last executing test programs: 5.947345415s ago: executing program 0 (id=462): socket$packet(0x11, 0x0, 0x300) syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000400)={[{@errors_remount}, {@auto_da_alloc}, {@jqfmt_vfsold}, {@resuid}, {@prjquota}, {@usrjquota}, {@abort}, {@min_batch_time={'min_batch_time', 0x3d, 0x409e}}, {}]}, 0xff, 0x46b, &(0x7f0000000780)="$eJzs281rXFUbAPDn3pm0fdvXTqxabW1ttArBj6RJq3YhiKLgQkHQRV3GJC2100aaCLYEjSJ1KQX34lLwL3DlStSV4LYuBSkULUKrG0fuzL1pMp3Jh5l0hszvB9Oec++Zc86Te8/NmXMyAfStoeyfJOL/EXElIiqN7PICQ43/bl6fn/zr+vxkErXaG78n9XI3rs9P1nLF+3btaFQynEaknyR5IzGwtNrZCxfPTFSr0+fz/Ojc2XdHZy9cfOr02YlT06emz40fP37s6Nizz4w/3aLXv15eb5xZfDf2fzBzYN8rb11+bfLE5bd/+Drr796DjfNZHOutczVDWeB/NH42zece63RjXfZP7VacSbnbvWGtShFRzgfnlahEKW5dvEq8/HFXOwdsquyZvb396YUasIUl0e0eAN1R/KLPPv8Wrzs09egJ115ofADK4r6ZvxpnypHmZQY2sf2hiDix8PcX2Sua1iFqLdYNAAA26tts/vNkq/lfGnuXlNud7w0NRsTdEbEnIu6JiHsj4r6Ietn7I+KBdbY/1JS/ff6ZXv1Pga1RNv97Lt/bWj7/K2Z/MVjKc3fV4x9ITp6uTh/JfybDMbA9y4+1qryo4qWfP2vX/tL5X/bK2i/mgnklV8uNBbodxZGpibmJTk1Kr30Usb/cKv5kcScgiYh9EbF/fVXvLhKnH//qQLtCq8e/gg7sM9W+LCqZX4im+AvJyvuTozuiOn1ktLgrbvfjT5deb9f+huLvgOz671x+/zeVqPyZLN2vnV088fxa27j0y6dtP1OW137/L8ru/23Jm/U93W35sfcn5ubOj0VsS16t55cdH7/13iJflM/iHz7cevzvyd+Txf9gRGQ38cGIeCgiDuXX7uGIeCQiDq8Q//cvPvpOu3O9cP2nWj7/Fu//weXXf/2J0pnvvmnX/tqef8fqqeH8SP35t4r23Skeo013MwAAAGxhaf1v45N0ZDGdpiMjEbvqa7s70+rM7NwTJ2feOzfV+Bv6wRhIi5WuypL10LFkIa+xkR/P14qL80fzdePPS/+r50cmZ6pTXY4d+t2uNuM/81up270DNp3va0H/ah7/aZf6Adx5fv9D/zL+oX8Z/9C/Wo3/D5vy9gJgK6pVut0DoHvM/6F/Gf/Qv4x/6Esb+V7/ZiXKK3x7X6JXEpH2RDd6JnGoh0ZTuQOju8sPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75NwAA//++2Pkq") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000280)=@v2={0x2, @adiantum, 0x0, '\x00', @a}) 5.662605766s ago: executing program 0 (id=465): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f00000000c0)={0x0, 0xd1f}) 5.337982195s ago: executing program 0 (id=469): sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001a40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}], 0x1, 0x0) r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8), &(0x7f000095dffc)=0x8) r3 = socket(0xa, 0x1, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000006c0)={0x8000, 0x0, 0x0, 0x0, r1}, 0x10) close(r3) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f00000001c0)='@', 0x1}], 0x1}}], 0x1, 0x0) 3.861802408s ago: executing program 0 (id=474): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e22, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000840)=[@pktinfo={{0x24, 0x11, 0x32, {@private1}}}], 0x28}}], 0x2, 0x0) 3.728461224s ago: executing program 2 (id=476): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@bridge_delneigh={0x34, 0x1c, 0xc07, 0x0, 0x0, {0x2, 0x0, 0x0, r1, 0x8}, [@NDA_LLADDR={0xa, 0x2, @remote}, @NDA_DST_MAC={0xa, 0x1, @broadcast}]}, 0x34}}, 0x0) 3.636369401s ago: executing program 0 (id=477): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000080)={'syz1\x00'}, 0x45c) ioctl$UI_SET_PROPBIT(r0, 0x5501, 0x0) ioctl$UI_SET_RELBIT(r0, 0x8000552c, 0x0) 3.484179958s ago: executing program 2 (id=480): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0) 3.406816793s ago: executing program 4 (id=481): syz_emit_ethernet(0x36, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_pidfd_open(0x0, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) fanotify_init(0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000a80)=@nat={'nat\x00', 0x1b, 0x5, 0x410, 0xe8, 0x0, 0xffffffff, 0x2a8, 0xe8, 0x378, 0x378, 0xffffffff, 0x378, 0x378, 0x5, 0x0, {[{{@uncond, 0x0, 0xb0, 0xe8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x2, 0x0, 0x2, 0x0, 0x4, 0x5], 0x0, 0x2}}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0xa, @broadcast, @broadcast, @gre_key=0x80, @port=0x4e21}}}}, {{@uncond, 0x0, 0xa0, 0xe8, 0x0, {}, [@common=@addrtype={{0x30}, {0x100, 0x200, 0x1}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x4, @ipv4=@rand_addr=0x64010102, @ipv4=@multicast2, @icmp_id=0x66, @gre_key=0x7}}}, {{@uncond, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@ah={{0x30}, {[0x2, 0x7a46], 0x1}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @broadcast, @multicast2, @icmp_id=0x64}}}}, {{@uncond, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0x1}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x3, @broadcast, @local, @gre_key=0x2478, @gre_key=0x494}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x0, 0x0, 0x304}, 0x48) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="270e00000000000000000407b1548bce14c88fc94c6560a56602e815340f496e5f60a923e54cf9320dda23db1b7ad17ac72e1d627de94d175215f33854bea20a69c79ba5c25df00f900601b628d9cd7b25aeb7602414dde2d4e12b3dda39481e08dff977b05fdc4e45585d3d1788848a"], 0x14}, 0x1, 0x40030000000000}, 0x40000) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000080), 0x1, 0x53a, &(0x7f0000000540)="$eJzs3c9vHFcdAPDvjH82desEeoAKSIFCQFF2400bVb00uYBQVQlRcUAcUmNvLJPdrPGuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IBixQjATSopkdu1t7XW/j9S71fj7SaObN23nf9+LMvJm39rwAxtZzEbETEdMR8UZEzBf7k2KJO50l+9yjve2l/b3tpSTa7df/nuT52b7oOibzZFHmbER846sR30mOx21ubj1YrNWq60W63KqvlZubWzdW64sr1ZXqw0rl9sLtmy/derEysLZerf9y9yurr37zN7/+9Lu/3/nyD7JqzRV53e0YpE7Tpw7jZCYj4tXzCDYCE8V6esT14PGkEfGxiPhcfv7Px0T+vxMAuMja7floz3enAYCLLs3HwJK0VIwFzEWalkqdMbxn4lJaazRb1+83Nh4ud8bKLsdUen+1Vr15ZeaP38vvGKaSLL2Q5+X5ebpyJH0rIq5ExI9nnsjTpaVGbXl0tz0AMNaePNL//2um0//3oce3egDAR8bsqCsAAAyd/h8Axo/+HwDGTx/9f/Fl/8651wUAGA7P/wAwfvT/ADB+9P8AMFa+/tpr2dLeL95/vfzm5saDxps3lqvNB6X6xlJpqbG+VlppNFbyd/bUTyuv1misLbwQG2+VW9Vmq9zc3LpXb2w8bN3L3+t9rzo1lFYBAB/kytV3/pBExM7LT+RLdM3loK+Giy0ddQWAkZkYdQWAkTHbF4yv/p/xf3eu9QBGp+fLvGd7br7fTz9EEL9nBP9Xrn2y//F/czzDxWL8H8bX443/vzLwegDDZ/wfxle7nRyd83/6MAsAuJDO8Dv+7R8O6iYEGKnTJvMeyPf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMHMRcR3I0lLxVzgc5GmpVLEUxFxOaaS+6u16s2IeDquRsTUTJZeGHWlAYAzSv+aFPN/XZt/fu5o7nTy75l8HRHf/9nrP3lrsdVaX8j2/+Nw/8zB9GGV9447w7yCAECfnuvzc3n/XSnWXQ/yj/a2lw6W7s+nA67nUbt347/FVMRL+3vb+dLJmYzJfD2b30tc+mdSpDtzkT4bERMDiL/zdkR8olf7k3xs5HIx82l3/ChiPzXU+On74qd5Xmed3Xx9fAB1gXHzzt2IuNPr/EuLa2rv8382v0Kd3e7dTmEH1779rvgH17+JHvGTD3HN333ht187trM938l7O+LZyV7xk8P4yQnxn+8z/p8+9ZkfvXJCXvvnEdeid/zuWOVWfa3c3Ny6sVpfXKmuVB9WKrcXbt986daLlXI+Rl0+GKk+7m8vX3/6pLpl7b90QvzZnu2fPjz2C322/xf/eePbn/2A+F/6fO+f/zM943dkfeIX+4y/eOlXJ07fncVfPqH9p/38r/cZ/92/bC33+VEAYAiam1sPFmu16vqZNrKn0EGUc2wjq+JACzxl488xyALvnO3wqfP6Vz33jcnDe8XBlvytrMQhNycdeCvOtPGosxHnHmu01yXg/L130o+6JgAAAAAAAAAAAAAAwEmG8adLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9f/AgAA//91qMwl") mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) r4 = io_uring_setup(0x7fdb, &(0x7f0000000080)) r5 = fanotify_init(0x0, 0x0) r6 = dup2(r5, r4) readv(r6, &(0x7f0000000540)=[{&(0x7f00000005c0)=""/244, 0xf4}], 0x1) 3.372165499s ago: executing program 1 (id=482): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLOCK(r2, &(0x7f0000000100)={0x8}, 0x8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 3.349977531s ago: executing program 0 (id=483): timer_create(0x0, &(0x7f0000533fa0), 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='ext4_discard_blocks\x00', r1}, 0x10) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x13, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x13\x00'}]}, 0x1c}}, 0x0) fanotify_init(0x200, 0x0) ioctl$FITRIM(r2, 0xc0185879, &(0x7f0000000000)={0x3f000000, 0xaeae}) r4 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r4, &(0x7f0000000140)={0xa, 0x4e24, 0x0, @loopback, 0x1}, 0xfffffffffffffc4f) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36b31fa7e35ce95d04"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x44}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0x2000000, 0x24, 0x0, &(0x7f0000000300)="5cdd3086ddff0066b3c9bbac88a8862c00dffd0013dd00000000000000008100f5df86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000440)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a240100dbe4caf4f528d0b7e1be64b5c6bd08135641fa59c7ee9158df93cc97882de45554fbafbed96b4b137d9a44e60bee3b1b97f3b83d4da8fe79bc1c4a99468ca4dc41a6e8118f1953a223a6becd0d8f217b4ca4324d2d0d39b9452d6b6fdce7715e94d0cbee99174b3b5b236f1dfed624c5996b61453faa8bd4db984fa7c9802b8c35c3472bddd9514000fe216d4e6110e98f978c9451d5ae6720ec5ed7d655f01ec760d8d36693858d87c25915444cdc34f0b1d56c0375a725134eaf866d83cc5272f0d18ad1ccf94cd64ded19192b37544c2ba27fadd8", @ANYRES32], 0x0) llistxattr(0x0, 0x0, 0x0) 2.423873928s ago: executing program 1 (id=484): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x18, 0x2a, 0x9, 0x0, 0x0, {0x4, 0x0, 0x2c00}, [@nested={0x4, 0x1a}]}, 0x18}}, 0x0) 2.193656903s ago: executing program 1 (id=485): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000001200)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl") quotactl_fd$Q_SETINFO(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r2, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r4, 0x0, 0x10001}) 2.013634851s ago: executing program 4 (id=486): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r0, &(0x7f0000002300)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1}, 0x50) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) read$FUSE(r0, &(0x7f0000004340)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r0, &(0x7f0000000200)={0x10, 0xffffffffffffffda, r2}, 0x10) 1.676382011s ago: executing program 2 (id=487): r0 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x94}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f00000001c0)=[@pktinfo={{0x24, 0x29, 0x3e, {@remote}}}], 0x28}}], 0x1, 0x0) 781.018314ms ago: executing program 3 (id=488): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x6, 0x8, 0x2}, 0x48) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000700)={r0, &(0x7f0000000600), &(0x7f00000006c0)=@tcp6=r1}, 0x20) r2 = dup(r0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r2, &(0x7f0000000000), 0x0}, 0x20) 666.217737ms ago: executing program 1 (id=489): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000063013000000000009500000000000000ae3a220f331c9d0db8735bc44471badebd75173a994604ae7da35f6d6c9caa7c5887bf1d8ccfe8c9cc061b5deecaa91f6294778378fb3ec12a2591b1ac48fac99fb0022971ec6761cddceea3bf21f086ae998ad9b2a10232b15c59d30eeaa6b804ebd9d4bf3ba75deff04e626074a7fd6dcebdd0d4e8143a7bd33950786cff3247183d99c50303b431f487427af8"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r0, &(0x7f0000000080), 0x0}, 0x20) r1 = socket$kcm(0x23, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e0, 0x0) 653.074508ms ago: executing program 3 (id=490): recvmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x0, 0x5, &(0x7f0000000000)=@framed={{}, [@jmp, @alu]}, 0x0}, 0x90) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000}, 0x20) r0 = syz_io_uring_setup(0x7dca, &(0x7f0000000340), &(0x7f0000000140), &(0x7f0000000100)) r1 = io_uring_setup(0x2edd, &(0x7f0000000040)) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x17, 0x20000000, r2) 599.63927ms ago: executing program 2 (id=491): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@newae={0x40, 0x1e, 0x468bbc8229e18b43, 0x0, 0x0, {{}, @in=@empty}}, 0x40}}, 0x0) 520.863427ms ago: executing program 4 (id=492): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000080)={'syz1\x00'}, 0x45c) ioctl$UI_SET_PROPBIT(r0, 0x5501, 0x0) ioctl$UI_SET_RELBIT(r0, 0x8000552c, 0x0) 515.383562ms ago: executing program 3 (id=493): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000480)={0x44, r2, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x182}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6, 0xbe, "deaf"}]}, 0x44}}, 0x0) 429.764724ms ago: executing program 1 (id=494): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x18, 0x2a, 0x9, 0x0, 0x0, {0x4, 0x0, 0x2c00}, [@nested={0x4, 0x1a}]}, 0x18}}, 0x0) 384.554272ms ago: executing program 2 (id=495): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x12}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x14}}, 0x8c}}, 0x0) 380.110581ms ago: executing program 3 (id=496): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) close(r0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r1, r1, 0x2f, 0x0, 0x0, @prog_fd}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000005580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0ebe097fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822a0269a660e717a04becff0f7191070000000000002ea37e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7ae22e16c6c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85ecb29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bba3d005585bf07d70e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56bd86acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbf"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000000)={@cgroup=r0, r2, 0x2f, 0x0, 0x4, @prog_fd=r1}, 0x20) 313.293172ms ago: executing program 4 (id=497): r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x5, &(0x7f0000000040)=@framed={{}, [@cb_func]}, &(0x7f0000000300)='GPL\x00', 0x9, 0xffc, &(0x7f00000004c0)=""/4092}, 0x90) 287.815415ms ago: executing program 2 (id=498): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r1, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32) r3 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r3, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r4, 0x8) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x0) connect$pppl2tp(r0, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}, 0x1, 0x3}}, 0x26) getsockopt$bt_BT_SECURITY(r0, 0x111, 0xe, 0x0, 0x20001f00) 286.910772ms ago: executing program 1 (id=499): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000001200)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl") quotactl_fd$Q_SETINFO(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r2, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r4, 0x0, 0x10001}) 217.395875ms ago: executing program 3 (id=500): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x6, 0x8, 0x2}, 0x48) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000700)={r0, &(0x7f0000000600), &(0x7f00000006c0)=@tcp6=r1}, 0x20) r2 = dup(r0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r2, &(0x7f0000000000), 0x0}, 0x20) 182.767609ms ago: executing program 4 (id=501): r0 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x94}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f00000001c0)=[@pktinfo={{0x24, 0x29, 0x3e, {@remote}}}], 0x28}}], 0x1, 0x0) 100.53283ms ago: executing program 4 (id=502): pipe2$9p(0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/diskstats\x00', 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000791240000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90) syz_emit_ethernet(0x1f, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe0700000000000000ff3f02000000480100100000000019002b000a0001000500000000000072000000000000000000", 