last executing test programs: 38.601817352s ago: executing program 2 (id=1576): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000002600)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c000140060404000a0400009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 37.518567595s ago: executing program 2 (id=1577): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='vcan0\x00', 0x10) setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e21, @private=0xa010101}, 0x10) 36.022524116s ago: executing program 2 (id=1578): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x178, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xf}, {0x7}}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6, 0x5, {0x9d}}, @filter_kind_options=@f_fw={{0x7}, {0x13c, 0x2, [@TCA_FW_CLASSID={0x8}, @TCA_FW_INDEV={0x14, 0x3, 'batadv_slave_1\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'veth0_to_bond\x00'}, @TCA_FW_ACT={0x4}, @TCA_FW_CLASSID={0x8}, @TCA_FW_POLICE={0x18, 0x2, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x1}, @TCA_POLICE_RATE64={0xc}]}, @TCA_FW_INDEV={0x14, 0x3, 'ip6_vti0\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'pimreg1\x00'}, @TCA_FW_ACT={0xbc, 0x4, [@m_simple={0xb8, 0x0, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, ':*&\x00'}, @TCA_DEF_DATA={0xb, 0x3, 'skbmod\x00'}, @TCA_DEF_DATA={0x9, 0x3, 'fd/3\x00'}]}, {0x69, 0x6, "4609dc63a7e2c1e8d8f3947bfe64049bafc10942cf56376c73961c5ee06f3a38e48c1a286e545dd4a521f2869b54fbcf1c7958eb636e54a910cbe3d0b34b67c9400d92c4bd68f2a5e196d558cfa1c8440806e82a3b539579ffad8fa8a57d9e0f03a55d685c"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x178}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 33.885418095s ago: executing program 2 (id=1579): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000480)=ANY=[@ANYBLOB="3800000003020000000000004b6389d30900020073797a31000000000800410072786500140033006970365f767469300000000000000000d0566413310c226ca423df3ee3254ea8805ec7a65664fd9bdc019b35e5ba9098e9eabbead06eff584db0673edd9760421e57b1959f8e9055d1c591b99f3d56168555b6c82ae5527a5fdab35292dfe337bf933ee6c77e4632cd9bbb206b1a03503100ece3d677bed3b0aeb5acec68"], 0x38}}, 0x40004) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vxcan1\x00'}) bind$can_raw(r2, &(0x7f00000005c0), 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xd2, &(0x7f0000000600)=""/210, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r3 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) sendmmsg$inet6(r3, &(0x7f0000000380)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000080)="cc", 0x1}], 0x1}}], 0x1, 0x40) close(0xffffffffffffffff) recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, 0x0, 0x0) 31.53600557s ago: executing program 2 (id=1580): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x1) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000018000100080003", @ANYRES32=r2, @ANYBLOB="0c0006"], 0x28}}, 0x0) 29.932759579s ago: executing program 2 (id=1581): openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000008, 0x50, 0xffffffffffffffff, 0x5738d000) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) pipe2$watch_queue(0x0, 0x80) openat2(0xffffffffffffffff, 0x0, &(0x7f0000000800)={0x0, 0x10}, 0x18) socket(0x10, 0x3, 0x0) syz_clone(0x40100000, &(0x7f0000000440)="383131bb83a76fd55646703008f6c5dd71d236739ea014e7d6baa30af163367d4a34860907db4d822cf57d4da13ccf6a1aa2d8cf9ed850b1a18ca98211a56b0d6516e8f04b33c24876b66a091c951118cab968db090d078c5cdacd756b9ec5d400fe39bb41bbaa2499a3fed515e4bf8758f935f1feb65d02f28f4941c236401f282a443e9320f590616a78f07535ec1a817d02ad087c274daae60b6eb7ff8e656475f4173f9b02f1596cc94255091d22", 0xb0, &(0x7f0000000140), &(0x7f0000000580), &(0x7f00000005c0)="2ee02c9810861e16bdad9dbeab19ce1d069a29fe9318db42c71662df058d98b8c07b5c4ef4031b1e7948d3b6a8fc3a7f7ed91fc00b486c797a6055ea127b96d699244ff56812bc209325c1c6a3be91d223d2a7a41fb4169b7084383f84e9e268f24d7d25f25e8ea6522855da7de7ebccf32e166aae3b27e2d1faeac2854d8493346683e67408dc453ece6b781f37ef4e") syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) 9.71495562s ago: executing program 3 (id=1586): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000480)=ANY=[@ANYBLOB="3800000003020000000000004b6389d30900020073797a31000000000800410072786500140033006970365f767469300000000000000000d0566413310c226ca423df3ee3254ea8805ec7a65664fd9bdc019b35e5ba9098e9eabbead06eff584db0673edd9760421e57b1959f8e9055d1c591b99f3d56168555b6c82ae5527a5fdab35292dfe337bf933ee6c77e4632cd9bbb206b1a03503100ece3d677bed3b0aeb5acec68261156fa54b9"], 0x38}}, 0x40004) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vxcan1\x00'}) bind$can_raw(r2, &(0x7f00000005c0), 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xd2, &(0x7f0000000600)=""/210, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r3 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) sendmmsg$inet6(r3, &(0x7f0000000380)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000080)="cc", 0x1}], 0x1}}], 0x1, 0x40) close(0xffffffffffffffff) recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, 0x0, 0x0) 9.033197214s ago: executing program 4 (id=1587): syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x1) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="010000000000000000001800010008000300", @ANYRES32=r1, @ANYBLOB="0c0006"], 0x28}}, 0x0) 8.284817435s ago: executing program 1 (id=1588): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000a00)='svc_xprt_accept\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) unshare(0x6a040000) socket$nl_route(0x10, 0x3, 0x0) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246) unshare(0x8040480) ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x4004743a, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) ppoll(&(0x7f0000000280)=[{r5}], 0x1, &(0x7f0000000480)={0x0, 0x989680}, 0x0, 0x0) r6 = bpf$ITER_CREATE(0xb, 0x0, 0x0) close(r6) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) socket$inet_udplite(0x2, 0x2, 0x88) 8.125735009s ago: executing program 4 (id=1589): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000008c0), 0x2, 0x0) eventfd(0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000fd00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000500000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sys_enter\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r6 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r5, @ANYBLOB="00000000100000001c001a80080002802d05ff0008000200", @ANYRES16=r6, @ANYRES32=r6], 0x44}}, 0x0) 8.029769438s ago: executing program 3 (id=1590): unshare(0x2040400) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/sem\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) 7.571817601s ago: executing program 0 (id=1591): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='vcan0\x00', 0x10) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080), 0x0) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e21, @private=0xa010101}, 0x10) 7.152946426s ago: executing program 3 (id=1592): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x50}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4) recvmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) r3 = socket(0xf, 0x3, 0x2) write(r3, &(0x7f0000a97ff0)="020baf010200000000067bbc8e", 0xd) sendmsg$key(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x2, 0xb, 0x0, 0x0, 0x2}, 0x10}}, 0x0) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r5, &(0x7f0000000240)={0x24, @short}, 0x14) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="011f0000000000000000010000000400018010000280"], 0x28}}, 0x0) sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, 0x0, 0x0) r7 = socket$inet(0x2, 0x3, 0x5) getsockopt$MRT(r7, 0x0, 0xcf, 0x0, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x0, 0x800, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xd}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xad, "149f3403948cbe2b175fd97b374b93b8"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0) r9 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="1400000022000b0fd25a806c8c6f94f90324fc60", 0x14}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000002c00)=""/4121, 0x1019}, {&(0x7f00000004c0)=""/196, 0xc4}], 0x2}, 0x0) 6.519778305s ago: executing program 4 (id=1593): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 6.339110097s ago: executing program 1 (id=1594): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x2000480, &(0x7f0000001900), 0x1, 0x762, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9GxdNttQs8mW7KY0IaAighdBxYOgl579UW/exB9X/S88SEvVtFjxIJHZzKbbZrfJpkmWup8PTPt9M7N5892Zee/tzrATQM8aTf/JRRyOiA+TiOFsfhIRA/WoP+Lk2no3V5aL6ZTE6uqrfyT1dW6sLBej6TWpg1nh0Yj48b2II7mN9VYXl2YK5XJpPiuP12bPj1cXl46emy1Ml6ZLc8cnJiePnXjmxPGdy/WvX5YOXf3opSe/PvnPu49c/uCnJE7GoWxZcx47ZTRGs/dkIH0Lb/PiTlfWZUm3N4BtSU/NvrWzPA7HcPTVIwDg/+ytiFgFAHpMov8HgB7T+B7gxspysTF19xuJvXXthYjYv5Z/4/rm2pL+7Jrd/vp10KEbyW1XRpKIGNmB+kcj4vNvX/8ynWKXrkMCtPL2d1mwof1PNtyz0KmntrDO6B1l7R/sne/T8c+zrcZ/ufXxT7QY/wy2OHe3Y/PzP3dlB6ppKx3/Pd90b9vNpvwzI31Z6YH6mG8gOXuuXErbtgcjYiwGBtPyxF3qGLv+7/V2y5rHf39+/OYXaf3p/7fWyF3pH7z9NVOFWuFecm527Z2Ix/pb5Z+s7/+kzfj39BbrePm59z9rtyzNP823MW3Mf3etXop4ouX+v3VHW3LX+xPH64fDeOOgaOGbXz8dald/8/5Pp7T+xmeBvZDu/6G75z+SNN+vWe28jp8vDf/Qbtnm+bc+/vclr9Xjfdm8i4VabX4iYl/yysb5x269tlFurJ/mP/Z4Pf8D2Sob2r9Wx3/6mfCNzRLPNqL/6u9fbT//3ZXmP9XR/u88uHxzpq9d/Vvb/5P1aCybs5X2b6sbeC/vHQAAAAAAAAAAAAAAAAAAAAAAAABsVS4iDkWSy6/HuVw+v/YM74djKFeuVGtHzlYW5qai/qzskRjINX7qcrjp91Anst/Db5SP3VF+OiIeiohPBg/Uy/lipTzV7eQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHOwzfP/U78NdnvrAIBds7/bGwAA7Dn9PwD0nk77f+MFALj/6c8BoPfo/wGg9+j/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GWnT51Kp9W/V5aLaXnqwuLCTOXC0alSdSY/u1DMFyvz5/PTlcp0uZQvVmY3+3vlSuX8ZMwtXByvlaq18eri0pnZysJc7cy52cJ06UxpYE+yAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDOVBeXZgrlcmleIBAI1oNut0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94f/AgAA///tuiN0") creat(&(0x7f0000000040)='./bus\x00', 0x0) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0) read$FUSE(r0, 0x0, 0x0) 5.853125256s ago: executing program 0 (id=1595): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r2 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, 0x0, 0x40004) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000080)={'vxcan1\x00'}) bind$can_raw(r4, &(0x7f00000005c0), 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xd2, &(0x7f0000000600)=""/210, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r5 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) sendmmsg$inet6(r5, &(0x7f0000000380)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000080)="cc", 0x1}], 0x1}}], 0x1, 0x40) close(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r4, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000300)={@mcast1, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, 0x10001, 0x5, 0x9, 0x100, 0x7, 0x80010000}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0) sendmsg$can_raw(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "5b7b00008f28aaf0"}, 0x10}}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000340), 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x28011, r7, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380100001adab7d0db0000000000fc0000000000000000000000003b1e7d7f538f3185000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa0000000000000000000000000000000033000000fc010000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000003350000020000000000000000000000480001006d643500"/240], 0x138}}, 0x0) 5.563986096s ago: executing program 4 (id=1596): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan1\x00'}) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) pipe(0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x21000, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000380)={0x48, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_FRAME={0x34, 0x33, @deauth={{{}, {}, @device_a, @device_a, @random="299574b6bb09"}, 0x0, @val={0x8c, 0x10, {0x0, "6affad068c8e", @short="f5e1e7342199b88f"}}}}]}, 0x48}}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r2, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r2, 0x0) write$bt_hci(r1, &(0x7f00000000c0)={0x1, @write_sc_support={{0xc7a, 0x1}}}, 0x6) 5.33960892s ago: executing program 3 (id=1597): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) 4.64746398s ago: executing program 4 (id=1598): syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x1) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYBLOB="010000000000000000001800010008000300", @ANYRES32=r1, @ANYBLOB="0c0006"], 0x28}}, 0x0) 4.564958315s ago: executing program 1 (id=1599): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000480)=ANY=[@ANYBLOB="3800000003020000000000004b6389d30900020073797a31000000000800410072786500140033006970365f767469300000000000000000d0566413310c226ca423df3ee3254ea8805ec7a65664fd9bdc019b35e5ba9098e9eabbead06eff584db0673edd9760421e57b1959f8e9055d1c591b99f3d56168555b6c82ae5527a5fdab35292dfe337bf933ee6c77e4632cd9bbb206b1a03503100ece3d677bed3b0aeb5acec68261156fa54b9"], 0x38}}, 0x40004) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vxcan1\x00'}) bind$can_raw(r2, &(0x7f00000005c0), 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xd2, &(0x7f0000000600)=""/210, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r3 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab390c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) sendmmsg$inet6(r3, &(0x7f0000000380)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000080)="cc", 0x1}], 0x1}}], 0x1, 0x40) close(0xffffffffffffffff) recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, 0x0, 0x0) 4.46377682s ago: executing program 3 (id=1600): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000f40)={r0, 0x609, 0xe, 0x0, &(0x7f0000000b40)="dd80feffffff0002000400000000", 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.749069793s ago: executing program 4 (id=1601): add_key$user(0x0, 0x0, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) mount$bind(0x0, 0x0, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setscheduler(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000008, 0x50, 0xffffffffffffffff, 0x5738d000) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, 0x0) dup3(0xffffffffffffffff, r2, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) pipe2$watch_queue(0x0, 0x80) openat2(0xffffffffffffffff, 0x0, &(0x7f0000000800)={0x0, 0x10}, 0x18) execveat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], 0x1000) r3 = socket(0x10, 0x3, 0x0) r4 = syz_clone(0x40100000, &(0x7f0000000440)="383131bb83a76fd55646703008f6c5dd71d236739ea014e7d6baa30af163367d4a34860907db4d822cf57d4da13ccf6a1aa2d8cf9ed850b1a18ca98211a56b0d6516e8f04b33c24876b66a091c951118cab968db090d078c5cdacd756b9ec5d400fe39bb41bbaa2499a3fed515e4bf8758f935f1feb65d02f28f4941c236401f282a443e9320f590616a78f07535ec1a817d02ad087c274daae60b6eb7ff8e656475f4173f9b02f1596cc94255091d22a13d2cf9122223f42d973201d3560eacfd414d7f488a84aa3cd20d47aa2ea24b60aeb5d3fc1e838db6180994b1954370cd6468b3ecf2c222cfc93492", 0xec, &(0x7f0000000140), &(0x7f0000000580), &(0x7f00000005c0)="2ee02c9810861e16bdad9dbeab19ce1d069a29fe9318db42c71662df058d98b8c07b5c4ef4031b1e7948d3b6a8fc3a7f7ed91fc00b486c797a6055ea127b96d699244ff56812bc20") sched_getscheduler(r4) sendmsg$nl_route(r3, 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1}}, {@resuid, 0x32}]}, 0x1b, 0x4f0, &(0x7f0000000a40)="$eJzs3V1rW+cdAPD/ObaSOHFmh+0iCywLS4Ydtkh2vCRmF1k2xnYV2JZdL/Ns2RjLlrHkJDZhc9gHGIyxDQaDXvWm0A9QKPkIpRBo70tbWkqbtBe5aKOit7w4kq0Q2Qr27wfH53nOi///R0JHes55OCeAfetURJyOiEeVSuVsRAw1lqeN6Uq1slHf7sH929PVKYlK5drnSURSX1bdZPSp/3mkvksciog//DbiL8nzcUtr6wtThUJ+pVHPlReXc6W19XPzi1Nz+bn80sTE+MXJS5MXJse60s7BiLj864///Y/Xf3P57Z/e/OD6p6N/TRrLI560o9vqTc/UXoum/ohY2YlgPdDXaE+m14kAANCR5u/8H0XE2RiKvtqvOQAAAGAvqfxiML5OIioAAADAnpXWxsAmabYxDmAw0jSbrY/h/V4cTgvFUvkns8XVpZn6WNnhyKSz84X8WGOs8HBkkmp9vFZ+Uj+/qT4REcci4l9DA7V6drpYmOn1yQ8AAADYJ45s6v9/NVTv/wMAAAB7zHCvEwAAAAB2nP4/AAAA7H36/wAAALCn/e7q1epUaT7/eubG2upC8ca5mXxpIbu4Op2dLq4sZ+eKxbnaPfsWt/t/hWJx+WextHorV86XyrnS2vr1xeLqUvn6/DOPwAYAAAB20bEf3n0/iYiNnw/UpqoDvU4K2BX9L7LxRzuXB7D7+nqdANAzL/T9D+wpmV4nAPRcEhH/32J928E77+xMPgAAQPeNfL/19f9k23MDG+kupQjsEOf/YP9y/R/2L9f/Yf/KRF903pEf2NFcgN5Itln/8tf/K5UXSggAAOi6wdqUpNmI2nmAwUjTbDbiaO2xAJlkdr6QH4uI70TEe0OZg9X6eG3PZNs+AwAAAAAAAAAAAAAAAAAAAAAAAABQV6kkUQEAAAD2tIj0k6Tx/K+RoTODm88PHEgeDtXmEXHzf9f+c2uqXF4Zry7/4vHy8n8by8/34gwGAAAAsFmzn97sxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABANz24f3u6Oe1m3M9+GRHDreL3x6Ha/FBkIuLwl0n0P7VfEhF9XYi/cScifvWnFvGTalox3MiiVfyBbsU/3qr9W8dPI+JIF+LDfna3evy50urzl8ap2nzz5+/g4337uxC//fEvfXz862tz/DnaYYwT997MtY1/J+JEf+vjTzN+0ib+6Q7j//mP6+vt1lVeixhp+f2TPBMrV15czpXW1s/NL07N5efySxMT4xcnL01emBzLzc4X8o2/LWP88wdvPdqq/YfbxB/epv1nOmz/N/du3f9uvZhpFX/0dOv3/3ib+Gnju+/HjXJ1/UizvFEvP+3kG++e3Kr9M23av937P9ph+8/+/u8fdrgpALALSmvrC1OFQn5lXxde6tWo/izqbOO0EeZVaLJCfqX0t1cjjVey0PxMPOzJcQkAAOi+5/vAAAAAAAAAAAAAAAAAAAAAwG7rzj3DmvfE3vruek0b9dlz90IGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOilbwMAAP//lRTPYg==") syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000300)={[{@dioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@quota}, {@noinit_itable}, {@barrier_val={'barrier', 