last executing test programs: 6.44589501s ago: executing program 1 (id=1987): mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x100, 0x800, 0x0) read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1}, 0x50) read$FUSE(r0, &(0x7f0000004340)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r0, &(0x7f0000000200)={0x10, 0xffffffffffffffda, r2}, 0x10) 5.677053164s ago: executing program 3 (id=1989): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x8000) dup(0xffffffffffffffff) socket$inet6(0xa, 0x1, 0x40) clock_gettime(0x0, &(0x7f0000001a80)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000140097f87059ae08060c040002ff0f0200000000000001870182fa73a69d35a2cca84708f7abca1b4e7d06a6bd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x4000000) 5.676721403s ago: executing program 4 (id=1990): r0 = socket(0x2b, 0x80801, 0x1) unshare(0x22020600) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x29, 0x80, 0x0, 0x108) 5.632359696s ago: executing program 4 (id=1991): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0xfffff002, 0x2, 0x0, &(0x7f00000000c0)="61df", 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0) 5.631099033s ago: executing program 1 (id=1992): ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) r4 = userfaultfd(0x1) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000004c0)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3}) ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}}) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) 4.406030444s ago: executing program 4 (id=1993): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_i', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000004200)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, r1}, 0x50) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x610000, 0x0) syz_fuse_handle_req(r0, &(0x7f0000002140)="2f6715f6821a80a83f3ceeb0feec0a92635f304278c89b38f1b160d5f31b3450aebcec488d2e3c978e554eb5fe50eb194144b6ba9300ac662701f32a090acec69b278488a5722dedfad92b2ce8f119219d57d54353b134c6fbbd86c3fdeb625d56b840fae71dbf3e705e35ba34f8d77dce758947c6c29da1b9dccc974458daf9903b06860fd9909737af142c59970520c585e352004f4bab346c5892d596baa76fce0eab5ac3f757412d8e1f05da5fe0e445cda87c528d3a1064f5df1aa8f79959dcb94a240a6ae4b44c30067d132a806e698d3efd729db37cbe826969d4f9a6bef7089edd63a6fe4f154490f09e655137ecb706eb80085d8f78e0ad4108f9fc95eccea1210f3eff473c9cd8486bd0d239b30d3f7aca81c4f589de27c1aab3ec937dd3d4f386c65407125d50057784d56fd047de8ca80a4366a50a0957e1186d0c8dd3ef9338b3b26de5fbc03b1e6ee301bd7b11ff98e4f96e0d56e8b560d0d01cf28da3d820220ec494e1c14eef06b5364afcd02ad61de6b126ca5ec94dcbf14bed197fffada25f0342affb1bbf724a63d949261e2ac2d0ca1b98fb1eecc002a8b9e612ab7ff7fedff026727bad05d02ed62a2c5c347a14fa793542d0ca448519ea96919e954f837b9403b8151a7fa0d1d5daf9f58a00b40b5c22c0e2752fa6840fd92a4028dc3bdc7413710f8dc10de9c50efa4945773c857199ad8373a5f007cc277b7e04166be95f3cb61eb54174ae93d05e01362d6012c1980971e5656dd66863360e8c36a65f90642248028aaa9d40afbf92d3348a106d5ad9e38113b06269bf4f0b42dc9b4c31552dd0de608c6b7bc23bb69a329ad0187292ba665a9d4b16b3fe2c7f4124365dbe55d5c0f233304c34066b735914c02469d5dd833fb57223938aff666dac3bffdcc8aeb4670c3502a8ac80ab14ca60f66db906e9850e72e861ee984c18bca9f64881ec370e5d5a7efd39c3e046f3bb65b4235ddd0b5c896ed011491b73eb7330346a3ba74812faa2325d543c360860482c4710f01310dbd85be9d3852237641f887c58e795f52c6762da7a8bd310a83507e808ca3531dbf87168be409db96913909f88e2538936d474a3ce0b3e26cfdf3f575e154e9a5168def5696c1ae1ad42c8151d9b66d4d764a761a9ab3fb364e1facef642a949a1a5df8d2238d283a054fd4b7848d34b9c1970abd014a06b132dde9636cadbf679391ce34af59979d76df1bbfd8a38935159562ec9ad4436ae14847fff88ad86b00321288c32c860261d746f4d6159af85ba021f320aaad451460833aac722739909f23be4335d81af5bb7a8d774cd86cbeefa61877c4586c9ffdffee1bc082b50e721d55ae6ef0b879d270313639341a7863ffae7670124113e8efdb7069993ff1321310af69b394b0f444707823a76e925fe79149555ed53fc1ba66918ea3eaf12790d5a718ab201cfa782960e9b63070624cd9d395497329e56616acc676d74cd6613391d8eb9bbd3975471deb5206f2b61d37f6920263ed002aa8b4c41eae3b08ee78986e71c277853095cb84f930fafa028d29a7457f4390181be1d39da18c494eeafe6808acb50e3fc4b783e8a8949981d197756ab3b6f7662a163f80ffcb49064ba0054a3c61236cc828a324ac660c3b3fcc1bcd8cd81f658f16012bc18450a0e610ea5f605a674d9120a548dee5c44a8d616ce2e9922ee720e3211189d7fec26e0c8a07ce38754b4bed4f0387785ed8d48b3faaf30f1720487521905653a103e6155133d23ee073db21f13cf96a7bfa2dd1ec0fc30b8c84a318c90ad5f4b1396c62c51ffe39c7e07de777544bdac4b3deea0654618b6f2045fa16a24d2d7176ee91024c8c767089209b2df620fa62aba506f25ee02e71ba74585ee91f8ca143459a2a18546c64c5b9220426d52458a09735d978f512f605bd491e92b8b80185f687053dd6b85d98a6412a770af8d6862faee0d50690aa842129a1390f2673e0189345903ee048494fd0737cf73a3163910fab3b985c1e12d0e2bd3d4f0a6ede6ebce445c2dcbcc6ea1c4acaed588f1da230279b924e43daaa3ed00cdc70a3f8f9e6f90a59b8bddebfc46c66271f3adb5d424ff4e906807543d6c5aa13c98ad7abf111321cca560c066e1029fc0685a42480b2964842c21b104d592add988e3a4d53a9f6f57e860a0befe135c9b59ac9b130bb21affc29a5fc4e7a3c52cde81a524ddabece33fba0668f2e312aa12d2ffd5eb3436065564c099a245de7531d734b1eba970fe462f222a7ffcd7b6f64428c9ae8ff582616cb5737c5ff17fcb53e57afd10995ef9b1f7696ff5f031b04eb598bd07867cc1e74356cb7f1b3d15a0a18089a8c823015f1920c8bb82bb533bbe6aaa5a97d3f1ae0fe03ef21b80028ba0c0f716db31d8ca3de65ebee28491cec081602639962f4c8a8cda9ec4736a77a0c1a38c450a07e18923e2788a175f285906f41bcc1412ed7e4ef556c217015868b628c8c661c73589de70b72101004ba93b7be9e1a2c3fd5121789d1ae5ca76bc50ee022e0bf80534bc586280091d31b9bba4693992465a6ed3cf17b1db87808d64b48896a254765933b51f1a4a196cca591f8cdbdd5644415982f8484dbb503354e92858240e9217dfac71dc8635d4b45372e7da29c79060afbb2d5b23ca8d0a541aae729100694b2de8c11c9dcb094185df44284f51fd1198d493c7c8481e37c6bd85cfed8554f0f5362d8fc167d0f011a578aab03ea9a49e0e59b34dd08894600c30a15e204c413023ac44610b0bfefd5887680a92349ececf8a4a639df03630d43e91bf6fb9b09d334a4e51dbcd728fcef3f64fb249f32436726af25661b18d60f809d099a6ea8686c4c9662e3b686269e14d8743f544b5b145a7c7efe7377880d817ac6e329e15cd2773a3d6a499becaa8261249a3a822bc262a8b49accf294b4905c46f3257b5993289a5893d54b2630318ffaaa8b4c58e565cb3f8942bdb6d4058803d16aa225b21b8b1a7fd993f7d4ead8546bf97ec72594a646ad9a9eff2e23fc389684e5ec318c8b4d065a0160735ad342c602e32d0aeedfb1e712e1f31cc27670a5766037be73eda9b48f422faf48c255246ed923b15a3c0999c82dcbb1676f0df60d3249ae610aa92f95243f001b202cbd5bfbd8f142c10b4f086fb0df1e661bb899d0ec4c0bbfab15389f4385bba53a6b2107c1c4e8863f27c4dfb379717f7afcb6abbdfb92ebe2d15cb5ce8f8cbfa7fa9872978a145ccf1cefc60784412255280dba27494c93895b068989fba6e47f9f9be79b4919add1a77663d4b0fb22df4d3c68b9a473e89b3a2b3c445185d17b1ee804c0b5b4a8afdf1f37d7a2a64e0343486247caf585dffa1d0a7c54ee31c7e8f3723c075068327634e8741ac59a68b7b7cf04ff362689523944d592c74851df83b1e7574f34f345dca549e9ed802ab8593e352ebf90767e8ca4dab0da97eac4bb1e8fcc434f92ace9cdd4b53199bb76a269a04179bd8944eeff4c4953f3e803f108f51f60ada379c4e6df16293b36b1603a87eacb1f819f676663f3640385ecc2172a28c880419e8194779074940a896a846aaac10ef34e38ef373e14755a0546a79159307fe46c275d88d8956eb46c0d9aad5bc0251d7efcb54e8e04ea559f14faa2cbef76729cce13dd63079de01aa96f1c402e376ab8c063531415f6477e7f7fdfd053994ea653014bc4ee8f6be9c740711d5c278c666535c5fc7b1a7d578e9386924774844371a507fdcfb524f1da4054a3319dd28c122193067bfa349349e3816797eac15654de0975ef1e3b874add451fe1a7d8d880f2d57b79d82aa604b223aaf9ff19b93c3388e048ee795566e0c09b575dbf7c40d1a2bf8d8605b4f5798f34f7c05b13e3ee1d60358c9a6cf9dd3a719aada40d8b355a39f97bf139a48d4566ba7d0694815a832679e4a90c5d09c59e066244c0d0b133b062c9b869529e45b4d6caa8bb6c0490aead126b674780560253d99f7990566d93f8c21c1067d69bf02ccb7425debd945cf420a2ef7ff136be8b8a8bab2c01998918420911126b3404d66d6f3f9883dcc48390e30e2a3d6b62bc367a9b6c2190c884968a046c5eca856a1b347c3c7cca172ed0428b01b5ecc335d0cf8accfb90aee24f44b0d975997e51134548eff6d28e295b37610bf38805503314fc92992f8f476a2d239c1b9309b89186e80068a58bc97d1b63184c7d2930c9e936c3a888672200d76cd792e8210389d3f454c4fc7859f63dbd73fa68b56b81129458c970e4a8976c1e2ed13479b69de370a2c52f47ba24344a77d9bc050730eb93496c1b5dce64a9641adcd608dda91f3e9eb566754a1e406ad2f2dfbf72601f87aab84de4a285266c604cafb6a0075364606f7c86cf3f838c5aefc1571fae6adb8c42b0f8607a1d74f69a19ff4ecd291d3f93a21e1d12cb73958d15f513c9bba81ecfc1e149eda629a5bb96abd290a2a1f8e4fa3637490287af19aa9aba879a31317afadf01747f5785b471cc49a86d9d9e9a6ea84cc259ee2ff5c5c7a5bbcc15bc331af88460c9b6e0ebc3eb9e9ee967fdde6e1e0eb343e4640d28ef314507ec2dd655209646d4aa069eeec49db51d6adbcba6582c4702a1bd2c4629bee605f615e7cb68629e8977910561f0902cd76772523f5ff2e41eb6fb73e126118f7674738840992fe4ca38fc9b84a5f420fa17c6c24c544c37ba0054db783d569d1550103174f3fb4fd345d45237d78fdd740375c81883713cf22049aabe4a544404de99ba997602b0692809a0568bd41642ec360f692aed19866a8ebc382051839df9ce735414e7d58c2e01db41fccfbc8527acaf6e6f03b554fdba0bcdea75721a33085688f2f853696a6e3b09d7662ead68eec5d7feffb453ff48bc630d56d543999f382376ea45e37c59640a9c3514fb549988f79e99777ef3f45c4e7012193a45899ea6e2a498b7a0433e82930a65b13468e7fd73f0e8c1d65fe36214956d3fea567c7a989760f7dc17469a973cf43ee5ece875e4b3aa0f956b290ab223b5196a0091e186ba1007bac28e8da9b7a86786ed19040a164b57d27579b4b56fed57bdc05f396e65139491a34cfc8bb72a817a250ca9deea390d47303d1793589271dcdce6acc12add5b10f17e1474e847b4a7a3c902539a370ad101b5a55dbcbfa98c48516d279f868da13764c505c970b22cbf34e89e3338305f10e19ac45cef443fdfea9410f43a11c53a69b26de1d8d67a9284ed48227bdfb44a2f921975c10a29ab9fce48790d395a9962bba1ca7ff2833d41463099b5b978f97f691e55e0bd0a245b7a418c3fa114bf8af82110c4bb333a73c4de2bb72056c9fdc94d1a94a6e2bf63c6fee87030579ad1bfabbd02fade84b514b76ae15f27d1ed1e4052f909eb28f7e0fa558d60e0713f0499510d2d17486ebff04a0e047bb7eb7dbeeecf84956d3239aa50fae55e61643e426a8d48337976b755a567b551bde966bb61cd10a761e0651c6d73a0ae4ca23db7c03009e43f1c36afb549944684e29435f45ecc382ff4522238646ff77c866ba97ea6d7705e94a5a96f5986e28cbf922ba2eec0c26e2438e3ee067e04b158b91a91d0f2ba07f86e054de65a5b6ff8a416a1f6b770353bfae0088b93e95490bb762fb8bd403914caab51ff67b816c1831d256879b0f681563e1625d3cb544b6c28caeb0859a992ca8df6d13d5b107d757d933af7b399b366bd3185118e91c3c52f6bb80d85b88752b6a34c6f8903fddf0671009c9a06a83c0f0d4e5db89bdc7943554e5d937420967a61c481553ccfaf26b29b52a6b5ff416488f1be57aa4a8e7824aff3fd7d5ab63a8322d13541d378d3bfaa67aeaff40f4ec6ad43dca85880a3af90b30d8fe7d528b66d191bc74754616ce9aa1a8610a2f0bfccf456d5029c5bde6be5a941240e786d8036e571214bdb86d654a7cf88031abd03eb3a2f893b59463468e5cf07f3131ceb4dbe41c8fc11bd13bdcf90a4b988e2a9075bd9846d8c5e669e6b39478f9517036ca59f09fe6835d9450591964c5a31ef90af2cdbd75c8de78528f5ef2f89665674f4acef0fc9181f1ae8344da3beb8189677b4d2db674679b59a38870b993901496bbe33ed3af065e1b92586dfcbc3dc96f8ebcfafa9767383c9eb5ce8d5b4c6c75727f4fadf34025881feee6212ba12e930e024e0cffb6dce9d2a7add7d1ba95878457387991ccb82b3513449aeaab37a6c16f17f35d6aa78ec63c4bb6a3015d525b9b698d39ca97bdbf560e22ab6274d8a4adbe0b57e8a00e2794600ecfec438ac4242b17b1b62f142eb7ace5f6352eea849af73a658df19de1e76edb8827255991396349d2666dbdad634246096cd998a607f70bc41b6f7ecebd7447ed286ef8c4e7dca61eb2a9ebe5f9b69b809870ad92c0aa37d0f0d49939a373fabb3c8c21d5ebef77a3b4ea9f35d2ec30d8fe46b365d65f9a1aa0ac912d0a252f1a51274067068e98d5e0df9eac633671414dceaae0c69aa1cf3ada61acde03231cb3b94adca6edcd501e0248a4b319afefb98821ba2941dc5ba4c6bf214b97c68f3e76e09ae55a283fae311684091380f023d37ea4c0a92e3511a414b3aa3fafceb1a4c8e59e5f7f04663448f849fc3b8b89dce61022309fe21fa4cf00c9beb53ff377c8a59fa029340c130b6d1caaa99dead2be2e6c0cae61b1f507e9d91a551723488308bc2832350b07db9c21dc5a465c64efde19439d43de9746bb2ab5ceacdafd950d1c4e0eda5ebc18e0d8ec8044bc6ddc49edac9a8cdc0d3efe26e13d748406c7c0a77d63a4363a5192bad51fcaf9ef2f1968a184daea434790b5041eff8dda2acff4977b6b557da69c79a3b359aac6e4d8aede547f3ec69332255c88e17817289a80ad1dfe638a337b11a4a64116bdac17991cb5abc97192a796acb0145609d2efab26d25d4c524a04fb87834719a6f22dc79cce8fda08d49ef5c3a61004ba8f61e2945935932c376c20a7fbed97213284e099f7e63ca3d2fec6d75887f7ff4e655fcf24e007a7c4bde6ebe9566e8685cbf3ab9fdf11f5e6b21af47b633371561567e59d7a1adc2b1b2e7305004fc90af21faf859ddd9ace18e8d87f5ba3afbf8b48a77d68db9b579dc94d613021b3a243cb27a5f77a6de4ac41e6bb6d8847310075055e50bcf13bf5aa0bd772a26f8b62b7e1e2f195d31c3900955d46ef5280697db273eb48a7f0aad2fb0d8ad8258032c7005c97dbd44b6311c090dcc8a38accb454fd07282aac8ce9c1dd205225aae845b77d0ed3fdc4d7ee0b5fe2ce3892980710bf6a9668a66594c784ae5a096ea94f45407309de7f54292ba1d46f590df8bc6071af6e79b538d46604f3dfaf9a56fc83639310f5d9156f43c3aea7e2fdd972ade915e98548861776c6110f18b978a73b2ac8a6c7c90f55ad7a27cc4e206b251ceb4e11277af0c69be49f37b11516bf961baf1f2f90d55ade42b6a417afa9529fb3ecd226931814236409378abfe2bce88a9d0daa9c205b7e8c54a7e95841e4f55bb10a86db0056ea84a64046759e0d23670f46c3db1510ff23fbbb2677478aea17eef871703e155adcbaaadf319aad1bf551828e621b60a0a7e8886e339c80d5dabb54f3b5234f92054d49a4ec78784ee1da146628d26d263561271ae55165a85cb349248f7fac0dd559d1fe52fb398bebaaaeddf85b69b2c7128985d96241cbb096f0af7bf9f8dd844b9b5431bbd711dfb07501acda955c487d0b07491b031981c71e4470eaba1685da6c53f996f52758b3867c2cdf32c78a1d1be208649e7a98771bf0cbc496d8f593cdbf7ce807f4abc556e6c570b36cabe959c613f8aa18cbaedb569cb17d56cbd9d8d79c90424986f090a5245aef6caa5b0886f01eb2e0c89245d168820b44d4fada2db44ced84d46da7f139f6f5d24eb718965cdd84ab9d81ec71de0989150073c5c51897f71088f489c789581795b57f696a6b7a412b83d1edd92b2c68c1d1c99b2bb2fec325cc552838a0f60a0b008d947ba5617dd79f9dcb505cd3de4598d8d0b27c9d33489af287655e8f150a54c5ab5167cfadad7633519f88cb57773d9f3709b7a1629d628c6a3b138cba88b94cee2620e60fd51808da228e959c727d9aa3b5f08ed2802755c4e31b5ff51af85312feeb01a7b592ee1c2de1c0a7b776e527898c58a9deeda2569b45f5f037ac64eddbb8394879a31a3e0c1e9ad6b8608b98f41c0f7b0eacdca4b46c0cf4410572bbd5b10e3d2c5f7075d82b3bd0b57dba74c1fe9759dda96f590ee1bd30866ca149fb99da68d8d2e69422e1ff91d97285692eac1c739f5abdb17c4739e8cbcca58a756e6b36abfd5a1a1cdf9e7c7b9eed0a284c2762cbc9917b8af986abf51679b2f36c97f41fd7d7db0339f7e18fb240d30a19b284e4e7e660a6656cd3024154fe47fa07884a379364f8a374eaf1c4fea5ddec15eaa3fff9c2b4bae86cff5fc60e6ba638773d58b67f205f621fbfd602f1db9e9834f1af2d6f03f5fcbcd1d3a4b4880656372f34707a5462c86dcb73c95264fa258c935f40cc15894b736ec9ff6a00eccd235a74dd51d1943dd2758347b81f968f4a272a191ceae6b3f71f356b93e20f1f28fdd5cb20149e27227a1b72c6b56ca73596dfe5eca2b75e025bd2989d7d269c11f254c46025d37795251a3961c6e3a0ce149d29cc5a93946c3dc3cb4c7c2657343e4e36134d2dc490b3a5a47d2605b0b5bd9b8dff3f76ce0a27d6a674fa46ff072b5e0e63e30c05ca7ff0f1a66640591bc98c7fc814f92eca3047cad630e79d5e2266d3573fb0ee81d375071917def118103fc05aed50ba0aa0702e6910582e416e75edd2ede022aa3dc8faf1c16a6a5e439281ee20166a6e1f4c6a7e963c1b70d48e7a7dcbd6d34254aaa4573126399fd221bcd6d8e378d3c1911f1bba33a8d203c6b1e054e0e0c2b00e010822a14f6b85e6df19645e4ec68bc1726ed805a664632f053bab80822574b9d8208371e2a050529aae3c7394411ace2d71b1b6145cc885fc12ce625f157940f92229d5d07bff94ab5fa51ac3af4289071419ff2c1a722fdc35eaf46a4dccc85cc0688ba266e11af2ea805922059626617a2e3442dc142d11652b7a468388e14b687391a0dcb09ab71c44a13d8b362139ec3f41a831eeaf21a2aa138b083cb6b0f8834c5a3db8e017509f7998ba4e79007c8783159d156a5adc398ccd36a88e7b56b638bbf90afff077cb738b17c0b67aee5e585e89361b6d842817f8fa216020749749c10057baef21e238a9d683a8a9ec5139ae84d66585b47a4ccd6998c036fd07cf1e4bd2fc88659a3d4ce022761c6cae5a188cc33b66ff79c77d0d9c8db34d0c713a9714909e0830a73c54f9196e6127daa911d5c1cdee1104e05fb4e420916bd743a7bc0951119c19d5cddf78abfa0ef7f92af0dde67cf4e3ec