0x39}], 0x1) 0s ago: executing program 3 (id=503): recvmsg(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x0, 0x5, &(0x7f0000000000)=@framed={{}, [@jmp, @alu]}, 0x0}, 0x90) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000}, 0x20) r0 = syz_io_uring_setup(0x7dca, &(0x7f0000000340), &(0x7f0000000140), &(0x7f0000000100)) r1 = io_uring_setup(0x2edd, &(0x7f0000000040)) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x17, 0x20000000, r2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.118' (ED25519) to the list of known hosts. [ 66.686199][ T5082] cgroup: Unknown subsys name 'net' [ 66.831965][ T5082] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 68.565141][ T5082] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 69.443082][ T5092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.462188][ T5092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.479933][ T5092] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.488272][ T5092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.510291][ T5092] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.520272][ T5092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.581829][ T5092] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.590399][ T5092] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.598494][ T5092] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.609763][ T5099] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.629423][ T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.639705][ T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.647902][ T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.658104][ T5102] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.667169][ T5102] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.674896][ T5104] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.675693][ T5102] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 69.692266][ T5102] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 69.694405][ T5106] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.700898][ T5102] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 69.708461][ T5104] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.716463][ T5102] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 69.720829][ T5106] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.735677][ T5104] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.744160][ T5102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.752589][ T5106] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.757507][ T5108] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 69.761127][ T5106] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 69.773918][ T5108] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 69.781932][ T5106] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.271481][ T5091] chnl_net:caif_netlink_parms(): no params data found [ 70.521105][ T5103] chnl_net:caif_netlink_parms(): no params data found [ 70.540854][ T5098] chnl_net:caif_netlink_parms(): no params data found [ 70.623426][ T5097] chnl_net:caif_netlink_parms(): no params data found [ 70.663994][ T5094] chnl_net:caif_netlink_parms(): no params data found [ 70.676176][ T5091] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.684279][ T5091] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.691700][ T5091] bridge_slave_0: entered allmulticast mode [ 70.698883][ T5091] bridge_slave_0: entered promiscuous mode [ 70.746236][ T5091] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.753611][ T5091] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.760915][ T5091] bridge_slave_1: entered allmulticast mode [ 70.767976][ T5091] bridge_slave_1: entered promiscuous mode [ 70.913414][ T5091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.926251][ T5091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.936058][ T5103] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.943754][ T5103] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.951870][ T5103] bridge_slave_0: entered allmulticast mode [ 70.958980][ T5103] bridge_slave_0: entered promiscuous mode [ 70.973040][ T5098] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.980247][ T5098] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.987463][ T5098] bridge_slave_0: entered allmulticast mode [ 70.995104][ T5098] bridge_slave_0: entered promiscuous mode [ 71.021506][ T5103] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.028641][ T5103] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.036667][ T5103] bridge_slave_1: entered allmulticast mode [ 71.044523][ T5103] bridge_slave_1: entered promiscuous mode [ 71.077411][ T5098] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.084769][ T5098] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.092456][ T5098] bridge_slave_1: entered allmulticast mode [ 71.099784][ T5098] bridge_slave_1: entered promiscuous mode [ 71.155188][ T5103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.221068][ T5091] team0: Port device team_slave_0 added [ 71.231037][ T5103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.240884][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.248076][ T5097] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.256403][ T5097] bridge_slave_0: entered allmulticast mode [ 71.263669][ T5097] bridge_slave_0: entered promiscuous mode [ 71.277114][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.284482][ T5097] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.292128][ T5097] bridge_slave_1: entered allmulticast mode [ 71.299822][ T5097] bridge_slave_1: entered promiscuous mode [ 71.309140][ T5098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.319840][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.326956][ T5094] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.334453][ T5094] bridge_slave_0: entered allmulticast mode [ 71.341801][ T5094] bridge_slave_0: entered promiscuous mode [ 71.350949][ T5091] team0: Port device team_slave_1 added [ 71.423050][ T5098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.446053][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.454181][ T5094] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.462336][ T5094] bridge_slave_1: entered allmulticast mode [ 71.469397][ T5094] bridge_slave_1: entered promiscuous mode [ 71.494478][ T5103] team0: Port device team_slave_0 added [ 71.504803][ T5103] team0: Port device team_slave_1 added [ 71.515054][ T5097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.533630][ T5097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.570909][ T5091] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.577984][ T5091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.604929][ T5099] Bluetooth: hci0: command tx timeout [ 71.611357][ T5091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.625795][ T5091] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.633576][ T5091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.659843][ T5091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.698307][ T5098] team0: Port device team_slave_0 added [ 71.708431][ T5098] team0: Port device team_slave_1 added [ 71.787864][ T5094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.816292][ T5103] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.823595][ T5103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.845321][ T5099] Bluetooth: hci1: command tx timeout [ 71.850074][ T5106] Bluetooth: hci3: command tx timeout [ 71.855320][ T5092] Bluetooth: hci2: command tx timeout [ 71.861016][ T5106] Bluetooth: hci4: command tx timeout [ 71.873412][ T5103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.889966][ T5097] team0: Port device team_slave_0 added [ 71.897035][ T5098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.904292][ T5098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.930500][ T5098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.944769][ T5094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.982268][ T5103] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.989274][ T5103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.022299][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 72.022351][ T5103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.039770][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.051996][ T5097] team0: Port device team_slave_1 added [ 72.072956][ T5098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.080838][ T5098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.107739][ T5098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.136691][ T5094] team0: Port device team_slave_0 added [ 72.148538][ T5091] hsr_slave_0: entered promiscuous mode [ 72.155811][ T5091] hsr_slave_1: entered promiscuous mode [ 72.201773][ T5094] team0: Port device team_slave_1 added [ 72.225013][ T5097] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.232182][ T5097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.259270][ T5097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.289387][ T5103] hsr_slave_0: entered promiscuous mode [ 72.296101][ T5103] hsr_slave_1: entered promiscuous mode [ 72.303130][ T5103] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.311308][ T5103] Cannot create hsr debugfs directory [ 72.318501][ T5097] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.325858][ T5097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.351829][ T5097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.445321][ T5098] hsr_slave_0: entered promiscuous mode [ 72.454358][ T5098] hsr_slave_1: entered promiscuous mode [ 72.462195][ T5098] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.470339][ T5098] Cannot create hsr debugfs directory [ 72.478463][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.485963][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.512036][ T5094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.584579][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.591732][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.618231][ T5094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.654004][ T5097] hsr_slave_0: entered promiscuous mode [ 72.661471][ T5097] hsr_slave_1: entered promiscuous mode [ 72.667718][ T5097] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.675385][ T5097] Cannot create hsr debugfs directory [ 72.982959][ T5094] hsr_slave_0: entered promiscuous mode [ 72.989560][ T5094] hsr_slave_1: entered promiscuous mode [ 72.996930][ T5094] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.004699][ T5094] Cannot create hsr debugfs directory [ 73.250920][ T5091] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.265985][ T5091] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.295415][ T5091] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.309537][ T5091] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.407800][ T5098] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 73.428078][ T5098] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 73.439224][ T5098] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 73.459570][ T5098] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 73.557108][ T5103] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 73.577201][ T5103] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 73.598600][ T5103] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 73.635589][ T5103] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 73.680459][ T5106] Bluetooth: hci0: command tx timeout [ 73.722663][ T5097] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 73.737887][ T5097] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 73.758406][ T5097] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 73.787699][ T5097] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 73.910756][ T5094] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.921520][ T5106] Bluetooth: hci4: command tx timeout [ 73.921594][ T5092] Bluetooth: hci2: command tx timeout [ 73.926966][ T5106] Bluetooth: hci3: command tx timeout [ 73.938143][ T5099] Bluetooth: hci1: command tx timeout [ 73.965226][ T5094] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.993271][ T5094] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 74.005538][ T5094] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 74.093525][ T5091] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.116548][ T5098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.205905][ T5098] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.244234][ T5091] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.272774][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.280222][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.294903][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.302117][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.362272][ T5140] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.369467][ T5140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.380931][ T5140] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.388181][ T5140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.404615][ T5103] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.446416][ T5097] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.518428][ T5103] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.543910][ T5097] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.595457][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.602723][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.629062][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.636271][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.694188][ T5094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.706486][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.713731][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.727286][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.734486][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.864610][ T5094] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.992143][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.999369][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.050914][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.058064][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.129031][ T5091] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.247818][ T5098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.505301][ T5091] veth0_vlan: entered promiscuous mode [ 75.585076][ T5103] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.645496][ T5091] veth1_vlan: entered promiscuous mode [ 75.669050][ T5097] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.760413][ T5106] Bluetooth: hci0: command tx timeout [ 75.814335][ T5091] veth0_macvtap: entered promiscuous mode [ 75.849341][ T5091] veth1_macvtap: entered promiscuous mode [ 75.877293][ T5094] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.931602][ T5098] veth0_vlan: entered promiscuous mode [ 75.951397][ T5103] veth0_vlan: entered promiscuous mode [ 75.987890][ T5091] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.000055][ T5106] Bluetooth: hci3: command tx timeout [ 76.000790][ T55] Bluetooth: hci4: command tx timeout [ 76.005490][ T5092] Bluetooth: hci1: command tx timeout [ 76.011033][ T5099] Bluetooth: hci2: command tx timeout [ 76.023485][ T5097] veth0_vlan: entered promiscuous mode [ 76.036490][ T5103] veth1_vlan: entered promiscuous mode [ 76.045647][ T5098] veth1_vlan: entered promiscuous mode [ 76.096452][ T5091] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.116200][ T5097] veth1_vlan: entered promiscuous mode [ 76.148497][ T5091] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.158028][ T5091] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.167411][ T5091] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.176994][ T5091] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.242302][ T5098] veth0_macvtap: entered promiscuous mode [ 76.275139][ T5094] veth0_vlan: entered promiscuous mode [ 76.287595][ T5098] veth1_macvtap: entered promiscuous mode [ 76.308756][ T5103] veth0_macvtap: entered promiscuous mode [ 76.344609][ T5103] veth1_macvtap: entered promiscuous mode [ 76.393205][ T5094] veth1_vlan: entered promiscuous mode [ 76.453606][ T5103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.464829][ T5103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.482616][ T5103] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.495293][ T963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.506580][ T5097] veth0_macvtap: entered promiscuous mode [ 76.507918][ T963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.523049][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.538006][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.549790][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.560639][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.573065][ T5098] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.598624][ T5103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.609876][ T5103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.621353][ T5103] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.656421][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.667211][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.677130][ T5098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.688515][ T5098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.700827][ T5098] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.723661][ T5097] veth1_macvtap: entered promiscuous mode [ 76.725832][ T648] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.738138][ T648] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.757997][ T5103] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.767251][ T5103] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.776618][ T5103] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.788973][ T5103] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.807552][ T5098] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.818481][ T5098] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.828079][ T5098] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.837023][ T5098] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.019484][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.045073][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.059770][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.075675][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.085961][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.101089][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.132597][ T5097] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.151027][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.168066][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.178790][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.198611][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.210032][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.221561][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.237567][ T5097] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.269073][ T5097] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.278541][ T5097] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.288395][ T5097] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.735161][ T5097] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.044975][ T5092] Bluetooth: hci0: command tx timeout [ 78.080026][ T5092] Bluetooth: hci1: command tx timeout [ 78.085521][ T5092] Bluetooth: hci3: command tx timeout [ 78.091208][ T5106] Bluetooth: hci2: command tx timeout [ 78.096661][ T5106] Bluetooth: hci4: command tx timeout [ 78.158764][ T5094] veth0_macvtap: entered promiscuous mode [ 78.269128][ T5094] veth1_macvtap: entered promiscuous mode [ 78.284382][ T5181] loop0: detected capacity change from 0 to 2048 [ 78.353381][ T5181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.367171][ T5181] ext4 filesystem being mounted at /root/syzkaller.s4BgFv/1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.433398][ T2816] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.442849][ T2816] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.457438][ T5091] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.465872][ T963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.476958][ T963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.507348][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.518283][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.558413][ T5186] loop0: detected capacity change from 0 to 256 [ 78.558576][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.582391][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.596211][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.625883][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.631263][ T5186] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 78.636972][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.658923][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.678594][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.757319][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.768688][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.778758][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.791331][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.801206][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.811760][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.821672][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.832306][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.845258][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.857348][ T2816] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.868652][ T2816] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.894252][ T5094] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.906523][ T5094] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.915888][ T5094] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.925432][ T5094] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.949042][ T5188] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 79.018982][ T648] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.053152][ T648] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.078630][ T648] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.086949][ T648] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.283147][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.312214][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.496167][ T5194] loop0: detected capacity change from 0 to 4096 [ 79.585587][ T5194] ntfs3: loop0: Failed to load $MFT (-22). [ 79.595618][ T2816] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.620288][ T2816] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.864656][ T5208] loop2: detected capacity change from 0 to 64 [ 79.925555][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.974165][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.015463][ T5140] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 80.254138][ T5140] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.290751][ T5214] netlink: 'syz.3.4': attribute type 29 has an invalid length. [ 80.310446][ T5140] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 80.336532][ T5140] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 80.350887][ T5214] netlink: 'syz.3.4': attribute type 29 has an invalid length. [ 80.369128][ T5140] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.396695][ T5218] netlink: 'syz.3.4': attribute type 29 has an invalid length. [ 80.429364][ T5214] netlink: 'syz.3.4': attribute type 29 has an invalid length. [ 80.437326][ T5140] usb 2-1: config 0 descriptor?? [ 80.573390][ T29] audit: type=1326 audit(1719418537.143:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2b375ae9 code=0x7ffc0000 [ 80.689223][ T29] audit: type=1326 audit(1719418537.143:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2b375ae9 code=0x7ffc0000 [ 80.755017][ T29] audit: type=1326 audit(1719418537.202:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b2b375ae9 code=0x7ffc0000 [ 80.792884][ T29] audit: type=1326 audit(1719418537.202:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2b375ae9 code=0x7ffc0000 [ 80.834886][ T29] audit: type=1326 audit(1719418537.202:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b2b375ae9 code=0x7ffc0000 [ 80.856437][ T5201] loop4: detected capacity change from 0 to 32768 [ 80.866602][ T29] audit: type=1326 audit(1719418537.202:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2b375ae9 code=0x7ffc0000 [ 80.893723][ T5201] btrfs: Deprecated parameter 'usebackuproot' [ 80.911106][ T29] audit: type=1326 audit(1719418537.202:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3b2b36cb67 code=0x7ffc0000 [ 80.923821][ T5201] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 80.944215][ T29] audit: type=1326 audit(1719418537.202:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3b2b311539 code=0x7ffc0000 [ 80.967695][ T29] audit: type=1326 audit(1719418537.202:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3b2b36cb67 code=0x7ffc0000 [ 80.982802][ T5140] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 81.005696][ T5140] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 81.016969][ T5140] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 81.018079][ T5232] overlayfs: missing 'lowerdir' [ 81.031009][ T29] audit: type=1326 audit(1719418537.202:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5222 comm="syz.2.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3b2b311539 code=0x7ffc0000 [ 81.055649][ T5201] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.12 (5201) [ 81.065983][ T5140] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 81.122909][ T5204] udevd[5204]: failed to send result of seq 9691 to main daemon: Connection refused [ 81.253547][ T5201] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 81.273172][ T5201] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 81.278685][ T5228] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 81.419624][ C1] Adjusting tsc more than 11% (6672762 vs 8464875) [ 81.523525][ T53] BTRFS warning (device loop4): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0 [ 81.567452][ T5140] usb 2-1: USB disconnect, device number 2 [ 81.598278][ T5201] BTRFS warning (device loop4): couldn't read tree root [ 81.626329][ T5201] BTRFS warning (device loop4): try to load backup roots slot 1 [ 81.653733][ T12] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0 [ 81.696684][ T5201] BTRFS warning (device loop4): couldn't read tree root [ 81.714492][ T5201] BTRFS warning (device loop4): try to load backup roots slot 2 [ 81.752769][ T12] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 81.775105][ T5201] BTRFS warning (device loop4): couldn't read tree root [ 81.795934][ T5201] BTRFS warning (device loop4): try to load backup roots slot 3 [ 81.889873][ T5201] BTRFS info (device loop4): rebuilding free space tree [ 82.015627][ T5201] BTRFS info (device loop4): disabling free space tree [ 82.023168][ T5201] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 82.054351][ T5201] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 82.205867][ T5266] loop3: detected capacity change from 0 to 64 [ 82.241519][ T5098] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 82.605441][ T5271] loop1: detected capacity change from 0 to 1024 [ 82.973563][ T5281] loop0: detected capacity change from 0 to 256 [ 82.986036][ T5279] loop3: detected capacity change from 0 to 512 [ 83.002002][ T5281] exfat: Deprecated parameter 'namecase' [ 83.017279][ T5279] ======================================================= [ 83.017279][ T5279] WARNING: The mand mount option has been deprecated and [ 83.017279][ T5279] and is ignored by this kernel. Remove the mand [ 83.017279][ T5279] option from the mount to silence this warning. [ 83.017279][ T5279] ======================================================= [ 83.098083][ T5279] EXT4-fs (loop3): 1 truncate cleaned up [ 83.130334][ T5279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.280574][ T5279] ext4: Unknown parameter 'pDX&^x䝲cSm__yԷ_KdΟ嶗\9' [ 84.332814][ C1] sched: RT throttling activated [ 84.579831][ T5178] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 84.621061][ T5094] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.815559][ T5178] usb 5-1: too many endpoints for config 0 interface 0 altsetting 48: 120, using maximum allowed: 30 [ 84.851576][ T5178] usb 5-1: config 0 interface 0 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 120 [ 84.886108][ T5178] usb 5-1: config 0 interface 0 has no altsetting 0 [ 84.904808][ T5178] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 84.925323][ T5178] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.975445][ T5178] usb 5-1: config 0 descriptor?? [ 85.068108][ T5302] loop1: detected capacity change from 0 to 64 [ 85.102711][ T5296] loop3: detected capacity change from 0 to 4096 [ 85.134224][ T5296] ntfs3: loop3: Failed to load $MFT (-22). [ 85.304623][ T5178] usb 5-1: string descriptor 0 read error: -71 [ 85.337841][ T5178] usb 5-1: Cannot read MAC address [ 85.359532][ T5178] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 85.413362][ T5178] usb 5-1: USB disconnect, device