0x3d, 0x7ff}}, {@errors_continue}, {@errors_remount}, {@delalloc}, {@auto_da_alloc}, {@resgid}, {@errors_continue}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==") ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) 3.645932773s ago: executing program 0 (id=1602): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000008c0), 0x2, 0x0) eventfd(0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000fd00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d0000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sys_enter\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r6 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r5, @ANYBLOB="00000000100000001c001a80080002802d05ff0008000200", @ANYRES16=r6, @ANYRES32=r6], 0x44}}, 0x0) 2.783663939s ago: executing program 3 (id=1603): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000a00)='svc_xprt_accept\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) unshare(0x6a040000) socket$nl_route(0x10, 0x3, 0x0) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246) unshare(0x8040480) ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x4004743a, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) ppoll(&(0x7f0000000280)=[{r4}], 0x1, &(0x7f0000000480)={0x0, 0x989680}, 0x0, 0x0) 2.163183719s ago: executing program 0 (id=1604): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='vcan0\x00', 0x10) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080), 0x0) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e21, @private=0xa010101}, 0x10) 1.989349304s ago: executing program 1 (id=1605): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 1.142775818s ago: executing program 1 (id=1606): ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) fchdir(0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)) creat(0x0, 0x0) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffc}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, 0x0) shutdown(r1, 0x1) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"]) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0x80005520, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa56"], 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) 627.735978ms ago: executing program 0 (id=1607): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000000)={[{@init_itable_val={'init_itable', 0x3d, 0x4}}, {@nombcache}]}, 0x1, 0x589, &(0x7f0000000bc0)="$eJzs3U9oHGUbAPBnJsnXr22+Ly0oqPRQVKhQukn6R6un9CoWCj0IXuKy2YaQTTZmN7UJPaT3IhYUlV7qTUGPiogH8eLRqxfFsyBaVJoeJDLZ3bRNsnGTdncl+/vBbOZ939l93jezz7szywwbQM86mj2kEU9GxIUkYui+tv6oNx6tbbdy+2rhbn8UklhdvfhrEklE3Ll9tdDYPqn/PRgRyxHxRER8MxBxPN0ct7K4NJ0vlYrz9fJwdWZuuLK4dGJqJj9ZnCzOnnrhxTNnT58ZPTn6yMZ6/ccbb13/7uVbNz7+9Mhy4d18EmMxWG+7fxyPUu1/MhBjG+pPtyNYFyXd7gC70lfP84GIeDyGoq+e9cDet7ovYhXoUcmO839/mDNgL2gcB2Tnv43lgQOE5fYef/xyrnYCksVdqS+1lv7adxPx37VzkwO/Jw+cmWTnm4fa2zV6wPK1iBjp79/8/k/q77/dG3kUHaStvj5X21Gb93+a7f83Pqlvt3H+GWx8d/qQGvPfyqb5L12f//qazH8XWozx12s/fdA0/rWIp7aMn6zHT7aIn0bE6y3Gv/nqF2ebta1+GHEsto7fkGz//fDwpalScaT2uGWMr44deWm78R9oEn9sm/FndXMtjv/zbz97utnHaBb/uWe23/9bxc+Owd9uMf7hOx+90qwtiz/RZPzbxc/qbrUY//mxoz+0uCkAAAAAAAAAALAD6dq1bEmaW19P01yudg/vY3EgLZUr1eOXyguzE7Vr3g7FQNq40mqoVk6y8mj9etxG+eSG8qmIOBwR7/TtXyvnCuXSRLcHDwAAAAAAAAAAAAAAAAAAAP8SBzfc//9HX+3+f6BH+Mlv6F3yH3rXg/mfdK0fQOf5/IfeJf+hdzXL/7tfdrgjQMc1/fwf6Gw/gM5z/A+9S/5D75L/0LvkPwAAAAAAAAAAAAAAAAAAAAAAAAAAtMWF8+ezZfXu7auFrDxxeXFhunz5xESxMp2bWSjkCuX5udxkuTxZKuYK5Zl/er1SuTw3ErMLV4arxUp1uLK4ND5TXpitjk/N5CeL40W/KAIAAAAAAAAAAAAAAAAAAACbDa4tSZqLiHRtPU1zuYj/RcShGEguTZWKIxHx/4j4vm9gX1Ye7XanAQAAAAAAAAAAAAAAAAAAYI+pLC5N50ul4vz2K2kL2+y9lYhY3lCzs9cZ/7Nzfc46u6unJ8sPFT2Jbu8mK2168wMAAAAAAAAAAAAAAAAAAB1176bfHT7xWps6BAAAAAAAAAAAAAAAAAAAAD0p/Tl7TCLi2NCzgxtb/5Os9K39jYg3b15870q+Wp0fzep/W6+vvl+vP9mF7gMta+RpI48BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAeyqLS9P5Uqk4v8uVfS28TpeHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALArfwcAAP//VB3RbA==") setxattr$system_posix_acl(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000880)='system.posix_acl_access\x00', &(0x7f0000000980)={{}, {}, [], {}, [], {}, {0x20, 0x4}}, 0x24, 0x0) 389.596264ms ago: executing program 1 (id=1608): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$inet6(0xa, 0x3, 0x1) syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYRES32=r0], 0x2) 0s ago: executing program 0 (id=1609): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) kernel console output (not intermixed with test programs): 8.938073][ T9181] Driver unsupported XDP return value 0 on prog (id 125) dev N/A, expect packet loss! [ 659.043354][ T5195] Bluetooth: hci0: command 0x0406 tx timeout [ 659.049931][ T5188] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 659.109566][ T7067] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 659.119804][ T7067] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 659.377329][ T7067] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 659.385712][ T7067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 660.629306][ T9014] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 661.206031][ T9205] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 661.246513][ T9205] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 661.386442][ T9014] veth0_vlan: entered promiscuous mode [ 661.542210][ T9014] veth1_vlan: entered promiscuous mode [ 661.632724][ T9207] loop3: detected capacity change from 0 to 16 [ 661.684717][ T9207] erofs: (device loop3): mounted with root inode @ nid 36. [ 661.878338][ T29] audit: type=1326 audit(1724326861.559:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.3.955" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0 [ 661.892408][ T9014] veth0_macvtap: entered promiscuous mode [ 661.990529][ T9014] veth1_macvtap: entered promiscuous mode [ 662.326558][ T9014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.337411][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.347945][ T9014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.359858][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.374227][ T9014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.386278][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.396519][ T9014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.407280][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.424388][ T9014] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 662.611745][ T9219] vlan2: entered promiscuous mode [ 662.843556][ T9014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.854499][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.864717][ T9014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.875547][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.889819][ T9014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.901807][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.911976][ T9014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.922685][ T9014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.937992][ T9014] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 663.198435][ T5188] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 663.198949][ T5195] Bluetooth: hci0: command 0x0406 tx timeout [ 663.252102][ T9014] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.261269][ T9014] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.270285][ T9014] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.279485][ T9014] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.487695][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 663.579235][ T9237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 663.763120][ T9237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 665.447794][ T9265] loop4: detected capacity change from 0 to 16 [ 665.494724][ T9265] erofs: (device loop4): mounted with root inode @ nid 36. [ 665.641529][ T29] audit: type=1326 audit(1724326865.349:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.4.971" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73bd579 code=0x0 [ 666.791205][ T5195] Bluetooth: hci4: command 0x0406 tx timeout [ 666.797736][ T5182] Bluetooth: hci4: Opcode 0x206a failed: -110 [ 667.577594][ T9300] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 667.706142][ T9300] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 668.547145][ T9316] batadv_slave_0: entered allmulticast mode [ 668.572918][ T9316] pim6reg: entered allmulticast mode [ 668.596874][ T9316] pim6reg: left allmulticast mode [ 668.602752][ T9316] batadv_slave_0: left allmulticast mode [ 669.101455][ T9320] loop3: detected capacity change from 0 to 16 [ 669.158623][ T9320] erofs: (device loop3): mounted with root inode @ nid 36. [ 669.190928][ T9323] sctp: [Deprecated]: syz.0.987 (pid 9323) Use of int in maxseg socket option. [ 669.190928][ T9323] Use struct sctp_assoc_value instead [ 669.292774][ T29] audit: type=1326 audit(1724326869.009:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9319 comm="syz.3.986" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0 [ 669.634277][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 669.646608][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 669.914697][ T1057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 669.923031][ T1057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 670.071440][ T5195] Bluetooth: hci4: command 0x0406 tx timeout [ 670.077796][ T5182] Bluetooth: hci4: Opcode 0x206a failed: -110 [ 671.613579][ T9359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 671.701519][ T9359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 671.741455][ T9362] netlink: 'syz.0.998': attribute type 21 has an invalid length. [ 671.793697][ T9364] netlink: 180 bytes leftover after parsing attributes in process `syz.3.999'. [ 672.344824][ T9371] loop3: detected capacity change from 0 to 16 [ 672.375822][ T9371] erofs: (device loop3): mounted with root inode @ nid 36. [ 672.560772][ T29] audit: type=1326 audit(1724326872.239:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.3.1003" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0 [ 673.192215][ T5182] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 673.198619][ T5182] Bluetooth: hci0: command 0x0406 tx timeout [ 683.604589][ T9428] loop2: detected capacity change from 0 to 16 [ 683.672529][ T9428] erofs: (device loop2): mounted with root inode @ nid 36. [ 683.741018][ T29] audit: type=1326 audit(1724326883.449:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.2.1023" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 684.114439][ T9439] netlink: 'syz.3.1025': attribute type 3 has an invalid length. [ 684.123818][ T9439] netlink: 'syz.3.1025': attribute type 1 has an invalid length. [ 684.133455][ T9439] netlink: 193500 bytes leftover after parsing attributes in process `syz.3.1025'. [ 687.855477][ T9447] syzkaller1: entered promiscuous mode [ 687.861412][ T9447] syzkaller1: entered allmulticast mode [ 687.882286][ T9447] dccp_invalid_packet: P.CsCov 15 exceeds packet length 256 [ 688.018026][ T9437] bridge_slave_1: left allmulticast mode [ 688.024718][ T9437] bridge_slave_1: left promiscuous mode [ 688.031859][ T9437] bridge0: port 2(bridge_slave_1) entered disabled state [ 688.124116][ T9437] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 688.760165][ T9465] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1032'. [ 689.074527][ T9471] netlink: 'syz.2.1033': attribute type 29 has an invalid length. [ 689.141856][ T9473] netlink: 'syz.2.1033': attribute type 29 has an invalid length. [ 689.820282][ T9481] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1036'. [ 690.058193][ T9484] syzkaller1: entered promiscuous mode [ 690.064412][ T9484] syzkaller1: entered allmulticast mode [ 690.105485][ T9484] dccp_invalid_packet: P.CsCov 15 exceeds packet length 256 [ 690.129413][ T9489] loop4: detected capacity change from 0 to 16 [ 690.272219][ T9489] erofs: (device loop4): mounted with root inode @ nid 36. [ 690.459200][ T29] audit: type=1326 audit(1724326890.149:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.4.1040" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73bd579 code=0x0 [ 692.355834][ T9522] loop4: detected capacity change from 0 to 512 [ 692.550089][ T9522] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13 [ 692.641659][ T9522] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1050: invalid indirect mapped block 2683928664 (level 1) [ 692.690971][ T9522] EXT4-fs (loop4): Remounting filesystem read-only [ 692.698501][ T9522] EXT4-fs (loop4): 1 truncate cleaned up [ 692.736206][ T9522] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 692.987743][ T7837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.092926][ T9530] syzkaller1: entered promiscuous mode [ 693.098658][ T9530] syzkaller1: entered allmulticast mode [ 693.134558][ T9530] dccp_invalid_packet: P.CsCov 15 exceeds packet length 256 [ 693.852422][ T9538] loop1: detected capacity change from 0 to 16 [ 693.897293][ T9538] erofs: (device loop1): mounted with root inode @ nid 36. [ 694.046367][ T29] audit: type=1326 audit(1724326893.759:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.1.1057" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf739d579 code=0x0 [ 695.791809][ T9569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1066'. [ 696.291706][ T9577] syzkaller1: entered promiscuous mode [ 696.297440][ T9577] syzkaller1: entered allmulticast mode [ 696.370718][ T9579] dccp_invalid_packet: P.CsCov 15 exceeds packet length 256 [ 697.434766][ T29] audit: type=1326 audit(1724326897.109:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9596 comm="syz.0.1076" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f60579 code=0x0 [ 698.732163][ T9618] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1079'. [ 704.447613][ T9648] loop2: detected capacity change from 0 to 16 [ 704.497546][ T9651] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1094'. [ 704.530178][ T9648] erofs: (device loop2): mounted with root inode @ nid 36. [ 704.642301][ T29] audit: type=1326 audit(1724326904.349:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9644 comm="syz.2.1092" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 707.537121][ T9700] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1108'. [ 708.019443][ T9704] loop4: detected capacity change from 0 to 16 [ 708.031740][ T9704] erofs: (device loop4): mounted with root inode @ nid 36. [ 708.223436][ T29] audit: type=1326 audit(1724326907.889:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9703 comm="syz.4.1110" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73bd579 code=0x0 [ 709.261467][ T9727] loop2: detected capacity change from 0 to 128 [ 709.415883][ T9727] FAT-fs (loop2): Directory bread(block 160) failed [ 709.423068][ T9727] FAT-fs (loop2): Directory bread(block 161) failed [ 709.429939][ T9727] FAT-fs (loop2): Directory bread(block 162) failed [ 709.437052][ T9727] FAT-fs (loop2): Directory bread(block 163) failed [ 709.444050][ T9727] FAT-fs (loop2): Directory bread(block 164) failed [ 709.451051][ T9727] FAT-fs (loop2): Directory bread(block 165) failed [ 709.457904][ T9727] FAT-fs (loop2): Directory bread(block 166) failed [ 709.464846][ T9727] FAT-fs (loop2): Directory bread(block 167) failed [ 710.627357][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 710.634245][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 710.770922][ T9742] loop2: detected capacity change from 0 to 736 [ 711.288699][ T9749] loop4: detected capacity change from 0 to 