38338a4126aba94a53448b4bc71c9eeb8982385b3ed088b49f3bac3b0689a77c9d2008ed16e7d56ad9bcfa1ab31d897da256217fc88f0fa3923175faddefbc3662a57082ffd0e00fbccf177c7b363e80c8cc07022d1fdb81998beff4657e640a4c5ff2f626823838d238a26a99530896f40d4f02759db53fe6571863d484d13e0b08b25ce12eb7732716b6e4827e56e12841eb37505b35a7e4672a122fd1d1ba7d4c8bc2c1ca4351bec396bf730535566edac629475535108cc0bfcf7645bde789a81c68ddd618b95c1f442a8616e3369d5a070c498a28e10e258f0d6ade04ea91ff9d71a08861797b329198a5d289d8a2f1d400dac513a9476e6de9a6f27cdc86dbe081cd9c5e627e11d0f64adb43aa78faa6f81a2c510ead8349c7f6489fc360435b59deb0b22905f2d65b777a1ee8976b4e7a9ecdfb32325eb80de8167c9ff6e25044a89d5f8ba326dcd59ff8b26c78ebac859cfffdfa81ebac4d6670a08b4c9028c86bb9c14162b47dd974bfa06aa173c06d245bc5154c004a079614998c1fd558b875073d91f0800f34a775c15c752c419f9c22d6e961d638598e960a5f1ddef2e4bb9cb57360c47f7bb1a8698b08f64c074a44e0e066291d73f9ffd26bfffc551cdf7f102f1a8cb1369bead1d5a83f230bc63634a2ef788dc9529e0ede57fe7a7ba4924c2939c815b0f0a288db6e3aa989c2d936e54fe0b84512f2a0f3706228d108aae35f7c44f6d383e33e5cfefdf84d3028b5eb25ba78d0701258504706adf4058c67e8223d2251f89e84f4bd7ab2bd80b859c4fec7bfc46d7c5b7d9d7b8ce0e57511a3ee3cb0caa902ec497e6f8e4a539f968a7b800d59c983e5eb9f032dd3304549513f0d377369055c2a0e85eb6798f36e617d0fef84631c3b3e8ba960d754fac69ed1471afe251f923ce24154204785abd0c2667aed2364ac2301e6af41707c3293b97952b38fcc16d22b25e11f04961d4efe4fb9e4f916b3b6ebfbec7389837db3190894b7c60196c6784ffecbba94bff78733ef86bb6c28dcdd5b9c05397ea95cb9a55c0f48a980371f4335cad7d93a319064db4481c25c0627f9fc6a54062bf5a8e6a02b4b47490ecd368b6f273ebb70203b146d1840cbc8051b65d62349e1120a6ae5fee65349f6ab4e12f77e2d6e750eb14b8c30fd8815f35aeb5245e132d4f78f5f6596f754fd6f727c66a5f91f59115c2556bc25de72255ff05ce6b101159b4c7657340c2d5de546fb47008253f6d488d42ebb09c8bc6d6adeca174b1c7353536a66ff8104d2a9d924fea5502cf8fc8a540314a2be891e3285fdbea7114ef79e3b1ae5d6d0250eae6b4b406d77b37f65c7b9232f58636254ee4cd8c5d87f027c292da49a805429ab6811ce4e98cab463102acb608db59cd00874d2f726af77976797fc7cc89e091efa392810670b32f1feeaa652099e161128f0668c4c9bf60fdf8cedeb4e64fc740046af34e7911fc659992a1db2490a22536bef386ed6fcd272af57ea15740829262b0c58ebd18a9833389df532a1f425cab689cb56a73e23613c2eb9d8f64f9ce4ae2c7cc681b5afd5725737eac4609743841189589b9e072fa939fa82dc6f1dac20849c9c27d0131ce66a8d5d7463933a00d3676b7634f6dacccd40fd853720275f83710f1a3b1318d8e25affa24e35b90974b7f31b35ac54fd0500ec3df8ad7dd89d55318dce04f7049dcbc170283b829c918abeb6c1b7d930be7f5a67e84ebc863f4626558ef2008c49dfd80bfe8983bd0b94ed6a11ce62364a5e9c6ff7f1f14ffa7ec7e815f1858bfba8a0ca84b9606ab55aa4218585a58eb7bc2435c4f7312c8783db4beaaff3d8a3a0a2395fe9e78ac92ce8009ab37e1f9ac1e42a9809ed0d00ae2ff609ec582e1b80c6f2cfa52e5fa9b5b4a577e6a87ce11d2d51e52aefa190c4fce70b1968e3ff8bbf00f04c0738b457716f6755da21b9a045b7faec066bc2ccf978d7b27448ea05c387f7d4f3d06966aea791b512033ab48308c2758ab92e41dc7a2780830bc95656f0e023726d40b54606aa9a78afcf36586e14ca9c5f02941104785a021022e473119ce809648a9f6bcdd9455c2b11ca28a7b62383821fe480933f95e59539873cc8d2c719d4d25cba7aa9f958ff0e", 0x2000, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x90, 0x0, 0x3, {0x1, 0x1, 0x20, 0x3, 0x1, 0x3, {0x0, 0x9, 0x7f, 0x2, 0x6, 0x48, 0x0, 0x10001, 0x9, 0x2000, 0x0, r2, r3, 0x20000009, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.358391964s ago: executing program 3 (id=1994): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) sendmmsg$sock(r0, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0) 4.242483622s ago: executing program 1 (id=1995): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001500010300000000000000000a"], 0x14}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) readv(r0, &(0x7f0000001600)=[{&(0x7f0000000180)=""/207, 0xcf}, {0x0}], 0x2) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 4.053754981s ago: executing program 4 (id=1998): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000140)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000100)={0x1, [0x0]}, &(0x7f00000000c0)=0x45) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000001a00)={r1}, &(0x7f0000000480)=0x8) 3.31043944s ago: executing program 3 (id=2000): recvmmsg(0xffffffffffffffff, &(0x7f0000003480)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{0x0}, {&(0x7f0000000300)=""/213, 0xd5}], 0x2}, 0x1}], 0x1, 0x2, 0x0) r0 = socket$key(0xf, 0x3, 0x2) recvmmsg(r0, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) sendmsg$key(r0, 0x0, 0x0) 2.851354821s ago: executing program 2 (id=2007): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x3, 0x4, 0x2, 0x10, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r0, &(0x7f0000000100)}, 0x20) 2.772601783s ago: executing program 2 (id=2009): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r5 = accept4(r4, 0x0, 0x0, 0x0) recvmmsg$unix(r5, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000940)=""/104, 0x68}], 0x1}}], 0x1, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.470556028s ago: executing program 4 (id=2011): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16], 0x14}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f000000c140), r0) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) recvmmsg(r2, &(0x7f0000001480)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x100, 0x0) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103000000000000000005"], 0x34}}, 0x0) 2.446271756s ago: executing program 3 (id=2012): sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x10) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) shutdown(r4, 0x1) socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$video(&(0x7f0000000000), 0x75, 0x0) 1.861909708s ago: executing program 2 (id=2013): openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e0600120c"], 0x9) 1.81012568s ago: executing program 4 (id=2014): socket$inet6_tcp(0xa, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x18) r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x401, 0x0) ioctl$TCSBRKP(r3, 0x5425, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xe) ioctl$TCSETSW2(r4, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, 0x0, "2cf155f1d8b4d0441f0246e09537aa82dc1ecf"}) ioctl$TIOCGPGRP(r4, 0x5437, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SWAP(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000009c0)={0x34, 0x6, 0x6, 0x301, 0x0, 0x0, {0x2, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x80c5}, 0x0) 1.618420482s ago: executing program 2 (id=2016): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0xfffff002, 0x2, 0x0, &(0x7f00000000c0)="61df", 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0) 1.618067074s ago: executing program 0 (id=2017): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={r2, 0x5}, 0xc) 1.592151232s ago: executing program 0 (id=2018): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VIDIOC_S_PRIORITY(r0, 0x40045644, 0x20000000) ioctl$VIDIOC_ENCODER_CMD(r0, 0xc028564d, &(0x7f0000000140)={0x0, 0x0, [0x4, 0x4, 0x0, 0x8, 0x0, 0x0, 0x0, 0x40000000]}) 1.531347686s ago: executing program 0 (id=2019): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a0b040000000000000000020000000900010073797a30000000000900020073797a32000000003800048034000180090001007866726d0000000024000280050003000000000008000140000000090800044000000006e8ff014000000006140000001100010000000000000000000000000a"], 0x8c}}, 0x0) 1.521570062s ago: executing program 2 (id=2020): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="500100001a000100000000000200000002001c1f0000c808ffffffea080006000700000008000400", @ANYRES32=r0, @ANYBLOB="06001c004e21000008000100ac1414", @ANYRES16], 0x150}, 0x1, 0x0, 0x0, 0x2000c094}, 0x4040084) 1.422416143s ago: executing program 2 (id=2021): syz_emit_vhci(0x0, 0x11) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000003680)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200035c0, 0x0, 0x0, 0x200035f0, 0x20003620], 0x0, 0x0, 0x0}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffedd, 0x2, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmmsg$inet(r4, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f00000005c0)="96a67b36bd06304a08a67f14f6c3881ca6167592ce060670a396f8ab05ace2caca6b2a9ecf3471d2", 0x28}, {&(0x7f0000000500)="fc484e55021886bb", 0x7fffefd8}], 0x2}}], 0x1, 0x0) 1.422101928s ago: executing program 0 (id=2022): recvmmsg(0xffffffffffffffff, &(0x7f0000003480)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{0x0}, {&(0x7f0000000300)=""/213, 0xd5}], 0x2}, 0x1}], 0x1, 0x2, 0x0) r0 = socket$key(0xf, 0x3, 0x2) recvmmsg(r0, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) sendmsg$key(r0, 0x0, 0x0) 1.203305858s ago: executing program 1 (id=2023): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r5 = accept4(r4, 0x0, 0x0, 0x0) recvmmsg$unix(r5, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000940)=""/104, 0x68}], 0x1}}], 0x1, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 227.95566ms ago: executing program 3 (id=2024): syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e04de22"], 0x7) 118.525153ms ago: executing program 0 (id=2025): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16], 0x14}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f000000c140), r0) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) recvmmsg(r2, &(0x7f0000001480)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x100, 0x0) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103000000000000000005"], 0x34}}, 0x0) 116.812566ms ago: executing program 1 (id=2026): bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x18, &(0x7f00000002c0)=@raw=[@exit, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1400}}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x1}, @tail_call, @cb_func={0x18, 0x9, 0x4, 0x0, 0xfffffffffffffffe}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0x401}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 80.444254ms ago: executing program 3 (id=2027): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) getpriority(0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r5) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r5, 0x0, 0x0) 2.549289ms ago: executing program 1 (id=2028): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f0000000240)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r4, r5, 0x12}, 0x10) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) sendfile(r7, r6, 0x0, 0x23d) 0s ago: executing program 0 (id=2029): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x86, &(0x7f0000000100)={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "82d18160f7d8ddab6479a6f1514ce8523c1f80508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0) recvmmsg(r0, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000240)=""/74, 0x4a}, {0x0}], 0x2}, 0x20000f}], 0x1, 0x10001, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.56' (ED25519) to the list of known hosts. [ 39.877950][ T6406] cgroup: Unknown subsys name 'net' [ 40.105782][ T6406] cgroup: Unknown subsys name 'cpuset' [ 40.109873][ T6406] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 40.462494][ T6406] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 41.815744][ T6418] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 41.823922][ T6418] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 41.826162][ T6418] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 41.828421][ T6418] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 41.830244][ T6418] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 41.831831][ T6418] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 41.888247][ T6418] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 41.890377][ T6418] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 41.894034][ T6418] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 41.896064][ T6418] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 41.897821][ T6418] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 41.899772][ T6418] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 41.912935][ T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 41.915657][ T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 41.918473][ T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 41.932836][ T5987] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 41.946901][ T6427] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 41.948935][ T6427] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 41.951729][ T6427] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 41.954036][ T6427] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 41.955739][ T6427] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 41.965131][ T6431] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 41.967388][ T6431] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 41.976752][ T6431] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 41.980859][ T6431] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 41.982823][ T6431] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 41.984632][ T6431] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 41.985583][ T6418] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 41.987909][ T6418] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 41.989886][ T6418] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 42.022424][ T6416] chnl_net:caif_netlink_parms(): no params data found [ 42.081391][ T6419] chnl_net:caif_netlink_parms(): no params data found [ 42.099430][ T6416] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.101029][ T6416] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.102471][ T6416] bridge_slave_0: entered allmulticast mode [ 42.104657][ T6416] bridge_slave_0: entered promiscuous mode [ 42.121639][ T6416] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.123106][ T6416] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.126489][ T6416] bridge_slave_1: entered allmulticast mode [ 42.128440][ T6416] bridge_slave_1: entered promiscuous mode [ 42.161121][ T6416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.166258][ T6416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.176125][ T6419] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.177670][ T6419] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.179261][ T6419] bridge_slave_0: entered allmulticast mode [ 42.181030][ T6419] bridge_slave_0: entered promiscuous mode [ 42.196438][ T6416] team0: Port device team_slave_0 added [ 42.198274][ T6419] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.199845][ T6419] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.201361][ T6419] bridge_slave_1: entered allmulticast mode [ 42.203020][ T6419] bridge_slave_1: entered promiscuous mode [ 42.213179][ T6416] team0: Port device team_slave_1 added [ 42.238908][ T6416] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.240373][ T6416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.245955][ T6416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.260194][ T6419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.267724][ T6416] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.269180][ T6416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.274622][ T6416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.280433][ T6419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.309433][ T6419] team0: Port device team_slave_0 added [ 42.312000][ T6419] team0: Port device team_slave_1 added [ 42.353208][ T6419] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.355152][ T6419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.360148][ T6419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.405057][ T6416] hsr_slave_0: entered promiscuous mode [ 42.453782][ T6416] hsr_slave_1: entered promiscuous mode [ 42.500274][ T6423] chnl_net:caif_netlink_parms(): no params data found [ 42.504473][ T6419] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.505984][ T6419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.511241][ T6419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.551585][ T6425] chnl_net:caif_netlink_parms(): no params data found [ 42.598529][ T6423] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.600060][ T6423] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.602097][ T6423] bridge_slave_0: entered allmulticast mode [ 42.604333][ T6423] bridge_slave_0: entered promiscuous mode [ 42.655141][ T6419] hsr_slave_0: entered promiscuous mode [ 42.693701][ T6419] hsr_slave_1: entered promiscuous mode [ 42.743555][ T6419] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 42.745211][ T6419] Cannot create hsr debugfs directory [ 42.761255][ T6423] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.762724][ T6423] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.764604][ T6423] bridge_slave_1: entered allmulticast mode [ 42.766432][ T6423] bridge_slave_1: entered promiscuous mode [ 42.805053][ T6425] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.806697][ T6425] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.808287][ T6425] bridge_slave_0: entered allmulticast mode [ 42.810143][ T6425] bridge_slave_0: entered promiscuous mode [ 42.824767][ T6423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.841026][ T6425] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.842694][ T6425] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.845390][ T6425] bridge_slave_1: entered allmulticast mode [ 42.847244][ T6425] bridge_slave_1: entered promiscuous mode [ 42.850213][ T6423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.867684][ T6425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 42.888244][ T6423] team0: Port device team_slave_0 added [ 42.890896][ T6425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 42.897108][ T6424] chnl_net:caif_netlink_parms(): no params data found [ 42.908550][ T6423] team0: Port device team_slave_1 added [ 42.941006][ T6425] team0: Port device team_slave_0 added [ 42.951228][ T6423] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 42.952694][ T6423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.958282][ T6423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 42.967214][ T6425] team0: Port device team_slave_1 added [ 42.972911][ T6423] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 42.974739][ T6423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 42.980021][ T6423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 42.983014][ T6416] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 42.986713][ T6416] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 43.032041][ T6416] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 43.035667][ T6416] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 43.041163][ T6425] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.042708][ T6425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.048671][ T6425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.086216][ T6425] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.088039][ T6425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.093259][ T6425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.145003][ T6423] hsr_slave_0: entered promiscuous mode [ 43.193800][ T6423] hsr_slave_1: entered promiscuous mode [ 43.233477][ T6423] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 43.234914][ T6423] Cannot create hsr debugfs directory [ 43.241219][ T6424] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.243023][ T6424] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.245228][ T6424] bridge_slave_0: entered allmulticast mode [ 43.247104][ T6424] bridge_slave_0: entered promiscuous mode [ 43.260794][ T6424] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.262484][ T6424] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.264896][ T6424] bridge_slave_1: entered allmulticast mode [ 43.266704][ T6424] bridge_slave_1: entered promiscuous mode [ 43.315205][ T6425] hsr_slave_0: entered promiscuous mode [ 43.353990][ T6425] hsr_slave_1: entered promiscuous mode [ 43.393531][ T6425] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 43.395104][ T6425] Cannot create hsr debugfs directory [ 43.407633][ T6424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.424542][ T6424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.442280][ T6424] team0: Port device team_slave_0 added [ 43.444272][ T6419] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 43.458608][ T6424] team0: Port device team_slave_1 added [ 43.460106][ T6419] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 43.479797][ T6419] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 43.482923][ T6419] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 43.495167][ T6424] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.496697][ T6424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.502178][ T6424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.506865][ T6424] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.508560][ T6424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.514402][ T6424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.586213][ T6424] hsr_slave_0: entered promiscuous mode [ 43.634876][ T6424] hsr_slave_1: entered promiscuous mode [ 43.673536][ T6424] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 43.675294][ T6424] Cannot create hsr debugfs directory [ 43.772910][ T6416] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.787122][ T6423] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 43.801425][ T6416] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.810487][ T6423] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 43.836508][ T6423] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 43.841564][ T6423] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 43.855488][ T53] Bluetooth: hci0: command tx timeout [ 43.861291][ T6425] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 43.866956][ T6425] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 43.871313][ T2186] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.872929][ T2186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.876803][ T2186] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.878289][ T2186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.899329][ T6425] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 43.902491][ T6425] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 43.923009][ T6424] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 43.926359][ T6424] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 43.931640][ T6424] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 43.933563][ T53] Bluetooth: hci1: command tx timeout [ 43.936633][ T6424] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 43.956025][ T6419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.994593][ T6419] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.999193][ T6416] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 44.014298][ T53] Bluetooth: hci4: command tx timeout [ 44.014558][ T6418] Bluetooth: hci3: command tx timeout [ 44.015807][ T53] Bluetooth: hci2: command tx timeout [ 44.030898][ T6423] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.040745][ T175] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.042214][ T175] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.067830][ T493] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.069315][ T493] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.087861][ T6423] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.113969][ T175] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.115441][ T175] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.127248][ T493] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.128787][ T493] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.141654][ T6425] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.155789][ T6416] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.162404][ T6424] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.191961][ T6425] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.199133][ T6424] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.221720][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.223249][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.231766][ T6423] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 44.241056][ T6416] veth0_vlan: entered promiscuous mode [ 44.248597][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.250393][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.253031][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.254478][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.260419][ T6416] veth1_vlan: entered promiscuous mode [ 44.290362][ T493] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.291844][ T493] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.338353][ T6416] veth0_macvtap: entered promiscuous mode [ 44.341425][ T6416] veth1_macvtap: entered promiscuous mode [ 44.369557][ T6424] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 44.371583][ T6424] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 44.387662][ T6416] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.404965][ T6419] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.410227][ T6416] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.413249][ T6416] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.416949][ T6416] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.418743][ T6416] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.420501][ T6416] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.438885][ T6423] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.505782][ T6419] veth0_vlan: entered promiscuous mode [ 44.529981][ T6419] veth1_vlan: entered promiscuous mode [ 44.552282][ T6423] veth0_vlan: entered promiscuous mode [ 44.567162][ T6425] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.569016][ T6423] veth1_vlan: entered promiscuous mode [ 44.585614][ T6424] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.600040][ T6419] veth0_macvtap: entered promiscuous mode [ 44.607702][ T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.609485][ T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.611182][ T6419] veth1_macvtap: entered promiscuous mode [ 44.619672][ T6419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.622014][ T6419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.628289][ T6419] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.659010][ T6419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.661854][ T6419] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.666320][ T6419] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.671389][ T6419] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.674139][ T6419] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.676140][ T6419] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.677965][ T6419] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.685908][ T6423] veth0_macvtap: entered promiscuous mode [ 44.688764][ T6423] veth1_macvtap: entered promiscuous mode [ 44.710487][ T642] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.712808][ T642] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.727105][ T6425] veth0_vlan: entered promiscuous mode [ 44.730007][ T6423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.732271][ T6423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.737800][ T6423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.740044][ T6423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.744125][ T6423] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.762169][ T6423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.764531][ T6423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.766468][ T6423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 44.768558][ T6423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.771219][ T6423] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.784372][ T6416] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 44.791169][ T6425] veth1_vlan: entered promiscuous mode [ 44.799088][ T6423] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.801004][ T6423] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.802769][ T6423] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.805338][ T6423] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.852106][ T6424] veth0_vlan: entered promiscuous mode [ 44.875382][ T6425] veth0_macvtap: entered promiscuous mode [ 44.879330][ T6425] veth1_macvtap: entered promiscuous mode [ 44.926300][ T6502] Zero length message leads to an empty skb [ 44.929158][ T6502] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6'. [ 44.931221][ T6502] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6'. [ 44.933061][ T6502] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6'. [ 44.935078][ T6502] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6'. [ 44.935225][ T6424] veth1_vlan: entered promiscuous mode [ 44.952847][ T6424] veth0_macvtap: entered promiscuous mode [ 44.956944][ T6424] veth1_macvtap: entered promiscuous mode [ 44.962785][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.964727][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.973247][ T6424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.979196][ T6424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.981366][ T6424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.983563][ T6424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.985544][ T6424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 44.987538][ T6424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 44.990235][ T6424] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.998561][ T6424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.000814][ T6424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.002845][ T6424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.007491][ T6424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.009541][ T6424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.011601][ T6424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.015166][ T6424] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.018805][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.021090][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.023080][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.026474][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.028543][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.030828][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.032853][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.035559][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.038820][ T6425] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.050307][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.052640][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.055674][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.057920][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.060340][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.062547][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.065121][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.067323][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.070987][ T6425] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.084907][ T6424] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.086839][ T6424] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.088625][ T6424] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.090437][ T6424] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.095823][ T175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.100921][ T175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.110387][ T6425] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.112300][ T6425] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.114664][ T6425] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.117122][ T6425] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.135085][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.136805][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.162514][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.166008][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.267008][ T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.268595][ T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.281740][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.285493][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.290987][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.292618][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.301918][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.314974][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.395058][ T6509] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 45.411946][ T6508] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 45.543875][ T6521] delete_channel: no stack [ 46.607636][ T5987] Bluetooth: hci0: command tx timeout [ 46.608894][ T5987] Bluetooth: hci1: command tx timeout [ 46.610037][ T5987] Bluetooth: hci2: command tx timeout [ 46.611539][ T5987] Bluetooth: hci3: command tx timeout [ 46.612621][ T5987] Bluetooth: hci4: command tx timeout [ 46.793060][ T6542] capability: warning: `syz.0.17' uses deprecated v2 capabilities in a way that may be insecure [ 46.903619][ T6543] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18'. [ 48.268564][ T6551] hub 2-0:1.0: USB hub found [ 48.270576][ T6551] hub 2-0:1.0: 8 ports detected [ 48.683066][ T53] Bluetooth: hci4: command tx timeout [ 48.684384][ T53] Bluetooth: hci3: command tx timeout [ 48.685506][ T53] Bluetooth: hci2: command tx timeout [ 48.686565][ T53] Bluetooth: hci1: command tx timeout [ 48.688325][ T53] Bluetooth: hci0: command tx timeout [ 48.921308][ T6556] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 48.922748][ T6556] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 48.927703][ T6556] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 49.110681][ T6556] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 49.112543][ T6556] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 49.139191][ T6556] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 49.229942][ T6556] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 49.232243][ T6556] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 49.242330][ T6556] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 49.249884][ T6556] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 49.251485][ T6556] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 49.259485][ T6556] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 49.268659][ T6556] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 49.270395][ T6556] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 49.279413][ T6556] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 50.374696][ T6589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.376627][ T6589] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.059814][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 51.390195][ T53] Bluetooth: hci4: command 0x0c1a tx timeout [ 51.391516][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 51.392729][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 51.398148][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 53.187322][ T5987] Bluetooth: hci0: command 0x0c1a tx timeout [ 53.648756][ T6418] Bluetooth: hci3: command 0x0c1a tx timeout [ 53.650046][ T6418] Bluetooth: hci4: command 0x0c1a tx timeout [ 53.651299][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 53.652514][ T5987] Bluetooth: hci1: command 0x0c1a tx timeout [ 53.811498][ T6633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 53.813607][ T6633] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 54.441323][ T6651] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.633418][ T5987] Bluetooth: hci0: command 0x0c1a tx timeout [ 55.768026][ T5987] Bluetooth: hci2: command 0x0c1a tx timeout [ 55.769485][ T5987] Bluetooth: hci4: command 0x0c1a tx timeout [ 55.770723][ T5987] Bluetooth: hci3: command 0x0c1a tx timeout [ 55.777435][ T5987] Bluetooth: hci1: command 0x0c1a tx timeout [ 58.285307][ T6722] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 58.619549][ T6722] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.666306][ T6722] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.253990][ T6738] warning: `syz.3.86' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 59.274181][ T6738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.277146][ T6738] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 60.206847][ T53] Bluetooth: hci0: adv larger than maximum supported [ 60.206881][ T53] Bluetooth: hci0: Malformed LE Event: 0x0d [ 60.783993][ T6758] mkiss: ax0: crc mode is auto. [ 61.423733][ T6768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 61.425740][ T6768] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 62.585980][ T6780] could not allocate digest TFM handle sha384-avx [ 62.949301][ T6799] netlink: 56 bytes leftover after parsing attributes in process `syz.2.109'. [ 63.298566][ T6817] netlink: 20 bytes leftover after parsing attributes in process `syz.0.118'. [ 63.301330][ T6817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.118'. [ 64.035787][ T6826] netlink: 56 bytes leftover after parsing attributes in process `syz.4.121'. [ 64.568504][ T6844] netlink: 12 bytes leftover after parsing attributes in process `syz.4.126'. [ 65.179466][ T2354] ieee802154 phy0 wpan0: encryption failed: -22 [ 65.181045][ T2354] ieee802154 phy1 wpan1: encryption failed: -22 [ 65.342171][ T6843] loop1: detected capacity change from 0 to 1024 [ 65.713383][ T6843] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 67.445105][ T6843] EXT4-fs: error -4 creating inode table initialization thread [ 67.445347][ T6843] EXT4-fs (loop1): mount failed [ 67.756160][ T8] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 67.953458][ T8] usb 1-1: Using ep0 maxpacket: 16 [ 67.958200][ T8] usb 1-1: config 0 has an invalid interface number: 128 but max is 0 [ 67.960100][ T8] usb 1-1: config 0 has no interface number 0 [ 67.961299][ T8] usb 1-1: config 0 interface 128 altsetting 6 endpoint 0x8 has an invalid bInterval 25, changing to 8 [ 67.964334][ T8] usb 1-1: config 0 interface 128 has no altsetting 0 [ 67.971721][ T8] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=95.91 [ 67.973923][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.975783][ T8] usb 1-1: Product: syz [ 67.976730][ T8] usb 1-1: Manufacturer: syz [ 67.977660][ T8] usb 1-1: SerialNumber: syz [ 67.981831][ T8] usb 1-1: config 0 descriptor?? [ 67.995342][ T8] radio-si470x 1-1:0.128: could not find interrupt in endpoint [ 67.997229][ T8] radio-si470x 1-1:0.128: probe with driver radio-si470x failed with error -5 [ 67.999255][ T8] usbhid 1-1:0.128: couldn't find an input interrupt endpoint [ 68.199513][ T8] usb 1-1: USB disconnect, device number 2 [ 68.438296][ T6875] netlink: 56 bytes leftover after parsing attributes in process `syz.3.135'. [ 68.629279][ T6882] netlink: 4 bytes leftover after parsing attributes in process `syz.3.138'. [ 68.631150][ T6882] bridge_slave_1: left allmulticast mode [ 68.632717][ T6882] bridge_slave_1: left promiscuous mode [ 68.635874][ T6882] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.640687][ T6882] bridge_slave_0: left allmulticast mode [ 68.641937][ T6882] bridge_slave_0: left promiscuous mode [ 68.643243][ T6882] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.863040][ T6890] binder: 6889:6890 tried to acquire reference to desc 0, got 1 instead [ 68.868586][ T6890] binder: 6889:6890 got transaction with invalid handle, 3 [ 68.870407][ T6890] binder: 6890:6889 translate handle failed [ 68.871972][ T6890] binder: 6889:6890 transaction call to 6889:0 failed 5/29201/-22, size 88-24 line 3502 [ 68.877082][ T8] binder: undelivered TRANSACTION_ERROR: 29201 [ 69.654396][ T1768] cfg80211: failed to load regulatory.db [ 70.018673][ T6895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 70.020480][ T6895] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 70.980015][ T6901] loop2: detected capacity change from 0 to 1024 [ 71.073068][ T6448] IPVS: starting estimator thread 0... [ 71.123460][ T6901] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 73.113632][ T6902] IPVS: using max 34 ests per chain, 81600 per kthread [ 73.159537][ T6901] EXT4-fs: error -4 creating inode table initialization thread [ 73.161458][ T6901] EXT4-fs (loop2): mount failed [ 73.318434][ T6911] Bluetooth: MGMT ver 1.23 [ 73.949036][ T6919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.146'. [ 74.248575][ T6932] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.253009][ T6932] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 74.275381][ T6932] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.279176][ T6932] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.333151][ T6948] netlink: 8 bytes leftover after parsing attributes in process `syz.3.160'. [ 76.461097][ T6970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 76.462957][ T6970] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 78.231052][ T6993] netlink: 8 bytes leftover after parsing attributes in process `syz.2.175'. [ 78.240099][ T6992] netlink: 8 bytes leftover after parsing attributes in process `syz.4.173'. [ 78.930966][ T30] audit: type=1326 audit(78.430:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6988 comm="syz.1.174" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff82b53b68 code=0x0 [ 79.654515][ T7020] netlink: 'syz.0.180': attribute type 1 has an invalid length. [ 81.968613][ T6491] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 81.999294][ T7053] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 82.001025][ T7053] IPv6: NLM_F_CREATE should be set when creating new route [ 82.005141][ T7053] netlink: 'syz.4.193': attribute type 27 has an invalid length. [ 82.111339][ T7053] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.113149][ T7053] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.122275][ T6491] usb 1-1: config 0 has an invalid interface number: 172 but max is 0 [ 82.124229][ T6491] usb 1-1: config 0 has no interface number 0 [ 82.127164][ T6491] usb 1-1: New USB device found, idVendor=2304, idProduct=020f, bcdDevice=3b.de [ 82.129146][ T6491] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.130854][ T6491] usb 1-1: Product: syz [ 82.131996][ T6491] usb 1-1: Manufacturer: syz [ 82.133013][ T6491] usb 1-1: SerialNumber: syz [ 82.136371][ T6491] usb 1-1: config 0 descriptor?? [ 82.149152][ T6491] dvb-usb: found a 'Pinnacle 400e DVB-S USB2.0' in warm state. [ 82.150905][ T6491] dvb-usb: bulk message failed: -22 (4/0) [ 82.180042][ T6491] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 82.182180][ T6491] dvb-usb: bulk message failed: -22 (5/0) [ 82.184261][ T6491] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 82.204616][ T6491] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 82.215330][ T6491] dvb-usb: Pinnacle 400e DVB-S USB2.0 error while loading driver (-19) [ 82.816836][ T6470] usb 1-1: USB disconnect, device number 3 [ 83.069869][ T7053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 83.083151][ T7053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.473252][ T7079] syz.3.200 uses obsolete (PF_INET,SOCK_PACKET) [ 84.088167][ T7053] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.090268][ T7053] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.092183][ T7053] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.094178][ T7053] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.887273][ T7059] netlink: 20 bytes leftover after parsing attributes in process `syz.1.194'. [ 84.889338][ T7059] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 85.049311][ T7096] netlink: 'syz.4.203': attribute type 2 has an invalid length. [ 85.424035][ T7107] nfs: Unknown parameter 'a' [ 86.322030][ T7116] netlink: 12 bytes leftover after parsing attributes in process `syz.1.212'. [ 88.224437][ T30] audit: type=1326 audit(88.210:3): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=7135 comm="syz.2.215" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3753b68 code=0x0 [ 88.232708][ T7141] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.242668][ T7141] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 88.486640][ T7152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.489603][ T7152] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.338846][ T7167] syzkaller0: entered promiscuous mode [ 90.340061][ T7167] syzkaller0: entered allmulticast mode [ 90.396789][ T7176] Illegal XDP return value 4294967274 on prog (id 14) dev N/A, expect packet loss! [ 90.553132][ T7163] netlink: 16 bytes leftover after parsing attributes in process `syz.0.223'. [ 92.455883][ T7200] usb usb8: usbfs: process 7200 (syz.0.235) did not claim interface 7 before use [ 93.804215][ T7180] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 93.805548][ T7180] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 93.806728][ T7180] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 93.808043][ T7180] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 93.809309][ T7180] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 96.017799][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 96.019060][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 96.020243][ T53] Bluetooth: hci1: command 0x0c1a tx timeout [ 96.021623][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 96.959463][ T5987] Bluetooth: hci4: command 0x0c1a tx timeout [ 97.319993][ T7239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 