number 2 [ 85.843568][ T5300] loop0: detected capacity change from 0 to 32768 [ 85.861858][ T5300] btrfs: Deprecated parameter 'usebackuproot' [ 85.880629][ T5300] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 85.896250][ T5300] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.40 (5300) [ 85.916701][ T5300] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 85.935180][ T5300] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 86.038234][ T63] BTRFS warning (device loop0): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0 [ 86.058491][ T5332] loop1: detected capacity change from 0 to 512 [ 86.076981][ T5332] EXT4-fs (loop1): 1 truncate cleaned up [ 86.085024][ T5300] BTRFS warning (device loop0): couldn't read tree root [ 86.094089][ T5332] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.108700][ T5300] BTRFS warning (device loop0): try to load backup roots slot 1 [ 86.117536][ T63] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0 [ 86.134746][ T5300] BTRFS warning (device loop0): couldn't read tree root [ 86.176900][ T5300] BTRFS warning (device loop0): try to load backup roots slot 2 [ 86.196508][ T5332] ext4: Unknown parameter 'pDX&^x䝲cSm__yԷ_KdΟ嶗\9' [ 86.222425][ T63] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 86.254923][ T5300] BTRFS warning (device loop0): couldn't read tree root [ 86.508714][ T5300] BTRFS warning (device loop0): try to load backup roots slot 3 [ 86.540270][ T5300] BTRFS info (device loop0): rebuilding free space tree [ 87.505923][ T5300] BTRFS info (device loop0): disabling free space tree [ 87.528405][ T5300] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 87.543550][ T5300] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 87.552034][ T5097] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.659869][ T5091] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 87.717158][ T5348] loop2: detected capacity change from 0 to 1024 [ 87.749713][ T5315] loop3: detected capacity change from 0 to 32768 [ 87.845569][ T8] cfg80211: failed to load regulatory.db [ 88.222460][ T5350] loop1: detected capacity change from 0 to 40427 [ 88.237707][ T5350] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 88.245864][ T5350] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 88.337806][ T5350] F2FS-fs (loop1): Found nat_bits in checkpoint [ 88.427510][ T5350] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 88.435049][ T5350] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 88.932989][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 89.138474][ T5371] VFS: could not find a valid V7 on nullb0. [ 89.157537][ T5371] loop4: detected capacity change from 0 to 512 [ 89.179851][ T5371] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 89.210026][ T5371] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 89.305592][ T5371] EXT4-fs (loop4): 1 truncate cleaned up [ 89.332271][ T5371] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.398886][ T5371] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #12: comm syz.4.61: Siphash requires key [ 89.412024][ T5371] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #12: comm syz.4.61: Siphash requires key [ 89.431015][ T5371] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #12: comm syz.4.61: Siphash requires key [ 89.464304][ T5371] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #12: comm syz.4.61: Siphash requires key [ 89.600881][ T5098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.627877][ T5383] loop2: detected capacity change from 0 to 256 [ 89.652806][ T5383] exfat: Deprecated parameter 'namecase' [ 89.724268][ T5383] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 90.061671][ T5390] loop4: detected capacity change from 0 to 2048 [ 90.103571][ T5390] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 90.568934][ T5400] netlink: 116 bytes leftover after parsing attributes in process `syz.2.71'. [ 90.587626][ T5400] bridge_slave_1: left allmulticast mode [ 90.617256][ T5400] bridge_slave_1: left promiscuous mode [ 90.630799][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 90.630820][ T29] audit: type=1800 audit(1719418546.714:49): pid=5401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.71" name="file1" dev="sda1" ino=1966 res=0 errno=0 [ 90.668888][ T5400] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.758087][ T5400] bridge_slave_0: left allmulticast mode [ 90.764685][ T5400] bridge_slave_0: left promiscuous mode [ 90.773267][ T5400] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.865015][ T5408] loop1: detected capacity change from 0 to 128 [ 90.900136][ T5412] netlink: 'syz.4.73': attribute type 1 has an invalid length. [ 90.922497][ T5412] netlink: 112860 bytes leftover after parsing attributes in process `syz.4.73'. [ 90.942202][ T5412] netlink: 'syz.4.73': attribute type 1 has an invalid length. [ 91.108454][ T5419] loop4: detected capacity change from 0 to 256 [ 91.139228][ T5419] exfat: Deprecated parameter 'namecase' [ 91.173233][ T5419] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 91.315290][ T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 91.383846][ T5426] loop3: detected capacity change from 0 to 1024 [ 91.397746][ T5426] hfsplus: unable to parse mount options [ 91.520415][ T8] usb 2-1: too many endpoints for config 0 interface 0 altsetting 48: 120, using maximum allowed: 30 [ 91.553590][ T8] usb 2-1: config 0 interface 0 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 120 [ 91.575611][ T8] usb 2-1: config 0 interface 0 has no altsetting 0 [ 91.601789][ T8] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 91.627744][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.681474][ T8] usb 2-1: config 0 descriptor?? [ 91.702096][ T5411] loop0: detected capacity change from 0 to 32768 [ 91.771054][ T5411] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.74 (5411) [ 91.811919][ T5411] BTRFS info (device loop0): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 91.830030][ T5411] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 91.831421][ T5438] loop2: detected capacity change from 0 to 128 [ 91.845311][ T5411] BTRFS info (device loop0): using free-space-tree [ 91.927703][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 92.011557][ T8] usb 2-1: string descriptor 0 read error: -71 [ 92.044332][ T8] usb 2-1: Cannot read MAC address [ 92.049792][ T8] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 92.097532][ T8] usb 2-1: USB disconnect, device number 3 [ 92.290547][ T5465] loop2: detected capacity change from 0 to 16 [ 92.342705][ T5465] erofs: (device loop2): mounted with root inode @ nid 36. [ 93.114978][ T5411] BTRFS info (device loop0): setting incompat feature flag for DEFAULT_SUBVOL (0x2) [ 93.254894][ T5471] loop4: detected capacity change from 0 to 1024 [ 93.344535][ T5091] BTRFS info (device loop0): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 93.401716][ T5479] VFS: could not find a valid V7 on nullb0. [ 93.446414][ T5479] loop1: detected capacity change from 0 to 512 [ 93.467614][ T5479] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 93.553983][ T5483] loop3: detected capacity change from 0 to 1024 [ 93.561968][ T5479] EXT4-fs (loop1): 1 truncate cleaned up [ 93.576223][ T5483] hfsplus: unable to parse mount options [ 93.595110][ T5479] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.718126][ T5479] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #12: comm syz.1.100: Siphash requires key [ 93.735452][ T5490] netlink: 'syz.4.103': attribute type 9 has an invalid length. [ 93.752716][ T5490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.103'. [ 93.781782][ T5479] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #12: comm syz.1.100: Siphash requires key [ 93.802145][ T5479] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #12: comm syz.1.100: Siphash requires key [ 93.837197][ T5479] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #12: comm syz.1.100: Siphash requires key [ 93.899436][ T5496] mmap: syz.0.97 (5496) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 93.930637][ T5496] capability: warning: `syz.0.97' uses 32-bit capabilities (legacy support in use) [ 94.318966][ T5097] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.526949][ T5517] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.115'. [ 94.542448][ T5517] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 94.766142][ T5531] loop0: detected capacity change from 0 to 256 [ 94.787391][ T5531] exfat: Deprecated parameter 'namecase' [ 94.834007][ T5531] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 94.895887][ T5534] loop1: detected capacity change from 0 to 1024 [ 94.924857][ T5534] hfsplus: unable to parse mount options [ 95.321488][ T5543] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 95.338762][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 95.349207][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 95.357569][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 95.489747][ T5548] bond_slave_0: entered promiscuous mode [ 95.495799][ T5548] bond_slave_1: entered promiscuous mode [ 95.496096][ T5522] loop3: detected capacity change from 0 to 40427 [ 95.544457][ T5551] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.130'. [ 95.579211][ T5551] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 95.591112][ T5522] F2FS-fs (loop3): Found nat_bits in checkpoint [ 95.665704][ T5547] bond_slave_0: left promiscuous mode [ 95.672668][ T5547] bond_slave_1: left promiscuous mode [ 95.750037][ T5522] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 95.873149][ T5094] syz-executor: attempt to access beyond end of device [ 95.873149][ T5094] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 95.915518][ T5094] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 96.242685][ T5581] loop0: detected capacity change from 0 to 1024 [ 96.277660][ T5581] hfsplus: unable to parse mount options [ 96.931320][ T5569] loop1: detected capacity change from 0 to 32768 [ 96.982248][ T5569] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.136 (5569) [ 97.033897][ T5569] BTRFS info (device loop1): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 97.059983][ T5569] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 97.092342][ T5569] BTRFS info (device loop1): using free-space-tree [ 97.208723][ T5106] Bluetooth: hci4: SCO packet for unknown connection handle 732 [ 97.395827][ T5635] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 97.414154][ T5569] BTRFS info (device loop1): setting incompat feature flag for DEFAULT_SUBVOL (0x2) [ 97.590273][ T5097] BTRFS info (device loop1): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 97.881669][ T5603] loop0: detected capacity change from 0 to 40427 [ 97.955172][ T5603] F2FS-fs (loop0): Found nat_bits in checkpoint [ 98.072311][ T5643] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 98.121011][ T5610] loop3: detected capacity change from 0 to 32768 [ 98.152818][ T5603] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 98.230135][ T5610] XFS (loop3): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 98.256046][ T5091] syz-executor: attempt to access beyond end of device [ 98.256046][ T5091] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 98.271076][ T5091] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 98.384040][ T5659] loop1: detected capacity change from 0 to 1024 [ 98.392672][ T5659] hfsplus: unable to parse mount options [ 98.430577][ T5610] XFS (loop3): Ending clean mount [ 98.606009][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 98.802970][ T5094] XFS (loop3): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 98.911549][ T5670] netlink: 48 bytes leftover after parsing attributes in process `syz.2.162'. [ 99.132998][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 99.543775][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 99.553000][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 100.376927][ T5693] capability: warning: `syz.0.168' uses deprecated v2 capabilities in a way that may be insecure [ 100.380402][ T5687] loop2: detected capacity change from 0 to 8192 [ 100.417257][ T5687] REISERFS warning (device loop2): super-6502 reiserfs_getopt: unknown mount option "defcontext=root" [ 100.430277][ T5694] loop4: detected capacity change from 0 to 64 [ 100.489617][ T5697] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 100.699575][ T5705] bond_slave_0: entered promiscuous mode [ 100.705377][ T5705] bond_slave_1: entered promiscuous mode [ 100.941502][ T5703] bond_slave_0: left promiscuous mode [ 100.947096][ T5703] bond_slave_1: left promiscuous mode [ 101.019784][ T5713] loop2: detected capacity change from 0 to 1024 [ 101.056739][ T5713] EXT4-fs (loop2): inodes count not valid: 32 vs 12 [ 101.359047][ T5724] loop1: detected capacity change from 0 to 2048 [ 101.406875][ T5724] GPT:first_usable_lbas don't match. [ 101.409662][ T5713] loop2: detected capacity change from 0 to 8192 [ 101.427108][ T5724] GPT:34 != 290 [ 101.441684][ T5724] GPT: Use GNU Parted to correct GPT errors. [ 101.451582][ T5724] loop1: p1 p2 p3 [ 101.473860][ T5713] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 101.636316][ T5728] loop0: detected capacity change from 0 to 256 [ 101.938844][ T5739] Bluetooth: MGMT ver 1.23 [ 101.943942][ T5739] Bluetooth: hci3: invalid length 0, exp 2 for type 0 [ 102.930771][ T5737] syz.2.176 (5737) used greatest stack depth: 18224 bytes left [ 103.380317][ T5751] netlink: 'syz.4.191': attribute type 9 has an invalid length. [ 103.396051][ T5751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.191'. [ 103.900080][ T5759] vlan2: entered promiscuous mode [ 103.905264][ T5759] bond0: entered promiscuous mode [ 103.910661][ T5759] bond_slave_0: entered promiscuous mode [ 103.916896][ T5759] bond_slave_1: entered promiscuous mode [ 103.926577][ T5759] bond0: left promiscuous mode [ 103.932073][ T5759] bond_slave_0: left promiscuous mode [ 104.037232][ T5145] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 104.117430][ T5759] bond_slave_1: left promiscuous mode [ 104.620656][ T5145] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 104.668521][ T5145] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 104.741552][ T5145] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 104.781975][ T5145] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.793766][ T5764] loop1: detected capacity change from 0 to 256 [ 104.812264][ T5145] usb 4-1: config 0 descriptor?? [ 104.915532][ T5771] loop2: detected capacity change from 0 to 64 [ 105.047840][ T5776] loop4: detected capacity change from 0 to 1024 [ 105.078306][ T5776] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.107096][ T5781] loop2: detected capacity change from 0 to 1024 [ 105.120322][ T5781] hfsplus: invalid btree flag [ 105.125916][ T5781] hfsplus: failed to load catalog file [ 105.136775][ T5098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.212203][ T5781] loop2: detected capacity change from 0 to 512 [ 105.227876][ T5781] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 105.243998][ T5145] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 105.260502][ T5145] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 105.286973][ T5145] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 105.534904][ T5794] vlan2: entered promiscuous mode [ 105.540199][ T5794] bond0: entered promiscuous mode [ 105.545425][ T5794] bond_slave_0: entered promiscuous mode [ 105.557503][ T5794] bond_slave_1: entered promiscuous mode [ 105.568129][ T5794] bond0: left promiscuous mode [ 105.571804][ T5145] usb 4-1: USB disconnect, device number 2 [ 105.577521][ T5794] bond_slave_0: left promiscuous mode [ 105.588812][ T5794] bond_slave_1: left promiscuous mode [ 105.737895][ T5796] loop4: detected capacity change from 0 to 256 [ 105.929797][ T5800] loop2: detected capacity change from 0 to 1024 [ 105.996518][ T963] hfsplus: b-tree write err: -5, ino 4 [ 106.284819][ T5804] loop2: detected capacity change from 0 to 8192 [ 106.286522][ T5806] loop3: detected capacity change from 0 to 1024 [ 106.300010][ T5804] REISERFS warning (device loop2): super-6502 reiserfs_getopt: unknown mount option "defcontext=root" [ 106.323290][ T5806] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.384646][ T5094] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.512669][ T5823] loop3: detected capacity change from 0 to 512 [ 107.615878][ T5823] EXT4-fs (loop3): Test dummy encryption mode enabled [ 107.629430][ T5823] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #12: comm syz.3.222: corrupted in-inode xattr: invalid ea_ino [ 107.651056][ T5823] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.222: couldn't read orphan inode 12 (err -117) [ 107.667875][ T5823] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.766102][ T5823] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 107.785780][ T29] audit: type=1326 audit(1719418564.021:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5825 comm="syz.2.223" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b2b375ae9 code=0x0 [ 107.882931][ T5094] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 107.966160][ T5838] loop3: detected capacity change from 0 to 1024 [ 107.976157][ T5838] hfsplus: invalid btree flag [ 107.981498][ T5838] hfsplus: failed to load catalog file [ 108.049578][ T5838] loop3: detected capacity change from 0 to 512 [ 108.059966][ T5838] EXT4-fs (loop3): blocks per group (71) and clusters per group (32768) inconsistent [ 108.438415][ T5841] loop2: detected capacity change from 0 to 1024 [ 108.483307][ T11] hfsplus: b-tree write err: -5, ino 4 [ 108.617246][ T5844] loop2: detected capacity change from 0 to 128 [ 108.631314][ T5844] VFS: could not find a valid V7 on loop2. [ 108.805252][ T5844] loop2: detected capacity change from 0 to 4096 [ 108.879028][ T5847] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 108.974592][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 109.143981][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.162252][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 109.175883][ T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 109.187480][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.213690][ T9] usb 4-1: config 0 descriptor?? [ 109.594397][ T9] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 109.602969][ T9] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 109.615629][ T9] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 109.893611][ T59] usb 4-1: USB disconnect, device number 3 [ 109.994309][ T5862] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 110.260917][ T5872] netlink: 12 bytes leftover after parsing attributes in process `syz.2.235'. [ 110.497008][ T29] audit: type=1326 audit(1719418566.941:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5873 comm="syz.2.236" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b2b375ae9 code=0x0 [ 110.626155][ T5881] loop3: detected capacity change from 0 to 2048 [ 111.097873][ T5889] loop3: detected capacity change from 0 to 1024 [ 111.116095][ T5889] EXT4-fs (loop3): inodes count not valid: 32 vs 12 [ 111.299947][ T5889] loop3: detected capacity change from 0 to 8192 [ 111.310123][ T5889] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 111.319399][ T5895] loop2: detected capacity change from 0 to 1024 [ 111.345134][ T5895] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.408981][ T5103] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.068446][ T5920] loop3: detected capacity change from 0 to 512 [ 112.076263][ T5920] EXT4-fs: Ignoring removed mblk_io_submit option [ 112.087072][ T5920] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #12: comm syz.3.250: corrupted in-inode xattr: invalid ea_ino [ 112.101166][ T5920] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.250: couldn't read orphan inode 12 (err -117) [ 112.115321][ T5920] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.157555][ T5920] EXT4-fs error (device loop3) in ext4_resetent:3637: error 2 [ 112.227925][ T5094] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 112.255870][ T5924] loop2: detected capacity change from 0 to 512 [ 112.286852][ T5924] EXT4-fs (loop2): Test dummy encryption mode enabled [ 112.346390][ T5924] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #12: comm syz.2.254: corrupted in-inode xattr: invalid ea_ino [ 112.420971][ T5924] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.254: couldn't read orphan inode 12 (err -117) [ 112.438113][ T5924] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.560322][ T5928] loop3: detected capacity change from 0 to 4096 [ 112.596338][ T5928] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 112.598353][ T5103] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 112.944905][ T5092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 112.968679][ T5092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 112.978482][ T5092] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 112.989132][ T5092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 113.008989][ T5092] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 113.017995][ T5092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 113.124402][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.537930][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.649795][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.810937][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.052934][ T5947] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 114.132735][ T5951] loop2: detected capacity change from 0 to 256 [ 114.235144][ T11] bridge_slave_1: left allmulticast mode [ 114.242978][ T11] bridge_slave_1: left promiscuous mode [ 114.253075][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.274809][ T11] bridge_slave_0: left allmulticast mode [ 114.280635][ T11] bridge_slave_0: left promiscuous mode [ 114.286627][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.427710][ T5959] netlink: 'syz.3.267': attribute type 29 has an invalid length. [ 114.734995][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.919172][ T5106] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 114.932839][ T5106] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 114.945560][ T5106] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 114.955446][ T5106] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 114.971378][ T5106] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 114.983578][ T5106] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 115.049775][ T5106] Bluetooth: hci0: command tx timeout [ 115.215091][ T5969] loop2: detected capacity change from 0 to 16 [ 115.232241][ T5969] erofs: (device loop2): mounted with root inode @ nid 36. [ 115.378252][ T5106] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[9000] [ 115.411375][ T5969] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 115.452516][ T29] audit: type=1800 audit(1719418572.103:52): pid=5969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.270" name="file3" dev="loop2" ino=89 res=0 errno=0 [ 115.636871][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 115.668131][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 115.708840][ T11] bond0 (unregistering): Released all slaves [ 115.864725][ T5959] netlink: 'syz.3.267': attribute type 29 has an invalid length. [ 116.387780][ T5092] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 116.399386][ T5092] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 116.409714][ T5092] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 116.418330][ T5092] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 116.448851][ T5092] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 116.456988][ T5092] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 116.830525][ T5932] chnl_net:caif_netlink_parms(): no params data found [ 117.025864][ T5092] Bluetooth: hci2: command tx timeout [ 117.094784][ T5092] Bluetooth: hci0: command tx timeout [ 117.366848][ T5993] loop3: detected capacity change from 0 to 1024 [ 117.375100][ T5993] EXT4-fs: Ignoring removed mblk_io_submit option [ 117.406881][ T11] hsr_slave_0: left promiscuous mode [ 117.415836][ T11] hsr_slave_1: left promiscuous mode [ 117.424281][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 117.425633][ T5993] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.441252][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 117.459071][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 117.482603][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 117.541364][ T11] veth1_macvtap: left promiscuous mode [ 117.548014][ T11] veth0_macvtap: left promiscuous mode [ 117.553795][ T11] veth1_vlan: left promiscuous mode [ 117.559935][ T11] veth0_vlan: left promiscuous mode [ 117.582842][ T5999] process 'syz.3.277' launched './file0/file0' with NULL argv: empty string added [ 117.815645][ T5094] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.959815][ T6008] loop3: detected capacity change from 0 to 128 [ 117.978035][ T6008] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 118.523305][ T5092] Bluetooth: hci3: command tx timeout [ 118.894390][ T6025] loop3: detected capacity change from 0 to 128 [ 118.906426][ T6025] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 118.970577][ T11] team0 (unregistering): Port device team_slave_1 removed [ 119.021263][ T11] team0 (unregistering): Port device team_slave_0 removed [ 119.077952][ T5092] Bluetooth: hci2: command tx timeout [ 119.156874][ T5092] Bluetooth: hci0: command tx timeout [ 119.780444][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.801143][ T5932] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.823484][ T5932] bridge_slave_0: entered allmulticast mode [ 119.849826][ T5932] bridge_slave_0: entered promiscuous mode [ 119.910529][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.929223][ T5932] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.945030][ T5932] bridge_slave_1: entered allmulticast mode [ 119.966357][ T5932] bridge_slave_1: entered promiscuous mode [ 120.204585][ T5932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 120.269510][ T5932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 120.412812][ T5932] team0: Port device team_slave_0 added [ 120.432351][ T5932] team0: Port device team_slave_1 added [ 120.589515][ T5092] Bluetooth: hci3: command tx timeout [ 120.602464][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 120.610197][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 120.637994][ T5932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 120.732632][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 120.741430][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 120.769694][ T5932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 120.931335][ T6041] netlink: 'syz.2.295': attribute type 24 has an invalid length. [ 121.022301][ T5932] hsr_slave_0: entered promiscuous mode [ 121.038862][ T5932] hsr_slave_1: entered promiscuous mode [ 121.099758][ T6045] netlink: 152 bytes leftover after parsing attributes in process `syz.2.296'. [ 121.121068][ T5963] chnl_net:caif_netlink_parms(): no params data found [ 121.149334][ T5092] Bluetooth: hci2: command tx timeout [ 121.226864][ T5092] Bluetooth: hci0: command tx timeout [ 121.382338][ T5980] chnl_net:caif_netlink_parms(): no params data found [ 121.569316][ T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.821194][ T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.970952][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.997526][ T5963] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.024578][ T5963] bridge_slave_0: entered allmulticast mode [ 122.037872][ T5963] bridge_slave_0: entered promiscuous mode [ 122.162276][ T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.241051][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.259173][ T5963] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.267209][ T5963] bridge_slave_1: entered allmulticast mode [ 122.276343][ T5963] bridge_slave_1: entered promiscuous mode [ 122.367757][ T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.556199][ T5963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 122.623158][ T5980] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.631786][ T5980] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.662835][ T5092] Bluetooth: hci3: command tx timeout [ 122.673569][ T5980] bridge_slave_0: entered allmulticast mode [ 122.681310][ T5980] bridge_slave_0: entered promiscuous mode [ 122.695996][ T5963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 122.734612][ T5980] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.755793][ T5980] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.769097][ T5980] bridge_slave_1: entered allmulticast mode [ 122.781746][ T5980] bridge_slave_1: entered promiscuous mode [ 123.008391][ T5963] team0: Port device team_slave_0 added [ 123.031159][ T6099] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 123.078430][ T5980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 123.103214][ T5963] team0: Port device team_slave_1 added [ 123.161134][ T5980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 123.221876][ T5092] Bluetooth: hci2: command tx timeout [ 