128 [ 711.756941][ T29] audit: type=1326 audit(1724326911.419:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.1128" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f60579 code=0x0 [ 713.535357][ T9786] pimreg3: entered allmulticast mode [ 713.643766][ T9788] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1137'. [ 713.688164][ T9786] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1136'. [ 714.928397][ T29] audit: type=1326 audit(1724326914.659:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.0.1144" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f60579 code=0x0 [ 715.891840][ T9827] Bluetooth: MGMT ver 1.23 [ 717.043258][ T9840] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1153'. [ 718.303573][ T9852] loop2: detected capacity change from 0 to 16 [ 718.342956][ T9852] erofs: (device loop2): mounted with root inode @ nid 36. [ 718.507198][ T29] audit: type=1326 audit(1724326918.189:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9851 comm="syz.2.1160" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 721.003488][ T9885] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1168'. [ 722.018165][ T9898] loop3: detected capacity change from 0 to 16 [ 722.043326][ T5236] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 722.134607][ T9898] erofs: (device loop3): mounted with root inode @ nid 36. [ 722.276773][ T5236] usb 5-1: Using ep0 maxpacket: 8 [ 722.280550][ T29] audit: type=1326 audit(1724326921.989:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9896 comm="syz.3.1175" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0 [ 722.313464][ T5236] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 722.323066][ T5236] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 722.398902][ T5236] usb 5-1: config 0 descriptor?? [ 722.924335][ T5236] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32 [ 722.934730][ T5236] asix 5-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffe0 [ 722.947420][ T5236] asix 5-1:0.0: probe with driver asix failed with error -32 [ 724.292957][ T9923] loop3: detected capacity change from 0 to 1024 [ 724.381025][ T9923] hfsplus: bad catalog file entry [ 724.386368][ T9923] hfsplus: failed to load root directory [ 724.506291][ T9923] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4112279582 (8224559164 ns) > initial count (2286966128 ns). Using initial count to start timer. [ 724.671436][ T9935] loop2: detected capacity change from 0 to 512 [ 725.041143][ T5271] usb 5-1: USB disconnect, device number 12 [ 725.228309][ T9939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1184'. [ 725.607733][ T9935] EXT4-fs (loop2): Test dummy encryption mode enabled [ 725.674248][ T9935] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #12: comm syz.2.1183: corrupted in-inode xattr: invalid ea_ino [ 725.729931][ T9935] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1183: couldn't read orphan inode 12 (err -117) [ 725.822231][ T9935] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 726.123704][ T9955] loop1: detected capacity change from 0 to 16 [ 726.192713][ T9955] erofs: (device loop1): mounted with root inode @ nid 36. [ 726.409311][ T29] audit: type=1326 audit(1724326926.089:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9954 comm="syz.1.1189" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf739d579 code=0x0 [ 728.028578][ T9977] loop1: detected capacity change from 0 to 16 [ 728.142953][ T9977] erofs: (device loop1): mounted with root inode @ nid 36. [ 728.270303][ T5182] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 0] out[9000] [ 728.328727][ T9977] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 728.371825][ T29] audit: type=1800 audit(1724326928.099:129): pid=9977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1193" name="file3" dev="loop1" ino=89 res=0 errno=0 [ 728.532733][ T9014] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 729.777092][ T9986] loop2: detected capacity change from 0 to 256 [ 729.967560][ T9986] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 730.160905][ T9988] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1198'. [ 730.722260][ T9991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1199'. [ 733.035417][T10001] loop3: detected capacity change from 0 to 16 [ 733.078061][T10001] erofs: (device loop3): mounted with root inode @ nid 36. [ 733.271421][ T29] audit: type=1326 audit(1724326932.979:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10000 comm="syz.3.1203" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0 [ 736.041774][T10024] loop2: detected capacity change from 0 to 512 [ 736.083307][T10024] EXT4-fs (loop2): bad geometry: first data block 0 is beyond end of filesystem (0) [ 736.967004][T10019] loop3: detected capacity change from 0 to 8192 [ 737.508241][T10029] batadv_slave_0: entered allmulticast mode [ 737.562979][T10029] pim6reg: entered allmulticast mode [ 737.608025][T10029] pim6reg: left allmulticast mode [ 737.614794][T10029] batadv_slave_0: left allmulticast mode [ 737.636819][T10017] syz.3.1205 (10017) used greatest stack depth: 4288 bytes left [ 737.697818][ T5195] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 737.709744][ T5195] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 737.755682][ T5195] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 737.785534][ T5195] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 737.815094][ T5195] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 737.853219][ T5195] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 739.342272][ T1819] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 739.428842][ T5195] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 739.439027][ T5195] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 739.531021][ T5195] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 739.589833][ T5195] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 739.616997][ T1819] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 739.628457][ T1819] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 739.635695][T10030] chnl_net:caif_netlink_parms(): no params data found [ 739.638738][ T1819] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 739.654705][ T1819] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 739.665569][ T5195] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 739.686568][ T5195] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 739.703568][ T1819] usb 3-1: config 0 descriptor?? [ 739.993939][ T5195] Bluetooth: hci2: command tx timeout [ 740.411557][ T1819] hid-multitouch 0003:1FD2:6007.0009: unknown main item tag 0x0 [ 740.509954][ T1819] hid-multitouch 0003:1FD2:6007.0009: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0 [ 740.654047][T10044] loop3: detected capacity change from 0 to 16 [ 740.689256][ T1536] usb 3-1: USB disconnect, device number 12 [ 740.746505][T10044] erofs: (device loop3): mounted with root inode @ nid 36. [ 740.981222][ T29] audit: type=1326 audit(1724326940.649:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10043 comm="syz.3.1215" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0 [ 741.832212][ T5195] Bluetooth: hci6: command tx timeout [ 741.873427][ T5195] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 741.887858][ T5195] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 741.900020][ T5195] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 741.943980][ T5195] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 741.975743][ T5195] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 742.012884][ T5195] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 742.070697][ T5195] Bluetooth: hci2: command tx timeout [ 742.877185][T10040] chnl_net:caif_netlink_parms(): no params data found [ 743.133521][T10030] bridge0: port 1(bridge_slave_0) entered blocking state [ 743.141664][T10030] bridge0: port 1(bridge_slave_0) entered disabled state [ 743.151715][T10030] bridge_slave_0: entered allmulticast mode [ 743.168046][T10030] bridge_slave_0: entered promiscuous mode [ 743.341636][T10030] bridge0: port 2(bridge_slave_1) entered blocking state [ 743.349355][T10030] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.357419][T10030] bridge_slave_1: entered allmulticast mode [ 743.374959][T10030] bridge_slave_1: entered promiscuous mode [ 743.895545][ T10] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 743.910792][ T5195] Bluetooth: hci6: command tx timeout [ 744.070982][ T5195] Bluetooth: hci7: command tx timeout [ 744.108272][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 744.119704][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 744.129923][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 744.143227][ T10] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 744.152939][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 744.180702][ T5195] Bluetooth: hci2: command tx timeout [ 744.207610][ T10] usb 3-1: config 0 descriptor?? [ 744.330880][T10030] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 744.428208][T10030] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 744.833904][ T10] prodikeys 0003:041E:2801.000A: unknown main item tag 0x0 [ 744.841956][ T10] prodikeys 0003:041E:2801.000A: unknown main item tag 0x0 [ 744.849612][ T10] prodikeys 0003:041E:2801.000A: unknown main item tag 0x0 [ 744.857867][ T10] prodikeys 0003:041E:2801.000A: unknown main item tag 0x0 [ 744.860818][T10081] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1220'. [ 744.865477][ T10] prodikeys 0003:041E:2801.000A: unknown main item tag 0x0 [ 744.959849][ T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.019687][T10030] team0: Port device team_slave_0 added [ 745.067335][T10030] team0: Port device team_slave_1 added [ 745.129343][ T10] prodikeys 0003:041E:2801.000A: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.2-1/input0 [ 745.163648][ T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.201879][ T10] usb 3-1: USB disconnect, device number 13 [ 745.232325][T10056] chnl_net:caif_netlink_parms(): no params data found [ 745.397661][ T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.734847][ T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.903947][T10030] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 745.913801][T10030] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 745.944114][T10030] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 745.957567][T10085] batadv_slave_0: entered allmulticast mode [ 745.992425][ T5195] Bluetooth: hci6: command tx timeout [ 746.031390][T10086] pim6reg: entered allmulticast mode [ 746.156502][ T5195] Bluetooth: hci7: command tx timeout [ 746.191008][T10087] pim6reg: left allmulticast mode [ 746.196675][T10087] batadv_slave_0: left allmulticast mode [ 746.236411][ T5195] Bluetooth: hci2: command tx timeout [ 746.322201][T10030] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 746.329444][T10030] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 746.361938][T10030] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 746.842023][T10040] bridge0: port 1(bridge_slave_0) entered blocking state [ 746.855012][T10040] bridge0: port 1(bridge_slave_0) entered disabled state [ 746.863062][T10040] bridge_slave_0: entered allmulticast mode [ 746.872231][T10040] bridge_slave_0: entered promiscuous mode [ 747.089026][ T13] bridge_slave_1: left allmulticast mode [ 747.095004][ T13] bridge_slave_1: left promiscuous mode [ 747.101588][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 747.184158][ T13] bridge_slave_0: left allmulticast mode [ 747.190031][ T13] bridge_slave_0: left promiscuous mode [ 747.196788][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 748.087331][ T5195] Bluetooth: hci6: command tx timeout [ 748.231488][ T5195] Bluetooth: hci7: command tx timeout [ 748.243002][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 748.347447][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 748.448685][ T13] bond0 (unregistering): Released all slaves [ 748.619514][T10040] bridge0: port 2(bridge_slave_1) entered blocking state [ 748.627118][T10040] bridge0: port 2(bridge_slave_1) entered disabled state [ 748.634707][T10040] bridge_slave_1: entered allmulticast mode [ 748.642592][T10040] bridge_slave_1: entered promiscuous mode [ 748.882350][T10030] hsr_slave_0: entered promiscuous mode [ 748.942175][T10030] hsr_slave_1: entered promiscuous mode [ 748.960758][T10030] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 748.968705][T10030] Cannot create hsr debugfs directory [ 749.637566][T10056] bridge0: port 1(bridge_slave_0) entered blocking state [ 749.645445][T10056] bridge0: port 1(bridge_slave_0) entered disabled state [ 749.653361][T10056] bridge_slave_0: entered allmulticast mode [ 749.662588][T10056] bridge_slave_0: entered promiscuous mode [ 749.688816][T10040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 749.829321][T10056] bridge0: port 2(bridge_slave_1) entered blocking state [ 749.839791][T10056] bridge0: port 2(bridge_slave_1) entered disabled state [ 749.847921][T10056] bridge_slave_1: entered allmulticast mode [ 749.857035][T10056] bridge_slave_1: entered promiscuous mode [ 750.093501][T10040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 750.118162][T10056] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 750.311954][ T5195] Bluetooth: hci7: command tx timeout [ 750.377723][T10056] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 750.562458][ T13] hsr_slave_0: left promiscuous mode [ 750.602893][ T13] hsr_slave_1: left promiscuous mode [ 750.651120][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 750.658827][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 750.715749][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 750.723665][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 750.811696][ T13] veth0_macvtap: left promiscuous mode [ 750.817511][ T13] veth1_vlan: left promiscuous mode [ 750.824756][ T13] veth0_vlan: left promiscuous mode [ 751.565964][T10118] loop3: detected capacity change from 0 to 256 [ 751.693824][T10118] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 751.989858][ T29] audit: type=1326 audit(1724326951.669:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.013166][ T29] audit: type=1326 audit(1724326951.709:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.035763][ T29] audit: type=1326 audit(1724326951.739:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.058621][ T29] audit: type=1326 audit(1724326951.739:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.084955][ T29] audit: type=1326 audit(1724326951.739:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.108671][ T29] audit: type=1326 audit(1724326951.739:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.131132][ T29] audit: type=1326 audit(1724326951.739:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.153744][ T29] audit: type=1326 audit(1724326951.739:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.179940][ T29] audit: type=1326 audit(1724326951.839:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.203734][ T29] audit: type=1326 audit(1724326951.839:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 752.269114][ T13] team0 (unregistering): Port device team_slave_1 removed [ 752.353175][ T13] team0 (unregistering): Port device team_slave_0 removed [ 752.960624][T10040] team0: Port device team_slave_0 added [ 753.015673][T10121] pimreg3: entered allmulticast mode [ 753.029564][T10122] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1228'. [ 753.176190][T10040] team0: Port device team_slave_1 added [ 753.189934][T10056] team0: Port device team_slave_0 added [ 753.380066][T10056] team0: Port device team_slave_1 added [ 753.639057][T10040] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 753.647726][T10040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 753.675341][T10040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 753.801926][T10132] batadv_slave_0: entered allmulticast mode [ 753.863545][T10056] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 753.870759][T10056] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 753.897260][T10056] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 753.953028][T10040] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 