last executing test programs: 24.371254357s ago: executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r0, 0x8b2a, &(0x7f0000000040)) 6.241282713s ago: executing program 1: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2749baca85309be96d5a45bbb29ea06f9cbc7eea15bc1ee369d2707231280f0415df341ab76de90db5ff7ffffffd075b373f51be98db7efbbe8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c1f870adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eacb4389adbb47efb7b3f19046c7f1bd1bf56e58555d96137f95b3aacd74ed1c8a8676468cf2405e48723c6b1ff3698422f88ffed8617dd64330f4c38ba86e3b50da03f4b1e4808aa5c9e9546d7190747c6abc5beab28cec4ff7faa3fab48cdb3d64cfd5d698416752a16f32a54ccef577832e4cf684fce2cb0bab7f6a5821b26483322000000000000596c6e1ac996b8a0924948750b6e52c09d53950e5c8143db8669f8a5bf6511df822532e3c78d019149651255048aab0399e5d6e317b6f3fbc2600ffc3c66c7244b7bcf6b78b5e8c0ee04ce344ceb084b4f2ef09b59a36a92b3874edc559e5bf58a567d385ba92df9121dfa257e60655dcbff581c75107b01b5baaf29ebaf24861c538fefcaecb52a6b69fc450e10645df60a9d50131466113c6aac5abbcf9e9f2f0384da3f9892af413bd87f51f7f0cf61096fd79327fa"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x100a, &(0x7f0000001400)=""/4106}, 0x90) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r2, @ANYBLOB="08001b"], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 5.166804273s ago: executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, 0x0) connect$inet6(r0, &(0x7f0000000440)={0xa, 0x0, 0x0, @private1}, 0x1c) 4.791085083s ago: executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000080)={0x7, 0x8}, 0x10) 4.651813975s ago: executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @random='q%[$l\x00'}, 0x10) 4.536588443s ago: executing program 2: r0 = syz_open_dev$usbfs(&(0x7f0000000340), 0x74, 0x101341) socketpair$tipc(0x1e, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4}, 0x48) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0xed) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) ioctl$USBDEVFS_IOCTL(r0, 0x8008551c, &(0x7f0000000040)=@usbdevfs_connect) 4.409340822s ago: executing program 3: r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[], 0x0) 4.232610341s ago: executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x5}, {0x35, 0x0, 0x0, 0xe12b}, {0x16}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x5, 0x33}, {0x7fff, 0x9, 0x80, 0x4}, {0x4, 0x2f, 0x3f, 0x2}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180)={r3}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) ftruncate(0xffffffffffffffff, 0xc17a) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r4, 0x3, r2, 0x5}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f38c1f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607104c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa87ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09002100000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf4ece4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000acc4d4ba52084d9b997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486216e6949f5e195d2cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c7f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f921860c6e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61fe2010000294800323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e75a7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e824f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5cd628ab84875f2deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c49a0189da9173c62f0ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d8935a9c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f5"], 0x0}, 0x90) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f00000016c0), 0x3af4701e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) r8 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000380)={'gre0\x00', 0x0}) bind$packet(r8, &(0x7f0000000180)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000100)=0x3c0, 0x43) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="0201130010061e00cb2f4359b648d5ed0000388dcf66ac141415ef06e63a808a5e5cbd43af9111aa0c520f06"], 0x3000}], 0x1}, 0x0) sendfile(r8, r7, 0x0, 0x80004700) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_SEC_KEY(r11, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)={0x5c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_SEC_KEY={0x40, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "d6fde169e030cd8ef08e68ab034e5b7d"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}]}, 0x5c}}, 0x0) 4.040068049s ago: executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454c9, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x400000, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x36, 0x0, 0x0) 4.021945579s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xc}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202064250000000000200800b600000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='signal_generate\x00', r1}, 0x10) timer_create(0x3, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{}, {0x0, 0x989680}}, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f00000001c0), 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(r2, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0xffa0) 3.867635066s ago: executing program 4: io_uring_setup(0x30d3, &(0x7f0000000000)) r0 = syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x1, 0x6}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 3.629911634s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10) syz_emit_ethernet(0xc6, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\a\x00', 0x90, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x18, 0x4, "00d414ce8ad48b29bc0ace1fe0ae3b9068bcf462125fca2560c049f6ee8b"}, {0x0, 0xa, "a78ce54406598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "005ff92900ddab4992020900"}]}}}}}}, 0x0) 3.291399056s ago: executing program 4: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2749baca85309be96d5a45bbb29ea06f9cbc7eea15bc1ee369d2707231280f0415df341ab76de90db5ff7ffffffd075b373f51be98db7efbbe8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c1f870adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eacb4389adbb47efb7b3f19046c7f1bd1bf56e58555d96137f95b3aacd74ed1c8a8676468cf2405e48723c6b1ff3698422f88ffed8617dd64330f4c38ba86e3b50da03f4b1e4808aa5c9e9546d7190747c6abc5beab28cec4ff7faa3fab48cdb3d64cfd5d698416752a16f32a54ccef577832e4cf684fce2cb0bab7f6a5821b26483322000000000000596c6e1ac996b8a0924948750b6e52c09d53950e5c8143db8669f8a5bf6511df822532e3c78d019149651255048aab0399e5d6e317b6f3fbc2600ffc3c66c7244b7bcf6b78b5e8c0ee04ce344ceb084b4f2ef09b59a36a92b3874edc559e5bf58a567d385ba92df9121dfa257e60655dcbff581c75107b01b5baaf29ebaf24861c538fefcaecb52a6b69fc450e10645df60a9d50131466113c6aac5abbcf9e9f2f0384da3f9892af413bd87f51f7f0cf61096fd79327fa"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x100a, &(0x7f0000001400)=""/4106}, 0x90) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r2, @ANYBLOB="08001b"], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 3.203653828s ago: executing program 2: syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x200000000000}) 3.042270228s ago: executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xbfff, 0x0, "ec28a144f13d7607"}) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e) mount(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) 2.568018149s ago: executing program 1: ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote, 0x4}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 2.337313678s ago: executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r0, 0x8b2a, &(0x7f0000000040)) 2.305786379s ago: executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000080)={0x7, 0x8}, 0x10) 1.824209215s ago: executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setrlimit(0x40000000000008, &(0x7f0000000000)) r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r2, 0xee01) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendmmsg$inet(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804) 1.669488501s ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="180000002200000c0000000000feff00760000000f"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xf}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSETELEM={0x360, 0xc, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x33c, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}]}, {0x78, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_EXPRESSIONS={0x58, 0xb, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x14}]}}}, {0x2c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1b}]}}}, {0xc, 0x1, 0x0, 0x1, @fib={{0x8}, @void}}]}, @NFTA_SET_ELEM_EXPR={0x4}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x8}]}, {0x224, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x30, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x2c, 0x1, "10e85d94ef9fbbe9da7d8a4e107d426bb7d24110fb540de736ee39df14415bc00f3a4c2908434701"}]}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x1e4, 0xb, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @nat={{0x8}, @void}}, {0x58, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x3}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x1}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0xe057}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x1}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x9}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x1}, @NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x3}, @NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0x7fff}]}}}, {0x1c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0xac, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x9c, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_MATCH_INFO={0x4}, @NFTA_MATCH_INFO={0x77, 0x3, "cbccaa964e19a621400d517c3c9fa80a8bdc9534b2b204b781f63ec6a6ce5d763c1bc22890114f09a17f826397053a807e7f70471c184ecb827d38f7e46dacc88aa80133964467df7c250d412e34c52ff138af9ae894d5254c067984c7a9db5ef98b3be5952cf0556e75fec77308555ed83414"}, @NFTA_MATCH_NAME={0x9, 0x1, '\x03*{$\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, {0xa4, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x94, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_ID={0x8}, @NFTA_DYNSET_SREG_KEY={0x8, 0x4, 0x1, 0x0, 0x11}, @NFTA_DYNSET_EXPRESSIONS={0x80, 0xa, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz0\x00'}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_FLAGS={0x8}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_SET_ID={0x8}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0xa}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_FLAGS={0x8}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_SREG={0x8, 0x2, 0x1, 0x0, 0x37f1ba4c29e69b41}}, {0xc, 0x1, 0x0, 0x1, @NFTA_LOOKUP_DREG={0x8}}]}]}}}, {0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}]}]}, {0x8c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x78, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x63, 0x1, "6e4392ba3d718660beddc3fe949a2703641d5d8c40ce803eb105d795cc0504a975db4f3c52a2da45eef404f03867f5608fc2cbb58cbc2bf0aa624ff132457dbe1f7e6a0bb3d43d3bb056c660da289af7dbd5e96382dd583922511926c861ab"}]}, @NFTA_SET_ELEM_KEY_END={0x10, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}]}]}]}], {0x14, 0x10}}, 0x404}}, 0x0) r3 = syz_io_uring_setup(0x5ce7, &(0x7f00000002c0)={0x0, 0x58cc, 0x1000, 0x3, 0x1ae, 0x0, r1}, &(0x7f0000000000), &(0x7f0000000100)) r4 = io_uring_setup(0x73eb, &(0x7f0000000440)={0x0, 0x200, 0x8, 0x4, 0x0, 0x0, r3}) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='signal_generate\x00', r5}, 0x10) rt_sigaction(0x19, &(0x7f0000000340)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000140)}) socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x0) flock(0xffffffffffffffff, 0xfb8cbf45da2632e) accept$inet6(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x1c) 1.352156942s ago: executing program 0: r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[], 0x0) 1.343877436s ago: executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x5}, {0x35, 0x0, 0x0, 0xe12b}, {0x16}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x5, 0x33}, {0x7fff, 0x9, 0x80, 0x4}, {0x4, 0x2f, 0x3f, 0x2}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180)={r3}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) ftruncate(0xffffffffffffffff, 0xc17a) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r4, 0x3, r2, 0x5}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f38c1f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607104c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa87ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09002100000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf4ece4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000acc4d4ba52084d9b997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486216e6949f5e195d2cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c7f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f921860c6e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61fe2010000294800323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e75a7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e824f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5cd628ab84875f2deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c49a0189da9173c62f0ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d8935a9c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f5"], 0x0}, 0x90) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f00000016c0), 0x3af4701e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)={0x4c, r9, 0x1, 0x0, 0x0, {0x4f}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xab}}, {0x8}, {0x6, 0x11, 0xffff}}]}, 0x4c}}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'gre0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x3c0, 0x43) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="0201130010061e00cb2f4359b648d5ed0000388dcf66ac141415ef06e63a808a5e5cbd43af9111aa0c520f06"], 0x3000}], 0x1}, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x80004700) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)={0x5c, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_SEC_KEY={0x40, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "d6fde169e030cd8ef08e68ab034e5b7d"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}]}, 0x5c}}, 0x0) 1.218150806s ago: executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454c9, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x400000, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x36, 0x0, 0x0) 999.974513ms ago: executing program 4: io_uring_setup(0x30d3, &(0x7f0000000000)) r0 = syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x1, 0x6}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 862.483162ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10) syz_emit_ethernet(0xc6, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\a\x00', 0x90, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x18, 0x4, "00d414ce8ad48b29bc0ace1fe0ae3b9068bcf462125fca2560c049f6ee8b"}, {0x0, 0xa, "a78ce54406598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "005ff92900ddab4992020900"}]}}}}}}, 0x0) 476.850573ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xc}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202064250000000000200800b600000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='signal_generate\x00', r1}, 0x10) timer_create(0x3, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{}, {0x0, 0x989680}}, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f00000001c0), 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(r2, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0xffa0) 