97.386512][ T7239] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 98.514651][ T7256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.516760][ T7256] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 98.554107][ T7266] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.556156][ T7266] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.863508][ T53] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 103.053490][ T7318] loop4: detected capacity change from 0 to 40427 [ 103.195337][ T7318] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x1fffff [ 103.198276][ T7318] F2FS-fs (loop4): Image doesn't support compression [ 103.332978][ T7318] F2FS-fs (loop4): invalid crc value [ 103.726655][ T7318] F2FS-fs (loop4): Found nat_bits in checkpoint [ 103.884006][ T7318] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 104.722102][ T7361] netlink: 24 bytes leftover after parsing attributes in process `syz.0.290'. [ 104.905919][ T6424] syz-executor: attempt to access beyond end of device [ 104.905919][ T6424] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 104.910244][ T6424] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 104.929994][ T7369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 104.935949][ T7369] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.136062][ T7390] binder: 7389:7390 tried to acquire reference to desc 0, got 1 instead [ 106.142819][ T7390] binder: 7389:7390 ioctl c0306201 20000380 returned -14 [ 106.154629][ T6467] binder: undelivered transaction 10, process died. [ 109.127026][ T7422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 109.130208][ T7422] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 109.369038][ T7406] loop2: detected capacity change from 0 to 40427 [ 109.391625][ T7406] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff [ 109.393604][ T7406] F2FS-fs (loop2): Image doesn't support compression [ 109.397091][ T7406] F2FS-fs (loop2): invalid crc value [ 109.573838][ T7406] F2FS-fs (loop2): Found nat_bits in checkpoint [ 112.383115][ T7468] fuse: Bad value for 'group_id' [ 112.391043][ T7468] fuse: Bad value for 'group_id' [ 112.416122][ T7469] netlink: 'syz.3.329': attribute type 10 has an invalid length. [ 112.520209][ T7469] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 112.533239][ T7469] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 115.231200][ T5987] Bluetooth: hci5: command 0x1003 tx timeout [ 115.233258][ T6431] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 115.940515][ T7495] fuse: Bad value for 'group_id' [ 115.941926][ T7495] fuse: Bad value for 'group_id' [ 117.298594][ T7503] netlink: 'syz.2.339': attribute type 1 has an invalid length. [ 117.300397][ T7503] netlink: 244 bytes leftover after parsing attributes in process `syz.2.339'. [ 117.302030][ T7503] NCSI netlink: No device for ifindex 0 [ 117.833618][ T7508] netlink: 32 bytes leftover after parsing attributes in process `syz.0.343'. [ 117.836948][ T7508] netlink: 'syz.0.343': attribute type 39 has an invalid length. [ 118.650847][ T6431] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 119.630536][ T6469] libceph: connect (1)[c::]:6789 error -101 [ 119.632397][ T6469] libceph: mon0 (1)[c::]:6789 connect error [ 119.732678][ T7545] ceph: No mds server is up or the cluster is laggy [ 121.435660][ T7583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.437805][ T7583] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.467730][ T7588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.469838][ T7588] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.130536][ T6431] Bluetooth: hci1: unexpected event for opcode 0x0401 [ 122.209219][ T7615] netlink: 8 bytes leftover after parsing attributes in process `syz.0.383'. [ 122.717197][ T7628] pim6reg: entered allmulticast mode [ 123.293762][ T7622] pim6reg: left allmulticast mode [ 124.865741][ T7674] gretap0: entered promiscuous mode [ 124.867373][ T7674] vlan3: entered promiscuous mode [ 124.909885][ T7667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.911897][ T7667] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.943663][ T7677] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 126.050742][ T2354] ieee802154 phy0 wpan0: encryption failed: -22 [ 126.052067][ T2354] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.183960][ T6431] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 126.186399][ T6431] Bluetooth: hci1: Injecting HCI hardware error event [ 126.189160][ T6431] Bluetooth: hci1: hardware error 0x00 [ 126.850245][ T7740] netlink: 20 bytes leftover after parsing attributes in process `syz.2.432'. [ 128.209648][ T7769] 9pnet_fd: Insufficient options for proto=fd [ 128.322300][ T7768] netlink: 40 bytes leftover after parsing attributes in process `syz.1.443'. [ 128.332314][ T6431] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 128.995684][ T30] audit: type=1326 audit(128.650:4): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=7777 comm="syz.2.448" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3753b68 code=0x0 [ 129.515845][ T7808] netlink: 40 bytes leftover after parsing attributes in process `syz.2.456'. [ 129.554061][ T7801] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 129.556671][ T7801] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 129.558128][ T7801] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 129.561282][ T7801] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 130.532833][ T7827] netfs: Couldn't get user pages (rc=-14) [ 130.707661][ T7833] netlink: 40 bytes leftover after parsing attributes in process `syz.4.467'. [ 130.738521][ T30] audit: type=1326 audit(130.700:5): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=7834 comm="syz.3.465" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9553b68 code=0x0 [ 130.780604][ T7840] batman_adv: batadv0: Adding interface: dummy0 [ 130.782062][ T7840] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.788872][ T7840] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 131.613436][ T6431] Bluetooth: hci4: command 0x0c1a tx timeout [ 131.615556][ T6431] Bluetooth: hci3: command 0x0c1a tx timeout [ 131.617324][ T6431] Bluetooth: hci2: command 0x0c1a tx timeout [ 131.796134][ T7848] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 131.806219][ T7848] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 131.907445][ T7848] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 131.911984][ T7848] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 132.008466][ T7865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.478'. [ 132.111413][ T7871] netfs: Couldn't get user pages (rc=-14) [ 133.097929][ T7896] netlink: 4 bytes leftover after parsing attributes in process `syz.4.491'. [ 133.134062][ T5987] Bluetooth: hci0: command 0x0c1a tx timeout [ 133.147346][ T7903] netlink: 'syz.1.492': attribute type 1 has an invalid length. [ 133.149202][ T7903] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.492'. [ 133.288205][ T7917] fuse: Bad value for 'fd' [ 133.300529][ T7919] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 133.309330][ T7917] netfs: Couldn't get user pages (rc=-14) [ 133.945583][ T5987] Bluetooth: hci4: command 0x0c1a tx timeout [ 133.947331][ T5987] Bluetooth: hci3: command 0x0c1a tx timeout [ 133.948795][ T5987] Bluetooth: hci2: command 0x0c1a tx timeout [ 134.126641][ T7899] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 134.132906][ T7899] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 134.138622][ T7899] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 134.139983][ T7899] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 134.146357][ T7936] netlink: 4 bytes leftover after parsing attributes in process `syz.1.504'. [ 134.299287][ T7944] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.301200][ T7944] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.127058][ T7964] netlink: 4 bytes leftover after parsing attributes in process `syz.3.517'. [ 135.309111][ T6431] Bluetooth: hci0: command 0x0c1a tx timeout [ 135.328921][ T30] audit: type=1326 audit(135.310:6): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=7977 comm="syz.1.524" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff82b53b68 code=0x0 [ 136.183503][ T5987] Bluetooth: hci3: command 0x0c1a tx timeout [ 136.184896][ T5987] Bluetooth: hci2: command 0x0c1a tx timeout [ 136.187072][ T6431] Bluetooth: hci4: command 0x0c1a tx timeout [ 137.042553][ T8011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.532'. [ 137.092432][ T8014] netfs: Couldn't get user pages (rc=-14) [ 137.132887][ T8004] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 137.134938][ T8004] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 137.137222][ T8004] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 137.138769][ T8004] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 137.169785][ T8018] 9pnet_fd: Insufficient options for proto=fd [ 138.387948][ T8041] netlink: 'syz.4.540': attribute type 1 has an invalid length. [ 139.053572][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 139.214067][ T53] Bluetooth: hci4: command 0x0c1a tx timeout [ 139.215619][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 139.217221][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 139.290546][ T8057] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 139.292921][ T8057] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 139.300118][ T8057] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 139.301581][ T8057] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 141.258620][ T8111] netlink: 'syz.0.555': attribute type 1 has an invalid length. [ 141.542093][ T6431] Bluetooth: hci0: command 0x0c1a tx timeout [ 141.543568][ T6431] Bluetooth: hci4: command 0x0c1a tx timeout [ 141.544871][ T6431] Bluetooth: hci3: command 0x0c1a tx timeout [ 141.546201][ T6431] Bluetooth: hci2: command 0x0c1a tx timeout [ 144.847726][ T8170] netlink: 28 bytes leftover after parsing attributes in process `syz.4.573'. [ 146.961170][ T8181] netlink: 'syz.1.577': attribute type 1 has an invalid length. [ 147.595513][ T8198] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.597506][ T8198] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.714081][ T8210] netlink: 4 bytes leftover after parsing attributes in process `syz.4.590'. [ 148.084767][ T8210] batman_adv: batadv0: Removing interface: dummy0 [ 148.099934][ T8210] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 148.103065][ T8210] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 148.412500][ T8232] netlink: 40 bytes leftover after parsing attributes in process `syz.3.594'. [ 149.570706][ T8247] netlink: 'syz.1.599': attribute type 1 has an invalid length. [ 149.573265][ T8247] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.599'. [ 149.702339][ T8254] mmap: syz.4.598 (8254) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 150.657636][ T8271] netlink: 'syz.3.603': attribute type 1 has an invalid length. [ 151.346528][ T8287] netlink: 'syz.0.608': attribute type 4 has an invalid length. [ 151.394939][ T8290] netlink: 'syz.1.612': attribute type 1 has an invalid length. [ 151.396655][ T8290] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.612'. [ 151.776504][ T8308] netlink: 40 bytes leftover after parsing attributes in process `syz.0.613'. [ 153.833643][ T8314] netlink: 'syz.4.617': attribute type 1 has an invalid length. [ 154.327654][ T8336] netlink: 'syz.2.626': attribute type 1 has an invalid length. [ 154.329763][ T8336] netlink: 16166 bytes leftover after parsing attributes in process `syz.2.626'. [ 154.522075][ T8358] fuse: Unknown parameter 'group_id00000000000000000000' [ 154.858088][ T8361] netlink: 40 bytes leftover after parsing attributes in process `syz.2.632'. [ 156.626759][ T53] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 157.528645][ T8386] netlink: 'syz.1.642': attribute type 1 has an invalid length. [ 157.536229][ T8386] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.642'. [ 157.667632][ T8391] netlink: 8 bytes leftover after parsing attributes in process `syz.3.644'. [ 159.569277][ T30] audit: type=1326 audit(159.550:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8427 comm="syz.2.654" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3753b68 code=0x0 [ 159.796956][ T53] Bluetooth: hci2: adv larger than maximum supported [ 159.797004][ T53] Bluetooth: hci2: Malformed LE Event: 0x0d [ 160.002810][ T8446] netlink: 40 bytes leftover after parsing attributes in process `syz.1.656'. [ 160.943386][ T8] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 161.059245][ T8454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 161.061207][ T8454] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 161.097553][ T8] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 161.100915][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 161.102892][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 161.105757][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 161.107877][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 161.109677][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 161.112156][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 161.118831][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 161.120644][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 161.122853][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 161.128246][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 161.130184][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 161.132524][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 162.086770][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 162.088546][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 162.090658][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 162.111156][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 162.113233][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 162.115603][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 162.129883][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 162.131747][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 162.136705][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 162.408738][ T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 162.410946][ T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 162.414005][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 162.418240][ T8] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 162.420045][ T8] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 162.421938][ T8] usb 1-1: Product: syz [ 162.422733][ T8] usb 1-1: Manufacturer: syz [ 162.423861][ T8] usb 1-1: SerialNumber: syz [ 162.426360][ T8] usb 1-1: config 0 descriptor?? [ 162.434169][ T8] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0 [ 162.639177][ T6469] usb 1-1: USB disconnect, device number 4 [ 162.647308][ T6469] yurex 1-1:0.0: USB YUREX #0 now disconnected [ 163.536547][ T8516] netlink: 40 bytes leftover after parsing attributes in process `syz.3.684'. [ 165.253967][ T8550] netlink: 'syz.0.699': attribute type 4 has an invalid length. [ 165.839506][ T8568] dvmrp0: entered