753.960271][T10040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 753.989545][T10040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 754.162609][T10056] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 754.169792][T10056] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 754.196178][T10056] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 754.301652][T10030] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.382983][T10136] loop2: detected capacity change from 0 to 16 [ 754.480341][T10136] erofs: (device loop2): mounted with root inode @ nid 36. [ 754.497033][T10030] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.841938][T10030] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.924418][T10040] hsr_slave_0: entered promiscuous mode [ 755.005934][T10040] hsr_slave_1: entered promiscuous mode [ 755.052584][T10040] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 755.060351][T10040] Cannot create hsr debugfs directory [ 755.221963][T10056] hsr_slave_0: entered promiscuous mode [ 755.286819][T10056] hsr_slave_1: entered promiscuous mode [ 755.331017][T10056] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 755.338879][T10056] Cannot create hsr debugfs directory [ 755.415953][T10030] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 755.510089][T10149] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1229'. [ 755.935396][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 756.250824][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 756.333254][T10153] loop2: detected capacity change from 0 to 512 [ 756.346786][T10030] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 756.372919][T10153] EXT4-fs: quotafile must be on filesystem root [ 756.412219][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 756.507724][T10030] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 756.625543][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 756.755359][T10030] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 756.902071][T10030] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 757.481756][ T13] bridge_slave_1: left allmulticast mode [ 757.487650][ T13] bridge_slave_1: left promiscuous mode [ 757.494671][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 757.609662][ T13] bridge_slave_0: left allmulticast mode [ 757.617504][ T13] bridge_slave_0: left promiscuous mode [ 757.624676][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 757.652632][ T13] bridge_slave_1: left allmulticast mode [ 757.658518][ T13] bridge_slave_1: left promiscuous mode [ 757.665222][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 757.715727][T10160] loop3: detected capacity change from 0 to 512 [ 757.725041][T10160] EXT4-fs: Ignoring removed i_version option [ 757.751373][ T13] bridge_slave_0: left allmulticast mode [ 757.757329][ T13] bridge_slave_0: left promiscuous mode [ 757.764125][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 757.807964][T10160] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 757.820169][T10160] System zones: 1-12 [ 757.853295][T10160] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1234: bg 0: block 131: padding at end of block bitmap is not set [ 757.973787][T10160] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 757.984663][T10160] EXT4-fs (loop3): 1 truncate cleaned up [ 757.993406][T10160] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 758.378149][ T7493] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 759.508079][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 759.603744][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 759.676288][ T13] bond0 (unregistering): Released all slaves [ 759.754143][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 759.831606][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 759.909640][ T13] bond0 (unregistering): Released all slaves [ 760.381353][T10179] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1237'. [ 760.839228][T10184] loop3: detected capacity change from 0 to 16 [ 760.901412][T10184] erofs: (device loop3): mounted with root inode @ nid 36. [ 760.970083][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 760.970158][ T29] audit: type=1326 audit(1724326960.719:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10183 comm="syz.3.1239" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0 [ 762.256461][ T13] hsr_slave_0: left promiscuous mode [ 762.318753][ T13] hsr_slave_1: left promiscuous mode [ 762.344911][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 762.356152][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 762.377229][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 762.385129][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 762.495488][ T13] hsr_slave_0: left promiscuous mode [ 762.518416][ T13] hsr_slave_1: left promiscuous mode [ 762.553950][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 762.562288][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 762.593143][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 762.601003][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 762.671368][ T13] veth0_macvtap: left promiscuous mode [ 762.677149][ T13] veth1_vlan: left promiscuous mode [ 762.683440][ T13] veth0_vlan: left promiscuous mode [ 762.704920][ T13] veth1_macvtap: left promiscuous mode [ 762.710923][ T13] veth0_macvtap: left promiscuous mode [ 762.716812][ T13] veth1_vlan: left promiscuous mode [ 762.722591][ T13] veth0_vlan: left promiscuous mode [ 764.161058][ T13] team0 (unregistering): Port device team_slave_1 removed [ 764.201733][ T13] team0 (unregistering): Port device team_slave_0 removed [ 764.906561][ T13] team0 (unregistering): Port device team_slave_1 removed [ 764.932906][ T13] team0 (unregistering): Port device team_slave_0 removed [ 765.319727][T10213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1246'. [ 765.601989][T10056] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 765.805286][T10040] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 765.854939][T10056] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 765.921959][T10040] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 765.949461][T10056] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 766.042498][T10040] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 766.116800][T10040] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 766.213788][T10030] 8021q: adding VLAN 0 to HW filter on device bond0 [ 766.239524][T10056] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 766.435946][T10030] 8021q: adding VLAN 0 to HW filter on device team0 [ 766.539454][ T13] IPVS: stop unused estimator thread 0... [ 766.618481][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.626222][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 766.641265][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.648914][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 766.948281][T10223] loop2: detected capacity change from 0 to 128 [ 767.075555][T10223] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 767.229250][T10223] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 767.779913][T10040] 8021q: adding VLAN 0 to HW filter on device bond0 [ 767.884922][T10226] loop3: detected capacity change from 0 to 16 [ 767.948340][T10056] 8021q: adding VLAN 0 to HW filter on device bond0 [ 767.993373][T10226] erofs: (device loop3): mounted with root inode @ nid 36. [ 768.020299][T10040] 8021q: adding VLAN 0 to HW filter on device team0 [ 768.128981][ T7065] bridge0: port 1(bridge_slave_0) entered blocking state [ 768.136867][ T7065] bridge0: port 1(bridge_slave_0) entered forwarding state [ 768.245506][T10056] 8021q: adding VLAN 0 to HW filter on device team0 [ 768.281151][ T7065] bridge0: port 2(bridge_slave_1) entered blocking state [ 768.288856][ T7065] bridge0: port 2(bridge_slave_1) entered forwarding state [ 768.345123][ T29] audit: type=1326 audit(1724326968.009:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10225 comm="syz.3.1249" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0 [ 768.416786][ T2568] bridge0: port 1(bridge_slave_0) entered blocking state [ 768.424560][ T2568] bridge0: port 1(bridge_slave_0) entered forwarding state [ 768.448327][ T1057] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 768.605555][ T2568] bridge0: port 2(bridge_slave_1) entered blocking state [ 768.613341][ T2568] bridge0: port 2(bridge_slave_1) entered forwarding state [ 769.414081][T10245] netlink: 'syz.2.1250': attribute type 5 has an invalid length. [ 769.975809][T10030] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 770.585995][T10030] veth0_vlan: entered promiscuous mode [ 770.745856][T10030] veth1_vlan: entered promiscuous mode [ 771.145506][T10030] veth0_macvtap: entered promiscuous mode [ 771.198870][T10264] loop2: detected capacity change from 0 to 512 [ 771.260230][T10030] veth1_macvtap: entered promiscuous mode [ 771.303538][T10264] EXT4-fs: Ignoring removed i_version option [ 771.338680][T10040] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 771.478976][T10264] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 771.579558][T10264] System zones: 1-12 [ 771.593910][T10030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.604694][T10030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.614871][T10030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.625600][T10030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.640533][T10030] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 771.685135][T10264] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1253: bg 0: block 131: padding at end of block bitmap is not set [ 771.815613][T10056] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 771.822476][T10264] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 771.867873][T10264] EXT4-fs (loop2): 1 truncate cleaned up [ 771.876509][T10264] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 771.933258][T10030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.944050][T10030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.954224][T10030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.965054][T10030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.980599][T10030] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 772.025990][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 772.032791][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 772.072462][T10040] veth0_vlan: entered promiscuous mode [ 772.199652][T10030] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.210842][T10030] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.219861][T10030] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.229131][T10030] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.285421][T10040] veth1_vlan: entered promiscuous mode [ 772.414676][ T9014] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 772.692557][T10040] veth0_macvtap: entered promiscuous mode [ 772.830250][T10040] veth1_macvtap: entered promiscuous mode [ 773.068878][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 773.079710][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.091614][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 773.102700][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.114609][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 773.124119][T10280] loop2: detected capacity change from 0 to 256 [ 773.125657][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.146456][T10040] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 773.285883][T10280] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 773.379164][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 773.391526][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.403376][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 773.414827][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.425021][T10040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 773.436690][T10040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.451726][T10040] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 773.721196][T10040] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.730242][T10040] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.739397][T10040] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.748594][T10040] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.891900][ T29] audit: type=1804 audit(1724326973.549:162): pid=10280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1254" name="/newroot/67/file1/bus" dev="loop2" ino=1048684 res=1 errno=0 [ 773.917165][ T29] audit: type=1800 audit(1724326973.589:163): pid=10280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1254" name="file1" dev="loop2" ino=1048685 res=0 errno=0 [ 774.900827][T10297] pim6reg: entered allmulticast mode [ 775.018181][T10056] veth0_vlan: entered promiscuous mode [ 775.044680][T10297] pim6reg: left allmulticast mode [ 775.050355][T10297] batadv_slave_0: left allmulticast mode [ 775.303455][T10056] veth1_vlan: entered promiscuous mode [ 775.698211][T10056] veth0_macvtap: entered promiscuous mode [ 775.798995][T10056] veth1_macvtap: entered promiscuous mode [ 776.001106][T10313] loop2: detected capacity change from 0 to 16 [ 776.066732][T10313] erofs: (device loop2): mounted with root inode @ nid 36. [ 776.085531][T10056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 776.096861][T10056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 776.107036][T10056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 776.117775][T10056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 776.127906][T10056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 776.138628][T10056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 776.148696][T10056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 776.159486][T10056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 776.174494][T10056] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 776.341048][ T29] audit: type=1326 audit(1724326976.009:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10311 comm="syz.2.1258" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 776.403025][T10056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 776.413911][T10056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 776.424163][T10056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 776.434964][T10056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 776.445115][T10056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 776.455834][T10056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 776.465962][T10056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 776.476703][T10056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 776.492802][T10056] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 776.716466][T10056] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 776.727206][T10056] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 776.736951][T10056] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 776.746038][T10056] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 783.025959][ T3263] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 783.034165][ T3263] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 783.255894][T10402] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 783.264166][T10402] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 784.001598][T10483] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1208'. [ 784.042393][T10486] loop3: detected capacity change from 0 to 256 [ 784.189867][T10486] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 784.441116][ T29] audit: type=1800 audit(1724326984.119:165): pid=10486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1262" name="file1" dev="loop3" ino=1048689 res=0 errno=0 [ 784.705397][T10400] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 784.713614][T10400] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 784.986555][T10435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 784.995653][T10435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 786.036437][T10502] pim6reg: entered allmulticast mode [ 786.176247][T10502] pim6reg: left allmulticast mode [ 786.694110][T10510] loop1: detected capacity change from 0 to 16 [ 786.808293][T10510] erofs: (device loop1): mounted with root inode @ nid 36. [ 787.121325][ T29] audit: type=1326 