123.339358][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 123.345024][ T6105] loop2: detected capacity change from 0 to 16 [ 123.351565][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.386782][ T6105] erofs: (device loop2): mounted with root inode @ nid 36. [ 123.391362][ T5963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 123.490709][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 123.498793][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.537081][ T5092] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[9000] [ 123.582302][ T5963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 123.809222][ T6104] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 123.820570][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.837165][ T29] audit: type=1800 audit(1719418580.551:53): pid=6104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.316" name="file3" dev="loop2" ino=89 res=0 errno=0 [ 123.883536][ T6107] netlink: 40 bytes leftover after parsing attributes in process `syz.3.317'. [ 123.888991][ T5980] team0: Port device team_slave_0 added [ 123.926930][ T5980] team0: Port device team_slave_1 added [ 124.248537][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.126236][ T5092] Bluetooth: hci3: command tx timeout [ 126.254875][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.309729][ T8] usb 4-1: new low-speed USB device number 4 using dummy_hcd [ 126.323285][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.354851][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.416597][ T6104] syz.2.316 (6104) used greatest stack depth: 18000 bytes left [ 126.424497][ T5980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.446666][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.464987][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.520155][ T5980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 126.540255][ T8] usb 4-1: config 1 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 64, setting to 8 [ 126.551510][ T8] usb 4-1: config 1 interface 0 altsetting 2 endpoint 0x2 has invalid maxpacket 1023, setting to 8 [ 126.562879][ T8] usb 4-1: config 1 interface 0 has no altsetting 0 [ 126.575218][ T8] usb 4-1: New USB device found, idVendor=056a, idProduct=005b, bcdDevice= 0.40 [ 126.590128][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.613091][ T8] usb 4-1: Product: ဉ [ 126.622257][ T8] usb 4-1: Manufacturer: 輘⦙須젢퀫떻싏ઘꃠ뫡̅㰴賰Ȉﶆ︐蟷䠓疼ㅴ싰뵛充謣讶炑ꤏ䰣鋞Ḳ厠Ӵ埏ᾈ뇜ᨛ褮韊푓捱삁붰Ⅸ䗫Ԃູՠ饱챳龠寙ꚴ翣䛳擲첒潉歓장爼塃辡຋耬谇墑欵 [ 126.651100][ T8] usb 4-1: SerialNumber: 咙艅翍쯨잂ৈꅬ腕䭏餮ᷝ⁹燍̀鵉莡傲粧귓鵿팋ﲅ⇗⵨⦫矊渖塟ꗔꔪ㴰ལ꧴໠所᜼ⴱ뿣긣뵁渭徂췟䵕䲦莢홴捴써壯祦⥥베ᐁꏊᨺ૞훦뙙䕲꾑﷙ﳕᗟ⡋䟼笤籺嗗续甦翯遛렱撚ᔫ燛⧅⿪㟛짽㆟伪ꊆ焭㶍⑙ﺣХ⌂쯁ꄥƅ䄗ז [ 126.689602][ T6115] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 126.697770][ T6115] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 126.719816][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.766409][ T5963] hsr_slave_0: entered promiscuous mode [ 126.781324][ T5963] hsr_slave_1: entered promiscuous mode [ 126.794553][ T5963] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 126.802436][ T5963] Cannot create hsr debugfs directory [ 127.055018][ T5980] hsr_slave_0: entered promiscuous mode [ 127.066941][ T5980] hsr_slave_1: entered promiscuous mode [ 127.074073][ T5980] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.082979][ T5980] Cannot create hsr debugfs directory [ 127.102795][ T5932] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 127.180936][ T5932] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 127.200169][ T6119] loop2: detected capacity change from 0 to 128 [ 127.209014][ T5932] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 127.284107][ T5932] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 127.538324][ T11] bridge_slave_1: left allmulticast mode [ 127.545435][ T11] bridge_slave_1: left promiscuous mode [ 127.553662][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.568947][ T11] bridge_slave_0: left allmulticast mode [ 127.574775][ T11] bridge_slave_0: left promiscuous mode [ 127.586322][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.603568][ T11] bridge_slave_1: left allmulticast mode [ 127.616310][ T11] bridge_slave_1: left promiscuous mode [ 127.625009][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.639258][ T11] bridge_slave_0: left allmulticast mode [ 127.645020][ T11] bridge_slave_0: left promiscuous mode [ 127.651789][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.652513][ T29] audit: type=1326 audit(1719418584.375:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6123 comm="syz.2.322" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b2b375ae9 code=0x0 [ 128.002028][ T8] usbhid 4-1:1.0: can't add hid device: -71 [ 128.009390][ T8] usbhid 4-1:1.0: probe with driver usbhid failed with error -71 [ 128.026347][ T8] usb 4-1: USB disconnect, device number 4 [ 128.525866][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 128.541709][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 128.561289][ T11] bond0 (unregistering): Released all slaves [ 128.762798][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 128.778243][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 128.790029][ T11] bond0 (unregistering): Released all slaves [ 128.792845][ T6131] sctp: [Deprecated]: syz.2.325 (pid 6131) Use of int in max_burst socket option deprecated. [ 128.792845][ T6131] Use struct sctp_assoc_value instead [ 129.079349][ T6134] loop2: detected capacity change from 0 to 16 [ 129.105603][ T6134] erofs: (device loop2): mounted with root inode @ nid 36. [ 129.371630][ T5092] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[9000] [ 129.407513][ T6134] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 129.428785][ T29] audit: type=1800 audit(1719418586.146:55): pid=6134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.326" name="file3" dev="loop2" ino=89 res=0 errno=0 [ 129.700147][ T6141] syzkaller0: entered promiscuous mode [ 129.715910][ T6141] syzkaller0: entered allmulticast mode [ 130.570801][ T11] hsr_slave_0: left promiscuous mode [ 130.588114][ T11] hsr_slave_1: left promiscuous mode [ 130.604558][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 130.614650][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 130.631094][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 130.639293][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 130.674502][ T11] hsr_slave_0: left promiscuous mode [ 130.693106][ T11] hsr_slave_1: left promiscuous mode [ 130.713544][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 130.722709][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 130.756278][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 130.763783][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 130.842419][ T11] veth1_macvtap: left promiscuous mode [ 130.849863][ T11] veth0_macvtap: left promiscuous mode [ 130.857185][ T11] veth1_vlan: left promiscuous mode [ 130.868022][ T11] veth0_vlan: left promiscuous mode [ 130.882634][ T11] veth1_macvtap: left promiscuous mode [ 130.898314][ T11] veth0_macvtap: left promiscuous mode [ 130.904043][ T11] veth1_vlan: left promiscuous mode [ 130.935446][ T11] veth0_vlan: left promiscuous mode [ 131.151753][ T6162] loop3: detected capacity change from 0 to 256 [ 131.161957][ T6162] exfat: Deprecated parameter 'namecase' [ 131.843526][ T11] team0 (unregistering): Port device team_slave_1 removed [ 131.894886][ T11] team0 (unregistering): Port device team_slave_0 removed [ 132.832694][ T11] team0 (unregistering): Port device team_slave_1 removed [ 132.882620][ T11] team0 (unregistering): Port device team_slave_0 removed [ 133.303009][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.309455][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.434406][ T6164] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave [ 133.449213][ T6164] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 133.563441][ T5963] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 133.586688][ T5963] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 133.600625][ T6170] Bluetooth: MGMT ver 1.23 [ 133.666733][ T5963] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 133.685531][ T5963] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 133.703198][ T6172] loop2: detected capacity change from 0 to 2048 [ 133.725125][ T6172] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 133.740706][ T5932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.748772][ T6172] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 133.836595][ T5932] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.859240][ T29] audit: type=1800 audit(1719418590.587:56): pid=6172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.339" name="bus" dev="loop2" ino=1369 res=0 errno=0 [ 133.961008][ T5304] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.968314][ T5304] bridge0: port 1(bridge_slave_0) entered forwarding state [ 134.066427][ T5304] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.073704][ T5304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.663728][ T5980] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 134.746313][ T5980] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 134.789913][ T6180] loop2: detected capacity change from 0 to 32768 [ 134.795428][ T5980] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 134.817436][ T6180] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.343 (6180) [ 134.845968][ T6180] BTRFS info (device loop2): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 134.864104][ T6180] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 134.866098][ T5980] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 134.874045][ T6180] BTRFS info (device loop2): using free-space-tree [ 134.911446][ T5963] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.256052][ T5963] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.296556][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.303789][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 135.712328][ T6204] syz.2.343 (6204) used greatest stack depth: 16688 bytes left [ 135.753144][ T5932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.852738][ T5147] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.860290][ T5147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 135.875061][ T5145] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 135.993861][ T5932] veth0_vlan: entered promiscuous mode [ 136.065476][ T5145] usb 4-1: Using ep0 maxpacket: 16 [ 136.082511][ T5145] usb 4-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config [ 136.095995][ T5145] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 136.107278][ T5145] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 136.118872][ T5145] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.132914][ T5145] usb 4-1: config 0 descriptor?? [ 136.227385][ T5932] veth1_vlan: entered promiscuous mode [ 136.278369][ T5103] BTRFS info (device loop2): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 136.466281][ T6202] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.487281][ T6202] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.498391][ T5980] 8021q: adding VLAN 0 to HW filter on device bond0 [ 136.667339][ T5932] veth0_macvtap: entered promiscuous mode [ 136.712397][ T5980] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.718582][ T5145] usb 4-1: string descriptor 0 read error: -71 [ 136.734225][ T5145] usb 4-1: USB disconnect, device number 5 [ 136.751609][ T5932] veth1_macvtap: entered promiscuous mode [ 136.779282][ T6211] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave [ 136.790469][ T6211] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 136.819312][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.826653][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.863040][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.870315][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.945296][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.962949][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.973191][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.984129][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.997777][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.044112][ T6217] netlink: 'syz.2.348': attribute type 29 has an invalid length. [ 137.054773][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.069179][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.079430][ T5932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.090062][ T5932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.101740][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.118484][ T6217] netlink: 'syz.2.348': attribute type 29 has an invalid length. [ 137.147657][ T5963] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 137.159463][ T6218] netlink: 'syz.2.348': attribute type 29 has an invalid length. [ 137.168366][ T6217] netlink: 'syz.2.348': attribute type 29 has an invalid length. [ 137.178053][ T5932] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.204194][ T5932] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.213368][ T5932] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.223934][ T5932] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.243875][ T6220] loop2: detected capacity change from 0 to 256 [ 137.655076][ T29] audit: type=1326 audit(1719418594.367:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6219 comm="syz.2.349" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b2b375ae9 code=0x0 [ 138.312759][ T5963] veth0_vlan: entered promiscuous mode [ 138.354412][ T5963] veth1_vlan: entered promiscuous mode [ 138.449632][ T2799] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.457729][ T2799] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.501154][ T6234] loop2: detected capacity change from 0 to 256 [ 138.550618][ T29] audit: type=1800 audit(1719418595.277:58): pid=6234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.352" name="bus" dev="loop2" ino=1048614 res=0 errno=0 [ 138.634082][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.658865][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.740389][ T5980] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 138.773308][ T5963] veth0_macvtap: entered promiscuous mode [ 138.851585][ T5963] veth1_macvtap: entered promiscuous mode [ 139.008188][ T6242] syz.3.353 (pid 6242) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 139.102395][ T6242] overlayfs: failed to create directory ./file0/work (errno: 126); mounting read-only [ 139.596738][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.657983][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.722614][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.744641][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.754723][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 