allmulticast mode [ 165.981741][ T8574] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 165.987429][ T8574] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 166.253080][ T8582] netlink: 40 bytes leftover after parsing attributes in process `syz.0.711'. [ 167.197449][ T8589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.199267][ T8589] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 169.504355][ T8646] netlink: 28 bytes leftover after parsing attributes in process `syz.3.734'. [ 170.751278][ T8657] netlink: 20 bytes leftover after parsing attributes in process `syz.1.739'. [ 171.815262][ T8662] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 171.843202][ T8662] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 171.845899][ T8662] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 171.847165][ T8662] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 171.849033][ T8671] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 171.851073][ T8671] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 171.886745][ T6469] IPVS: starting estimator thread 0... [ 171.973555][ T8675] IPVS: using max 34 ests per chain, 81600 per kthread [ 172.727033][ T8701] trusted_key: syz.3.754 sent an empty control message without MSG_MORE. [ 173.547126][ T8712] 9pnet_fd: Insufficient options for proto=fd [ 173.613615][ T6431] Bluetooth: hci0: command 0x0c1a tx timeout [ 173.870415][ T6431] Bluetooth: hci2: command 0x0c1a tx timeout [ 173.933628][ T6431] Bluetooth: hci4: command 0x0c1a tx timeout [ 173.935072][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 175.162063][ T8738] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 175.167867][ T8738] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 175.173582][ T8738] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 175.175029][ T8738] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 175.400700][ T8765] 9pnet_fd: Insufficient options for proto=fd [ 176.448122][ T8784] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 176.450054][ T8784] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 176.451926][ T8784] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 176.458945][ T8784] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 178.426566][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 178.493362][ T53] Bluetooth: hci4: command 0x0c1a tx timeout [ 178.494909][ T53] Bluetooth: hci3: command 0x0c1a tx timeout [ 178.496204][ T53] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.863658][ T6469] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 179.153415][ T6469] usb 1-1: Using ep0 maxpacket: 32 [ 179.155876][ T6469] usb 1-1: config 0 has an invalid interface number: 110 but max is 0 [ 179.157531][ T6469] usb 1-1: config 0 has no interface number 0 [ 179.158991][ T6469] usb 1-1: config 0 interface 110 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 179.161238][ T6469] usb 1-1: config 0 interface 110 altsetting 0 bulk endpoint 0xB has invalid maxpacket 16 [ 179.165355][ T6469] usb 1-1: New USB device found, idVendor=04fc, idProduct=0231, bcdDevice=6f.a9 [ 179.167299][ T6469] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.168850][ T6469] usb 1-1: Product: syz [ 179.169724][ T6469] usb 1-1: Manufacturer: syz [ 179.170613][ T6469] usb 1-1: SerialNumber: syz [ 179.178099][ T6469] usb 1-1: config 0 descriptor?? [ 179.179582][ T8838] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 179.187803][ T6469] spcp8x5 1-1:0.110: required endpoints missing [ 181.187266][ T8872] netlink: 4 bytes leftover after parsing attributes in process `syz.2.818'. [ 181.223453][ T6448] usb 1-1: USB disconnect, device number 5 [ 182.500446][ T8884] 9pnet_fd: Insufficient options for proto=fd [ 182.850558][ T30] audit: type=1326 audit(182.830:8): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=8894 comm="syz.0.825" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4553b68 code=0x0 [ 184.309241][ T8920] tipc: Started in network mode [ 184.310518][ T8920] tipc: Node identity 6a95743976a1, cluster identity 4711 [ 184.312909][ T8920] tipc: Enabled bearer , priority 0 [ 184.348778][ T8920] tipc: Disabling bearer [ 186.637094][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 186.714047][ T8956] netlink: 'syz.2.841': attribute type 1 has an invalid length. [ 186.715816][ T8956] netlink: 16166 bytes leftover after parsing attributes in process `syz.2.841'. [ 186.774146][ T8950] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 186.775527][ T8950] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 186.776841][ T8950] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 186.778170][ T8950] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 186.801679][ T8966] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 186.804769][ T8966] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 186.832377][ T8970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 186.835022][ T8970] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 187.409091][ T2354] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.410789][ T2354] ieee802154 phy1 wpan1: encryption failed: -22 [ 188.883177][ T6431] Bluetooth: hci4: command 0x0c1a tx timeout [ 188.884875][ T6431] Bluetooth: hci3: command 0x0c1a tx timeout [ 188.886478][ T6431] Bluetooth: hci2: command 0x0c1a tx timeout [ 188.887979][ T6431] Bluetooth: hci0: command 0x0c1a tx timeout [ 189.282956][ T9013] netlink: 'syz.0.858': attribute type 1 has an invalid length. [ 189.284816][ T9013] netlink: 16166 bytes leftover after parsing attributes in process `syz.0.858'. [ 189.360690][ T9049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.369521][ T9049] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.403873][ T9056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.874'. [ 190.899301][ T53] Bluetooth: hci0: command 0x0c1a tx timeout [ 191.013476][ T6467] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 191.097367][ T9096] netlink: 'syz.2.884': attribute type 1 has an invalid length. [ 191.098990][ T9096] netlink: 16166 bytes leftover after parsing attributes in process `syz.2.884'. [ 191.358834][ T6467] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 191.360931][ T6467] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.365390][ T6467] usb 1-1: config 0 descriptor?? [ 191.377004][ T6467] gspca_main: spca508-2.14.0 probing 8086:0110 [ 192.264028][ T6467] gspca_spca508: reg_read err -32 [ 192.266108][ T6467] gspca_spca508: reg_read err -32 [ 192.507080][ T6467] gspca_spca508: reg_read err -71 [ 192.510372][ T6467] gspca_spca508: reg_read err -71 [ 192.511805][ T6467] gspca_spca508: reg write: error -71 [ 192.513632][ T6467] spca508 1-1:0.0: probe with driver spca508 failed with error -71 [ 192.520373][ T6467] usb 1-1: USB disconnect, device number 6 [ 193.415755][ T9156] netlink: 4 bytes leftover after parsing attributes in process `syz.2.907'. [ 193.450366][ T9160] netlink: 'syz.1.906': attribute type 1 has an invalid length. [ 193.452071][ T9160] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.906'. [ 195.367023][ T9212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 195.374199][ T9212] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 195.447790][ T9216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 195.449596][ T9216] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 196.023490][ T6467] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 196.343390][ T6467] usb 1-1: Using ep0 maxpacket: 16 [ 196.858795][ T6467] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.861389][ T6467] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.863605][ T6467] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 196.865749][ T6467] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.870809][ T6467] usb 1-1: config 0 descriptor?? [ 197.276860][ T6467] usbhid 1-1:0.0: can't add hid device: -71 [ 197.278243][ T6467] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 197.281432][ T6467] usb 1-1: USB disconnect, device number 7 [ 198.671036][ T9295] netlink: 'syz.1.952': attribute type 1 has an invalid length. [ 199.312706][ T9301] netlink: 4 bytes leftover after parsing attributes in process `syz.2.957'. [ 200.413994][ T9317] netlink: 76 bytes leftover after parsing attributes in process `syz.3.962'. [ 202.056366][ T9332] netlink: 'syz.3.964': attribute type 1 has an invalid length. [ 202.548300][ T9340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.970'. [ 204.345305][ T1768] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 204.583431][ T1768] usb 1-1: Using ep0 maxpacket: 32 [ 204.603549][ T1768] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 204.605442][ T1768] usb 1-1: config 0 has no interface number 0 [ 204.624837][ T1768] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 204.626863][ T1768] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 204.628561][ T1768] usb 1-1: Product: syz [ 204.629410][ T1768] usb 1-1: Manufacturer: syz [ 204.630390][ T1768] usb 1-1: SerialNumber: syz [ 204.649203][ T1768] usb 1-1: config 0 descriptor?? [ 204.660278][ T1768] smsc95xx v2.0.0 [ 204.957340][ T30] audit: type=1326 audit(204.940:9): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=9364 comm="syz.4.979" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9753b68 code=0x0 [ 205.251255][ T9369] tipc: Started in network mode [ 205.255671][ T9369] tipc: Node identity 7f000001, cluster identity 4711 [ 205.260364][ T9369] tipc: Enabled bearer , priority 10 [ 205.463886][ T1768] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 205.466491][ T1768] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 206.473026][ T6448] tipc: Node number set to 2130706433 [ 208.001798][ T9413] 9pnet_fd: Insufficient options for proto=fd [ 208.191156][ T1768] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000038: -71 [ 208.199094][ T1768] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71 [ 208.223652][ T1768] usb 1-1: USB disconnect, device number 8 [ 209.403229][ T30] audit: type=1326 audit(209.380:10): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=9435 comm="syz.4.999" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9753b68 code=0x0 [ 209.403301][ C1] hrtimer: interrupt took 87800 ns [ 210.624996][ T6467] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 211.308870][ T9455] 9pnet_fd: Insufficient options for proto=fd [ 211.465078][ T6467] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.467951][ T6467] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.470571][ T6467] usb 1-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 211.472695][ T6467] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.477412][ T6467] usb 1-1: config 0 descriptor?? [ 212.065691][ T9483] 9pnet_fd: Insufficient options for proto=fd [ 212.130456][ T30] audit: type=1326 audit(212.110:11): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.3.1018" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9553b68 code=0x0 [ 212.266932][ T6467] usb 1-1: language id specifier not provided by device, defaulting to English [ 212.375123][ T9487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 212.377255][ T9487] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.454574][ T6467] letsketch 0003:6161:4D15.0001: Device info: с [ 213.884531][ T6467] usb 1-1: Max retries (5) exceeded reading string descriptor 201 [ 213.886598][ T6467] letsketch 0003:6161:4D15.0001: probe with driver letsketch failed with error -71 [ 213.894235][ T6467] usb 1-1: USB disconnect, device number 9 [ 214.917609][ T9512] 9pnet_fd: Insufficient options for proto=fd [ 215.784336][ T53] Bluetooth: hci3: unexpected event 0x0f length: 1 < 4 [ 216.395581][ T9546] 9pnet_fd: Insufficient options for proto=fd [ 217.619732][ T8] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 219.493389][ T8] usb 1-1: Using ep0 maxpacket: 8 [ 219.499637][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 219.501680][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.503259][ T8] usb 1-1: Product: syz [ 219.507938][ T8] usb 1-1: Manufacturer: syz [ 219.508903][ T8] usb 1-1: SerialNumber: syz [ 219.511642][ T8] usb 1-1: config 0 descriptor?? [ 219.597840][ T30] audit: type=1400 audit(219.570:12): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=9571 comm="syz.1.1050" saddr=172.30.0.2 daddr=172.20.20.170 netif=wpan0 [ 219.771375][ T9587] 9pnet_fd: Insufficient options for proto=fd [ 219.783936][ T8] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 222.549028][ T8] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 222.552919][ T8] usb 1-1: USB disconnect, device number 10 [ 222.568855][ T9623] 9pnet_fd: Insufficient options for proto=fd [ 223.626184][ T9638] fuse: Bad value for 'fd' [ 223.746405][ T9642] netlink: 'syz.4.1074': attribute type 4 has an invalid length. [ 224.428291][ T9652] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1079'. [ 224.613188][ T9663] 9pnet_fd: Insufficient options for proto=fd [ 226.199678][ T9680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 226.201831][ T9680] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 226.694233][ T9684] ufs: You didn't specify the type of your ufs filesystem [ 226.694233][ T9684] [ 226.694233][ T9684] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 226.694233][ T9684] [ 226.694233][ T9684] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 226.701421][ T9684] ufs: ufstype=old is supported read-only [ 226.704956][ T9684] syz.1.1084: attempt to access beyond end of device [ 226.704956][ T9684] loop3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 228.423659][ T9693] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 228.687230][ T30] audit: type=1400 audit(228.670:13): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=9698 comm="syz.1.1089" saddr=172.30.0.2 daddr=172.20.20.170 netif=wpan0 [ 228.688224][ T9702] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1090'. [ 229.300294][ T9720] fuse: Bad value for 'rootmode' [ 229.404763][ T9724] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 229.406683][ T9724] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 229.512268][ T9732] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1104'. [ 229.532089][ T9735] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 229.542016][ T9735] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 229.546189][ T9732] 8021q: adding VLAN 0 to HW filter on device bond1 [ 229.976003][ T9748] fuse: Bad value for 'rootmode' [ 230.819330][ T9761] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1116'. [ 230.889572][ T9761] 8021q: adding VLAN 0 to HW filter on device bond1 [ 232.017964][ T9784] fuse: Unknown parameter 'use00000000000000000000' [ 232.434791][ T9804] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1130'. [ 232.476563][ T9804] 8021q: adding VLAN 0 to HW filter on device bond1 [ 232.886118][ T9818] fuse: Unknown parameter 'use00000000000000000000' [ 233.624931][ T9823] netlink: 'syz.0.1136': attribute type 4 has an invalid length. [ 234.152574][ T9843] fuse: Unknown parameter 'use00000000000000000000' [ 234.176560][ T9845] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1145'. [ 234.240447][ T9845] 8021q: adding