audit(1724326986.799:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10507 comm="syz.1.1267" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x0 [ 787.876498][ T7884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 787.884575][ T7884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 788.207489][T10418] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 788.219366][T10418] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 788.410711][ T5242] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 788.688582][ T5242] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 788.699979][ T5242] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 788.710151][ T5242] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 788.723506][ T5242] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 788.737632][ T5242] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 788.807671][T10542] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1273'. [ 788.868421][ T5242] usb 4-1: config 0 descriptor?? [ 789.473893][ T5242] prodikeys 0003:041E:2801.000B: unexpected long global item [ 789.516570][ T5242] prodikeys 0003:041E:2801.000B: hid parse failed [ 789.523915][ T5242] prodikeys 0003:041E:2801.000B: probe with driver prodikeys failed with error -22 [ 789.803601][ T5242] usb 4-1: USB disconnect, device number 15 [ 790.306589][T10557] pimreg3: entered allmulticast mode [ 790.401750][T10557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1277'. [ 790.611057][T10559] pim6reg: entered allmulticast mode [ 790.652437][T10561] pim6reg: left allmulticast mode [ 791.354724][T10567] loop4: detected capacity change from 0 to 16 [ 791.422366][T10567] erofs: (device loop4): mounted with root inode @ nid 36. [ 791.711490][ T29] audit: type=1326 audit(1724326991.409:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.4.1281" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f43579 code=0x0 [ 794.125702][T10613] pim6reg: entered allmulticast mode [ 794.209075][T10613] pim6reg: left allmulticast mode [ 795.911285][ T29] audit: type=1326 audit(1724326995.599:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10621 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43579 code=0x7ffc0000 [ 795.934073][ T29] audit: type=1326 audit(1724326995.609:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10621 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=40000003 syscall=19 compat=1 ip=0xf7f43579 code=0x7ffc0000 [ 795.956568][ T29] audit: type=1326 audit(1724326995.609:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10621 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43579 code=0x7ffc0000 [ 796.017958][T10619] loop1: detected capacity change from 0 to 1024 [ 796.057565][T10619] hfsplus: bad catalog file entry [ 796.063244][T10619] hfsplus: failed to load root directory [ 796.187234][T10619] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4112279582 (8224559164 ns) > initial count (2286966128 ns). Using initial count to start timer. [ 796.370309][T10624] netlink: 'syz.0.1299': attribute type 1 has an invalid length. [ 796.378501][T10624] netlink: 'syz.0.1299': attribute type 2 has an invalid length. [ 796.387564][T10624] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1299'. [ 796.595845][T10628] loop4: detected capacity change from 0 to 16 [ 796.664604][T10628] erofs: (device loop4): mounted with root inode @ nid 36. [ 796.975108][ T29] audit: type=1326 audit(1724326996.689:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10627 comm="syz.4.1300" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f43579 code=0x0 [ 797.393986][T10643] ptrace attach of "./syz-executor exec"[10040] was attempted by "./syz-executor exec"[10643] [ 797.455920][T10642] serio: Serial port ptm0 [ 797.984563][T10651] pim6reg: entered allmulticast mode [ 798.086633][T10652] pim6reg: left allmulticast mode [ 799.766175][T10674] loop3: detected capacity change from 0 to 128 [ 799.777767][T10672] loop4: detected capacity change from 0 to 1024 [ 799.823533][T10674] FAT-fs (loop3): bogus sectors per cluster 0 [ 799.829991][T10674] FAT-fs (loop3): Can't find a valid FAT filesystem [ 799.946388][T10672] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 800.059126][T10672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 800.857770][T10685] loop1: detected capacity change from 0 to 16 [ 800.901166][T10688] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1318'. [ 800.931155][T10685] erofs: (device loop1): mounted with root inode @ nid 36. [ 801.291276][T10691] pim6reg: entered allmulticast mode [ 801.370908][T10691] pim6reg: left allmulticast mode [ 803.153628][T10721] loop3: detected capacity change from 0 to 512 [ 803.209547][T10721] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 803.219077][T10721] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 803.316668][T10721] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 803.333443][T10721] System zones: 0-2, 18-18, 34-34 [ 803.424508][T10721] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 803.541724][T10721] EXT4-fs (loop3): 1 truncate cleaned up [ 803.582284][T10721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 804.053556][ T7493] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 804.109810][T10733] pim6reg: entered allmulticast mode [ 804.141001][T10735] loop1: detected capacity change from 0 to 16 [ 804.157439][T10735] erofs: (device loop1): mounted with root inode @ nid 36. [ 804.180049][T10733] pim6reg: left allmulticast mode [ 805.517863][ T5242] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 805.695723][T10758] loop4: detected capacity change from 0 to 256 [ 805.760808][T10758] vfat: Bad value for 'gid' [ 805.760963][ T5242] usb 1-1: Using ep0 maxpacket: 16 [ 805.765463][T10758] vfat: Bad value for 'gid' [ 805.824002][ T5242] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 805.840103][ T5242] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 805.851943][ T5242] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 805.865220][ T5242] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 805.874719][ T5242] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 805.944941][ T5242] usb 1-1: config 0 descriptor?? [ 806.467010][ T5242] koneplus 0003:1E7D:2E22.000C: item fetching failed at offset 0/2 [ 806.509658][ T5242] koneplus 0003:1E7D:2E22.000C: parse failed [ 806.516753][ T5242] koneplus 0003:1E7D:2E22.000C: probe with driver koneplus failed with error -22 [ 806.668107][ T5242] usb 1-1: USB disconnect, device number 16 [ 807.029734][T10772] syzkaller1: entered promiscuous mode [ 807.035966][T10772] syzkaller1: entered allmulticast mode [ 807.071130][ T1819] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 807.080546][T10772] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 807.140110][T10775] loop2: detected capacity change from 0 to 128 [ 807.321192][ T1819] usb 2-1: Using ep0 maxpacket: 8 [ 807.360889][ T1819] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 807.376357][ T1819] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 807.389907][ T1819] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 807.401227][ T1819] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 807.411308][ T1819] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 807.517708][ T1819] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 807.527309][ T1819] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 807.536143][ T1819] usb 2-1: Product: syz [ 807.540671][ T1819] usb 2-1: Manufacturer: syz [ 807.545500][ T1819] usb 2-1: SerialNumber: syz [ 807.598200][ T1819] usb 2-1: config 0 descriptor?? [ 807.900965][ T1819] radio-si470x 2-1:0.0: DeviceID=0x6465 ChipID=0x7669 [ 807.916166][T10779] pim6reg: entered allmulticast mode [ 808.050337][T10779] pim6reg: left allmulticast mode [ 808.106922][ T1819] radio-si470x 2-1:0.0: software version 100, hardware version 101 [ 808.301163][ T1819] radio-si470x 2-1:0.0: submitting int urb failed (-90) [ 808.405273][T10783] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1349'. [ 809.318682][ T1819] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 809.367075][ T1819] radio-si470x 2-1:0.0: si470x_get_report: usb_control_msg returned -71 [ 809.479657][ T1819] usb 2-1: USB disconnect, device number 12 [ 811.240667][T10819] syzkaller1: entered promiscuous mode [ 811.246402][T10819] syzkaller1: entered allmulticast mode [ 811.283683][ T29] audit: type=1326 audit(1724327010.959:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 811.306270][ T29] audit: type=1326 audit(1724327010.979:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 811.328825][ T29] audit: type=1326 audit(1724327010.979:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 811.346297][T10816] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 811.351235][ T29] audit: type=1326 audit(1724327010.979:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 811.387268][ T29] audit: type=1326 audit(1724327011.009:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=440 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 811.409809][ T29] audit: type=1326 audit(1724327011.009:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10813 comm="syz.0.1357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 811.610330][T10821] pim6reg: entered allmulticast mode [ 811.655534][T10823] pim6reg: left allmulticast mode [ 812.878629][ T5943] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 813.102937][ T5943] usb 2-1: Using ep0 maxpacket: 8 [ 813.139666][ T5943] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 813.150674][ T5943] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 813.162722][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 813.173994][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 813.184256][ T5943] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 813.286090][ T5943] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 813.296499][ T5943] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 813.306013][ T5943] usb 2-1: Product: syz [ 813.313591][ T5943] usb 2-1: Manufacturer: syz [ 813.318433][ T5943] usb 2-1: SerialNumber: syz [ 813.384950][ T5943] usb 2-1: config 0 descriptor?? [ 813.703717][T10848] loop4: detected capacity change from 0 to 256 [ 813.716573][ T5943] radio-si470x 2-1:0.0: DeviceID=0x6465 ChipID=0x7669 [ 813.786248][T10848] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 813.900225][ T5943] radio-si470x 2-1:0.0: software version 100, hardware version 101 [ 814.085064][ T29] audit: type=1326 audit(1724327013.759:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10845 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43579 code=0x7ffc0000 [ 814.108202][ T29] audit: type=1326 audit(1724327013.769:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10845 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=40000003 syscall=440 compat=1 ip=0xf7f43579 code=0x7ffc0000 [ 814.108525][ T5943] radio-si470x 2-1:0.0: submitting int urb failed (-90) [ 814.136708][ T29] audit: type=1326 audit(1724327013.769:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10845 comm="syz.4.1371" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f43579 code=0x7ffc0000 [ 814.825051][T10854] syzkaller1: entered promiscuous mode [ 814.831319][T10854] syzkaller1: entered allmulticast mode [ 814.888133][T10854] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 814.960398][T10856] pim6reg: entered allmulticast mode [ 815.036089][ T5182] Bluetooth: hci3: command 0x0406 tx timeout [ 815.137489][ T5943] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 815.155766][ T5943] radio-si470x 2-1:0.0: si470x_get_report: usb_control_msg returned -71 [ 815.175747][ T5943] usb 2-1: USB disconnect, device number 13 [ 815.206032][T10857] pim6reg: left allmulticast mode [ 817.804356][T10892] syzkaller1: entered promiscuous mode [ 817.815518][T10892] syzkaller1: entered allmulticast mode [ 817.954105][T10889] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 819.817523][T10912] loop2: detected capacity change from 0 to 256 [ 819.895050][T10912] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 819.927981][T10913] loop4: detected capacity change from 0 to 512 [ 819.965380][T10913] EXT4-fs: Ignoring removed bh option [ 819.976492][ T10] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 819.998939][T10913] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 820.084480][T10913] EXT4-fs (loop4): 1 truncate cleaned up [ 820.092394][T10913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 820.252807][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 820.265232][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 820.279299][ T10] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 820.295253][ T10] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 820.304944][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 820.366838][ T10] usb 4-1: config 0 descriptor?? [ 820.847869][T10056] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.878723][ T10] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 820.989141][ T10] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 821.112871][ T10] usb 4-1: USB disconnect, device number 16 [ 821.584459][T10933] syzkaller1: entered promiscuous mode [ 821.590212][T10933] syzkaller1: entered allmulticast mode [ 822.570734][T10946] loop4: detected capacity change from 0 to 256 [ 822.738708][T10946] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 824.384346][T10966] loop3: detected capacity change from 0 to 512 [ 824.442607][T10966] EXT4-fs: Ignoring removed bh option [ 824.505485][T10966] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 824.626730][T10966] EXT4-fs (loop3): 1 truncate cleaned up [ 824.634461][T10966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 824.847619][T10973] syzkaller1: entered promiscuous mode [ 824.853673][T10973] syzkaller1: entered allmulticast mode [ 824.870378][T10976] loop2: detected capacity change from 0 to 256 [ 824.926805][T10976] vfat: Bad value for 'dmask' [ 825.245161][ T29] audit: type=1326 audit(1724327024.949:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.248471][ T7493] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 825.267727][ T29] audit: type=1326 audit(1724327024.969:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.267944][ T29] audit: type=1326 audit(1724327024.969:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.268156][ T29] audit: type=1326 audit(1724327024.979:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.349053][ T29] audit: type=1326 audit(1724327024.979:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.371735][ T29] audit: type=1326 audit(1724327024.999:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.461880][ T29] audit: type=1326 audit(1724327025.169:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.484617][ T29] audit: type=1326 audit(1724327025.179:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.510249][ T29] audit: type=1326 audit(1724327025.189:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.533963][ T29] audit: type=1326 audit(1724327025.219:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10974 comm="syz.2.1423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 825.600850][T10976] cgroup: noprefix used incorrectly [ 825.886997][T10981] loop2: detected capacity change from 0 to 8 [ 826.018814][T10981] SQUASHFS error: lzo decompression failed, data probably corrupt [ 826.027210][T10981] SQUASHFS error: Failed to read block 0x91: -5 [ 826.033817][T10981] SQUASHFS error: Unable to read metadata cache entry [8f] [ 826.041385][T10981] SQUASHFS error: Unable to read inode 0x11f [ 826.702877][T10989] loop4: detected capacity change from 0 to 256 [ 826.904875][T10989] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 827.546072][T11003] pimreg: entered allmulticast mode [ 827.663928][T11010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1432'. [ 828.031156][ T10] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 828.320287][ T10] usb 5-1: config 0 has an invalid interface number: 216 but max is 0 [ 828.329297][ T10] usb 5-1: config 0 has no interface number 0 [ 828.335811][ T10] usb 5-1: config 0 interface 216 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 828.336168][T11017] syzkaller1: entered