT4-fs: Ignoring removed nobh option [ 822.752608][T13962] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 822.785130][T13962] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 822.920098][T13397] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 823.056916][ T2903] bond0 (unregistering): Released all slaves [ 823.634711][T13773] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 824.545572][T13773] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 824.604588][T13978] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2617'. [ 824.756546][T13773] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 824.854454][T13773] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 825.006570][T13990] loop2: detected capacity change from 0 to 1024 [ 825.041173][T13990] EXT4-fs: Ignoring removed orlov option [ 825.082851][T13990] EXT4-fs: Ignoring removed nomblk_io_submit option [ 825.177637][T13773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 825.216167][T13990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 825.357963][T13773] 8021q: adding VLAN 0 to HW filter on device team0 [ 825.458450][ T38] bridge0: port 1(bridge_slave_0) entered blocking state [ 825.465708][ T38] bridge0: port 1(bridge_slave_0) entered forwarding state [ 825.497428][ T2903] bridge0: port 2(bridge_slave_1) entered blocking state [ 825.504685][ T2903] bridge0: port 2(bridge_slave_1) entered forwarding state [ 825.575970][T14008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2622'. [ 826.107305][T12450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 826.320873][T13773] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 826.327705][T14012] loop1: detected capacity change from 0 to 16 [ 826.367946][T13773] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 826.440972][T14012] erofs: (device loop1): mounted with root inode @ nid 36. [ 826.493605][T14012] erofs: (device loop1): erofs_find_target_block: corrupted dir block 0 @ nid 36 [ 827.668366][T14029] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2628'. [ 827.701484][T13773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 828.778039][T13773] veth0_vlan: entered promiscuous mode [ 828.812230][T13773] veth1_vlan: entered promiscuous mode [ 829.073094][T13773] veth0_macvtap: entered promiscuous mode [ 829.274027][T13773] veth1_macvtap: entered promiscuous mode [ 829.294987][T13773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 829.313236][T13773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 829.323363][T13773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 829.336856][T13773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 829.346986][T13773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 829.357933][T13773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 829.372242][T13773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 829.416565][T13773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 829.429577][T13773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 829.450417][T13773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 829.473274][T13773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 829.510815][T13773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 829.707302][T13773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 829.792060][T13773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 829.802966][T13773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 829.813021][T13773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 829.830408][T13773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 829.886866][T13773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 829.933146][T13773] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 829.996171][T13773] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 830.032890][T13773] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 830.929857][T13773] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 831.309581][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 831.317485][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 831.392267][T14065] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2634'. [ 831.553349][ T2903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 831.991252][ T2903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 832.423204][T14079] loop3: detected capacity change from 0 to 128 [ 834.080443][T14104] netlink: 