468.284343ms ago: executing program 2: bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000440)) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000001300)="ac", 0x1, 0x0, &(0x7f0000000380)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, &(0x7f0000000a80)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) syz_usbip_server_init(0x3) 348.505088ms ago: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2749baca85309be96d5a45bbb29ea06f9cbc7eea15bc1ee369d2707231280f0415df341ab76de90db5ff7ffffffd075b373f51be98db7efbbe8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c1f870adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eacb4389adbb47efb7b3f19046c7f1bd1bf56e58555d96137f95b3aacd74ed1c8a8676468cf2405e48723c6b1ff3698422f88ffed8617dd64330f4c38ba86e3b50da03f4b1e4808aa5c9e9546d7190747c6abc5beab28cec4ff7faa3fab48cdb3d64cfd5d698416752a16f32a54ccef577832e4cf684fce2cb0bab7f6a5821b26483322000000000000596c6e1ac996b8a0924948750b6e52c09d53950e5c8143db8669f8a5bf6511df822532e3c78d019149651255048aab0399e5d6e317b6f3fbc2600ffc3c66c7244b7bcf6b78b5e8c0ee04ce344ceb084b4f2ef09b59a36a92b3874edc559e5bf58a567d385ba92df9121dfa257e60655dcbff581c75107b01b5baaf29ebaf24861c538fefcaecb52a6b69fc450e10645df60a9d50131466113c6aac5abbcf9e9f2f0384da3f9892af413bd87f51f7f0cf61096fd79327fa"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x100a, &(0x7f0000001400)=""/4106}, 0x90) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r2, @ANYBLOB="08001b"], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 179.352291ms ago: executing program 1: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r0, 0x8b2a, &(0x7f0000000040)) 0s ago: executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000080)={0x7, 0x8}, 0x10) kernel console output (not intermixed with test programs): _slave_0: left promiscuous mode [ 364.365882][ T4363] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.368034][ T5075] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 364.394103][ T5075] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 364.408077][ T5075] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 364.411073][ T4363] bridge_slave_1: left allmulticast mode [ 364.421108][ T4363] bridge_slave_1: left promiscuous mode [ 364.422047][ T5075] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 364.427618][ T4363] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.458201][ T4363] bridge_slave_0: left allmulticast mode [ 364.464529][ T4363] bridge_slave_0: left promiscuous mode [ 364.471214][ T4363] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.365666][ T25] usb 3-1: Using ep0 maxpacket: 32 [ 365.456196][ T4363] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 365.483487][ T4363] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 365.499923][ T4363] bond0 (unregistering): Released all slaves [ 365.530523][ T4363] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 365.545739][ T25] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 365.557103][ T25] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 365.590815][ T4363] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 365.612210][ T4363] bond0 (unregistering): Released all slaves [ 365.641592][ T6934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 365.669730][ T6968] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 365.741155][ T25] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 365.750542][ T25] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 365.759432][ T25] usb 3-1: Product: syz [ 365.763810][ T25] usb 3-1: Manufacturer: syz [ 365.786641][ T6969] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 365.794264][ T6969] IPv6: NLM_F_CREATE should be set when creating new route [ 365.841611][ T5075] Bluetooth: hci0: command tx timeout [ 365.913937][ T6970] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 365.921692][ T6970] IPv6: NLM_F_CREATE should be set when creating new route [ 365.937748][ T25] hub 3-1:4.0: USB hub found [ 366.112106][ T6934] team0: Port device team_slave_0 added [ 366.176564][ T6934] team0: Port device team_slave_1 added [ 366.359588][ T25] hub 3-1:4.0: config failed, can't read hub descriptor (err -22) [ 366.439972][ T25] usb 3-1: USB disconnect, device number 6 [ 366.483844][ T5075] Bluetooth: hci3: command tx timeout [ 366.671981][ T6934] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 366.679601][ T6934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.706650][ T6934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 366.851286][ T6934] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 366.852236][ T6975] loop4: detected capacity change from 0 to 1024 [ 366.858443][ T6934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.881959][ T6975] EXT4-fs (loop4): stripe (2310) is not aligned with cluster size (16), stripe is disabled [ 366.891411][ T6934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 366.987311][ T6975] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.105788][ T6975] overlayfs: missing 'workdir' [ 367.385681][ T6934] hsr_slave_0: entered promiscuous mode [ 367.405379][ T6934] hsr_slave_1: entered promiscuous mode [ 367.416973][ T6934] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 367.425805][ T6934] Cannot create hsr debugfs directory [ 367.924223][ T5075] Bluetooth: hci0: command tx timeout [ 368.063598][ T6592] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.251704][ T6890] 8021q: adding VLAN 0 to HW filter on device bond0 [ 368.296773][ T4363] hsr_slave_0: left promiscuous mode [ 368.317754][ T4363] hsr_slave_1: left promiscuous mode [ 368.341629][ T4363] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 368.349585][ T4363] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 368.361995][ T4363] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 368.369782][ T4363] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 368.414916][ T4363] hsr_slave_0: left promiscuous mode [ 368.440375][ T4363] hsr_slave_1: left promiscuous mode [ 368.460133][ T4363] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 368.467892][ T4363] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 368.498715][ T4363] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 368.507149][ T4363] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 368.559233][ T5075] Bluetooth: hci3: command tx timeout [ 368.567500][ T4363] veth1_macvtap: left promiscuous mode [ 368.573635][ T4363] veth0_macvtap: left promiscuous mode [ 368.580734][ T4363] veth1_vlan: left promiscuous mode [ 368.586326][ T4363] veth0_vlan: left promiscuous mode [ 368.596399][ T4363] veth1_macvtap: left promiscuous mode [ 368.598658][ T6990] loop2: detected capacity change from 0 to 512 [ 368.602283][ T4363] veth0_macvtap: left promiscuous mode [ 368.602584][ T4363] veth1_vlan: left promiscuous mode [ 368.620287][ T4363] veth0_vlan: left promiscuous mode [ 368.925254][ T6990] Quota error (device loop2): do_check_range: Getting dqdh_entries 1536 out of range 0-14 [ 368.936170][ T6990] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 368.946611][ T6990] EXT4-fs error (device loop2): ext4_acquire_dquot:6882: comm syz-executor.2: Failed to acquire dquot type 1 [ 368.967821][ T6990] EXT4-fs (loop2): 1 truncate cleaned up [ 368.973894][ T6990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 368.987239][ T6990] ext4 filesystem being mounted at /root/syzkaller-testdir750877794/syzkaller.aJDYSh/124/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 369.391446][ T29] audit: type=1800 audit(1717461640.668:5): pid=6990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 369.568141][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.580765][ T25] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 369.800831][ T4363] team0 (unregistering): Port device team_slave_1 removed [ 369.828710][ T4363] team0 (unregistering): Port device team_slave_0 removed [ 369.989601][ T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 370.003095][ T25] usb 5-1: config 0 has no interfaces? [ 370.009605][ T25] usb 5-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00 [ 370.019889][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 370.087506][ T25] usb 5-1: config 0 descriptor?? [ 370.415732][ T4363] team0 (unregistering): Port device team_slave_1 removed [ 370.433713][ T781] usb 5-1: USB disconnect, device number 5 [ 370.487313][ T4363] team0 (unregistering): Port device team_slave_0 removed [ 370.642945][ T5075] Bluetooth: hci3: command tx timeout [ 371.173357][ T6890] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.405437][ T781] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.413366][ T781] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.595527][ T781] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.603426][ T781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.636557][ T6965] chnl_net:caif_netlink_parms(): no params data found [ 372.462293][ T6934] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 372.494264][ T6934] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 372.631000][ T6934] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 372.720405][ T5075] Bluetooth: hci3: command tx timeout [ 372.734455][ T6934] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 373.095120][ T7021] loop4: detected capacity change from 0 to 1024 [ 373.166712][ T7021] EXT4-fs (loop4): stripe (2310) is not aligned with cluster size (16), stripe is disabled [ 373.371039][ T7021] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 373.510537][ T6965] bridge0: port 1(bridge_slave_0) entered blocking state [ 373.518298][ T6965] bridge0: port 1(bridge_slave_0) entered disabled state [ 373.526352][ T6965] bridge_slave_0: entered allmulticast mode [ 373.536402][ T6965] bridge_slave_0: entered promiscuous mode [ 373.615741][ T7021] overlayfs: missing 'workdir' [ 373.640792][ T6965] bridge0: port 2(bridge_slave_1) entered blocking state [ 373.648526][ T6965] bridge0: port 2(bridge_slave_1) entered disabled state [ 373.657230][ T6965] bridge_slave_1: entered allmulticast mode [ 373.666517][ T6965] bridge_slave_1: entered promiscuous mode [ 374.037195][ T6965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 374.125831][ T6965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 374.154021][ T6592] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.359456][ T6965] team0: Port device team_slave_0 added [ 374.380996][ T6890] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 374.400071][ T6965] team0: Port device team_slave_1 added [ 374.628536][ T6965] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 374.637138][ T6965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 374.663799][ T6965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 374.718630][ T7035] loop2: detected capacity change from 0 to 512 [ 374.726297][ T6934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 374.843906][ T6965] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 374.851552][ T6965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 374.877944][ T6965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 374.902555][ T7035] Quota error (device loop2): do_check_range: Getting dqdh_entries 1536 out of range 0-14 [ 374.914491][ T7035] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 374.926229][ T7035] EXT4-fs error (device loop2): ext4_acquire_dquot:6882: comm syz-executor.2: Failed to acquire dquot type 1 [ 374.995718][ T7035] EXT4-fs (loop2): 1 truncate cleaned up [ 375.002800][ T7035] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 375.016096][ T7035] ext4 filesystem being mounted at /root/syzkaller-testdir750877794/syzkaller.aJDYSh/131/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 375.206212][ T6965] hsr_slave_0: entered promiscuous mode [ 375.222398][ T6965] hsr_slave_1: entered promiscuous mode [ 375.239235][ T6965] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 375.247242][ T6965] Cannot create hsr debugfs directory [ 375.254475][ T7040] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 375.262024][ T7040] IPv6: NLM_F_CREATE should be set when creating new route [ 375.315644][ T7041] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 375.323245][ T7041] IPv6: NLM_F_CREATE should be set when creating new route [ 375.364353][ T6934] 8021q: adding VLAN 0 to HW filter on device team0 [ 375.392965][ T6890] veth0_vlan: entered promiscuous mode [ 375.500338][ T29] audit: type=1800 audit(1717461646.728:6): pid=7035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 375.682627][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 375.690510][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 375.732414][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 375.774467][ T6890] veth1_vlan: entered promiscuous mode [ 375.887629][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state [ 375.895477][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 376.339509][ T6890] veth0_macvtap: entered promiscuous mode [ 376.555522][ T6890] veth1_macvtap: entered promiscuous mode [ 376.874620][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 376.887665][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.897836][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 376.908584][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 376.925263][ T6890] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 377.140519][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 377.152215][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.162737][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 377.173512][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.190030][ T6890] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 377.264817][ T6890] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.274010][ T6890] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.286865][ T6890] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.297957][ T6890] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.316422][ T6965] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 377.436699][ T6965] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 377.477514][ T6965] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 377.568287][ T6965] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 377.942459][ T7066] loop2: detected capacity change from 0 to 1024 [ 378.062739][ T7066] EXT4-fs (loop2): stripe (2310) is not aligned with cluster size (16), stripe is disabled [ 378.215368][ T6934] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 378.221689][ T7066] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 378.461882][ T6934] veth0_vlan: entered promiscuous mode [ 378.570252][ T7066] overlayfs: missing 'workdir' [ 378.619951][ T6934] veth1_vlan: entered promiscuous mode [ 378.964077][ T6934] veth0_macvtap: entered promiscuous mode [ 379.030963][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 379.079152][ T6965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 379.096580][ T6934] veth1_macvtap: entered promiscuous mode [ 379.195790][ T6965] 8021q: adding VLAN 0 to HW filter on device team0 [ 379.246941][ T4589] bridge0: port 1(bridge_slave_0) entered blocking state [ 379.254746][ T4589] bridge0: port 1(bridge_slave_0) entered forwarding state [ 379.337581][ T4589] bridge0: port 2(bridge_slave_1) entered blocking state [ 379.345345][ T4589] bridge0: port 2(bridge_slave_1) entered forwarding state [ 379.373370][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.384134][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.394535][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.405291][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.415391][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.426235][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.443800][ T6934] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 379.491263][ T7081] loop2: detected capacity change from 0 to 512 [ 379.519360][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 379.530073][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.541493][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 379.552541][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.562661][ T6934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 379.573452][ T6934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.588484][ T6934] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 379.667884][ T6934] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.677099][ T6934] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.691580][ T6934] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.702396][ T6934] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.755309][ T7081] Quota error (device loop2): do_check_range: Getting dqdh_entries 1536 out of range 0-14 [ 379.766396][ T7081] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 379.776807][ T7081] EXT4-fs error (device loop2): ext4_acquire_dquot:6882: comm syz-executor.2: Failed to acquire dquot type 1 [ 379.895032][ T7081] EXT4-fs (loop2): 1 truncate cleaned up [ 379.901254][ T7081] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 379.914393][ T7081] ext4 filesystem being mounted at /root/syzkaller-testdir750877794/syzkaller.aJDYSh/136/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 380.121385][ T7088] fuse: Bad value for 'fd' [ 380.419273][ T29] audit: type=1800 audit(1717461651.648:7): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 380.633187][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.576005][ T6965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 382.037919][ T6965] veth0_vlan: entered promiscuous mode [ 382.158846][ T6965] veth1_vlan: entered promiscuous mode [ 382.490274][ T6965] veth0_macvtap: entered promiscuous mode [ 382.622342][ T6965] veth1_macvtap: entered promiscuous mode [ 382.785952][ T6965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 382.796794][ T6965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.820445][ T6965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 382.832960][ T6965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.843436][ T6965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 382.854160][ T6965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.864252][ T6965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 382.874946][ T6965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 382.891223][ T6965] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 383.081987][ T7131] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 383.108699][ T6965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 383.121149][ T6965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.131544][ T6965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 383.142328][ T6965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.152442][ T6965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 383.163144][ T6965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.173631][ T6965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 383.188024][ T6965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 383.203365][ T6965] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 383.241835][ T6965] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.251065][ T6965] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.260611][ T6965] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.269753][ T6965] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.672144][ T7146] fuse: Invalid rootmode [ 384.100387][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 384.108442][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 384.369362][ T781] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 384.369644][ T7156] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 384.377359][ T781] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 385.410234][ T781] IPVS: starting estimator thread 0... [ 385.525816][ T7174] IPVS: using max 240 ests per chain, 12000 per kthread [ 386.464843][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.473116][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.680779][ T4589] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.688996][ T4589] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.927101][ T7196] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 387.232011][ T7206] fuse: Invalid rootmode [ 387.587951][ T7213] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 387.924945][ T7218] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 389.111722][ T4589] IPVS: starting estimator thread 0... [ 389.152921][ T3061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 389.164191][ T3061] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 389.213898][ T7240] IPVS: using max 240 ests per chain, 12000 per kthread [ 389.386762][ T3061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 389.395508][ T3061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 390.086784][ T7254] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 390.471148][ T7262] fuse: Invalid rootmode [ 390.587233][ T7264] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 390.682787][ T7264] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 390.690406][ T7264] IPv6: NLM_F_CREATE should be set when creating new route [ 391.424611][ T29] audit: type=1326 audit(1717461662.688:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.448132][ T29] audit: type=1326 audit(1717461662.688:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.471326][ T29] audit: type=1326 audit(1717461662.698:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.494544][ T29] audit: type=1326 audit(1717461662.698:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.521387][ T29] audit: type=1326 audit(1717461662.698:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.545736][ T29] audit: type=1326 audit(1717461662.698:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.572298][ T29] audit: type=1326 audit(1717461662.698:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.595715][ T29] audit: type=1326 audit(1717461662.698:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.622938][ T29] audit: type=1326 audit(1717461662.698:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 391.647482][ T29] audit: type=1326 audit(1717461662.708:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7278 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 392.561802][ T7301] fuse: Bad value for 'rootmode' [ 394.278263][ T7331] fuse: Bad value for 'rootmode' [ 395.228294][ T4589] IPVS: starting estimator thread 0... [ 395.350875][ T7349] IPVS: using max 240 ests per chain, 12000 per kthread [ 395.838224][ T7360] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 396.475054][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 396.475157][ T29] audit: type=1326 audit(1717461667.758:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.505012][ T29] audit: type=1326 audit(1717461667.758:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.573858][ T29] audit: type=1326 audit(1717461667.858:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.598624][ T29] audit: type=1326 audit(1717461667.858:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.621993][ T29] audit: type=1326 audit(1717461667.858:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.649238][ T29] audit: type=1326 audit(1717461667.878:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.673900][ T29] audit: type=1326 audit(1717461667.878:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.698034][ T29] audit: type=1326 audit(1717461667.888:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.725845][ T29] audit: type=1326 audit(1717461667.888:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 396.753177][ T29] audit: type=1326 audit(1717461667.898:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f003127cee9 code=0x7ffc0000 [ 397.189553][ T7375] fuse: Bad value for 'rootmode' [ 398.067308][ T5131] IPVS: starting estimator thread 0... [ 398.179359][ T7399] IPVS: using max 240 ests per chain, 12000 per kthread [ 398.268250][ T7402] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 399.636177][ T7421] fuse: Unknown parameter 'use00000000000000000000' [ 399.706341][ T7423] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 400.292288][ T4589] IPVS: starting estimator thread 0... [ 400.409916][ T7434] IPVS: using max 240 ests per chain, 12000 per kthread [ 400.935134][ T7446] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 401.027030][ T7442] syzkaller0: entered promiscuous mode [ 401.032970][ T7442] syzkaller0: entered allmulticast mode [ 401.620053][ T5132] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 402.006000][ T7456] fuse: Unknown parameter 'use00000000000000000000' [ 402.039690][ T5132] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 402.050503][ T5132] usb 4-1: config 0 has no interfaces? [ 402.056301][ T5132] usb 4-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00 [ 402.070421][ T5132] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.123968][ T5132] usb 4-1: config 0 descriptor?? [ 402.426432][ T5132] usb 4-1: USB disconnect, device number 3 [ 402.962877][ T7479] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 403.301717][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.308413][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.553620][ T7488] syzkaller0: entered promiscuous mode [ 403.559468][ T7488] syzkaller0: entered allmulticast mode [ 404.150027][ T7496] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 404.359638][ T7501] fuse: Unknown parameter 'use00000000000000000000' [ 405.670175][ T7524] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 405.878575][ T5129] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 406.003186][ T7529] syzkaller0: entered promiscuous mode [ 406.009084][ T7529] syzkaller0: entered allmulticast mode [ 406.453233][ T5129] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 406.463894][ T5129] usb 1-1: config 0 has no interfaces? [ 406.475020][ T5129] usb 1-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00 [ 406.489807][ T5129] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.525495][ T5129] usb 1-1: config 0 descriptor?? [ 406.803806][ T7539] fuse: Unknown parameter 'user_i00000000000000000000' [ 406.893628][ T10] usb 1-1: USB disconnect, device number 6 [ 407.283420][ T7545] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 407.462865][ T7553] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 408.471672][ T7568] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 408.580502][ T7570] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 408.610810][ T7571] fuse: Unknown parameter 'user_i00000000000000000000' [ 409.652629][ T7587] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 410.182790][ T10] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 410.219197][ T7597] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 410.593388][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 410.604253][ T10] usb 3-1: config 0 has no interfaces? [ 410.610134][ T10] usb 3-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00 [ 410.619617][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.685856][ T10] usb 3-1: config 0 descriptor?? [ 410.843145][ T7607] fuse: Unknown parameter 'user_i00000000000000000000' [ 411.049776][ T5129] usb 3-1: USB disconnect, device number 7 [ 412.790358][ T5129] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 413.089730][ T781] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 413.165302][ T7646] fuse: Unknown parameter 'user_id00000000000000000000' [ 413.199416][ T5129] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 413.209991][ T5129] usb 5-1: config 0 has no interfaces? [ 413.215848][ T5129] usb 5-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00 [ 413.229742][ T5129] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.290581][ T5129] usb 5-1: config 0 descriptor?? [ 413.629713][ T781] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 413.643775][ T781] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.653673][ T781] usb 4-1: Product: syz [ 413.658101][ T781] usb 4-1: Manufacturer: syz [ 413.663094][ T781] usb 4-1: SerialNumber: syz [ 413.708566][ T781] usb 4-1: config 0 descriptor?? [ 413.750806][ T5129] usb 5-1: USB disconnect, device number 6 [ 413.764870][ T781] ch341 4-1:0.0: ch341-uart converter detected [ 414.230306][ T7652] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 414.440647][ T781] usb 4-1: failed to send control message: -71 [ 414.447393][ T781] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 414.487118][ T781] usb 4-1: USB disconnect, device number 4 [ 414.495539][ T781] ch341 4-1:0.0: device disconnected [ 414.964095][ T7662] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 415.369967][ T7676] fuse: Unknown parameter 'user_id00000000000000000000' [ 416.202594][ T7691] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 417.310334][ T7708] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 417.362946][ T5129] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 417.537310][ T7710] fuse: Unknown parameter 'user_id00000000000000000000' [ 417.581676][ T7712] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 417.960081][ T5129] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 417.969769][ T5129] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 417.978025][ T5129] usb 4-1: Product: syz [ 417.982516][ T5129] usb 4-1: Manufacturer: syz [ 417.987349][ T5129] usb 4-1: SerialNumber: syz [ 418.017675][ T5129] usb 4-1: config 0 descriptor?? [ 418.075379][ T5129] ch341 4-1:0.0: ch341-uart converter detected [ 418.719518][ T5129] usb 4-1: failed to send control message: -71 [ 418.726435][ T5129] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 418.764929][ T7724] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 418.780753][ T5129] usb 4-1: USB disconnect, device number 5 [ 418.788627][ T5129] ch341 4-1:0.0: device disconnected [ 420.301870][ T7746] fuse: Bad value for 'fd' [ 420.547437][ T7749] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 420.587141][ T7750] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 420.792757][ T7758] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 421.486180][ T5129] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 421.771274][ T7772] Zero length message leads to an empty skb [ 422.079860][ T5129] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 422.089362][ T5129] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.097601][ T5129] usb 3-1: Product: syz [ 422.102308][ T5129] usb 3-1: Manufacturer: syz [ 422.107129][ T5129] usb 3-1: SerialNumber: syz [ 422.165902][ T5129] usb 3-1: config 0 descriptor?? [ 422.252961][ T5129] ch341 3-1:0.0: ch341-uart converter detected [ 422.425078][ T7781] fuse: Bad value for 'fd' [ 422.746494][ T7787] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 422.869528][ T5129] usb 3-1: failed to send control message: -71 [ 422.876126][ T5129] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 422.923682][ T5129] usb 3-1: USB disconnect, device number 8 [ 422.934649][ T5129] ch341 3-1:0.0: device disconnected [ 423.807087][ T7798] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 423.910409][ T7800] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 425.017628][ T7818] fuse: Bad value for 'fd' [ 425.183415][ T7821] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 