VLAN 0 to HW filter on device bond1 [ 234.256868][ T6491] kernel write not supported for file /adsp1 (pid: 6491 comm: kworker/0:4) [ 234.294162][ T9853] netlink: 'syz.2.1148': attribute type 4 has an invalid length. [ 234.546599][ T9858] befs: (nbd4): No write support. Marking filesystem read-only [ 234.550523][ T9858] syz.4.1149: attempt to access beyond end of device [ 234.550523][ T9858] nbd4: rw=0, sector=0, nr_sectors = 2 limit=0 [ 234.553682][ T9858] befs: (nbd4): unable to read superblock [ 235.882104][ T9887] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1154'. [ 236.667782][ T9887] netlink: zone id is out of range [ 236.668966][ T9887] netlink: zone id is out of range [ 236.670106][ T9887] netlink: get zone limit has 8 unknown bytes [ 239.122823][ T9919] process 'syz.0.1163' launched './file1' with NULL argv: empty string added [ 239.231200][ T9921] 9pnet: Could not find request transport: fd0x0000000000000003 [ 240.661455][ T9961] 9pnet_fd: Insufficient options for proto=fd [ 240.671884][ T9955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 240.686303][ T9955] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 243.958564][ T9982] 9pnet: Could not find request transport: fd0x0000000000000003 [ 244.258239][T10002] 9pnet_fd: Insufficient options for proto=fd [ 245.362056][T10035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 245.372601][T10035] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 245.549317][T10030] 9pnet: Could not find request transport: fd0x0000000000000003 [ 248.845728][T10062] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1207'. [ 248.845766][T10062] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1207'. [ 248.845780][T10062] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1207'. [ 248.845800][T10062] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1207'. [ 248.895745][ T2354] ieee802154 phy0 wpan0: encryption failed: -22 [ 248.897039][ T2354] ieee802154 phy1 wpan1: encryption failed: -22 [ 249.270188][T10087] 9pnet_fd: Insufficient options for proto=fd [ 250.864707][T10115] netlink: 'syz.0.1219': attribute type 1 has an invalid length. [ 252.676767][T10155] 9pnet_fd: Insufficient options for proto=fd [ 254.341315][T10204] 9pnet_fd: Insufficient options for proto=fd [ 257.434217][T10243] 9pnet_fd: Insufficient options for proto=fd [ 257.601519][T10246] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.603208][T10246] bridge0: port 1(bridge_slave_0) entered disabled state [ 259.943907][T10246] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 259.967439][T10246] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 260.806345][T10246] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.808452][T10246] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.810622][T10246] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.812502][T10246] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.848610][T10331] hub 9-0:1.0: USB hub found [ 263.850009][T10331] hub 9-0:1.0: 8 ports detected [ 264.407169][T10337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 264.409095][T10337] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 267.668540][T10396] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1297'. [ 269.399982][T10417] binder: 10416:10417 ioctl c018620c 200005c0 returned -1 [ 269.514396][T10420] fuse: Bad value for 'fd' [ 269.686797][T10425] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1309'. [ 270.606740][T10440] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1313'. [ 271.436379][T10439] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1314'. [ 271.665362][T10447] loop2: detected capacity change from 0 to 7 [ 272.354894][T10462] fuse: Bad value for 'fd' [ 272.457232][T10447] Dev loop2: unable to read RDB block 7 [ 272.458713][T10447] loop2: unable to read partition table [ 272.460052][T10447] loop2: partition table beyond EOD, truncated [ 272.462152][T10447] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 274.622491][T10491] netlink: 'syz.4.1329': attribute type 1 has an invalid length. [ 274.624732][T10491] netlink: 16166 bytes leftover after parsing attributes in process `syz.4.1329'. [ 274.790930][T10510] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 274.792763][T10510] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 275.043961][T10520] syz.3.1338: attempt to access beyond end of device [ 275.043961][T10520] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 275.052026][T10520] syz.3.1338: attempt to access beyond end of device [ 275.052026][T10520] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0 [ 275.061739][T10520] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 275.066770][T10520] syz.3.1338: attempt to access beyond end of device [ 275.066770][T10520] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 275.072491][T10520] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 275.075772][T10520] syz.3.1338: attempt to access beyond end of device [ 275.075772][T10520] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0 [ 275.078893][T10520] syz.3.1338: attempt to access beyond end of device [ 275.078893][T10520] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 275.081999][T10520] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 275.084499][T10520] syz.3.1338: attempt to access beyond end of device [ 275.084499][T10520] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 275.087285][T10520] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 275.090862][T10520] syz.3.1338: attempt to access beyond end of device [ 275.090862][T10520] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 275.101443][T10520] syz.3.1338: attempt to access beyond end of device [ 275.101443][T10520] nbd3: rw=0, sector=2048, nr_sectors = 8 limit=0 [ 275.107930][T10520] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 275.110788][T10520] syz.3.1338: attempt to access beyond end of device [ 275.110788][T10520] nbd3: rw=0, sector=4096, nr_sectors = 8 limit=0 [ 275.114032][T10517] nbd3: detected capacity change from 0 to 67108884 [ 275.130510][T10520] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 275.132717][T10520] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 275.139783][ T6410] block nbd3: Send control failed (result -89) [ 275.147142][ T6410] block nbd3: Request send failed, requeueing [ 275.153052][ T6431] block nbd3: Receive control failed (result -32) [ 275.155257][ T57] block nbd3: Dead connection, failed to find a fallback [ 275.157576][ T57] block nbd3: shutting down sockets [ 275.159128][ T57] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.161419][ T57] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.164892][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.167003][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.169327][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.171261][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.174547][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.176688][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.178512][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.180740][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.183574][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.185542][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.187995][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.190136][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.192036][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.197372][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.199062][ T6410] ldm_validate_partition_table(): Disk read failed. [ 275.200680][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.202616][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.205190][ T6410] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 275.207255][ T6410] Buffer I/O error on dev nbd3, logical block 0, async page read [ 275.209156][ T6410] Dev nbd3: unable to read RDB block 0 [ 275.210796][ T6410] nbd3: unable to read partition table [ 275.222895][ T6410] ldm_validate_partition_table(): Disk read failed. [ 275.224656][ T6410] Dev nbd3: unable to read RDB block 0 [ 275.226323][ T6410] nbd3: unable to read partition table [ 276.216207][T10529] netlink: 'syz.2.1342': attribute type 1 has an invalid length. [ 276.220430][T10529] netlink: 16166 bytes leftover after parsing attributes in process `syz.2.1342'. [ 276.794109][T10567] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 276.812031][T10567] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 277.231924][T10571] netlink: 'syz.2.1357': attribute type 1 has an invalid length. [ 277.235563][T10571] netlink: 16166 bytes leftover after parsing attributes in process `syz.2.1357'. [ 278.110667][T10587] fuse: root generation should be zero [ 278.920431][T10598] tipc: Enabled bearer , priority 0 [ 278.948778][T10598] syzkaller0: entered promiscuous mode [ 278.950113][T10598] syzkaller0: entered allmulticast mode [ 278.957940][T10598] tipc: Resetting bearer [ 278.961647][T10597] tipc: Resetting bearer [ 279.074054][T10597] tipc: Disabling bearer [ 279.237961][T10609] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1371'. [ 279.800051][T10609] 8021q: adding VLAN 0 to HW filter on device bond2 [ 279.958499][T10623] netlink: 'syz.3.1372': attribute type 1 has an invalid length. [ 279.960122][T10623] netlink: 16166 bytes leftover after parsing attributes in process `syz.3.1372'. [ 283.336809][T10658] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1384'. [ 284.240418][T10658] 8021q: adding VLAN 0 to HW filter on device bond2 [ 284.421149][T10668] netlink: 'syz.4.1387': attribute type 1 has an invalid length. [ 284.422890][T10668] netlink: 16166 bytes leftover after parsing attributes in process `syz.4.1387'. [ 287.255364][T10704] netlink: 'syz.1.1396': attribute type 4 has an invalid length. [ 287.449377][T10709] netlink: 'syz.0.1401': attribute type 1 has an invalid length. [ 287.452445][T10709] netlink: 16166 bytes leftover after parsing attributes in process `syz.0.1401'. [ 289.384102][T10736] netlink: 'syz.2.1410': attribute type 4 has an invalid length. [ 289.707003][T10743] netlink: 'syz.4.1413': attribute type 1 has an invalid length. [ 289.709113][T10743] netlink: 16166 bytes leftover after parsing attributes in process `syz.4.1413'. [ 289.924193][T10760] netlink: 'syz.2.1421': attribute type 4 has an invalid length. [ 290.669085][T10777] netlink: 'syz.3.1427': attribute type 1 has an invalid length. [ 290.675587][T10777] netlink: 16166 bytes leftover after parsing attributes in process `syz.3.1427'. [ 291.562795][T10802] netlink: 'syz.1.1434': attribute type 4 has an invalid length. [ 291.662718][T10806] netlink: 'syz.1.1438': attribute type 1 has an invalid length. [ 291.665266][T10806] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.1438'. [ 291.918605][T10820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 291.921550][T10820] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 292.156709][T10825] veth0_to_team: entered promiscuous mode [ 292.158034][T10825] veth0_to_team: entered allmulticast mode [ 292.947416][T10831] netlink: 'syz.1.1446': attribute type 4 has an invalid length. [ 293.298902][T10846] xt_nat: multiple ranges no longer supported [ 293.763685][T10841] netlink: 'syz.3.1450': attribute type 1 has an invalid length. [ 293.765246][T10841] netlink: 16166 bytes leftover after parsing attributes in process `syz.3.1450'. [ 294.419641][T10851] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1453'. [ 294.596762][T10862] netlink: 'syz.4.1458': attribute type 4 has an invalid length. [ 294.890508][T10874] trusted_key: encrypted_key: master key parameter '000000000000' is invalid [ 295.511233][T10878] netlink: 'syz.1.1463': attribute type 1 has an invalid length. [ 295.512917][T10878] netlink: 16166 bytes leftover after parsing attributes in process `syz.1.1463'. [ 295.819066][ T30] audit: type=1400 audit(295.650:14): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=rw pid=10884 comm="syz.2.1467" name="fuse" dev="devtmpfs" ino=95 [ 296.612709][T10888] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 296.951246][T10906] netlink: 'syz.0.1472': attribute type 4 has an invalid length. [ 297.468937][T10925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 297.474563][T10925] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 298.231934][T10942] netlink: 'syz.0.1487': attribute type 4 has an invalid length. [ 299.934130][T10971] infiniband syz2: set down [ 299.935332][T10971] infiniband syz2: added team_slave_1 [ 300.148249][T10971] RDS/IB: syz2: added [ 300.150055][T10971] smc: adding ib device syz2 with port count 1 [ 300.151771][T10971] smc: ib device syz2 port 1 has pnetid [ 300.654315][T10976] netlink: 'syz.0.1498': attribute type 4 has an invalid length. [ 301.728359][ T53] Bluetooth: hci4: command 0x0c1a tx timeout [ 302.567790][ T6431] Bluetooth: hci3: unexpected event for opcode 0x0c22 [ 302.793158][T11016] netlink: 'syz.3.1511': attribute type 4 has an invalid length. [ 303.039433][ T53] Bluetooth: hci2: unexpected event for opcode 0x1003 [ 303.041440][T11028] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1517'. [ 303.152705][T11024] loop0: detected capacity change from 0 to 40427 [ 303.169069][T11024] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 303.170860][T11024] F2FS-fs (loop0): Image doesn't support compression [ 303.189537][T11024] F2FS-fs (loop0): invalid crc value [ 303.192398][T11024] F2FS-fs (loop0): Found nat_bits in checkpoint [ 303.206617][T11024] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 303.492135][T11043] veth0_to_team: entered promiscuous mode [ 303.493683][T11043] veth0_to_team: entered allmulticast mode [ 304.159864][T11046] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 304.162029][T11046] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 304.205720][T11046] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 304.217736][T11046] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 304.497060][T11059] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1526'. [ 304.703060][ T6419] syz-executor: attempt to access beyond end of device [ 304.703060][ T6419] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 304.706576][ T6419] F2FS-fs (loop0): inject write IO error in f2fs_write_end_io of bio_endio+0x840/0x87c [ 304.708619][ T6419] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 304.773552][T11073] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1529'. [ 305.111978][T11059] 8021q: adding VLAN 0 to HW filter on device bond3 [ 306.292655][ T53] Bluetooth: hci0: unexpected event for opcode 0x0c22 [ 306.985816][T11114] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 306.988344][T11116] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1545'. [ 306.991108][T11114] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 307.009947][T11116] 8021q: adding VLAN 0 to HW filter on device bond1 [ 307.053662][ T53] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 307.055835][ T53] Bluetooth: hci2: Injecting HCI hardware error event [ 307.058505][ T53] Bluetooth: hci2: hardware error 0x00 [ 307.257987][T11100] loop0: detected