promiscuous mode [ 828.346975][ T10] usb 5-1: config 0 interface 216 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 828.352644][T11017] syzkaller1: entered allmulticast mode [ 828.471436][ T10] usb 5-1: New USB device found, idVendor=0499, idProduct=1002, bcdDevice=df.d7 [ 828.481254][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 828.489509][ T10] usb 5-1: Product: syz [ 828.494145][ T10] usb 5-1: Manufacturer: syz [ 828.498966][ T10] usb 5-1: SerialNumber: syz [ 828.528565][ T10] usb 5-1: config 0 descriptor?? [ 828.609362][ T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 828.732453][ T10] snd-usb-audio 5-1:0.216: probe with driver snd-usb-audio failed with error -2 [ 828.840948][ T10] usb 5-1: USB disconnect, device number 13 [ 829.137985][T10099] udevd[10099]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.216/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 829.684826][T11027] loop1: detected capacity change from 0 to 1024 [ 829.725386][T11033] netlink: 'syz.0.1443': attribute type 3 has an invalid length. [ 829.733604][T11033] netlink: 'syz.0.1443': attribute type 1 has an invalid length. [ 829.742886][T11033] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.1443'. [ 829.773828][T11027] hfsplus: bad catalog file entry [ 829.779145][T11027] hfsplus: failed to load root directory [ 830.478484][T11041] loop2: detected capacity change from 0 to 256 [ 830.672083][T11041] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 830.793144][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 830.793225][ T29] audit: type=1326 audit(1724327030.549:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11040 comm="syz.2.1445" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 830.825090][ T29] audit: type=1326 audit(1724327030.549:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11040 comm="syz.2.1445" exe="/root/syz-executor" sig=0 arch=40000003 syscall=440 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 830.848551][ T29] audit: type=1326 audit(1724327030.549:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11040 comm="syz.2.1445" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 830.873469][ T29] audit: type=1326 audit(1724327030.549:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11040 comm="syz.2.1445" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 831.366786][T11052] pimreg: entered allmulticast mode [ 831.466717][T11053] syzkaller1: entered promiscuous mode [ 831.472600][T11053] syzkaller1: entered allmulticast mode [ 831.524678][T11057] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1450'. [ 831.960360][T11063] netlink: 'syz.0.1454': attribute type 1 has an invalid length. [ 832.506298][T11067] netlink: 'syz.3.1456': attribute type 1 has an invalid length. [ 832.514696][T11067] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1456'. [ 832.524505][T11067] tipc: Enabling of bearer rejected, failed to enable media [ 832.956674][T11078] pim6reg: entered allmulticast mode [ 833.121583][T11077] loop4: detected capacity change from 0 to 1024 [ 833.235062][T11077] hfsplus: bad catalog file entry [ 833.240393][T11077] hfsplus: failed to load root directory [ 833.454370][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 833.461884][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 833.753315][ T29] audit: type=1326 audit(1724327033.429:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11085 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 833.775982][ T29] audit: type=1326 audit(1724327033.429:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11085 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=40000003 syscall=440 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 833.802854][ T29] audit: type=1326 audit(1724327033.429:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11085 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 833.826925][ T29] audit: type=1326 audit(1724327033.429:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11085 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 834.820135][ T7884] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting [ 834.824710][T11106] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1469'. [ 834.928173][T10402] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 834.937830][T10402] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 835.397571][T11113] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1471'. [ 836.095272][T11123] pim6reg: entered allmulticast mode [ 836.691151][T11133] loop1: detected capacity change from 0 to 1024 [ 836.707701][T11136] loop3: detected capacity change from 0 to 1024 [ 836.780969][T11133] hfsplus: bad catalog file entry [ 836.786471][T11133] hfsplus: failed to load root directory [ 836.823896][T11136] hfsplus: bad catalog file entry [ 836.829291][T11136] hfsplus: failed to load root directory [ 837.188142][T11143] syzkaller1: entered promiscuous mode [ 837.194343][T11143] syzkaller1: entered allmulticast mode [ 838.602793][T11161] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1486'. [ 838.665722][T11161] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1486'. [ 838.734840][T11166] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1486'. [ 838.809745][T11161] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1486'. [ 838.985636][T11168] pim6reg: entered allmulticast mode [ 839.954810][T11179] loop1: detected capacity change from 0 to 1024 [ 840.010950][T11176] loop3: detected capacity change from 0 to 1024 [ 840.035451][T11179] hfsplus: bad catalog file entry [ 840.041258][T11179] hfsplus: failed to load root directory [ 840.141426][T11176] hfsplus: bad catalog file entry [ 840.146760][T11176] hfsplus: failed to load root directory [ 840.167031][T11185] syzkaller1: entered promiscuous mode [ 840.172865][T11185] syzkaller1: entered allmulticast mode [ 841.414974][ T29] audit: type=1326 audit(1724327041.129:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11194 comm="syz.2.1500" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 841.501661][T11201] netem: incorrect ge model size [ 841.507102][T11201] netem: change failed [ 842.421590][ T5943] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 842.630806][ T5943] usb 3-1: Using ep0 maxpacket: 8 [ 842.660132][ T5943] usb 3-1: unable to get BOS descriptor or descriptor too short [ 842.708536][ T5943] usb 3-1: config 1 interface 0 has no altsetting 0 [ 842.746250][ T5943] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 842.755994][ T5943] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 842.764450][ T5943] usb 3-1: Product: syz [ 842.768829][ T5943] usb 3-1: Manufacturer: 凖円闇뾀恺㴢쩸윙⣥㺞훷ࡍ [ 842.777716][ T5943] usb 3-1: SerialNumber: syz [ 843.201439][ T5943] usb 3-1: USB disconnect, device number 14 [ 843.399945][T11218] loop3: detected capacity change from 0 to 1024 [ 843.441000][T11218] hfsplus: bad catalog file entry [ 843.446410][T11218] hfsplus: failed to load root directory [ 843.483718][T11217] loop1: detected capacity change from 0 to 1024 [ 843.573272][T11217] hfsplus: bad catalog file entry [ 843.578679][T11217] hfsplus: failed to load root directory [ 844.302542][T11224] syzkaller1: entered promiscuous mode [ 844.308268][T11224] syzkaller1: entered allmulticast mode [ 846.489348][T11232] binder: 11230:11232 ioctl 4018620d 0 returned -22 [ 846.569195][T11232] binder: 11230:11232 unknown command 0 [ 846.575772][T11232] binder: 11230:11232 ioctl c0306201 200003c0 returned -22 [ 846.638377][T11232] binder: 11230:11232 ioctl 89f1 20000140 returned -22 [ 847.663188][T11235] loop4: detected capacity change from 0 to 256 [ 853.413822][T11258] loop2: detected capacity change from 0 to 256 [ 853.468851][T11258] exfat: Deprecated parameter 'utf8' [ 853.474797][T11258] exfat: Deprecated parameter 'namecase' [ 853.481360][T11258] exfat: Deprecated parameter 'utf8' [ 853.588328][T11256] loop4: detected capacity change from 0 to 1024 [ 853.687967][T11256] hfsplus: bad catalog file entry [ 853.693955][T11256] hfsplus: failed to load root directory [ 853.738079][T11258] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x791ffbba, utbl_chksum : 0xe619d30d) [ 853.769290][T11261] loop3: detected capacity change from 0 to 1024 [ 853.897391][T11261] hfsplus: bad catalog file entry [ 853.903031][T11261] hfsplus: failed to load root directory [ 855.111454][ T10] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 855.360993][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 855.411127][ T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 855.422831][ T10] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 855.432284][ T10] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 855.441722][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 855.510032][ T10] usb 1-1: config 0 descriptor?? [ 855.810330][T11268] tipc: Failed to remove unknown binding: 66,1,1/0:2170995314/2170995316 [ 855.820347][T11268] tipc: Failed to remove unknown binding: 66,1,1/0:2170995314/2170995316 [ 857.731548][ T10] usb 1-1: USB disconnect, device number 17 [ 857.897114][T11274] loop3: detected capacity change from 0 to 512 [ 858.254233][T11294] syzkaller1: entered promiscuous mode [ 858.267439][T11294] syzkaller1: entered allmulticast mode [ 858.317324][T11274] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 858.330897][T11274] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 859.871474][T11304] loop2: detected capacity change from 0 to 1024 [ 859.953675][T11304] hfsplus: bad catalog file entry [ 859.959015][T11304] hfsplus: failed to load root directory [ 860.893675][T11314] loop1: detected capacity change from 0 to 256 [ 860.942792][T11314] exfat: Deprecated parameter 'utf8' [ 860.948470][T11314] exfat: Deprecated parameter 'utf8' [ 860.954315][T11314] exfat: Deprecated parameter 'utf8' [ 861.130403][ T5182] Bluetooth: hci2: command 0x0406 tx timeout [ 861.213464][T11314] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 864.566636][T11324] syzkaller1: entered promiscuous mode [ 864.572783][T11324] syzkaller1: entered allmulticast mode [ 865.980037][ T10] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 866.241372][ T5188] Bluetooth: hci6: command 0x0406 tx timeout [ 866.272623][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 866.284047][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 866.294423][ T10] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 866.303935][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 866.326866][T11338] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 866.335562][T11338] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 866.358367][T11338] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 866.367629][T11338] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 866.381258][T11338] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 866.390919][T11338] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 866.442610][T11337] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 866.455507][T11337] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 866.469071][T11338] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 866.470159][T11337] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 866.479079][T11338] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 866.486357][ T10] usb 2-1: config 0 descriptor?? [ 866.518477][T11337] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 866.794818][ T29] audit: type=1326 audit(1724327066.449:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11332 comm="syz.2.1547" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 867.211431][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.218756][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.226230][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.233646][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.241069][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.248335][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.255708][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.263079][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.275749][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.285455][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.292865][ T10] lg-g15 0003:046D:C222.000E: unknown main item tag 0x0 [ 867.565909][ T10] lg-g15 0003:046D:C222.000E: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.1-1/input0 [ 867.593700][ T10] usb 2-1: USB disconnect, device number 14 [ 867.747668][T11284] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 868.551022][ T5182] Bluetooth: hci1: command tx timeout [ 868.642215][ T5182] Bluetooth: hci0: command tx timeout [ 868.672241][T11336] chnl_net:caif_netlink_parms(): no params data found [ 868.777892][T11339] chnl_net:caif_netlink_parms(): no params data found [ 868.801038][T11357] binder: 11356:11357 ioctl 4018620d 0 returned -22 [ 869.091011][T11360] veth0_vlan: entered allmulticast mode [ 870.672769][ T5182] Bluetooth: hci1: command tx timeout [ 870.715485][ T5182] Bluetooth: hci0: command tx timeout [ 870.780942][ T79] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 870.987033][ T79] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.026610][T11336] bridge0: port 1(bridge_slave_0) entered blocking state [ 871.038466][T11336] bridge0: port 1(bridge_slave_0) entered disabled state [ 871.048451][T11336] bridge_slave_0: entered allmulticast mode [ 871.065064][T11336] bridge_slave_0: entered promiscuous mode [ 871.088055][T11336] bridge0: port 2(bridge_slave_1) entered blocking state [ 871.096677][T11336] bridge0: port 2(bridge_slave_1) entered disabled state [ 871.104659][T11336] bridge_slave_1: entered allmulticast mode [ 871.113738][T11336] bridge_slave_1: entered promiscuous mode [ 871.270603][ T79] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.711751][ T79] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 871.762167][T11336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 871.789201][T11339] bridge0: port 1(bridge_slave_0) entered blocking state [ 871.798378][T11339] bridge0: port 1(bridge_slave_0) entered disabled state [ 871.806291][T11339] bridge_slave_0: entered allmulticast mode [ 871.815483][T11339] bridge_slave_0: entered promiscuous mode [ 871.829312][T11384] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1556'. [ 871.955449][T11336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 871.966005][T11339] bridge0: port 2(bridge_slave_1) entered blocking state [ 871.974467][T11339] bridge0: port 2(bridge_slave_1) entered disabled state [ 871.989907][T11339] bridge_slave_1: entered allmulticast mode [ 871.999043][T11339] bridge_slave_1: entered promiscuous mode [ 872.545890][T11336] team0: Port device team_slave_0 added [ 872.567327][T11339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 872.711519][ T5182] Bluetooth: hci1: command tx timeout [ 872.791253][ T5182] Bluetooth: hci0: command tx timeout [ 872.831698][T11336] team0: Port device team_slave_1 added [ 872.910832][T11339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 872.938882][T11388] loop2: detected capacity change from 0 to 1024 [ 872.952259][ T79] bridge_slave_1: left allmulticast mode [ 872.958129][ T79] bridge_slave_1: left promiscuous mode [ 872.965069][ T79] bridge0: port 2(bridge_slave_1) entered disabled state [ 873.041744][ T79] bridge_slave_0: left allmulticast mode [ 873.047703][ T79] bridge_slave_0: left promiscuous mode [ 873.054411][ T79] bridge0: port 1(bridge_slave_0) entered disabled state [ 873.103180][T11388] hfsplus: bad catalog file entry [ 873.114254][T11388] hfsplus: failed to load root directory [ 873.922106][ T79] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 873.985451][ T79] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 874.002226][ T79] bond0 (unregistering): Released all slaves [ 874.301427][T11399] loop2: detected capacity change from 0 to 1024 [ 874.381033][T11399] hfsplus: bad catalog file entry [ 874.382514][T11401] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1562'. [ 874.386280][T11399] hfsplus: failed to load root directory [ 874.489567][T11336] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 874.497140][T11336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 874.523522][T11336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 