427.999199][ T7874] fuse: Bad value for 'fd' [ 428.781569][ T7883] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 430.451363][ T7913] fuse: Bad value for 'fd' [ 431.300220][ T7933] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 432.773337][ T7958] fuse: Bad value for 'fd' [ 435.499665][ T7998] fuse: Unknown parameter '0x0000000000000003' [ 437.684727][ T8037] fuse: Unknown parameter '0x0000000000000003' [ 440.664571][ T5081] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 440.685617][ T5081] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 440.706752][ T5081] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 440.733930][ T5081] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 440.765623][ T5081] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 440.775585][ T5081] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 440.934570][ T8077] fuse: Bad value for 'fd' [ 442.880083][ T5081] Bluetooth: hci5: command tx timeout [ 442.999984][ T8071] chnl_net:caif_netlink_parms(): no params data found [ 444.454458][ T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.636357][ T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.817577][ T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.863512][ T8120] pim6reg1: entered promiscuous mode [ 444.875094][ T8120] pim6reg1: entered allmulticast mode [ 444.957774][ T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.973348][ T5081] Bluetooth: hci5: command tx timeout [ 445.463841][ T8071] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.473290][ T8071] bridge0: port 1(bridge_slave_0) entered disabled state [ 445.487053][ T8071] bridge_slave_0: entered allmulticast mode [ 445.496388][ T8071] bridge_slave_0: entered promiscuous mode [ 445.618195][ T8071] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.626237][ T8071] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.634088][ T8071] bridge_slave_1: entered allmulticast mode [ 445.643270][ T8071] bridge_slave_1: entered promiscuous mode [ 445.661090][ T59] bridge_slave_1: left allmulticast mode [ 445.666952][ T59] bridge_slave_1: left promiscuous mode [ 445.673676][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.752766][ T59] bridge_slave_0: left allmulticast mode [ 445.758616][ T59] bridge_slave_0: left promiscuous mode [ 445.765349][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 446.740385][ T25] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 446.830566][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 446.945360][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 447.040621][ T59] bond0 (unregistering): Released all slaves [ 447.055960][ T5081] Bluetooth: hci5: command tx timeout [ 447.062302][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 447.508548][ T8071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 449.121312][ T5081] Bluetooth: hci5: command tx timeout [ 449.239864][ T8071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 449.280394][ T25] usb 4-1: unable to read config index 0 descriptor/all [ 449.287769][ T25] usb 4-1: can't read configurations, error -71 [ 449.743269][ T8071] team0: Port device team_slave_0 added [ 450.075308][ T59] hsr_slave_0: left promiscuous mode [ 450.143701][ T59] hsr_slave_1: left promiscuous mode [ 450.210755][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 450.218509][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 450.247941][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 450.255953][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 450.316886][ T59] veth1_macvtap: left promiscuous mode [ 450.323463][ T59] veth0_macvtap: left promiscuous mode [ 450.329492][ T59] veth1_vlan: left promiscuous mode [ 450.335034][ T59] veth0_vlan: left promiscuous mode [ 451.295431][ T59] team0 (unregistering): Port device team_slave_1 removed [ 451.371183][ T59] team0 (unregistering): Port device team_slave_0 removed [ 451.461640][ T5075] Bluetooth: hci1: command 0x0406 tx timeout [ 451.647773][ T8071] team0: Port device team_slave_1 added [ 451.997132][ T8071] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 452.004649][ T8071] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.032095][ T8071] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 452.126871][ T8071] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 452.134239][ T8071] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.163482][ T8071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 452.603965][ T8071] hsr_slave_0: entered promiscuous mode [ 452.702931][ T8071] hsr_slave_1: entered promiscuous mode [ 452.768879][ T8071] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 452.776670][ T8071] Cannot create hsr debugfs directory [ 454.477752][ T8071] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 454.553161][ T8163] binder: BINDER_SET_CONTEXT_MGR already set [ 454.561168][ T8163] binder: 8162:8163 ioctl 4018620d 20000040 returned -16 [ 454.563154][ T8071] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 454.642029][ T8071] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 454.714478][ T8071] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 455.727356][ T8071] 8021q: adding VLAN 0 to HW filter on device bond0 [ 455.878943][ T8071] 8021q: adding VLAN 0 to HW filter on device team0 [ 455.916652][ T780] bridge0: port 1(bridge_slave_0) entered blocking state [ 455.924479][ T780] bridge0: port 1(bridge_slave_0) entered forwarding state [ 456.088909][ T780] bridge0: port 2(bridge_slave_1) entered blocking state [ 456.096660][ T780] bridge0: port 2(bridge_slave_1) entered forwarding state [ 456.325265][ T59] IPVS: stop unused estimator thread 0... [ 457.329670][ T8178] Illegal XDP return value 4294967294 on prog (id 80) dev N/A, expect packet loss! [ 457.782888][ T8183] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 458.406581][ T8071] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 458.723324][ T8194] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 458.970809][ T8071] veth0_vlan: entered promiscuous mode [ 459.088323][ T8071] veth1_vlan: entered promiscuous mode [ 459.568656][ T8071] veth0_macvtap: entered promiscuous mode [ 459.702822][ T8071] veth1_macvtap: entered promiscuous mode [ 460.006788][ T8071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 460.017813][ T8071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.034044][ T8071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 460.047446][ T8071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.057650][ T8071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 460.068415][ T8071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.078584][ T8071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 460.089400][ T8071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.104002][ T8071] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 460.387174][ T8071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 460.399824][ T8071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.410060][ T8071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 460.420910][ T8071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.435996][ T8071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 460.448120][ T8071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.458255][ T8071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 460.469117][ T8071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 460.483583][ T8071] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 460.678045][ T8228] team_slave_0: entered promiscuous mode [ 460.684126][ T8228] team_slave_1: entered promiscuous mode [ 460.691059][ T8228] macvlan2: entered allmulticast mode [ 460.696654][ T8228] team0: entered allmulticast mode [ 460.702247][ T8228] team_slave_0: entered allmulticast mode [ 460.708200][ T8228] team_slave_1: entered allmulticast mode [ 460.719562][ T8228] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 460.776777][ T8228] team0: left allmulticast mode [ 460.782127][ T8228] team_slave_0: left allmulticast mode [ 460.787794][ T8228] team_slave_1: left allmulticast mode [ 460.793676][ T8228] team_slave_0: left promiscuous mode [ 460.799418][ T8228] team_slave_1: left promiscuous mode [ 460.980577][ T8071] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.989719][ T8071] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.998928][ T8071] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 461.007935][ T8071] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 461.197749][ T8236] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 462.973150][ T8277] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 464.283291][ T8296] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 464.737325][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.744286][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 466.701571][ T8347] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 467.149947][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 467.157985][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 467.290532][ T780] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 467.303790][ T780] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 467.666383][ T8357] loop1: detected capacity change from 0 to 512 [ 467.818717][ T8357] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz-executor.1: invalid block [ 467.883228][ T8357] EXT4-fs (loop1): Remounting filesystem read-only [ 467.953918][ T8357] EXT4-fs (loop1): 2 truncates cleaned up [ 467.960086][ T8357] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.201207][ T8071] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.607455][ T8370] loop3: detected capacity change from 0 to 256 [ 468.767478][ T8370] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 469.117503][ T8373] loop4: detected capacity change from 0 to 2048 [ 469.292156][ T8373] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 469.405727][ T8373] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 471.250851][ T8387] loop4: detected capacity change from 0 to 512 [ 471.339132][ T8387] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz-executor.4: bad orphan inode 17 [ 471.397114][ T8387] ext4_test_bit(bit=16, block=4) = 1 [ 471.402960][ T8387] is_bad_inode(inode)=0 [ 471.407287][ T8387] NEXT_ORPHAN(inode)=0 [ 471.411667][ T8387] max_ino=32 [ 471.415024][ T8387] i_nlink=1 [ 471.418351][ T8387] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 471.939290][ T6592] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2000296419/syzkaller.ZEh2U5/127/bus: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 472.053935][ T6592] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2847: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 472.129019][ T6592] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz-executor.4: bg 0: block 7: invalid block bitmap [ 472.177390][ T6592] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6537: Corrupt filesystem [ 472.282693][ T6592] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2000296419/syzkaller.ZEh2U5/127/bus: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 472.357031][ T6592] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2000296419/syzkaller.ZEh2U5/127/bus: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 472.432564][ T6592] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2000296419/syzkaller.ZEh2U5/127/bus: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 472.567320][ T6592] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2000296419/syzkaller.ZEh2U5/127/bus: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 472.637761][ T6592] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2000296419/syzkaller.ZEh2U5/127/bus: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 472.705096][ T6592] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2000296419/syzkaller.ZEh2U5/127/bus: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 472.856937][ T6592] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir2000296419/syzkaller.ZEh2U5/127/bus: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 473.048287][ T8401] loop1: detected capacity change from 0 to 256 [ 473.111885][ T8401] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 473.218415][ T8401] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d) [ 473.659399][ T8407] loop3: detected capacity change from 0 to 64 [ 475.019048][ T4589] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 475.203464][ T8420] loop0: detected capacity change from 0 to 64 [ 475.400979][ T8421] loop2: detected capacity change from 0 to 2048 [ 475.422756][ T4589] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 475.432400][ T4589] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.440449][ T8421] udf: Bad value for 'partition' [ 475.499900][ T4589] usb 2-1: config 0 descriptor?? [ 475.552450][ T4589] cp210x 2-1:0.0: cp210x converter detected [ 475.803080][ T4589] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -71 [ 475.811996][ T4589] cp210x 2-1:0.0: querying part number failed [ 475.855147][ T4589] usb 2-1: cp210x converter now attached to ttyUSB0 [ 475.882386][ T4589] usb 2-1: USB disconnect, device number 3 [ 475.944841][ T4589] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 475.955908][ T4589] cp210x 2-1:0.0: device disconnected [ 476.358180][ T6592] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 476.363461][ T2443] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.536717][ T2443] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.722468][ T2443] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.855869][ T2443] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.093216][ T5075] Bluetooth: hci2: command 0x0406 tx timeout [ 477.145864][ T2443] bridge_slave_1: left allmulticast mode [ 477.152081][ T2443] bridge_slave_1: left promiscuous mode [ 477.161777][ T2443] bridge0: port 2(bridge_slave_1) entered disabled state [ 477.181008][ T2443] bridge_slave_0: left allmulticast mode [ 477.186888][ T2443] bridge_slave_0: left promiscuous mode [ 477.193589][ T2443] bridge0: port 1(bridge_slave_0) entered disabled state [ 477.811262][ T2443] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 477.834183][ T8435] loop0: detected capacity change from 0 to 512 [ 477.881146][ T2443] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 477.908384][ T8435] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 477.950710][ T2443] bond0 (unregistering): Released all slaves [ 478.025356][ T8435] EXT4-fs error (device loop0): mb_free_blocks:1940: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 478.069687][ T8435] EXT4-fs (loop0): Remounting filesystem read-only [ 478.130573][ T8435] EXT4-fs (loop0): 1 truncate cleaned up [ 478.136478][ T8435] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 478.159840][ T8432] infiniband syz2: set active [ 478.345948][ T8440] loop1: detected capacity change from 0 to 512 [ 478.436233][ T8440] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349) [ 478.446188][ T8440] EXT4-fs (loop1): group descriptors corrupted! [ 479.517157][ T2443] hsr_slave_0: left promiscuous mode [ 479.622928][ T2443] hsr_slave_1: left promiscuous mode [ 479.669898][ T2443] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 479.677583][ T2443] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 479.747015][ T2443] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 479.754862][ T2443] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 479.879904][ T2443] veth1_macvtap: left promiscuous mode [ 479.890653][ T2443] veth0_macvtap: left promiscuous mode [ 479.896586][ T2443] veth1_vlan: left promiscuous mode [ 479.902434][ T2443] veth0_vlan: left promiscuous mode [ 479.923625][ T5075] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 479.932795][ T5075] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 479.942213][ T5075] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 480.129948][ T5075] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 480.156518][ T5075] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 480.166804][ T5075] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 480.266349][ T8454] loop3: detected capacity change from 0 to 512 [ 480.463518][ T8454] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 480.556810][ T6934] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.762380][ T8454] EXT4-fs (loop3): 1 truncate cleaned up [ 480.768465][ T8454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 481.024862][ T2443] team0 (unregistering): Port device team_slave_1 removed [ 481.053113][ T2443] team0 (unregistering): Port device team_slave_0 removed [ 481.299743][ T6890] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir389808648/syzkaller.wnXqNP/93/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 481.383345][ T6890] EXT4-fs error (device loop3): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 481.724739][ T6890] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir389808648/syzkaller.wnXqNP/93/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 481.943626][ T6890] EXT4-fs error (device loop3): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 482.012798][ T6890] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir389808648/syzkaller.wnXqNP/93/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 482.138311][ T6890] EXT4-fs error (device loop3): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 482.198912][ T5075] Bluetooth: hci0: command 0x0406 tx timeout [ 482.240544][ T5075] Bluetooth: hci1: command tx timeout [ 482.304231][ T6890] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir389808648/syzkaller.wnXqNP/93/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 482.354276][ T6890] EXT4-fs error (device loop3): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 482.440848][ T6890] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor.3: path /root/syzkaller-testdir389808648/syzkaller.wnXqNP/93/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 482.494911][ T6890] EXT4-fs error (device loop3): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 483.206665][ T8452] chnl_net:caif_netlink_parms(): no params data found [ 484.320823][ T5073] Bluetooth: hci1: command tx timeout [ 484.761140][ T8481] loop1: detected capacity change from 0 to 512 [ 484.774112][ T8452] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.785069][ T8452] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.792883][ T8452] bridge_slave_0: entered allmulticast mode [ 484.807147][ T8452] bridge_slave_0: entered promiscuous mode [ 484.960724][ T8481] EXT4-fs error (device loop1): ext4_orphan_get:1420: comm syz-executor.1: bad orphan inode 17 [ 484.975176][ T8452] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.985494][ T8452] bridge0: port 2(bridge_slave_1) entered disabled state [ 484.993377][ T8452] bridge_slave_1: entered allmulticast mode [ 485.002461][ T8452] bridge_slave_1: entered promiscuous mode [ 485.004222][ T8481] ext4_test_bit(bit=16, block=4) = 1 [ 485.017603][ T8481] is_bad_inode(inode)=0 [ 485.023265][ T8481] NEXT_ORPHAN(inode)=0 [ 485.027505][ T8481] max_ino=32 [ 485.031081][ T8481] i_nlink=1 [ 485.034428][ T8481] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 485.165299][ T8481] EXT4-fs error (device loop1): ext4_find_dest_de:2111: inode #2: block 13: comm syz-executor.1: bad entry in directory: rec_len % 4 != 0 - offset=92, inode=0, rec_len=127, size=1024 fake=0 [ 485.354551][ T8452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 485.410666][ T8071] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.522684][ T8452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 485.643036][ T6890] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.820839][ T8452] team0: Port device team_slave_0 added [ 485.866766][ T2443] IPVS: stop unused estimator thread 0... [ 485.868443][ T8452] team0: Port device team_slave_1 added [ 485.958218][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 485.958286][ T29] audit: type=1800 audit(1717461757.238:55): pid=8493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1956 res=0 errno=0 [ 485.985681][ T29] audit: type=1800 audit(1717461757.278:56): pid=8493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=1960 res=0 errno=0 [ 486.113508][ T8452] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 486.121940][ T8452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.152492][ T8452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 486.200390][ T8452] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 486.207723][ T8452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.234402][ T8452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 486.267679][ T29] audit: type=1804 audit(1717461757.558:57): pid=8496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3142727706/syzkaller.IfQ4AJ/12/bus" dev="sda1" ino=1956 res=1 errno=0 [ 486.313807][ T29] audit: type=1804 audit(1717461757.598:58): pid=8495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir3142727706/syzkaller.IfQ4AJ/12/bus" dev="sda1" ino=1956 res=1 errno=0 [ 486.405524][ T5073] Bluetooth: hci1: command tx timeout [ 486.433405][ T8491] loop2: detected capacity change from 0 to 4096 [ 486.583200][ T8491] NILFS (loop2): invalid segment: Checksum error in segment payload [ 486.591676][ T8491] NILFS (loop2): trying rollback from an earlier position [ 486.717807][ T2443] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.759220][ T8491] NILFS (loop2): recovery complete [ 486.774924][ T8497] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 486.798617][ T8452] hsr_slave_0: entered promiscuous mode [ 486.830334][ T8452] hsr_slave_1: entered promiscuous mode [ 486.839411][ T8452] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 486.847160][ T8452] Cannot create hsr debugfs directory [ 486.913940][ T2443] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.103967][ T2443] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.258344][ T2443] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.592140][ T2443] bridge_slave_1: left allmulticast mode [ 487.598065][ T2443] bridge_slave_1: left promiscuous mode [ 487.605188][ T2443] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.652948][ T2443] bridge_slave_0: left allmulticast mode [ 487.659615][ T2443] bridge_slave_0: left promiscuous mode [ 487.666211][ T2443] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.244872][ T2443] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 488.265785][ T2443] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 488.322893][ T2443] bond0 (unregistering): Released all slaves [ 488.479214][ T5073] Bluetooth: hci1: command tx timeout [ 488.556619][ T8508] dccp_close: ABORT with 168 bytes unread [ 488.698073][ T8511] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 489.173886][ T5075] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 489.197855][ T5075] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 489.212187][ T5075] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 489.253400][ T5075] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 489.291234][ T5075] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 489.312519][ T5075] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 489.743069][ T29] audit: type=1800 audit(1717461761.038:59): pid=8524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1954 res=0 errno=0 [ 490.101987][ T29] audit: type=1800 audit(1717461761.378:60): pid=8524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1937 res=0 errno=0 [ 490.145924][ T2443] hsr_slave_0: left promiscuous mode [ 490.168084][ T2443] hsr_slave_1: left promiscuous mode [ 490.198694][ T2443] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 490.207035][ T2443] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 490.209130][ T29] audit: type=1804 audit(1717461761.468:61): pid=8527 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4052608554/syzkaller.CIpuyX/99/bus" dev="sda1" ino=1954 res=1 errno=0 [ 490.269510][ T2443] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 490.277210][ T2443] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 490.385248][ T2443] veth1_macvtap: left promiscuous mode [ 490.391518][ T2443] veth0_macvtap: left promiscuous mode [ 490.397438][ T2443] veth1_vlan: left promiscuous mode [ 490.403243][ T2443] veth0_vlan: left promiscuous mode [ 490.722349][ T8528] loop2: detected capacity change from 0 to 4096 [ 491.040292][ T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 491.263371][ T2443] team0 (unregistering): Port device team_slave_1 removed [ 491.347441][ T2443] team0 (unregistering): Port device team_slave_0 removed [ 491.440235][ T5073] Bluetooth: hci2: command tx timeout [ 491.943883][ T10] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 491.953416][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.027718][ T10] usb 2-1: config 0 descriptor?? [ 492.161253][ T8452] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 492.230559][ T8452] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 492.330441][ T8452] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 492.392119][ T8452] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 492.434936][ T8516] chnl_net:caif_netlink_parms(): no params data found [ 492.509838][ T10] [drm:udl_init] *ERROR* Selecting channel failed [ 492.593838][ T10] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2 [ 492.602140][ T10] [drm] Initialized udl on minor 2 [ 492.660520][ T10] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 492.669952][ T10] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 492.719267][ T5125] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 492.753855][ T5125] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 492.762642][ T5125] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 492.770323][ T10] usb 2-1: USB disconnect, device number 4 [ 493.519842][ T5073] Bluetooth: hci2: command tx timeout [ 493.568057][ T8452] 8021q: adding VLAN 0 to HW filter on device bond0 [ 493.686554][ T8452] 8021q: adding VLAN 0 to HW filter on device team0 [ 493.712977][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 493.885974][ T781] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.893807][ T781] bridge0: port 1(bridge_slave_0) entered forwarding state [ 493.931163][ T8516] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.938596][ T8516] bridge0: port 1(bridge_slave_0) entered disabled state [ 493.946235][ T8516] bridge_slave_0: entered allmulticast mode [ 493.954285][ T8516] bridge_slave_0: entered promiscuous mode [ 493.977747][ T8558] warning: `syz-executor.0' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 494.096552][ T781] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.104448][ T781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 494.128243][ T8516] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.135848][ T8516] bridge0: port 2(bridge_slave_1) entered disabled state [ 494.143402][ T8516] bridge_slave_1: entered allmulticast mode [ 494.151485][ T8516] bridge_slave_1: entered promiscuous mode [ 494.508007][ T8516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 494.636661][ T8516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 494.888069][ T8516] team0: Port device team_slave_0 added [ 494.980227][ T8516] team0: Port device team_slave_1 added [ 495.233781][ T8516] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 495.241012][ T8516] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 495.269419][ T8516] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 495.306582][ T8516] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 495.314624][ T8516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 495.342825][ T8516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 495.467862][ T8566] loop1: detected capacity change from 0 to 4096 [ 495.571478][ T8566] NILFS (loop1): invalid segment: Checksum error in segment payload [ 495.579913][ T8566] NILFS (loop1): trying rollback from an earlier position [ 495.619077][ T5073] Bluetooth: hci2: command tx timeout [ 495.675690][ T8566] NILFS (loop1): recovery complete [ 495.768123][ T8574] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 495.847270][ T8516] hsr_slave_0: entered promiscuous mode [ 495.885338][ T8516] hsr_slave_1: entered promiscuous mode [ 496.499429][ T781] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 496.512925][ T2443] IPVS: stop unused estimator thread 0... [ 496.659066][ T8586] loop1: detected capacity change from 0 to 256 [ 496.909664][ T781] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 496.920138][ T781] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 496.953998][ T781] usb 1-1: config 0 descriptor?? [ 497.088100][ T8452] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 497.314140][ T25] IPVS: starting estimator thread 0... [ 497.333046][ T8516] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 497.398622][ T8516] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 497.430017][ T8593] IPVS: using max 240 ests per chain, 12000 per kthread [ 497.460489][ T8516] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 497.535373][ T8516] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 497.548611][ T781] [drm:udl_init] *ERROR* Selecting channel failed [ 497.610171][ T781] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 497.617889][ T781] [drm] Initialized udl on minor 2 [ 497.673247][ T781] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 497.689941][ T5073] Bluetooth: hci2: command tx timeout [ 497.697757][ T781] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 497.739427][ T5132] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 497.795953][ T781] usb 1-1: USB disconnect, device number 7 [ 497.808042][ T5132] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 497.817137][ T5132] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 498.280918][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 498.661051][ T8516] 8021q: adding VLAN 0 to HW filter on device bond0 [ 498.671359][ T8608] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 498.789454][ T8516] 8021q: adding VLAN 0 to HW filter on device team0 [ 498.845669][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 498.853453][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 498.944179][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 498.951949][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 499.491004][ T8452] veth0_vlan: entered promiscuous mode [ 499.622774][ T8452] veth1_vlan: entered promiscuous mode [ 499.940255][ T8452] veth0_macvtap: entered promiscuous mode [ 499.990643][ T8452] veth1_macvtap: entered promiscuous mode [ 500.208683][ T8452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 500.220283][ T8452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.230423][ T8452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 500.242821][ T8452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.253414][ T8452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 500.265296][ T8452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.280505][ T8452] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 500.345713][ T8618] loop0: detected capacity change from 0 to 4096 [ 500.382275][ T8452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 500.393498][ T8452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.404326][ T8452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 500.415494][ T8452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.425749][ T8452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 500.436649][ T8452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.451512][ T8452] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 500.516184][ T8618] NILFS (loop0): invalid segment: Checksum error in segment payload [ 500.525503][ T8618] NILFS (loop0): trying rollback from an earlier position [ 500.567343][ T8452] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.577865][ T8452] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.587222][ T8452] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.596494][ T8452] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 500.705314][ T8618] NILFS (loop0): recovery complete [ 500.767303][ T8516] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 500.804683][ T5073] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201' [ 500.814649][ T5073] CPU: 1 PID: 5073 Comm: kworker/u9:2 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 500.824726][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 500.835048][ T5073] Workqueue: hci5 hci_rx_work [ 500.840134][ T5073] Call Trace: [ 500.843602][ T5073] [ 500.846748][ T5073] dump_stack_lvl+0x216/0x2d0 [ 500.851826][ T5073] dump_stack+0x1e/0x30 [ 500.856324][ T5073] sysfs_create_dir_ns+0x45f/0x4c0 [ 500.861791][ T5073] kobject_add_internal+0xfe7/0x1900 [ 500.867473][ T5073] kobject_add+0x28c/0x3c0 [ 500.871256][ T8630] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 500.872180][ T5073] ? kmsan_get_metadata+0x146/0x1d0 [ 500.872361][ T5073] device_add+0xa93/0x1c90 [ 500.892892][ T5073] hci_conn_add_sysfs+0x161/0x2c0 [ 500.898319][ T5073] le_conn_complete_evt+0x1975/0x1f40 [ 500.904085][ T5073] hci_le_enh_conn_complete_evt+0x15e/0x210 [ 500.910325][ T5073] hci_le_meta_evt+0x600/0x850 [ 500.915399][ T5073] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 500.922195][ T5073] hci_event_packet+0x1118/0x1bc0 [ 500.927505][ T5073] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 500.933115][ T5073] hci_rx_work+0x687/0x1130 [ 500.937918][ T5073] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 500.944010][ T5073] ? __pfx_hci_rx_work+0x10/0x10 [ 500.949275][ T5073] ? __pfx_hci_rx_work+0x10/0x10 [ 500.954547][ T5073] process_scheduled_works+0xa81/0x1bd0 [ 500.960463][ T5073] worker_thread+0xea5/0x1560 [ 500.965463][ T5073] kthread+0x3e2/0x540 [ 500.969879][ T5073] ? __pfx_worker_thread+0x10/0x10 [ 500.975295][ T5073] ? __pfx_kthread+0x10/0x10 [ 500.980228][ T5073] ret_from_fork+0x6d/0x90 [ 500.984905][ T5073] ? __pfx_kthread+0x10/0x10 [ 500.989818][ T5073] ret_from_fork_asm+0x1a/0x30 [ 500.994896][ T5073] [ 501.002733][ T5073] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 501.017845][ T5073] Bluetooth: hci5: failed to register connection device [ 501.394567][ T8516] veth0_vlan: entered promiscuous mode [ 501.406434][ T43] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 501.472694][ T8516] veth1_vlan: entered promiscuous mode [ 501.749878][ T8516] veth0_macvtap: entered promiscuous mode [ 501.819883][ T8516] veth1_macvtap: entered promiscuous mode [ 501.830982][ T43] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 501.840537][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.862458][ T43] usb 3-1: config 0 descriptor?? [ 501.926029][ T8516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 501.937061][ T8516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.948111][ T8516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 501.959145][ T8516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.969194][ T8516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 501.979920][ T8516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 501.990067][ T8516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 502.000752][ T8516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 502.015757][ T8516] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 502.083811][ T8516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 502.094543][ T8516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 502.104673][ T8516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 502.116765][ T8516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 502.127217][ T8516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 502.137905][ T8516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 502.148014][ T8516] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 502.158675][ T8516] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 502.172405][ T8516] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 502.190742][ T5129] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 502.210320][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 502.279273][ T8516] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.288289][ T8516] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.297466][ T8516] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.306782][ T8516] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.379477][ T5129] usb 1-1: device descriptor read/64, error -71 [ 502.403239][ T43] [drm:udl_init] *ERROR* Selecting channel failed [ 502.514291][ T43] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 502.525416][ T43] [drm] Initialized udl on minor 2 [ 502.556948][ T43] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 502.567836][ T43] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 502.593179][ T5135] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 502.624523][ T43] usb 3-1: USB disconnect, device number 9 [ 502.643002][ T5135] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 502.651707][ T5135] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 502.699523][ T5129] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 502.919076][ T5129] usb 1-1: device descriptor read/64, error -71 [ 503.045480][ T5129] usb usb1-port1: attempt power cycle [ 503.500742][ T5129] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 503.621519][ T5129] usb 1-1: device descriptor read/8, error -71 [ 503.900236][ T5129] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 504.009870][ T5129] usb 1-1: device descriptor read/8, error -71 [ 504.152398][ T5129] usb usb1-port1: unable to enumerate USB device [ 505.070557][ T5073] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 505.080981][ T5073] CPU: 1 PID: 5073 Comm: kworker/u9:2 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 505.091061][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 505.101370][ T5073] Workqueue: hci0 hci_rx_work [ 505.106389][ T5073] Call Trace: [ 505.109903][ T5073] [ 505.113055][ T5073] dump_stack_lvl+0x216/0x2d0 [ 505.118062][ T5073] dump_stack+0x1e/0x30 [ 505.122542][ T5073] sysfs_create_dir_ns+0x45f/0x4c0 [ 505.127959][ T5073] kobject_add_internal+0xfe7/0x1900 [ 505.133572][ T5073] kobject_add+0x28c/0x3c0 [ 505.138322][ T5073] ? kmsan_get_metadata+0x146/0x1d0 [ 505.143813][ T5073] device_add+0xa93/0x1c90 [ 505.148532][ T5073] hci_conn_add_sysfs+0x161/0x2c0 [ 505.153875][ T5073] le_conn_complete_evt+0x1975/0x1f40 [ 505.159547][ T5073] hci_le_enh_conn_complete_evt+0x15e/0x210 [ 505.165748][ T5073] hci_le_meta_evt+0x600/0x850 [ 505.170813][ T5073] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 505.177556][ T5073] hci_event_packet+0x1118/0x1bc0 [ 505.182830][ T5073] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 505.188416][ T5073] hci_rx_work+0x687/0x1130 [ 505.193211][ T5073] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 505.199291][ T5073] ? __pfx_hci_rx_work+0x10/0x10 [ 505.204495][ T5073] ? __pfx_hci_rx_work+0x10/0x10 [ 505.209685][ T5073] process_scheduled_works+0xa81/0x1bd0 [ 505.215521][ T5073] worker_thread+0xea5/0x1560 [ 505.220506][ T5073] kthread+0x3e2/0x540 [ 505.224820][ T5073] ? __pfx_worker_thread+0x10/0x10 [ 505.230194][ T5073] ? __pfx_kthread+0x10/0x10 [ 505.235023][ T5073] ret_from_fork+0x6d/0x90 [ 505.239668][ T5073] ? __pfx_kthread+0x10/0x10 [ 505.244544][ T5073] ret_from_fork_asm+0x1a/0x30 [ 505.249601][ T5073] [ 505.254712][ T5073] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 505.269109][ T5073] Bluetooth: hci0: failed to register connection device [ 506.262809][ T43] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 506.451309][ T5129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 506.459639][ T5129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 506.521733][ T5132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 506.529908][ T5132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 506.699732][ T43] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 506.709394][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.755663][ T43] usb 3-1: config 0 descriptor?? [ 507.301043][ T43] [drm:udl_init] *ERROR* Selecting channel failed [ 507.372324][ T43] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 507.380231][ T43] [drm] Initialized udl on minor 2 [ 507.413655][ T43] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 507.423640][ T43] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 507.452095][ T5129] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 507.476432][ T43] usb 3-1: USB disconnect, device number 10 [ 507.490918][ T5129] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 507.499700][ T5129] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 508.032733][ T8721] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 508.204240][ T5132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 508.212425][ T5132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 508.243499][ T5075] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 508.255540][ T5075] CPU: 1 PID: 5075 Comm: kworker/u9:3 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 508.265715][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 508.276062][ T5075] Workqueue: hci4 hci_rx_work [ 508.281104][ T5075] Call Trace: [ 508.284607][ T5075] [ 508.287741][ T5075] dump_stack_lvl+0x216/0x2d0 [ 508.292773][ T5075] dump_stack+0x1e/0x30 [ 508.297219][ T5075] sysfs_create_dir_ns+0x45f/0x4c0 [ 508.302678][ T5075] kobject_add_internal+0xfe7/0x1900 [ 508.308257][ T5075] kobject_add+0x28c/0x3c0 [ 508.313026][ T5075] ? kmsan_get_metadata+0x146/0x1d0 [ 508.318535][ T5075] device_add+0xa93/0x1c90 [ 508.323241][ T5075] hci_conn_add_sysfs+0x161/0x2c0 [ 508.328638][ T5075] le_conn_complete_evt+0x1975/0x1f40 [ 508.334340][ T5075] hci_le_enh_conn_complete_evt+0x15e/0x210 [ 508.340533][ T5075] hci_le_meta_evt+0x600/0x850 [ 508.345622][ T5075] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 508.352430][ T5075] hci_event_packet+0x1118/0x1bc0 [ 508.357710][ T5075] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 508.363280][ T5075] hci_rx_work+0x687/0x1130 [ 508.368099][ T5075] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 508.374144][ T5075] ? __pfx_hci_rx_work+0x10/0x10 [ 508.379358][ T5075] ? __pfx_hci_rx_work+0x10/0x10 [ 508.384575][ T5075] process_scheduled_works+0xa81/0x1bd0 [ 508.390422][ T5075] worker_thread+0xea5/0x1560 [ 508.395358][ T5075] kthread+0x3e2/0x540 [ 508.399738][ T5075] ? __pfx_worker_thread+0x10/0x10 [ 508.405116][ T5075] ? __pfx_kthread+0x10/0x10 [ 508.409984][ T5075] ret_from_fork+0x6d/0x90 [ 508.414626][ T5075] ? __pfx_kthread+0x10/0x10 [ 508.419475][ T5075] ret_from_fork_asm+0x1a/0x30 [ 508.424510][ T5075] [ 508.429219][ T5075] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 508.449159][ T5075] Bluetooth: hci4: failed to register connection device [ 508.484565][ T781] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 508.492763][ T781] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 511.344881][ T5075] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 513.467559][ T5075] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 513.827234][ T8795] infiniband syz2: set active [ 515.683331][ T5075] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 515.693382][ T5075] CPU: 1 PID: 5075 Comm: kworker/u9:3 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 515.703459][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 515.713753][ T5075] Workqueue: hci1 hci_rx_work [ 515.718744][ T5075] Call Trace: [ 515.722203][ T5075] [ 515.725351][ T5075] dump_stack_lvl+0x216/0x2d0 [ 515.730409][ T5075] dump_stack+0x1e/0x30 [ 515.734858][ T5075] sysfs_create_dir_ns+0x45f/0x4c0 [ 515.740272][ T5075] kobject_add_internal+0xfe7/0x1900 [ 515.745875][ T5075] kobject_add+0x28c/0x3c0 [ 515.750673][ T5075] ? kmsan_get_metadata+0x146/0x1d0 [ 515.756197][ T5075] device_add+0xa93/0x1c90 [ 515.760989][ T5075] hci_conn_add_sysfs+0x161/0x2c0 [ 515.766372][ T5075] le_conn_complete_evt+0x1975/0x1f40 [ 515.772148][ T5075] hci_le_enh_conn_complete_evt+0x15e/0x210 [ 515.778387][ T5075] hci_le_meta_evt+0x600/0x850 [ 515.783455][ T5075] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 515.790210][ T5075] hci_event_packet+0x1118/0x1bc0 [ 515.795531][ T5075] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 515.801205][ T5075] hci_rx_work+0x687/0x1130 [ 515.806044][ T5075] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 515.812192][ T5075] ? __pfx_hci_rx_work+0x10/0x10 [ 515.817421][ T5075] ? __pfx_hci_rx_work+0x10/0x10 [ 515.822687][ T5075] process_scheduled_works+0xa81/0x1bd0 [ 515.828557][ T5075] worker_thread+0xea5/0x1560 [ 515.833544][ T5075] kthread+0x3e2/0x540 [ 515.837916][ T5075] ? __pfx_worker_thread+0x10/0x10 [ 515.843331][ T5075] ? __pfx_kthread+0x10/0x10 [ 515.848247][ T5075] ret_from_fork+0x6d/0x90 [ 515.852979][ T5075] ? __pfx_kthread+0x10/0x10 [ 515.857870][ T5075] ret_from_fork_asm+0x1a/0x30 [ 515.862949][ T5075] [ 515.870459][ T5075] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 515.889372][ T5075] Bluetooth: hci1: failed to register connection device [ 516.790890][ T8847] netlink: 'syz-executor.2': attribute type 63 has an invalid length. [ 516.799628][ T8847] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'. [ 517.572523][ T8863] infiniband syz2: set active [ 517.731929][ T5075] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 519.179929][ T5075] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 519.189864][ T5075] CPU: 0 PID: 5075 Comm: kworker/u9:3 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 519.199949][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 519.210282][ T5075] Workqueue: hci2 hci_rx_work [ 519.215275][ T5075] Call Trace: [ 519.218726][ T5075] [ 519.221837][ T5075] dump_stack_lvl+0x216/0x2d0 [ 519.226854][ T5075] dump_stack+0x1e/0x30 [ 519.231307][ T5075] sysfs_create_dir_ns+0x45f/0x4c0 [ 519.236774][ T5075] kobject_add_internal+0xfe7/0x1900 [ 519.242378][ T5075] kobject_add+0x28c/0x3c0 [ 519.247127][ T5075] ? kmsan_get_metadata+0x146/0x1d0 [ 519.252620][ T5075] device_add+0xa93/0x1c90 [ 519.257299][ T5075] hci_conn_add_sysfs+0x161/0x2c0 [ 519.262602][ T5075] le_conn_complete_evt+0x1975/0x1f40 [ 519.268264][ T5075] hci_le_enh_conn_complete_evt+0x15e/0x210 [ 519.274441][ T5075] hci_le_meta_evt+0x600/0x850 [ 519.279467][ T5075] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 519.286230][ T5075] hci_event_packet+0x1118/0x1bc0 [ 519.291544][ T5075] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 519.297108][ T5075] hci_rx_work+0x687/0x1130 [ 519.301878][ T5075] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 519.307954][ T5075] ? __pfx_hci_rx_work+0x10/0x10 [ 519.313140][ T5075] ? __pfx_hci_rx_work+0x10/0x10 [ 519.318323][ T5075] process_scheduled_works+0xa81/0x1bd0 [ 519.324146][ T5075] worker_thread+0xea5/0x1560 [ 519.329089][ T5075] kthread+0x3e2/0x540 [ 519.333435][ T5075] ? __pfx_worker_thread+0x10/0x10 [ 519.338802][ T5075] ? __pfx_kthread+0x10/0x10 [ 519.343678][ T5075] ret_from_fork+0x6d/0x90 [ 519.348323][ T5075] ? __pfx_kthread+0x10/0x10 [ 519.353158][ T5075] ret_from_fork_asm+0x1a/0x30 [ 519.358188][ T5075] [ 519.365001][ T5075] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 519.379922][ T5075] Bluetooth: hci2: failed to register connection device [ 519.915159][ T8912] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 521.134185][ T5073] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 521.728002][ T8954] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 521.877432][ T8961] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 522.159060][ T5073] Bluetooth: hci5: command tx timeout [ 523.895168][ T8996] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 524.319258][ T5073] Bluetooth: hci0: command 0x0406 tx timeout [ 526.115539][ T9035] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 526.225519][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.232513][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 526.727864][ T5073] Bluetooth: hci4: command 0x0406 tx timeout [ 528.829905][ T9075] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 529.551732][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 529.707285][ T5073] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 529.919234][ T5073] Bluetooth: hci2: command tx timeout [ 531.174364][ T9113] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 531.940911][ T5073] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection [ 532.400087][ T5075] Bluetooth: hci4: command 0x0406 tx timeout [ 534.795650][ T5075] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 534.805207][ T5075] Bluetooth: hci5: command tx timeout [ 535.721360][ T5075] Bluetooth: hci0: Ignoring HCI_Sync_Conn_Complete event for existing connection [ 537.104457][ T5075] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 538.670332][ T9231] infiniband syz2: set active [ 538.905961][ T9232] infiniband syz2: set active [ 539.810813][ T5073] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 541.097363][ T9271] infiniband syz2: set active [ 541.343567][ T9273] infiniband syz2: set active [ 542.474310][ T5075] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 543.031538][ T5075] Bluetooth: hci5: Ignoring HCI_Sync_Conn_Complete event for existing connection [ 546.953939][ T5075] Bluetooth: hci4: Ignoring HCI_Sync_Conn_Complete event for existing connection [ 547.640720][ T9394] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 547.801691][ T29] audit: type=1804 audit(1717461819.038:62): pid=9395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1166802181/syzkaller.F1ROFy/53/file0" dev="sda1" ino=1964 res=1 errno=0 [ 549.684564][ T9432] loop3: detected capacity change from 0 to 256 [ 549.736282][ T9432] exfat: Deprecated parameter 'utf8' [ 549.742562][ T9432] exfat: Deprecated parameter 'namecase' [ 549.749164][ T9432] exfat: Deprecated parameter 'utf8' [ 549.881457][ T9432] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 551.059317][ T9448] loop0: detected capacity change from 0 to 4096 [ 551.097280][ T9448] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 551.928244][ T9458] 9pnet: Could not find request transport: 0xffffffffffffffff [ 552.813079][ T9467] infiniband syz2: set active [ 553.052918][ T9467] infiniband syz2: set active [ 555.930711][ T9505] loop3: detected capacity change from 0 to 1024 [ 556.812347][ T9522] loop2: detected capacity change from 0 to 256 [ 556.864612][ T9524] loop1: detected capacity change from 0 to 256 [ 557.256423][ T9524] FAT-fs (loop1): error, clusters badly computed (2 != 1) [ 557.415709][ T9531] loop4: detected capacity change from 0 to 512 [ 557.527843][ T9531] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 557.606277][ T9531] EXT4-fs (loop4): 1 truncate cleaned up [ 557.613517][ T9531] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 558.679340][ T9542] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 558.815547][ T9524] FAT-fs (loop1): error, fat_get_cluster: detected the cluster chain loop (i_pos 198) [ 559.524541][ T8452] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.867428][ T9554] loop1: detected capacity change from 0 to 512 [ 559.954461][ T9554] EXT4-fs (loop1): Number of reserved GDT blocks insanely large: 2048 [ 560.459403][ T9569] loop1: detected capacity change from 0 to 256 [ 560.798393][ T9569] FAT-fs (loop1): error, clusters badly computed (2 != 1) [ 561.961751][ T29] audit: type=1326 audit(1717461833.188:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9574 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 561.985155][ T29] audit: type=1326 audit(1717461833.188:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9574 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedc787cee9 code=0x7ffc0000 [ 562.380019][ T9569] FAT-fs (loop1): error, fat_get_cluster: detected the cluster chain loop (i_pos 198) [ 564.082826][ T5073] Bluetooth: hci5: command 0x0406 tx timeout [ 564.461101][ T9615] loop3: detected capacity change from 0 to 256 [ 564.742569][ T9615] FAT-fs (loop3): error, clusters badly computed (2 != 1) [ 566.304395][ T9615] FAT-fs (loop3): error, fat_get_cluster: detected the cluster chain loop (i_pos 198) [ 568.220449][ T9653] loop4: detected capacity change from 0 to 128 [ 568.300304][ T9653] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 568.407595][ T9653] FAT-fs (loop4): error, invalid access to FAT (entry 0x0affffff) [ 568.416293][ T9653] FAT-fs (loop4): Filesystem has been set read-only [ 568.440828][ T29] audit: type=1800 audit(1717461839.678:65): pid=9653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="loop4" ino=1048635 res=0 errno=0 [ 568.504619][ T9653] FAT-fs (loop4): error, invalid access to FAT (entry 0x0affffff) [ 568.542999][ T9656] loop1: detected capacity change from 0 to 256 [ 569.089210][ T8452] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 569.106465][ T9656] FAT-fs (loop1): error, clusters badly computed (2 != 1) [ 569.605686][ T9669] infiniband syz2: set active [ 569.889861][ T9669] infiniband syz2: set active [ 569.962461][ T5075] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 570.731796][ T9656] FAT-fs (loop1): error, fat_get_cluster: detected the cluster chain loop (i_pos 198) [ 570.854081][ T29] audit: type=1800 audit(1717461842.078:66): pid=9677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1958 res=0 errno=0 [ 570.899615][ T781] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 571.319341][ T781] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 571.333167][ T781] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 571.344952][ T781] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 25 [ 571.440572][ T781] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 571.450035][ T781] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 571.458282][ T781] usb 3-1: SerialNumber: syz [ 571.521175][ T9676] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 571.570991][ T781] cdc_acm 3-1:1.0: Control and data interfaces are not separated! [ 571.649996][ T9693] loop4: detected capacity change from 0 to 128 [ 571.673271][ T9693] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 571.759384][ T9697] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 571.781760][ T9676] capability: warning: `syz-executor.2' uses 32-bit capabilities (legacy support in use) [ 571.785397][ T9693] FAT-fs (loop4): error, invalid access to FAT (entry 0x0affffff) [ 571.800773][ T9693] FAT-fs (loop4): Filesystem has been set read-only [ 571.801858][ T29] audit: type=1800 audit(1717461843.078:67): pid=9693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="loop4" ino=1048638 res=0 errno=0 [ 571.814037][ T9693] FAT-fs (loop4): error, invalid access to FAT (entry 0x0affffff) [ 571.878175][ T9676] loop2: detected capacity change from 0 to 1024 [ 571.941216][ T781] cdc_acm 3-1:1.0: ttyACM0: USB ACM device [ 571.965595][ T781] usb 3-1: USB disconnect, device number 11 [ 572.585673][ T2443] hfsplus: b-tree write err: -5, ino 4 [ 572.774112][ T8452] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 572.863699][ T9706] Invalid ELF header len 8 [ 572.962258][ T5073] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 573.722666][ T9726] loop2: detected capacity change from 0 to 256 [ 574.002884][ T9726] FAT-fs (loop2): Directory bread(block 64) failed [ 574.009862][ T9726] FAT-fs (loop2): Directory bread(block 65) failed [ 574.016827][ T9726] FAT-fs (loop2): Directory bread(block 66) failed [ 574.023783][ T9726] FAT-fs (loop2): Directory bread(block 67) failed [ 574.024076][ T9726] FAT-fs (loop2): Directory bread(block 68) failed [ 574.037447][ T9726] FAT-fs (loop2): Directory bread(block 69) failed [ 574.044719][ T9726] FAT-fs (loop2): Directory bread(block 70) failed [ 574.051558][ T9726] FAT-fs (loop2): Directory bread(block 71) failed [ 574.058427][ T9726] FAT-fs (loop2): Directory bread(block 72) failed [ 574.065271][ T9726] FAT-fs (loop2): Directory bread(block 73) failed [ 574.217416][ T29] audit: type=1800 audit(1717461845.488:68): pid=9726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=1048639 res=0 errno=0 [ 574.289519][ T5132] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 574.529234][ T5132] usb 4-1: Using ep0 maxpacket: 16 [ 574.670717][ T5132] usb 4-1: config 0 has no interfaces? [ 574.676500][ T5132] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 574.686156][ T5132] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 574.769653][ T5132] usb 4-1: config 0 descriptor?? [ 574.775595][ T5125] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 575.053296][ T5132] usb 4-1: USB disconnect, device number 8 [ 575.066916][ T5125] usb 2-1: Using ep0 maxpacket: 16 [ 576.564413][ T5073] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 576.638729][ C0] sched: RT throttling activated [ 577.259193][ T5125] usb 2-1: New USB device found, idVendor=19d2, idProduct=0161, bcdDevice= b.cb [ 577.271038][ T5125] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.279961][ T5125] usb 2-1: Product: syz [ 577.284357][ T5125] usb 2-1: Manufacturer: syz [ 577.289245][ T5125] usb 2-1: SerialNumber: syz [ 577.312565][ T5125] usb 2-1: config 0 descriptor?? [ 577.371285][ T5125] option 2-1:0.0: GSM modem (1-port) converter detected [ 577.513016][ T25] usb 2-1: USB disconnect, device number 5 [ 577.522223][ T25] option 2-1:0.0: device disconnected [ 577.999429][ T5125] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 578.399867][ T5125] usb 5-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 578.409710][ T5125] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 578.461033][ T5125] usb 5-1: config 0 descriptor?? [ 578.810585][ T25] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 578.872749][ T5075] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 579.129770][ T5125] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 579.141169][ T5125] asix 5-1:0.0: probe with driver asix failed with error -71 [ 579.162175][ T5125] usb 5-1: USB disconnect, device number 7 [ 579.180143][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 579.192133][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 579.202456][ T25] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 579.211846][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.228670][ T25] usb 2-1: config 0 descriptor?? [ 579.439558][ T5129] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 579.489928][ T9775] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 579.499032][ T9775] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 579.837008][ T5129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 579.848889][ T5129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 579.859086][ T5129] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 579.868399][ T5129] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.895931][ T5129] usb 3-1: config 0 descriptor?? [ 580.229453][ T9787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 580.241030][ T9787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 580.502220][ T25] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0002/input/input6 [ 580.600444][ T25] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0002/input/input7 [ 580.635404][ T25] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0002/input/input8 [ 580.702959][ T25] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0002/input/input9 [ 580.767191][ T25] uclogic 0003:256C:006D.0002: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0 [ 580.795826][ T25] usb 2-1: USB disconnect, device number 6 [ 581.285635][ T5129] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input10 [ 581.332362][ T5075] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 581.390037][ T5129] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input11 [ 581.428636][ T5129] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input12 [ 581.462101][ T5129] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input13 [ 581.513135][ T5129] uclogic 0003:256C:006D.0003: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0 [ 581.563946][ T5129] usb 3-1: USB disconnect, device number 12 [ 585.190246][ T25] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 585.328190][ T5073] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 585.439032][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 585.559315][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 585.572235][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 585.583884][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 585.593516][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 585.620822][ T25] usb 2-1: config 0 descriptor?? [ 585.640140][ T9844] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 585.684481][ T25] hub 2-1:0.0: USB hub found [ 585.946261][ T25] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 586.181059][ T5129] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 586.368363][ T9859] evm: overlay not supported [ 586.430047][ T25] usbhid 2-1:0.0: can't add hid device: -71 [ 586.436737][ T25] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 586.454056][ T5129] usb 4-1: Using ep0 maxpacket: 8 [ 586.496352][ T25] usb 2-1: USB disconnect, device number 7 [ 586.589831][ T5129] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 586.601076][ T5129] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 586.611325][ T5129] usb 4-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00 [ 586.620827][ T5129] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 586.660911][ T5129] usb 4-1: config 0 descriptor?? [ 587.220921][ T9862] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 587.245191][ T5129] itetech 0003:048D:8595.0004: unexpected long global item [ 587.258652][ T5129] itetech 0003:048D:8595.0004: probe with driver itetech failed with error -22 [ 587.370513][ T5129] usb 4-1: USB disconnect, device number 9 [ 587.617006][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.624185][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 588.151452][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 588.393427][ T9871] capability: warning: `syz-executor.1' uses deprecated v2 capabilities in a way that may be insecure [ 588.676147][ T9873] loop3: detected capacity change from 0 to 512 [ 589.451432][ T9879] loop4: detected capacity change from 0 to 4096 [ 590.034813][ T9879] ntfs3: loop4: failed to convert "0080" to macinuit [ 590.042086][ T9879] ntfs3: loop4: failed to convert name for inode 1e. [ 590.754607][ T5073] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 590.764251][ T5073] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 