'syz.3.2642': attribute type 1 has an invalid length. [ 834.090337][T14104] netlink: 'syz.3.2642': attribute type 2 has an invalid length. [ 835.136759][T14113] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2644'. [ 835.201237][T14116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2645'. [ 837.637993][T14140] loop2: detected capacity change from 0 to 256 [ 838.231478][T14143] FAT-fs (loop2): error, corrupted file size (i_pos 196, 2097152) [ 838.352104][T14143] FAT-fs (loop2): Filesystem has been set read-only [ 838.934701][T14165] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2655'. [ 841.273938][T14183] loop3: detected capacity change from 0 to 1024 [ 842.507538][T14204] loop1: detected capacity change from 0 to 512 [ 842.794014][T14204] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 843.216041][T14212] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2669'. [ 843.280013][T14204] EXT4-fs (loop1): required journal recovery suppressed and not mounted read-only [ 956.012854][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 956.019854][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P13773/1:b..l [ 956.028360][ C1] rcu: (detected by 1, t=10502 jiffies, g=67625, q=364 ncpus=2) [ 956.036123][ C1] task:syz-executor state:R running task stack:21224 pid:13773 ppid:13763 flags:0x00004000 [ 956.048017][ C1] Call Trace: [ 956.051298][ C1] [ 956.054267][ C1] __schedule+0x14d2/0x44d0 [ 956.058798][ C1] ? asan.module_dtor+0x20/0x20 [ 956.063647][ C1] ? mark_lock+0x94/0x320 [ 956.067982][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 956.073971][ C1] ? preempt_schedule_irq+0xaa/0x140 [ 956.079261][ C1] preempt_schedule_irq+0xb5/0x140 [ 956.084381][ C1] ? preempt_schedule_notrace+0x110/0x110 [ 956.090108][ C1] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 956.095912][ C1] irqentry_exit+0x67/0x70 [ 956.100334][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 956.106333][ C1] RIP: 0010:lock_is_held_type+0x13e/0x190 [ 956.112055][ C1] Code: 75 40 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 41 f7 c5 00 02 00 00 74 01 fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 3c 89 e8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f [ 956.131669][ C1] RSP: 0018:ffffc90004dd72a0 EFLAGS: 00000206 [ 956.137738][ C1] RAX: bec79c2a78565e00 RBX: ffff8880245d5a00 RCX: bec79c2a78565e00 [ 956.145713][ C1] RDX: 0000000000000000 RSI: ffffffff8aaace60 RDI: ffffffff8afc63c0 [ 956.153684][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: 1ffffffff21b4ea0 [ 956.161649][ C1] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: 0000000000000004 [ 956.169625][ C1] R13: 0000000000000246 R14: ffffffff8cd598f8 R15: ffff8880245d6580 [ 956.177623][ C1] mem_cgroup_from_task+0x77/0x110 [ 956.182735][ C1] ? __memcg_kmem_charge_page+0xeb/0x380 [ 956.188381][ C1] __memcg_kmem_charge_page+0x189/0x380 [ 956.193928][ C1] __alloc_pages+0x219/0x460 [ 956.198528][ C1] ? zone_statistics+0x170/0x170 [ 956.203509][ C1] pte_alloc_one+0x89/0x540 [ 956.208031][ C1] ? pfn_modify_allowed+0x560/0x560 [ 956.213250][ C1] ? __pmd_alloc+0x64e/0x880 [ 956.217847][ C1] ? __pud_alloc+0x1f0/0x1f0 [ 956.222477][ C1] __pte_alloc+0x22/0x2a0 [ 956.226815][ C1] ? copy_page_range+0xef7/0x3600 [ 956.231862][ C1] copy_page_range+0x2d72/0x3600 [ 956.236818][ C1] ? mas_wr_end_piv+0x24a/0x870 [ 956.241675][ C1] ? pfn_valid+0x450/0x450 [ 956.246110][ C1] ? mas_wr_store_entry+0x151/0x340 [ 956.251329][ C1] ? mas_store+0x34d/0x500 [ 956.255742][ C1] ? mas_empty_area_rev+0x1880/0x1880 [ 956.261120][ C1] copy_mm+0x112a/0x1c20 [ 956.265380][ C1] ? copy_signal+0x680/0x680 [ 956.269964][ C1] ? lockdep_init_map_type+0xa1/0x880 [ 956.275355][ C1] ? __init_rwsem+0x122/0x160 [ 956.280027][ C1] ? copy_signal+0x556/0x680 [ 956.284654][ C1] copy_process+0x16d3/0x3d70 [ 956.289334][ C1] ? copy_process+0x945/0x3d70 [ 956.294105][ C1] ? __pidfd_prepare+0x140/0x140 [ 956.299041][ C1] ? vma_end_read+0x18/0x170 [ 956.303636][ C1] kernel_clone+0x21b/0x840 [ 956.308148][ C1] ? create_io_thread+0x140/0x140 [ 956.313226][ C1] __x64_sys_clone+0x18c/0x1e0 [ 956.317996][ C1] ? __ia32_sys_vfork+0x100/0x100 [ 956.323028][ C1] ? lock_chain_count+0x20/0x20 [ 956.327881][ C1] ? lock_chain_count+0x20/0x20 [ 956.332730][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 956.337937][ C1] do_syscall_64+0x55/0xb0 [ 956.342356][ C1] ? clear_bhb_loop+0x40/0x90 [ 956.347029][ C1] ? clear_bhb_loop+0x40/0x90 [ 956.351700][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 956.357594][ C1] RIP: 0033:0x7f9326185613 [ 956.362017][ C1] RSP: 002b:00007ffea8bcf888 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 956.370426][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9326185613 [ 956.378406][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 956.386375][ C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 956.394343][ C1] R10: 0000555587dc77d0 R11: 0000000000000246 R12: 0000000000000000 [ 956.402330][ C1] R13: 00000000000927c0 R14: 00000000000cc08e R15: 00007ffea8bcfa20 [ 956.410329][ C1] [ 956.413360][ C1] rcu: rcu_preempt kthread starved for 10515 jiffies! g67625 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 956.424557][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 956.434521][ C1] rcu: RCU grace-period kthread stack dump: [ 956.440401][ C1] task:rcu_preempt state:R running task stack:26856 pid:17 ppid:2 flags:0x00004000 [ 956.451207][ C1] Call Trace: [ 956.454483][ C1] [ 956.457417][ C1] __schedule+0x14d2/0x44d0 [ 956.461958][ C1] ? asan.module_dtor+0x20/0x20 [ 956.466836][ C1] ? enqueue_timer+0x225/0x530 [ 956.471603][ C1] ? __mod_timer+0x984/0xdb0 [ 956.476209][ C1] schedule+0xbd/0x170 [ 956.480286][ C1] schedule_timeout+0x160/0x280 [ 956.485140][ C1] ? console_conditional_schedule+0x40/0x40 [ 956.491032][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 956.496932][ C1] ? update_process_times+0x1b0/0x1b0 [ 956.502324][ C1] ? prepare_to_swait_event+0x339/0x360 [ 956.507882][ C1] rcu_gp_fqs_loop+0x302/0x1560 [ 956.512742][ C1] ? rcu_gp_init+0x110e/0x1510 [ 956.517521][ C1] ? dyntick_save_progress_counter+0x2b0/0x2b0 [ 956.523694][ C1] ? rcu_gp_init+0x1510/0x1510 [ 956.528468][ C1] ? rcu_gp_cleanup+0xb4c/0xca0 [ 956.533347][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 956.538558][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 956.543769][ C1] rcu_gp_kthread+0x99/0x380 [ 956.548394][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 956.553524][ C1] ? __kthread_parkme+0x7a/0x1c0 [ 956.558467][ C1] ? __kthread_parkme+0x162/0x1c0 [ 956.563504][ C1] kthread+0x2fa/0x390 [ 956.567573][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 956.572692][ C1] ? kthread_blkcg+0xd0/0xd0 [ 956.577284][ C1] ret_from_fork+0x48/0x80 [ 956.581724][ C1] ? kthread_blkcg+0xd0/0xd0 [ 956.586315][ C1] ret_from_fork_asm+0x11/0x20 [ 956.591087][ C1] [ 956.594120][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 956.600454][ C1] Sending NMI from CPU 1 to CPUs 0: [ 956.605703][ C0] NMI backtrace for cpu 0 [ 956.605714][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 [ 956.605728][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 956.605750][ C0] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 956.605778][ C0] Code: cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d 93 c8 39 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 66 0f 1f 00 55 41 57 41 56 [ 956.605790][ C0] RSP: 0018:ffffffff8ca07d80 EFLAGS: 000002c6 [ 956.605803][ C0] RAX: 3105e158a9168c00 RBX: ffffffff816185ab RCX: 3105e158a9168c00 [ 956.605815][ C0] RDX: 0000000000000001 RSI: ffffffff8aaabce0 RDI: ffffffff8afc63c0 [ 956.605824][ C0] RBP: ffffffff8ca07eb8 R08: ffff8880b8e36b2b R09: 1ffff110171c6d65 [ 956.605836][ C0] R10: dffffc0000000000 R11: ffffed10171c6d66 R12: ffffffff8e4a82e8 [ 956.605847][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1952670 [ 956.605856][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 956.605868][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 956.605878][ C0] CR2: 000020000000b030 CR3: 000000002e488000 CR4: 00000000003506f0 [ 956.605890][ C0] Call Trace: [ 956.605896][ C0] [ 956.605901][ C0] default_idle+0x13/0x20 [ 956.605915][ C0] default_idle_call+0x6c/0xa0 [ 956.605930][ C0] do_idle+0x1eb/0x510 [ 956.605946][ C0] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 956.605965][ C0] ? idle_inject_timer_fn+0x60/0x60 [ 956.605986][ C0] ? do_idle+0x4ec/0x510 [ 956.606005][ C0] cpu_startup_entry+0x43/0x60 [ 956.606022][ C0] rest_init+0x2e2/0x300 [ 956.606036][ C0] ? time_init+0x40/0x40 [ 956.606051][ C0] arch_call_rest_init+0xe/0x10 [ 956.606070][ C0] start_kernel+0x459/0x4e0 [ 956.606088][ C0] x86_64_start_reservations+0x2a/0x30 [ 956.606104][ C0] x86_64_start_kernel+0x60/0x60 [ 956.606118][ C0] secondary_startup_64_no_verify+0x179/0x17b [ 956.606146][ C0]