139.770106][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 139.796636][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 139.975054][ T6252] loop0: detected capacity change from 0 to 2048 [ 140.495263][ T6264] netlink: 4 bytes leftover after parsing attributes in process `syz.3.359'. [ 140.504132][ T6264] openvswitch: netlink: Flow key attr not present in new flow. [ 140.699686][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.720278][ T6252] GPT:first_usable_lbas don't match. [ 140.730304][ T6252] GPT:34 != 290 [ 140.740037][ T6252] GPT: Use GNU Parted to correct GPT errors. [ 140.750185][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.776521][ T6252] loop0: p1 p2 p3 [ 140.787011][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.802163][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.812320][ T5963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.862923][ T5963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.894364][ T6268] loop2: detected capacity change from 0 to 512 [ 140.901694][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 140.952752][ T6268] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz.2.360: casefold flag without casefold feature [ 140.972408][ T5963] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.981183][ T6268] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.360: couldn't read orphan inode 15 (err -117) [ 140.985997][ T6268] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.052081][ T5963] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.081234][ T5963] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.098234][ T29] audit: type=1800 audit(1719418597.817:59): pid=6268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.360" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 141.114716][ T5963] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.208351][ T5103] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.402869][ T5980] veth0_vlan: entered promiscuous mode [ 141.512247][ T5980] veth1_vlan: entered promiscuous mode [ 142.040959][ T6287] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT [ 142.086270][ T6287] loop2: detected capacity change from 0 to 512 [ 142.237611][ T6287] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 142.246357][ T6287] System zones: 0-2, 18-18, 34-35 [ 142.285131][ T6287] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.298229][ T6287] ext4 filesystem being mounted at /root/syzkaller.2eDpjQ/138/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.369918][ T6286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.365'. [ 142.598102][ T2799] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.638709][ T2799] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.724286][ T5103] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.030366][ T5980] veth0_macvtap: entered promiscuous mode [ 143.050654][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.056446][ T5106] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 143.070609][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.082620][ T5106] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 143.094795][ T5106] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 143.114725][ T5106] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 143.125686][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.369'. [ 143.135086][ T6299] openvswitch: netlink: Flow key attr not present in new flow. [ 143.246380][ T6295] loop0: detected capacity change from 0 to 2048 [ 143.478395][ T5106] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 143.511393][ T5106] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 143.541316][ T5980] veth1_macvtap: entered promiscuous mode [ 143.807141][ T6295] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 144.045075][ T53] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.229691][ T53] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.452998][ T53] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.537672][ T5980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.574687][ T5980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.600135][ T5980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.631628][ T5980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.661814][ T5980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.683678][ T5980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.710775][ T5980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.742736][ T5980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.769833][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 144.888334][ T53] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.019422][ T5980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.064577][ T5980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.084585][ T5980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.103538][ T5980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.130948][ T5980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.152728][ T5980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.173053][ T5980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.184206][ T5980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.201988][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.254084][ T5980] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.287498][ T5980] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.316510][ T5980] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.329541][ T5980] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.446444][ T6329] loop1: detected capacity change from 0 to 2048 [ 145.477607][ T6329] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 145.682404][ T53] bridge_slave_1: left allmulticast mode [ 145.695546][ T5106] Bluetooth: hci1: command tx timeout [ 145.700607][ T53] bridge_slave_1: left promiscuous mode [ 145.713816][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.728027][ T6337] loop1: detected capacity change from 0 to 64 [ 145.747159][ T53] bridge_slave_0: left allmulticast mode [ 145.752889][ T53] bridge_slave_0: left promiscuous mode [ 145.760961][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.067276][ T6346] loop2: detected capacity change from 0 to 512 [ 146.109915][ T6346] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 146.132504][ T6346] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 not in group (block 2)! [ 146.154677][ T6346] EXT4-fs (loop2): group descriptors corrupted! [ 146.701329][ T6353] netlink: 4 bytes leftover after parsing attributes in process `syz.2.390'. [ 146.769572][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 146.782360][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 146.797893][ T53] bond0 (unregistering): Released all slaves [ 147.153977][ T6367] loop0: detected capacity change from 0 to 64 [ 147.222668][ T6296] chnl_net:caif_netlink_parms(): no params data found [ 147.242136][ T6367] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 147.262049][ T6367] MINIX-fs: bad superblock or unable to read bitmaps [ 147.382830][ T963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.417712][ T963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.434617][ T6377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.400'. [ 147.672875][ T6389] loop1: detected capacity change from 0 to 64 [ 147.704817][ T53] hsr_slave_0: left promiscuous mode [ 147.733142][ T53] hsr_slave_1: left promiscuous mode [ 147.750395][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 147.774989][ T5106] Bluetooth: hci1: command tx timeout [ 147.795867][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.819347][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 147.830285][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 147.901460][ T53] veth1_macvtap: left promiscuous mode [ 147.935476][ T53] veth0_macvtap: left promiscuous mode [ 147.947625][ T53] veth1_vlan: left promiscuous mode [ 147.970023][ T53] veth0_vlan: left promiscuous mode [ 148.969021][ T53] team0 (unregistering): Port device team_slave_1 removed [ 149.026236][ T53] team0 (unregistering): Port device team_slave_0 removed [ 149.547038][ T6389] warning: `syz.1.401' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 149.600252][ T963] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.620487][ T5963] hfs: node 4:3 still has 1 user(s)! [ 149.631377][ T963] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.665859][ T6296] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.674283][ T6403] loop0: detected capacity change from 0 to 64 [ 149.681413][ T6296] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.691177][ T6296] bridge_slave_0: entered allmulticast mode [ 149.702520][ T6296] bridge_slave_0: entered promiscuous mode [ 149.711895][ T6403] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 149.736266][ T6403] MINIX-fs: bad superblock or unable to read bitmaps [ 149.761631][ T6296] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.773762][ T6296] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.783103][ T6296] bridge_slave_1: entered allmulticast mode [ 149.798570][ T6296] bridge_slave_1: entered promiscuous mode [ 149.854777][ T5106] Bluetooth: hci1: command tx timeout [ 150.059254][ T6296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 150.098692][ T6296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 150.308389][ T6431] loop4: detected capacity change from 0 to 128 [ 150.362136][ T6434] loop1: detected capacity change from 0 to 512 [ 150.423510][ T6296] team0: Port device team_slave_0 added [ 150.435703][ T6434] EXT4-fs error (device loop1): ext4_orphan_get:1420: comm syz.1.419: bad orphan inode 12 [ 150.477098][ T6296] team0: Port device team_slave_1 added [ 150.483473][ T6434] EXT4-fs (loop1): Remounting filesystem read-only [ 150.494341][ T6434] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.562873][ T5963] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 150.911322][ T6447] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT [ 150.963348][ T6447] loop0: detected capacity change from 0 to 512 [ 151.098990][ T6447] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 151.107582][ T6447] System zones: 0-2, 18-18, 34-35 [ 151.128276][ T6447] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.141498][ T6447] ext4 filesystem being mounted at /root/syzkaller.Bf0Xw9/17/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.519874][ T6446] netlink: 8 bytes leftover after parsing attributes in process `syz.0.421'. [ 151.649893][ T6296] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 151.672940][ T6296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.677276][ T5932] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.710181][ T6296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 151.747504][ T6296] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 151.761338][ T6296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.814576][ T6296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 151.830544][ T6461] loop4: detected capacity change from 0 to 128 [ 151.933651][ T6464] loop2: detected capacity change from 0 to 128 [ 151.945354][ T5106] Bluetooth: hci1: command tx timeout [ 151.992117][ T6468] loop1: detected capacity change from 0 to 512 [ 152.010946][ T6468] EXT4-fs error (device loop1): ext4_orphan_get:1420: comm syz.1.433: bad orphan inode 12 [ 152.027351][ T6468] EXT4-fs (loop1): Remounting filesystem read-only [ 152.035530][ T6468] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.078294][ T6473] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 152.146158][ T5963] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 152.159778][ T6296] hsr_slave_0: entered promiscuous mode [ 152.184405][ T6296] hsr_slave_1: entered promiscuous mode [ 152.201148][ T6296] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 152.216657][ T6296] Cannot create hsr debugfs directory [ 152.291915][ T6481] syz.2.438 uses obsolete (PF_INET,SOCK_PACKET) [ 152.310275][ T6479] loop4: detected capacity change from 0 to 512 [ 152.311110][ T6482] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 152.432098][ T6488] nbd: must specify a size in bytes for the device [ 152.439079][ T6479] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.439214][ T6479] ext4 filesystem being mounted at /root/syzkaller.EoRfx9/7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.572105][ T6479] EXT4-fs error (device loop4): ext4_do_update_inode:5075: inode #2: comm syz.4.437: corrupted inode contents [ 152.618843][ T6494] loop2: detected capacity change from 0 to 128 [ 152.638792][ T6479] EXT4-fs error (device loop4): ext4_dirty_inode:5935: inode #2: comm syz.4.437: mark_inode_dirty error [ 152.654146][ T6495] loop1: detected capacity change from 0 to 1024 [ 152.682559][ T6479] EXT4-fs error (device loop4): ext4_do_update_inode:5075: inode #2: comm syz.4.437: corrupted inode contents [ 152.705488][ T6495] EXT4-fs (loop1): Can't support bigalloc feature without extents feature [ 152.705488][ T6495] [ 152.710056][ T6479] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.437: mark_inode_dirty error [ 152.744872][ T6495] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities [ 152.801540][ T6498] loop0: detected capacity change from 0 to 1024 [ 152.871289][ T29] audit: type=1800 audit(1719418609.597:60): pid=6498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.445" name="bus" dev="loop0" ino=26 res=0 errno=0 [ 152.912886][ T5980] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.938331][ T6500] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 153.164685][ T59] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 153.306451][ T6514] nbd: must specify a size in bytes for the device [ 153.356932][ T59] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 153.373811][ T59] usb 2-1: config 0 has no interfaces? [ 153.396224][ T59] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 153.413430][ T59] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 153.422655][ T59] usb 2-1: SerialNumber: syz [ 153.431380][ T6518] Zero length message leads to an empty skb [ 153.432463][ T59] usb 2-1: config 0 descriptor?? [ 153.517406][ T6296] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 153.531546][ T6520] No control pipe specified [ 153.541319][ T6296] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 153.568358][ T6296] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 153.585512][ T6522] netlink: 'syz.2.456': attribute type 1 has an invalid length. [ 153.601949][ T6296] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 155.658118][ T6535] loop2: detected capacity change from 0 to 128 [ 155.702789][ T6535] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 155.761771][ T6537] loop4: detected capacity change from 0 to 1024 [ 155.782438][ T6535] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 155.824438][ T6537] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.849866][ T6296] 8021q: adding VLAN 0 to HW filter on device bond0 [ 155.905714][ T6542] loop0: detected capacity change from 0 to 512 [ 155.921047][ T5980] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.957410][ T6542] EXT4-fs error (device loop0): ext4_orphan_get:1420: comm syz.0.462: bad orphan inode 12 [ 155.965835][ T6296] 8021q: adding VLAN 0 to HW filter on device team0 [ 155.968189][ T6542] EXT4-fs (loop0): Remounting filesystem read-only [ 155.983319][ T6542] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.042187][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.049636][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.086438][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.093636][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.107652][ T5932] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 156.140849][ T6548] nbd: must specify a size in bytes for the device [ 156.672467][ T6296] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 156.849662][ T6296] veth0_vlan: entered promiscuous mode [ 156.889968][ T6296] veth1_vlan: entered promiscuous mode [ 156.918141][ T9] usb 2-1: USB disconnect, device number 4 [ 156.984453][ T6566] No control pipe specified [ 157.042457][ T6296] veth0_macvtap: entered promiscuous mode [ 157.063101][ T6296] veth1_macvtap: entered promiscuous mode [ 157.177722][ T6296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.215302][ T6296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.242164][ T6296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.252850][ T6296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.263458][ T6296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.274061][ T6296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.284015][ T6296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.304580][ T6296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.331195][ T6296] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 157.351334][ T6571] loop1: detected capacity change from 0 to 512 [ 157.857118][ T6571] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 157.896989][ T6571] EXT4-fs (loop1): 1 truncate cleaned up [ 157.905768][ T6571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.965458][ T6296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.059721][ T6296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.070082][ T6296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.089941][ T6296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.106343][ T6296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.122144][ T6296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.133935][ T6296] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.150293][ T6296] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.170060][ T6296] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 158.177613][ T5963] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.236178][ T6584] input: syz1 as /devices/virtual/input/input5 [ 158.278427][ T6296] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.307080][ T6296] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.331412][ T6296] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.354911][ T6296] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.151122][ T6598] loop4: detected capacity change from 0 to 512 [ 159.243277][ T6598] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.269409][ T6598] ext4 filesystem being mounted at /root/syzkaller.EoRfx9/17/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.383841][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 159.405379][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 159.444247][ T5145] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 159.518894][ T648] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 159.531007][ T648] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 159.648321][ T5145] usb 1-1: config 1 has an invalid descriptor of length 208, skipping remainder of the config [ 159.688908][ T5145] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 159.724243][ T5145] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 159.744802][ T5145] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 159.752501][ T6608] loop1: detected capacity change from 0 to 1024 [ 159.752842][ T5145] usb 1-1: SerialNumber: syz [ 159.801009][ T5980] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.936413][ T6608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.179671][ T6613] overlayfs: failed to create directory ./file0/work (errno: 126); mounting read-only [ 160.980986][ T5145] usb 1-1: invalid UAC_HEADER (v1) [ 161.036972][ T5145] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 161.070645][ T5145] usb 1-1: USB disconnect, device number 2 [ 161.111924][ T5963] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.337208][ T6630] input: syz1 as /devices/virtual/input/input6 [ 161.409209][ T6633] nftables ruleset with unbound set [ 161.610230][ T6641] loop1: detected capacity change from 0 to 1024 [ 161.667472][ T6641] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.714907][ T63] ================================================================== [ 161.723040][ T63] BUG: KASAN: slab-use-after-free in l2tp_tunnel_del_work+0xe5/0x330 [ 161.731184][ T63] Read of size 8 at addr ffff888064b628b8 by task kworker/u8:4/63 [ 161.739033][ T63] [ 161.741405][ T63] CPU: 0 UID: 0 PID: 63 Comm: kworker/u8:4 Not tainted 6.10.0-rc5-next-20240624-syzkaller #0 [ 161.751595][ T63] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 161.761662][ T63] Workqueue: l2tp l2tp_tunnel_del_work [ 161.767182][ T63] Call Trace: [ 161.770466][ T63] [ 161.773396][ T63] dump_stack_lvl+0x241/0x360 [ 161.778104][ T63] ? __pfx_dump_stack_lvl+0x10/0x10 [ 161.783340][ T63] ? __pfx__printk+0x10/0x10 [ 161.787937][ T63] ? _printk+0xd5/0x120 [ 161.792092][ T63] ? __virt_addr_valid+0x183/0x520 [ 161.797238][ T63] ? __virt_addr_valid+0x183/0x520 [ 161.802361][ T63] print_report+0x169/0x550 [ 161.806874][ T63] ? __virt_addr_valid+0x183/0x520 [ 161.812000][ T63] ? __virt_addr_valid+0x183/0x520 [ 161.817126][ T63] ? __virt_addr_valid+0x44e/0x520 [ 161.822247][ T63] ? __phys_addr+0xba/0x170 [ 161.826766][ T63] ? l2tp_tunnel_del_work+0xe5/0x330 [ 161.832059][ T63] kasan_report+0x143/0x180 [ 161.836570][ T63] ? l2tp_tunnel_del_work+0xe5/0x330 [ 161.841892][ T63] l2tp_tunnel_del_work+0xe5/0x330 [ 161.847057][ T63] ? process_scheduled_works+0x945/0x1830 [ 161.852825][ T63] process_scheduled_works+0xa2c/0x1830 [ 161.858440][ T63] ? __pfx_process_scheduled_works+0x10/0x10 [ 161.864473][ T63] ? assign_work+0x364/0x3d0 [ 161.869114][ T63] worker_thread+0x86d/0xd40 [ 161.873763][ T63] ? __kthread_parkme+0x169/0x1d0 [ 161.878851][ T63] ? __pfx_worker_thread+0x10/0x10 [ 161.883999][ T63] kthread+0x2f0/0x390 [ 161.888082][ T63] ? __pfx_worker_thread+0x10/0x10 [ 161.893200][ T63] ? __pfx_kthread+0x10/0x10 [ 161.897800][ T63] ret_from_fork+0x4b/0x80 [ 161.902238][ T63] ? __pfx_kthread+0x10/0x10 [ 161.906852][ T63] ret_from_fork_asm+0x1a/0x30 [ 161.911636][ T63] [ 161.914654][ T63] [ 161.916999][ T63] Allocated by task 6642: [ 161.921327][ T63] kasan_save_track+0x3f/0x80 [ 161.926026][ T63] __kasan_kmalloc+0x98/0xb0 [ 161.930643][ T63] __kmalloc_noprof+0x1f9/0x400 [ 161.935505][ T63] l2tp_session_create+0x3b/0xc20 [ 161.940542][ T63] pppol2tp_connect+0xca3/0x17a0 [ 161.945503][ T63] __sys_connect+0x2df/0x310 [ 161.950101][ T63] __x64_sys_connect+0x7a/0x90 [ 161.954890][ T63] do_syscall_64+0xf3/0x230 [ 161.959395][ T63] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.965290][ T63] [ 161.967610][ T63] Freed by task 24: [ 161.971425][ T63] kasan_save_track+0x3f/0x80 [ 161.976118][ T63] kasan_save_free_info+0x40/0x50 [ 161.981153][ T63] poison_slab_object+0xe0/0x150 [ 161.986091][ T63] __kasan_slab_free+0x37/0x60 [ 161.990851][ T63] kfree+0x149/0x360 [ 161.994749][ T63] __sk_destruct+0x58/0x5f0 [ 161.999250][ T63] rcu_core+0xaaa/0x17a0 [ 162.003514][ T63] handle_softirqs+0x2c4/0x970 [ 162.008405][ T63] run_ksoftirqd+0xca/0x130 [ 162.012913][ T63] smpboot_thread_fn+0x544/0xa30 [ 162.017856][ T63] kthread+0x2f0/0x390 [ 162.021931][ T63] ret_from_fork+0x4b/0x80 [ 162.026361][ T63] ret_from_fork_asm+0x1a/0x30 [ 162.031137][ T63] [ 162.033480][ T63] Last potentially related work creation: [ 162.039222][ T63] kasan_save_stack+0x3f/0x60 [ 162.044032][ T63] __kasan_record_aux_stack+0xac/0xc0 [ 162.049411][ T63] call_rcu+0x167/0xa70 [ 162.053575][ T63] pppol2tp_release+0x24b/0x350 [ 162.058428][ T63] sock_close+0xbc/0x240 [ 162.062672][ T63] __fput+0x24a/0x8a0 [ 162.066649][ T63] task_work_run+0x24f/0x310 [ 162.071242][ T63] syscall_exit_to_user_mode+0x168/0x370 [ 162.076894][ T63] do_syscall_64+0x100/0x230 [ 162.081506][ T63] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.087401][ T63] [ 162.089720][ T63] The buggy address belongs to the object at ffff888064b62800 [ 162.089720][ T63] which belongs to the cache kmalloc-1k of size 1024 [ 162.103772][ T63] The buggy address is located 184 bytes inside of [ 162.103772][ T63] freed 1024-byte region [ffff888064b62800, ffff888064b62c00) [ 162.117658][ T63] [ 162.119993][ T63] The buggy address belongs to the physical page: [ 162.126418][ T63] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64b60 [ 162.135178][ T63] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 162.143677][ T63] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 162.151667][ T63] page_type: 0xffffefff(slab) [ 162.156345][ T63] raw: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001 [ 162.164926][ T63] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000 [ 162.173513][ T63] head: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001 [ 162.182184][ T63] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000 [ 162.190888][ T63] head: 00fff00000000003 ffffea000192d801 ffffffffffffffff 0000000000000000 [ 162.199579][ T63] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 162.208242][ T63] page dumped because: kasan: bad access detected [ 162.214663][ T63] page_owner tracks the page as allocated [ 162.220369][ T63] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 9, tgid 9 (kworker/0:1), ts 81517498697, free_ts 25315736704 [ 162.240429][ T63] post_alloc_hook+0x1f3/0x230 [ 162.245200][ T63] get_page_from_freelist+0x2ccb/0x2d80 [ 162.250754][ T63] __alloc_pages_noprof+0x256/0x6c0 [ 162.255965][ T63] alloc_slab_page+0x5f/0x120 [ 162.260641][ T63] allocate_slab+0x5a/0x2f0 [ 162.265143][ T63] ___slab_alloc+0xcd1/0x14b0 [ 162.269815][ T63] __slab_alloc+0x58/0xa0 [ 162.274139][ T63] __kmalloc_noprof+0x257/0x400 [ 162.279002][ T63] ___neigh_create+0x691/0x2470 [ 162.283855][ T63] ip6_finish_output2+0x1631/0x1680 [ 162.289058][ T63] ip6_finish_output+0x41e/0x810 [ 162.294015][ T63] NF_HOOK+0x9e/0x430 [ 162.298008][ T63] mld_sendpack+0x843/0xdb0 [ 162.302518][ T63] mld_ifc_work+0x7d6/0xd90 [ 162.307045][ T63] process_scheduled_works+0xa2c/0x1830 [ 162.312594][ T63] worker_thread+0x86d/0xd40 [ 162.317188][ T63] page last free pid 1 tgid 1 stack trace: [ 162.322985][ T63] free_unref_page+0xd22/0xea0 [ 162.327755][ T63] free_contig_range+0x9e/0x160 [ 162.332604][ T63] destroy_args+0x8a/0x890 [ 162.337019][ T63] debug_vm_pgtable+0x4be/0x550 [ 162.341875][ T63] do_one_initcall+0x248/0x880 [ 162.346643][ T63] do_initcall_level+0x157/0x210 [ 162.351587][ T63] do_initcalls+0x3f/0x80 [ 162.355917][ T63] kernel_init_freeable+0x435/0x5d0 [ 162.361115][ T63] kernel_init+0x1d/0x2b0 [ 162.365444][ T63] ret_from_fork+0x4b/0x80 [ 162.369861][ T63] ret_from_fork_asm+0x1a/0x30 [ 162.374638][ T63] [ 162.376965][ T63] Memory state around the buggy address: [ 162.382589][ T63] ffff888064b62780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 162.390649][ T63] ffff888064b62800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 162.398711][ T63] >ffff888064b62880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 162.406771][ T63] ^ [ 162.412657][ T63] ffff888064b62900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 162.420716][ T63] ffff888064b62980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 162.428775][ T63] ================================================================== [ 162.436937][ T63] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 162.444134][ T63] CPU: 0 UID: 0 PID: 63 Comm: kworker/u8:4 Not tainted 6.10.0-rc5-next-20240624-syzkaller #0 [ 162.454288][ T63] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 162.464346][ T63] Workqueue: l2tp l2tp_tunnel_del_work [ 162.469817][ T63] Call Trace: [ 162.473094][ T63] [ 162.476028][ T63] dump_stack_lvl+0x241/0x360 [ 162.480720][ T63] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.485928][ T63] ? __pfx__printk+0x10/0x10 [ 162.490522][ T63] ? vscnprintf+0x5d/0x90 [ 162.494866][ T63] panic+0x349/0x870 [ 162.498789][ T63] ? check_panic_on_warn+0x21/0xb0 [ 162.503926][ T63] ? __pfx_panic+0x10/0x10 [ 162.508360][ T63] ? mark_lock+0x9a/0x360 [ 162.512696][ T63] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 162.518592][ T63] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 162.524498][ T63] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 162.530842][ T63] ? print_report+0x502/0x550 [ 162.535540][ T63] check_panic_on_warn+0x86/0xb0 [ 162.540491][ T63] ? l2tp_tunnel_del_work+0xe5/0x330 [ 162.545781][ T63] end_report+0x77/0x160 [ 162.550029][ T63] kasan_report+0x154/0x180 [ 162.554553][ T63] ? l2tp_tunnel_del_work+0xe5/0x330 [ 162.559867][ T63] l2tp_tunnel_del_work+0xe5/0x330 [ 162.564993][ T63] ? process_scheduled_works+0x945/0x1830 [ 162.570718][ T63] process_scheduled_works+0xa2c/0x1830 [ 162.576282][ T63] ? __pfx_process_scheduled_works+0x10/0x10 [ 162.582270][ T63] ? assign_work+0x364/0x3d0 [ 162.586875][ T63] worker_thread+0x86d/0xd40 [ 162.591557][ T63] ? __kthread_parkme+0x169/0x1d0 [ 162.596604][ T63] ? __pfx_worker_thread+0x10/0x10 [ 162.601770][ T63] kthread+0x2f0/0x390 [ 162.605861][ T63] ? __pfx_worker_thread+0x10/0x10 [ 162.610989][ T63] ? __pfx_kthread+0x10/0x10 [ 162.615588][ T63] ret_from_fork+0x4b/0x80 [ 162.620010][ T63] ? __pfx_kthread+0x10/0x10 [ 162.624608][ T63] ret_from_fork_asm+0x1a/0x30 [ 162.629393][ T63] [ 162.632738][ T63] Kernel Offset: disabled [ 162.637074][ T63] Rebooting in 86400 seconds..