590.784747][ T5073] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 590.806232][ T5073] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 590.827894][ T5073] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 590.838644][ T5073] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 591.676330][ T9907] loop3: detected capacity change from 0 to 256 [ 592.201485][ T9897] chnl_net:caif_netlink_parms(): no params data found [ 592.302314][ T5125] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 592.644238][ T9920] infiniband syz2: set active [ 592.712700][ T5125] usb 5-1: Using ep0 maxpacket: 32 [ 592.867211][ T9923] infiniband syz2: set active [ 592.969068][ T5075] Bluetooth: hci3: command tx timeout [ 593.022494][ T5125] usb 5-1: config 0 has no interfaces? [ 593.209563][ T5125] usb 5-1: New USB device found, idVendor=1b3d, idProduct=931e, bcdDevice=d1.78 [ 593.218995][ T5125] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 593.227318][ T5125] usb 5-1: Product: syz [ 593.231932][ T5125] usb 5-1: Manufacturer: syz [ 593.236813][ T5125] usb 5-1: SerialNumber: syz [ 593.324780][ T5125] usb 5-1: config 0 descriptor?? [ 593.362076][ T9897] bridge0: port 1(bridge_slave_0) entered blocking state [ 593.372547][ T9897] bridge0: port 1(bridge_slave_0) entered disabled state [ 593.380303][ T9897] bridge_slave_0: entered allmulticast mode [ 593.389305][ T9897] bridge_slave_0: entered promiscuous mode [ 593.412326][ T9897] bridge0: port 2(bridge_slave_1) entered blocking state [ 593.420112][ T9897] bridge0: port 2(bridge_slave_1) entered disabled state [ 593.427798][ T9897] bridge_slave_1: entered allmulticast mode [ 593.436967][ T9897] bridge_slave_1: entered promiscuous mode [ 593.609441][ T9897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 593.634099][ T25] usb 5-1: USB disconnect, device number 8 [ 593.643881][ T9897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 593.738972][ T5129] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 593.849759][ T9897] team0: Port device team_slave_0 added [ 593.880334][ T9897] team0: Port device team_slave_1 added [ 594.041626][ T9897] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 594.048949][ T9897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 594.078307][ T9897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 594.149634][ T5129] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 594.153876][ T9897] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 594.161785][ T5129] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 594.171482][ T9897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 594.178092][ T5129] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 594.206109][ T9897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 594.213434][ T5129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 594.268525][ T5129] usb 2-1: config 0 descriptor?? [ 594.515342][ T9897] hsr_slave_0: entered promiscuous mode [ 594.526020][ T9897] hsr_slave_1: entered promiscuous mode [ 594.552718][ T9897] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 594.560722][ T9897] Cannot create hsr debugfs directory [ 594.850037][ T5129] usb 2-1: string descriptor 0 read error: -71 [ 594.911331][ T5129] usb 2-1: USB disconnect, device number 8 [ 595.032415][ T9944] overlayfs: failed to resolve './file0': -2 [ 595.054621][ T5075] Bluetooth: hci3: command tx timeout [ 595.181894][ T9897] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.327516][ T9897] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.507964][ T9897] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.678191][ T9947] rtc_cmos 00:00: Alarms can be up to one day in the future [ 595.865585][ T9897] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 596.938481][ T9897] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 597.028593][ T9897] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 597.143110][ T9897] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 597.167256][ T5075] Bluetooth: hci3: command tx timeout [ 597.244563][ T9897] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 598.870030][ T9973] syz-executor.4[9973] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 598.871542][ T9897] 8021q: adding VLAN 0 to HW filter on device bond0 [ 598.878379][ T9973] syz-executor.4[9973] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 599.045468][ T29] audit: type=1800 audit(1717461870.288:69): pid=9976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="overlay" ino=1963 res=0 errno=0 [ 599.078938][ T29] audit: type=1800 audit(1717461870.318:70): pid=9975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1969 res=0 errno=0 [ 599.087255][ T9897] 8021q: adding VLAN 0 to HW filter on device team0 [ 599.144105][ T9977] xt_bpf: check failed: parse error [ 599.177946][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state [ 599.185778][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 599.199231][ T5075] Bluetooth: hci3: command tx timeout [ 599.331584][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state [ 599.339475][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 601.950753][ T9897] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 602.365646][ T9897] veth0_vlan: entered promiscuous mode [ 602.467826][ T9897] veth1_vlan: entered promiscuous mode [ 602.742799][ T9897] veth0_macvtap: entered promiscuous mode [ 602.798023][ T9897] veth1_macvtap: entered promiscuous mode [ 602.980129][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 602.990887][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.001008][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 603.011740][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.021851][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 603.032673][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.042833][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 603.053553][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.063661][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 603.075618][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.090981][ T9897] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 603.396364][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 603.407173][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.417295][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 603.428341][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.438640][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 603.449673][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.459845][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 603.470573][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.481229][ T9897] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 603.495071][ T9897] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 603.510881][ T9897] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 603.735038][T10012] infiniband syz2: set active [ 603.901095][T10014] infiniband syz2: set active [ 603.980421][ T9897] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 603.989636][ T9897] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 603.999971][ T9897] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 604.009102][ T9897] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 604.805622][T10030] cgroup: Bad value for 'name' [ 605.040348][ T5073] Bluetooth: hci1: command 0x0406 tx timeout [ 605.822665][ T29] audit: type=1326 audit(1717461876.988:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10032 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feeb047cee9 code=0x0 [ 606.388956][ T29] audit: type=1804 audit(1717461877.598:72): pid=10037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1166802181/syzkaller.F1ROFy/126/cgroup.controllers" dev="sda1" ino=1945 res=1 errno=0 [ 607.122138][T10048] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 607.196285][T10048] bond1: entered promiscuous mode [ 607.361419][T10048] 8021q: adding VLAN 0 to HW filter on device bond2 [ 607.378359][T10048] bond1: (slave bond2): Enslaving as an active interface with a down link [ 609.889403][ T29] audit: type=1326 audit(1717461881.158:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10096 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc12b67cee9 code=0x0 [ 610.319800][ T29] audit: type=1804 audit(1717461881.578:74): pid=10101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3142727706/syzkaller.IfQ4AJ/154/cgroup.controllers" dev="sda1" ino=1963 res=1 errno=0 [ 611.293159][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 611.301428][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 611.346331][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 611.354726][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 611.927438][T10121] loop2: detected capacity change from 0 to 8192 [ 612.624914][T10137] syz-executor.4(10137): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 612.772879][ T29] audit: type=1326 audit(1717461884.058:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feeb047cee9 code=0x0 [ 613.437957][ T29] audit: type=1804 audit(1717461884.688:76): pid=10151 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1166802181/syzkaller.F1ROFy/135/cgroup.controllers" dev="sda1" ino=1943 res=1 errno=0 [ 613.736971][T10155] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 613.743772][T10155] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 613.752112][T10155] vhci_hcd vhci_hcd.0: Device attached [ 613.803434][T10157] vhci_hcd: connection closed [ 614.086328][T10154] ===================================================== [ 614.098337][T10154] BUG: KMSAN: uninit-value in strnchr+0x90/0xd0 [ 614.104789][T10154] strnchr+0x90/0xd0 [ 614.108874][T10154] bpf_bprintf_prepare+0x1c2/0x23c0 [ 614.114298][T10154] bpf_trace_printk+0xec/0x3e0 [ 614.119274][T10154] ___bpf_prog_run+0x13fe/0xe0f0 [ 614.124410][T10154] __bpf_prog_run32+0xb2/0xe0 [ 614.129269][T10154] bpf_trace_run5+0x16f/0x350 [ 614.131651][ T2412] vhci_hcd: stop threads [ 614.134070][T10154] __bpf_trace_signal_generate+0x45/0x60 [ 614.134231][T10154] send_sigqueue+0xc5e/0xd40 [ 614.134343][T10154] posix_timer_event+0xe7/0x180 [ 614.134485][T10154] cpu_timer_fire+0x249/0x2e0 [ 614.134607][T10154] posix_cpu_timers_work+0x16ca/0x1d00 [ 614.134729][T10154] task_work_run+0x268/0x310 [ 614.134871][T10154] syscall_exit_to_user_mode+0xce/0x160 [ 614.135010][T10154] do_syscall_64+0xdc/0x1e0 [ 614.135145][T10154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 614.135348][T10154] [ 614.135370][T10154] Local variable stack created at: [ 614.135403][T10154] __bpf_prog_run32+0x43/0xe0 [ 614.135517][T10154] bpf_trace_run5+0x16f/0x350 [ 614.135639][T10154] [ 614.135664][T10154] CPU: 1 PID: 10154 Comm: syz-executor.4 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 614.135789][T10154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 614.135859][T10154] ===================================================== [ 614.135896][T10154] Disabling lock debugging due to kernel taint [ 614.135947][T10154] Kernel panic - not syncing: kmsan.panic set ... [ 614.136000][T10154] CPU: 1 PID: 10154 Comm: syz-executor.4 Tainted: G B 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 614.136129][T10154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 614.136199][T10154] Call Trace: [ 614.136240][T10154] [ 614.136280][T10154] dump_stack_lvl+0x216/0x2d0 [ 614.136457][T10154] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 614.136612][T10154] dump_stack+0x1e/0x30 [ 614.136773][T10154] panic+0x4e2/0xcd0 [ 614.136957][T10154] ? kmsan_get_metadata+0xf1/0x1d0 [ 614.137092][T10154] kmsan_report+0x2d5/0x2e0 [ 614.137212][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.137328][T10154] ? __msan_warning+0x95/0x120 [ 614.137429][T10154] ? strnchr+0x90/0xd0 [ 614.137566][T10154] ? bpf_bprintf_prepare+0x1c2/0x23c0 [ 614.137721][T10154] ? bpf_trace_printk+0xec/0x3e0 [ 614.137863][T10154] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 614.137986][T10154] ? __bpf_prog_run32+0xb2/0xe0 [ 614.138108][T10154] ? bpf_trace_run5+0x16f/0x350 [ 614.138222][T10154] ? __bpf_trace_signal_generate+0x45/0x60 [ 614.138387][T10154] ? send_sigqueue+0xc5e/0xd40 [ 614.138500][T10154] ? posix_timer_event+0xe7/0x180 [ 614.138640][T10154] ? cpu_timer_fire+0x249/0x2e0 [ 614.138765][T10154] ? posix_cpu_timers_work+0x16ca/0x1d00 [ 614.138892][T10154] ? task_work_run+0x268/0x310 [ 614.139039][T10154] ? syscall_exit_to_user_mode+0xce/0x160 [ 614.139180][T10154] ? do_syscall_64+0xdc/0x1e0 [ 614.139320][T10154] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 614.139471][T10154] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 614.139599][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.139717][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.139833][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.139948][T10154] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 614.140079][T10154] ? filter_irq_stacks+0x60/0x1a0 [ 614.140242][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.140361][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.140477][T10154] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 614.140606][T10154] __msan_warning+0x95/0x120 [ 614.140706][T10154] strnchr+0x90/0xd0 [ 614.140850][T10154] bpf_bprintf_prepare+0x1c2/0x23c0 [ 614.141014][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.141129][T10154] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 614.141310][T10154] ? __msan_memcpy+0x108/0x1c0 [ 614.141477][T10154] bpf_trace_printk+0xec/0x3e0 [ 614.141627][T10154] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 614.141758][T10154] ___bpf_prog_run+0x13fe/0xe0f0 [ 614.141883][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.490456][T10154] __bpf_prog_run32+0xb2/0xe0 [ 614.495266][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.500595][T10154] ? __pfx___bpf_prog_run32+0x10/0x10 [ 614.506104][T10154] bpf_trace_run5+0x16f/0x350 [ 614.510921][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.516244][T10154] __bpf_trace_signal_generate+0x45/0x60 [ 614.522064][T10154] send_sigqueue+0xc5e/0xd40 [ 614.526795][T10154] ? filter_irq_stacks+0x60/0x1a0 [ 614.531962][T10154] ? kmsan_get_metadata+0x146/0x1d0 [ 614.537275][T10154] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 614.543213][T10154] posix_timer_event+0xe7/0x180 [ 614.548222][T10154] cpu_timer_fire+0x249/0x2e0 [ 614.553037][T10154] posix_cpu_timers_work+0x16ca/0x1d00 [ 614.558641][T10154] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 614.564576][T10154] ? __pfx_posix_cpu_timers_work+0x10/0x10 [ 614.570514][T10154] task_work_run+0x268/0x310 [ 614.575259][T10154] syscall_exit_to_user_mode+0xce/0x160 [ 614.580943][T10154] do_syscall_64+0xdc/0x1e0 [ 614.585591][T10154] ? clear_bhb_loop+0x25/0x80 [ 614.590440][T10154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 614.596496][T10154] RIP: 0033:0x7f89b627cee9 [ 614.601022][T10154] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 614.620766][T10154] RSP: 002b:00007f89b70810c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 614.629306][T10154] RAX: 000000000000ffa0 RBX: 00007f89b63b3fa0 RCX: 00007f89b627cee9 [ 614.637371][T10154] RDX: 000000000000ffa0 RSI: 0000000020000300 RDI: 0000000000000006 [ 614.645430][T10154] RBP: 00007f89b62c947f R08: 0000000000000000 R09: 0000000000000000 [ 614.653487][T10154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 614.661547][T10154] R13: 000000000000000b R14: 00007f89b63b3fa0 R15: 00007ffea8a007d8 [ 614.669630][T10154] [ 616.038606][T10154] Shutting down cpus with NMI [ 616.043704][T10154] Kernel Offset: disabled [ 616.048096][T10154] Rebooting in 86400 seconds..