874.758094][T11336] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 874.765779][T11336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 874.792234][T11336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 874.793842][ T5182] Bluetooth: hci1: command tx timeout [ 874.870692][ T5182] Bluetooth: hci0: command tx timeout [ 874.906114][T11339] team0: Port device team_slave_0 added [ 875.112285][T11339] team0: Port device team_slave_1 added [ 875.553661][ T79] hsr_slave_0: left promiscuous mode [ 875.605791][ T79] hsr_slave_1: left promiscuous mode [ 875.641374][ T79] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 875.649135][ T79] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 875.689630][ T79] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 875.697926][ T79] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 875.739701][ T79] veth1_macvtap: left promiscuous mode [ 875.746041][ T79] veth0_macvtap: left promiscuous mode [ 875.752069][ T79] veth1_vlan: left promiscuous mode [ 875.757615][ T79] veth0_vlan: left promiscuous mode [ 876.206624][ T79] pim6reg (unregistering): left allmulticast mode [ 876.219901][ T79] pimreg3 (unregistering): left allmulticast mode [ 876.732881][ T79] team0 (unregistering): Port device team_slave_1 removed [ 876.814858][ T79] team0 (unregistering): Port device team_slave_0 removed [ 877.171947][T11336] hsr_slave_0: entered promiscuous mode [ 877.295392][T11336] hsr_slave_1: entered promiscuous mode [ 877.328121][T11339] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 877.335752][T11339] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 877.362203][T11339] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 877.545780][T11424] binder: 11419:11424 ioctl 4018620d 0 returned -22 [ 877.548765][T11339] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 877.560327][T11339] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 877.587065][T11339] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 878.222743][T11339] hsr_slave_0: entered promiscuous mode [ 878.273114][T11339] hsr_slave_1: entered promiscuous mode [ 878.308166][T11339] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 878.316202][T11339] Cannot create hsr debugfs directory [ 878.572816][T10438] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 878.746001][T10438] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 879.051527][T10438] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 879.205708][T10438] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 879.611899][T10438] bridge_slave_0: left allmulticast mode [ 879.617804][T10438] bridge_slave_0: left promiscuous mode [ 879.626896][T10438] bridge0: port 1(bridge_slave_0) entered disabled state [ 880.840789][T11440] loop2: detected capacity change from 0 to 1024 [ 880.933044][T11440] hfsplus: bad catalog file entry [ 880.938359][T11440] hfsplus: failed to load root directory [ 882.821319][T11337] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 882.857825][T11337] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 882.870014][T11337] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 882.952581][T11337] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 882.996209][T11337] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 883.077699][T11337] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 883.291466][T10438] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 883.369601][T10438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 883.424592][T10438] bond0 (unregistering): Released all slaves [ 884.337201][T11454] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1572'. [ 884.843531][T10438] hsr_slave_0: left promiscuous mode [ 884.911791][T10438] hsr_slave_1: left promiscuous mode [ 884.936847][T10438] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 884.944794][T10438] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 884.964007][T10438] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 884.972171][T10438] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 884.997971][T10438] veth0_macvtap: left promiscuous mode [ 885.004147][T10438] veth1_vlan: left promiscuous mode [ 885.009711][T10438] veth0_vlan: left promiscuous mode [ 885.270862][ T5182] Bluetooth: hci4: command tx timeout [ 885.339464][T10438] pimreg (unregistering): left allmulticast mode [ 885.353208][T10438] pimreg3 (unregistering): left allmulticast mode [ 885.955576][T10438] team0 (unregistering): Port device team_slave_1 removed [ 886.013246][T10438] team0 (unregistering): Port device team_slave_0 removed [ 886.556479][T11336] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 886.716048][T11336] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 886.888019][T11336] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 887.162073][T11336] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 887.350896][ T5182] Bluetooth: hci4: command tx timeout [ 887.765618][T11339] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 887.932173][T11339] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 888.063203][T10438] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 888.125453][T11339] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 888.222661][T11448] chnl_net:caif_netlink_parms(): no params data found [ 888.289692][T10438] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 888.331412][T11339] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 888.367186][T11337] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 888.392733][T11337] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 888.408326][T11337] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 888.531367][T11337] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 888.545011][T10438] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 888.590325][T11337] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 888.609843][T11337] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 888.658357][T10438] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 889.430704][T11337] Bluetooth: hci4: command tx timeout [ 889.742738][T10438] bridge_slave_1: left allmulticast mode [ 889.748827][T10438] bridge_slave_1: left promiscuous mode [ 889.774057][T10438] bridge0: port 2(bridge_slave_1) entered disabled state [ 889.820333][T10438] bridge_slave_0: left allmulticast mode [ 889.829794][T10438] bridge_slave_0: left promiscuous mode [ 889.836929][T10438] bridge0: port 1(bridge_slave_0) entered disabled state [ 890.381949][T10438] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 890.421823][T10438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 890.453175][T10438] bond0 (unregistering): Released all slaves [ 890.791687][T11337] Bluetooth: hci5: command tx timeout [ 891.122996][T11336] 8021q: adding VLAN 0 to HW filter on device bond0 [ 891.258156][T11448] bridge0: port 1(bridge_slave_0) entered blocking state [ 891.265953][T11448] bridge0: port 1(bridge_slave_0) entered disabled state [ 891.273914][T11448] bridge_slave_0: entered allmulticast mode [ 891.283034][T11448] bridge_slave_0: entered promiscuous mode [ 891.522699][ T5182] Bluetooth: hci4: command tx timeout [ 891.546021][T11448] bridge0: port 2(bridge_slave_1) entered blocking state [ 891.556449][T11448] bridge0: port 2(bridge_slave_1) entered disabled state [ 891.564400][T11448] bridge_slave_1: entered allmulticast mode [ 891.573474][T11448] bridge_slave_1: entered promiscuous mode [ 891.671144][T10438] hsr_slave_0: left promiscuous mode [ 891.703962][T10438] hsr_slave_1: left promiscuous mode [ 891.731976][T10438] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 891.739677][T10438] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 891.781640][T10438] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 891.789345][T10438] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 891.851628][T10438] veth1_macvtap: left promiscuous mode [ 891.857365][T10438] veth0_macvtap: left promiscuous mode [ 891.863494][T10438] veth1_vlan: left promiscuous mode [ 892.219203][T10438] pim6reg (unregistering): left allmulticast mode [ 892.620976][T10438] team0 (unregistering): Port device team_slave_1 removed [ 892.651296][T10438] team0 (unregistering): Port device team_slave_0 removed [ 892.871174][ T5182] Bluetooth: hci5: command tx timeout [ 893.046364][T11336] 8021q: adding VLAN 0 to HW filter on device team0 [ 893.273864][T10418] bridge0: port 1(bridge_slave_0) entered blocking state [ 893.281634][T10418] bridge0: port 1(bridge_slave_0) entered forwarding state [ 893.321018][T11479] chnl_net:caif_netlink_parms(): no params data found [ 893.668947][T10418] bridge0: port 2(bridge_slave_1) entered blocking state [ 893.676702][T10418] bridge0: port 2(bridge_slave_1) entered forwarding state [ 893.729573][T11448] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 893.757408][T11448] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 894.192825][T11448] team0: Port device team_slave_0 added [ 894.239819][T11339] 8021q: adding VLAN 0 to HW filter on device bond0 [ 894.392875][T11448] team0: Port device team_slave_1 added [ 894.445523][T10438] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 894.616931][T11448] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 894.625707][T11448] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 894.653414][T11448] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 894.771923][T10438] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 894.882655][T11448] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 894.889831][T11448] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 894.918168][T11448] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 894.954670][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 894.961481][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 894.968908][ T5182] Bluetooth: hci5: command tx timeout [ 894.987067][T10438] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 895.258992][T10438] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 895.527349][T11339] 8021q: adding VLAN 0 to HW filter on device team0 [ 895.690002][T11479] bridge0: port 1(bridge_slave_0) entered blocking state [ 895.699773][T11479] bridge0: port 1(bridge_slave_0) entered disabled state [ 895.707684][T11479] bridge_slave_0: entered allmulticast mode [ 895.716633][T11479] bridge_slave_0: entered promiscuous mode [ 895.908476][T11448] hsr_slave_0: entered promiscuous mode [ 895.969924][T11448] hsr_slave_1: entered promiscuous mode [ 895.998778][T11448] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 896.006765][T11448] Cannot create hsr debugfs directory [ 896.021921][T11479] bridge0: port 2(bridge_slave_1) entered blocking state [ 896.029597][T11479] bridge0: port 2(bridge_slave_1) entered disabled state [ 896.037650][T11479] bridge_slave_1: entered allmulticast mode [ 896.049285][T11479] bridge_slave_1: entered promiscuous mode [ 896.071333][T10438] bridge_slave_1: left allmulticast mode [ 896.077200][T10438] bridge_slave_1: left promiscuous mode [ 896.083977][T10438] bridge0: port 2(bridge_slave_1) entered disabled state [ 896.173738][T10438] bridge_slave_0: left allmulticast mode [ 896.179600][T10438] bridge_slave_0: left promiscuous mode [ 896.186228][T10438] bridge0: port 1(bridge_slave_0) entered disabled state [ 896.497987][T11517] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1580'. [ 896.833458][T10438] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 896.894982][T10438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 896.934064][T10438] bond0 (unregistering): Released all slaves [ 897.061508][ T5182] Bluetooth: hci5: command tx timeout [ 897.177970][T10402] bridge0: port 1(bridge_slave_0) entered blocking state [ 897.185742][T10402] bridge0: port 1(bridge_slave_0) entered forwarding state [ 897.427611][T10402] bridge0: port 2(bridge_slave_1) entered blocking state [ 897.435441][T10402] bridge0: port 2(bridge_slave_1) entered forwarding state [ 897.664716][T11479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 897.738774][T11479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 898.038670][T11336] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 898.125420][T11527] binder: 11525:11527 ioctl 4018620d 0 returned -22 [ 898.176024][T11479] team0: Port device team_slave_0 added [ 898.220154][T10438] hsr_slave_0: left promiscuous mode [ 898.245886][T10438] hsr_slave_1: left promiscuous mode [ 898.277146][T10438] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 898.284994][T10438] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 898.304349][T10438] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 898.312229][T10438] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 898.390396][T10438] veth1_macvtap: left promiscuous mode [ 898.396263][T10438] veth0_macvtap: left promiscuous mode [ 898.404619][T10438] veth1_vlan: left promiscuous mode [ 898.410180][T10438] veth0_vlan: left promiscuous mode [ 898.853269][T10438] pim6reg (unregistering): left allmulticast mode [ 899.362096][T10438] team0 (unregistering): Port device team_slave_1 removed [ 899.385726][T10438] team0 (unregistering): Port device team_slave_0 removed [ 899.950024][T11479] team0: Port device team_slave_1 added [ 900.456262][T11479] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 900.464730][T11479] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 900.495698][T11479] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 900.692542][T11479] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 900.700091][T11479] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 900.726629][T11479] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 901.128036][T11479] hsr_slave_0: entered promiscuous mode [ 901.153813][T11479] hsr_slave_1: entered promiscuous mode [ 901.179637][T11479] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 901.187489][T11479] Cannot create hsr debugfs directory [ 901.665728][T11336] veth0_vlan: entered promiscuous mode [ 901.714750][T11448] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 901.778071][T11336] veth1_vlan: entered promiscuous mode [ 901.837964][T11448] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 901.915430][T11448] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 901.968623][T11448] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 902.640404][T11336] veth0_macvtap: entered promiscuous mode [ 902.776635][T11336] veth1_macvtap: entered promiscuous mode [ 903.024652][T11336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 903.036990][T11336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 903.051887][T11336] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 903.296637][T11336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 903.307694][T11336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 903.325295][T11336] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 903.393593][T11336] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 903.406050][T11336] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 903.417556][T11336] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 903.427406][T11336] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 903.515736][T11479] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 903.587899][T11479] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 903.657499][T11339] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 903.700203][T11448] 8021q: adding VLAN 0 to HW filter on device bond0 [ 903.719556][T11479] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 903.833506][T11479] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 903.972647][T11448] 8021q: adding VLAN 0 to HW filter on device team0 [ 904.077843][T10438] bridge0: port 1(bridge_slave_0) entered blocking state [ 904.085577][T10438] bridge0: port 1(bridge_slave_0) entered forwarding state [ 904.186225][T10438] bridge0: port 2(bridge_slave_1) entered blocking state [ 904.193952][T10438] bridge0: port 2(bridge_slave_1) entered forwarding state [ 905.127729][T11479] 8021q: adding VLAN 0 to HW filter on device bond0 [ 905.328842][T11479] 8021q: adding VLAN 0 to HW filter on device team0 [ 905.446165][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 905.453883][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 905.557809][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 905.565546][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 906.695377][T11339] veth0_vlan: entered promiscuous mode [ 906.822436][T11448] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 906.835027][T11339] veth1_vlan: entered promiscuous mode [ 907.258808][T11339] veth0_macvtap: entered promiscuous mode [ 907.359214][T11339] veth1_macvtap: entered promiscuous mode [ 907.396684][T11448] veth0_vlan: entered promiscuous mode [ 907.546479][T11448] veth1_vlan: entered promiscuous mode [ 907.587932][T11339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 907.598976][T11339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 907.610329][T11339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 907.629154][T11339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 907.644246][T11339] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 907.838047][T11339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 907.850767][T11339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 907.862236][T11339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 907.873055][T11339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 907.889021][T11339] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 907.951820][T11479] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 908.102825][T11448] veth0_macvtap: entered promiscuous mode [ 908.119403][T11339] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.132090][T11339] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.142111][T11339] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.151325][T11339] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.238062][T11448] veth1_macvtap: entered promiscuous mode [ 908.513279][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 908.526375][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.536532][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 908.547283][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.557486][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 908.568259][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.583333][T11448] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 908.594609][T11479] veth0_vlan: entered promiscuous mode [ 908.675273][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 908.686084][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.698199][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 908.710631][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.722332][T11448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 908.733100][T11448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 908.748248][T11448] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 908.853276][T11479] veth1_vlan: entered promiscuous mode [ 908.897970][T11337] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 908.929018][T11337] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 908.944628][T11337] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 909.012510][T11337] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 909.040887][T11337] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 909.071451][T11337] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 909.144541][T11448] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 909.153975][T11448] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 909.163227][T11448] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 909.172310][T11448] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 909.203473][T11479] veth0_macvtap: entered promiscuous mode [ 909.328632][T11479] veth1_macvtap: entered promiscuous mode [ 909.685914][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 909.698429][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 909.708793][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 909.719724][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 909.730351][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 909.741365][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 909.751598][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 909.762471][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 909.781685][T11479] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 910.121559][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 910.133825][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 910.145340][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 910.157602][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 910.167712][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 910.178500][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 910.188686][T11479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 910.199389][T11479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 910.214587][T11479] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 910.381815][T11479] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 910.395200][T11479] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 910.405518][T11479] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 910.414705][T11479] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 911.166009][T11590] chnl_net:caif_netlink_parms(): no params data found [ 911.191453][ T5182] Bluetooth: hci2: command tx timeout [ 911.780825][T10418] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 911.789044][T10418] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 911.877726][T10402] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 911.886142][T10402] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 912.896282][T11590] bridge0: port 1(bridge_slave_0) entered blocking state [ 912.904279][T11590] bridge0: port 1(bridge_slave_0) entered disabled state [ 912.912239][T11590] bridge_slave_0: entered allmulticast mode [ 912.921427][T11590] bridge_slave_0: entered promiscuous mode [ 913.050287][T11590] bridge0: port 2(bridge_slave_1) entered blocking state [ 913.060414][T11590] bridge0: port 2(bridge_slave_1) entered disabled state [ 913.068396][T11590] bridge_slave_1: entered allmulticast mode [ 913.078785][T11590] bridge_slave_1: entered promiscuous mode [ 913.271032][ T5182] Bluetooth: hci2: command tx timeout [ 913.505275][T11590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 913.620783][T11590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 913.927700][T11640] loop3: detected capacity change from 0 to 1764 [ 913.947053][T11590] team0: Port device team_slave_0 added [ 913.984734][T11590] team0: Port device team_slave_1 added [ 914.023364][T11640] iso9660: Unknown parameter '' [ 914.326671][T11590] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 914.334200][T11590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 914.360725][T11590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 914.467534][T11590] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 914.468177][T11640] loop3: detected capacity change from 0 to 1024 [ 914.480018][T11590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 914.511387][T11590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 915.004249][T11590] hsr_slave_0: entered promiscuous mode [ 915.054657][T11590] hsr_slave_1: entered promiscuous mode [ 915.115563][T11590] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 915.123439][T11590] Cannot create hsr debugfs directory [ 915.430641][ T5182] Bluetooth: hci2: command tx timeout [ 915.820088][T10438] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 915.828464][T10438] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 916.147052][T10418] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 916.156896][T10418] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 916.388266][T11590] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 916.609436][T11590] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 916.808934][T11590] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.027210][T11590] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.297043][T10418] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 917.305427][T10418] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 917.542143][T11590] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 917.547366][ T5182] Bluetooth: hci2: command tx timeout [ 917.573951][T11590] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 917.662389][T11590] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 917.823734][T11590] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 917.869034][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 917.877149][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 918.179789][T10438] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 918.188012][T10438] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 918.592637][ T7884] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 918.600936][ T7884] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 919.544042][T11590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 919.846103][T11590] 8021q: adding VLAN 0 to HW filter on device team0 [ 919.889057][T10400] bridge0: port 1(bridge_slave_0) entered blocking state [ 919.896830][T10400] bridge0: port 1(bridge_slave_0) entered forwarding state [ 920.087088][T10400] bridge0: port 2(bridge_slave_1) entered blocking state [ 920.094854][T10400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 921.204425][T11699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1592'. [ 921.981520][T11704] loop1: detected capacity change from 0 to 2048 [ 922.255041][T11704] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 922.352389][T11707] Bluetooth: MGMT ver 1.23 [ 922.496069][T11590] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 922.620819][ T29] audit: type=1804 audit(1724327122.259:247): pid=11704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1594" name="/newroot/2/file0/bus" dev="loop1" ino=18 res=1 errno=0 [ 922.853598][T11448] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 923.449466][T11590] veth0_vlan: entered promiscuous mode [ 923.600034][T11590] veth1_vlan: entered promiscuous mode [ 923.696599][T10438] bridge_slave_1: left allmulticast mode [ 923.704424][T10438] bridge_slave_1: left promiscuous mode [ 923.713930][T10438] bridge0: port 2(bridge_slave_1) entered disabled state [ 923.810736][T10438] bridge_slave_0: left allmulticast mode [ 923.816712][T10438] bridge_slave_0: left promiscuous mode [ 923.823442][T10438] bridge0: port 1(bridge_slave_0) entered disabled state [ 924.192476][T11731] binder: 11726:11731 ioctl 4018620d 0 returned -22 [ 924.562308][T10438] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 924.657702][T10438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 924.679904][T11732] loop4: detected capacity change from 0 to 512 [ 924.709983][T10438] bond0 (unregistering): Released all slaves [ 924.874264][T11732] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 924.883910][T11732] EXT4-fs (loop4): blocks per group (64) and clusters per group (32768) inconsistent [ 925.142072][T11732] loop4: detected capacity change from 0 to 512 [ 925.321937][T11732] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.1601: casefold flag without casefold feature [ 925.411041][T11732] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1601: couldn't read orphan inode 15 (err -117) [ 925.467314][T11732] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 926.101840][T10438] hsr_slave_0: left promiscuous mode [ 926.122514][T10438] hsr_slave_1: left promiscuous mode [ 926.141670][T10438] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 926.155551][T10438] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 926.178892][T10438] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 926.187503][T10438] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 926.228522][T10438] veth1_macvtap: left promiscuous mode [ 926.237419][T10438] veth0_macvtap: left promiscuous mode [ 926.249140][T10438] veth1_vlan: left promiscuous mode [ 926.260217][T10438] veth0_vlan: left promiscuous mode [ 926.515570][T11745] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 926.760193][T10438] pimreg (unregistering): left allmulticast mode [ 926.785960][T10438] pimreg3 (unregistering): left allmulticast mode [ 927.360206][T10438] team0 (unregistering): Port device team_slave_1 removed [ 927.412000][ T5182] ===================================================== [ 927.419281][ T5182] BUG: KMSAN: uninit-value in hci_rx_work+0x10a8/0x1130 [ 927.428515][ T5182] hci_rx_work+0x10a8/0x1130 [ 927.433412][ T5182] process_scheduled_works+0xae0/0x1c40 [ 927.439144][ T5182] worker_thread+0xea5/0x1520 [ 927.444170][ T5182] kthread+0x3dd/0x540 [ 927.448431][ T5182] ret_from_fork+0x6d/0x90 [ 927.453090][ T5182] ret_from_fork_asm+0x1a/0x30 [ 927.458056][ T5182] [ 927.460580][ T5182] Uninit was created at: [ 927.465494][ T5182] kmem_cache_alloc_node_noprof+0x6bf/0xb80 [ 927.472506][ T5182] kmalloc_reserve+0x13d/0x4a0 [ 927.477530][ T5182] __alloc_skb+0x363/0x7b0 [ 927.486666][ T5182] vhci_write+0x128/0x910 [ 927.492899][ T5182] vfs_write+0xb2f/0x1550 [ 927.497494][ T5182] ksys_write+0x20f/0x4c0 [ 927.502303][ T5182] __ia32_sys_write+0x91/0xe0 [ 927.507155][ T5182] ia32_sys_call+0x2e34/0x40d0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 927.515791][ T5182] __do_fast_syscall_32+0xb0/0x110 [ 927.521209][ T5182] do_fast_syscall_32+0x38/0x80 [ 927.526256][ T5182] do_SYSENTER_32+0x1f/0x30 [ 927.531094][ T5182] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 927.537655][ T5182] [ 927.540082][ T5182] CPU: 0 UID: 0 PID: 5182 Comm: kworker/u9:2 Not tainted 6.11.0-rc4-syzkaller-00033-g872cf28b8df9 #0 [ 927.553725][ T5182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 927.564192][ T5182] Workqueue: hci4 hci_rx_work [ 927.569190][ T5182] ===================================================== [ 927.576323][ T5182] Disabling lock debugging due to kernel taint [ 927.587345][ T5182] Kernel panic - not syncing: kmsan.panic set ... [ 927.593905][ T5182] CPU: 0 UID: 0 PID: 5182 Comm: kworker/u9:2 Tainted: G B 6.11.0-rc4-syzkaller-00033-g872cf28b8df9 #0 [ 927.606443][ T5182] Tainted: [B]=BAD_PAGE [ 927.610700][ T5182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 927.620909][ T5182] Workqueue: hci4 hci_rx_work [ 927.625810][ T5182] Call Trace: [ 927.629195][ T5182] [ 927.632226][ T5182] dump_stack_lvl+0x216/0x2d0 [ 927.637088][ T5182] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 927.643106][ T5182] dump_stack+0x1e/0x30 [ 927.647431][ T5182] panic+0x4e2/0xcd0 [ 927.651494][ T5182] ? kmsan_get_metadata+0x81/0x1c0 [ 927.656810][ T5182] kmsan_report+0x2c7/0x2d0 [ 927.661503][ T5182] ? kmsan_get_metadata+0x13e/0x1c0 [ 927.666896][ T5182] ? __msan_warning+0x95/0x120 [ 927.671832][ T5182] ? hci_rx_work+0x10a8/0x1130 [ 927.676790][ T5182] ? process_scheduled_works+0xae0/0x1c40 [ 927.682692][ T5182] ? worker_thread+0xea5/0x1520 [ 927.687719][ T5182] ? kthread+0x3dd/0x540 [ 927.692148][ T5182] ? ret_from_fork+0x6d/0x90 [ 927.696891][ T5182] ? ret_from_fork_asm+0x1a/0x30 [ 927.702017][ T5182] ? filter_irq_stacks+0x60/0x1a0 [ 927.707200][ T5182] ? kmsan_get_metadata+0x13e/0x1c0 [ 927.712585][ T5182] ? kmsan_get_metadata+0x13e/0x1c0 [ 927.717969][ T5182] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 927.724479][ T5182] ? kmsan_get_metadata+0x13e/0x1c0 [ 927.729865][ T5182] ? kmsan_get_metadata+0x13e/0x1c0 [ 927.735249][ T5182] ? kmsan_get_metadata+0x13e/0x1c0 [ 927.740634][ T5182] ? kmsan_get_metadata+0x13e/0x1c0 [ 927.746025][ T5182] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 927.752538][ T5182] ? kmsan_get_metadata+0x13e/0x1c0 [ 927.757924][ T5182] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 927.763928][ T5182] __msan_warning+0x95/0x120 [ 927.768688][ T5182] hci_rx_work+0x10a8/0x1130 [ 927.773497][ T5182] ? __pfx_hci_rx_work+0x10/0x10 [ 927.778629][ T5182] process_scheduled_works+0xae0/0x1c40 [ 927.784395][ T5182] worker_thread+0xea5/0x1520 [ 927.789273][ T5182] kthread+0x3dd/0x540 [ 927.793530][ T5182] ? __pfx_worker_thread+0x10/0x10 [ 927.798835][ T5182] ? __pfx_kthread+0x10/0x10 [ 927.803609][ T5182] ret_from_fork+0x6d/0x90 [ 927.808176][ T5182] ? __pfx_kthread+0x10/0x10 [ 927.812946][ T5182] ret_from_fork_asm+0x1a/0x30 [ 927.817909][ T5182] [ 927.821241][ T5182] Kernel Offset: disabled [ 927.825616][ T5182] Rebooting in 86400 seconds..