capacity change from 0 to 40427 [ 307.269680][T11100] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 307.271642][T11100] F2FS-fs (loop0): Image doesn't support compression [ 307.351562][T11100] F2FS-fs (loop0): invalid crc value [ 307.375962][T11100] F2FS-fs (loop0): Found nat_bits in checkpoint [ 307.401825][T11100] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 308.190907][T11138] netlink: 'syz.3.1551': attribute type 4 has an invalid length. [ 308.319750][T11144] veth0_to_team: entered promiscuous mode [ 308.321061][T11144] veth0_to_team: entered allmulticast mode [ 308.401115][ T6419] syz-executor: attempt to access beyond end of device [ 308.401115][ T6419] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 308.408145][ T6419] F2FS-fs (loop0): inject write IO error in f2fs_write_end_io of bio_endio+0x840/0x87c [ 308.412557][ T6419] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 309.753766][ T53] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 309.787493][T11164] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1563'. [ 309.942785][T11166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 309.944895][T11166] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 310.320841][T11171] netlink: 'syz.3.1564': attribute type 4 has an invalid length. [ 310.336779][ T2354] ieee802154 phy0 wpan0: encryption failed: -22 [ 310.338288][ T2354] ieee802154 phy1 wpan1: encryption failed: -22 [ 310.511067][T11173] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1557'. [ 310.577094][T11173] 8021q: adding VLAN 0 to HW filter on device bond2 [ 310.731024][T11176] loop4: detected capacity change from 0 to 40427 [ 310.769355][T11176] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x1fffff [ 310.771362][T11176] F2FS-fs (loop4): Image doesn't support compression [ 310.774542][T11176] F2FS-fs (loop4): invalid crc value [ 310.778641][T11176] F2FS-fs (loop4): Found nat_bits in checkpoint [ 310.799572][T11176] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 311.877641][T11212] netlink: 'syz.0.1578': attribute type 4 has an invalid length. [ 311.977367][T11217] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1580'. [ 312.003882][T11217] 8021q: adding VLAN 0 to HW filter on device bond3 [ 312.128522][ T6424] syz-executor: attempt to access beyond end of device [ 312.128522][ T6424] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 312.141103][ T6424] F2FS-fs (loop4): inject write IO error in f2fs_write_end_io of bio_endio+0x840/0x87c [ 312.150415][ T6424] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 312.503466][T11236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 312.507303][T11236] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 313.060629][T11243] netlink: 'syz.0.1590': attribute type 4 has an invalid length. [ 313.412729][T11256] loop0: detected capacity change from 0 to 1024 [ 313.469746][T11256] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 313.602253][T11256] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 316.958045][T11275] netlink: 'syz.3.1602': attribute type 4 has an invalid length. [ 316.995932][ T6419] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.882853][T11314] loop3: detected capacity change from 0 to 1024 [ 320.189664][T11314] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 321.034050][T11319] netlink: 'syz.0.1615': attribute type 4 has an invalid length. [ 322.310522][T11314] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 323.508694][ T6425] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.052808][T11342] ax25_connect(): syz.3.1619 uses autobind, please contact jreuter@yaina.de [ 325.084395][T11348] netlink: 'syz.0.1624': attribute type 4 has an invalid length. [ 325.106350][T11348] netlink: 'syz.0.1624': attribute type 4 has an invalid length. [ 325.348581][T11356] netlink: 'syz.3.1628': attribute type 4 has an invalid length. [ 326.181531][T11367] binder: 11366:11367 tried to acquire reference to desc 0, got 1 instead [ 326.198106][T11367] binder: 11366:11367 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 326.200864][T11367] binder: 11367 RLIMIT_NICE not set [ 326.201999][T11367] binder: 11367 RLIMIT_NICE not set [ 326.208263][T11367] binder: send failed reply for transaction 15 to 11366:11367 [ 326.210367][T11367] binder: 11366:11367 ioctl c0306201 20000680 returned -14 [ 326.221824][ T6491] binder: undelivered TRANSACTION_COMPLETE [ 326.223489][ T6491] binder: undelivered TRANSACTION_ERROR: 29201 [ 326.296904][T11369] loop3: detected capacity change from 0 to 1024 [ 326.452593][T11369] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 326.514427][T11369] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 328.990059][T11391] netlink: 'syz.4.1639': attribute type 4 has an invalid length. [ 329.326587][ T6425] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.627369][T11417] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1648'. [ 330.630901][T11417] netlink: 'syz.2.1648': attribute type 10 has an invalid length. [ 330.633048][T11417] team0: Cannot enslave team device to itself [ 331.324821][T11423] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 331.326813][T11423] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 332.205091][T11431] netlink: 'syz.4.1652': attribute type 4 has an invalid length. [ 334.030593][ T6431] Bluetooth: hci3: unexpected event for opcode 0x0c22 [ 334.130428][T11450] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1660'. [ 334.181690][T11452] netlink: 'syz.0.1660': attribute type 10 has an invalid length. [ 334.249627][T11452] team0: Cannot enslave team device to itself [ 334.559902][T11462] netlink: 'syz.3.1664': attribute type 4 has an invalid length. [ 335.385775][T11480] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1671'. [ 335.399133][T11480] netlink: 'syz.2.1671': attribute type 10 has an invalid length. [ 335.400831][T11480] team0: Cannot enslave team device to itself [ 336.250658][T11492] netlink: 'syz.1.1675': attribute type 4 has an invalid length. [ 336.929174][T11518] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1684'. [ 336.941310][T11518] netlink: 'syz.0.1684': attribute type 10 has an invalid length. [ 336.948054][T11518] team0: Cannot enslave team device to itself [ 337.128532][T11527] veth0_to_team: entered promiscuous mode [ 337.129838][T11527] veth0_to_team: entered allmulticast mode [ 337.388754][T11530] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.1691'. [ 337.390794][T11530] netlink: zone id is out of range [ 337.391755][T11530] netlink: zone id is out of range [ 337.392933][T11530] netlink: get zone limit has 8 unknown bytes [ 338.974151][T11556] netlink: 'syz.2.1695': attribute type 4 has an invalid length. [ 342.739884][T11597] netlink: 'syz.2.1707': attribute type 4 has an invalid length. [ 343.531317][T11629] loop4: detected capacity change from 0 to 1024 [ 343.625314][T11629] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 344.506767][T11629] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.511385][T11647] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1717'. [ 345.782718][ T6424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 347.620952][T11685] pim6reg1: entered promiscuous mode [ 347.624710][T11685] pim6reg1: entered allmulticast mode [ 347.887754][T11698] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1733'. [ 351.761383][T11733] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1742'. [ 352.085149][T11742] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1746'. [ 352.087372][T11742] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1746'. [ 355.355805][T11793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1758'. [ 355.533096][T11800] Soft offlining pfn 0x137685 at process virtual address 0x20455000 [ 355.540079][T11800] Soft offlining pfn 0x137686 at process virtual address 0x20456000 [ 355.973026][T11797] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1759'. [ 355.975457][T11797] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1759'. [ 357.458056][T11834] rdma_rxe: rxe_newlink: failed to add team_slave_1 [ 357.817318][T11853] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1771'. [ 357.819165][T11853] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1771'. [ 358.646149][T11862] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1778'. [ 358.649460][T11862] netlink: 'syz.3.1778': attribute type 10 has an invalid length. [ 358.681533][T11862] team0: Cannot enslave team device to itself [ 359.646907][T11889] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1785'. [ 362.378430][T11937] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1799'. [ 362.383963][T11932] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1797'. [ 364.126224][T11961] hub 9-0:1.0: USB hub found [ 364.127602][T11961] hub 9-0:1.0: 8 ports detected [ 366.522572][T11979] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1810'. [ 367.528929][T11997] 9pnet_fd: Insufficient options for proto=fd [ 367.989828][T12013] rdma_rxe: rxe_newlink: failed to add team_slave_1 [ 368.566407][T12021] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1822'. [ 370.489792][T12048] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 370.521922][T12048] netlink: 'syz.4.1832': attribute type 10 has an invalid length. [ 370.540347][T12048] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 371.307052][T12056] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1833'. [ 371.608133][T12068] rdma_rxe: rxe_newlink: failed to add team_slave_1 [ 371.698984][ T2354] ieee802154 phy0 wpan0: encryption failed: -22 [ 371.702715][ T2354] ieee802154 phy1 wpan1: encryption failed: -22 [ 373.083436][ T6491] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 373.233436][ T6491] usb 1-1: Using ep0 maxpacket: 16 [ 373.235827][ T6491] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024 [ 373.238369][ T6491] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024 [ 373.240550][ T6491] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 373.242563][ T6491] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 373.246763][ T6491] usb 1-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 373.248772][ T6491] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 373.250450][ T6491] usb 1-1: Product: syz [ 373.251519][ T6491] usb 1-1: Manufacturer: syz [ 373.252555][ T6491] usb 1-1: SerialNumber: syz [ 373.269510][ T6491] usb 1-1: config 0 descriptor?? [ 373.272064][T12090] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 373.277873][ C0] port100 1-1:0.0: NFC: Urb failure (status -71) [ 373.280182][ T6491] port100 1-1:0.0: NFC: Could not get supported command types [ 373.508936][T12099] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1847'. [ 373.531333][ T6491] usb 1-1: USB disconnect, device number 11 [ 375.274324][T12134] rdma_rxe: rxe_newlink: failed to add team_slave_1 [ 375.382663][T12137] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1858'. [ 377.559477][T12169] rdma_rxe: rxe_newlink: failed to add team_slave_1 [ 378.161377][T12174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.268584][T12174] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.513656][T12184] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.524327][T12184] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 382.455702][T12227] syz2: rxe_newlink: already configured on team_slave_1 [ 385.204383][T12268] @: renamed from vlan0 [ 385.747962][ T53] Bluetooth: hci5: sending frame failed (-49) [ 385.750458][ T6431] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 385.754800][T12281] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 385.829631][T12283] xt_nat: multiple ranges no longer supported [ 388.407752][T12321] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1913'. [ 388.673063][T12326] ufs: You didn't specify the type of your ufs filesystem [ 388.673063][T12326] [ 388.673063][T12326] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 388.673063][T12326] [ 388.673063][T12326] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 388.679617][T12326] ufs: ufstype=old is supported read-only [ 388.681484][T12326] syz.2.1912: attempt to access beyond end of device [ 388.681484][T12326] loop5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 390.876640][T12355] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1924'. [ 392.026382][T12374] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1930'. [ 392.926188][T12394] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1936'. [ 394.016721][T12408] netlink: 'syz.4.1938': attribute type 1 has an invalid length. [ 394.018703][T12408] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1938'. [ 394.583453][T12405] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1941'. [ 394.747982][T12418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 394.751038][T12418] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 395.973706][T12445] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1954'. [ 396.764325][T12450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1956'. [ 396.766108][T12450] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1956'. [ 397.594601][T12464] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1960'. [ 398.602304][T12488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1970'. [ 398.605073][T12488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1970'. [ 398.971467][T12500] xt_NFQUEUE: number of total queues is 0 [ 401.418694][T12527] fuse: Unknown parameter 'grou00000000000000000000' [ 403.990352][T12570] fuse: Unknown parameter 'group_i00000000000000000000' [ 404.699402][ T53] Bluetooth: hci4: command 0x0c1a tx timeout [ 405.139279][T12603] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2003'. [ 405.152650][T12602] batman_adv: batadv0: Adding interface: gretap1 [ 405.156995][T12602] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 405.162444][T12602] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 405.302536][T12611] fuse: Unknown parameter 'group_i00000000000000000000' [ 406.426380][T12633] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2015'. [ 406.522418][ T30] audit: type=1326 audit(406.500:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.533464][ T30] audit: type=1326 audit(406.510:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.546223][ T30] audit: type=1326 audit(406.510:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.565497][ T30] audit: type=1326 audit(406.510:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.574005][ T30] audit: type=1326 audit(406.520:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.582674][ T30] audit: type=1326 audit(406.520:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.586273][T12642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2019'. [ 406.595233][ T30] audit: type=1326 audit(406.520:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.599946][ T30] audit: type=1326 audit(406.520:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.603892][T12644] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2020'. [ 406.608762][ T30] audit: type=1326 audit(406.520:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 406.616811][ T30] audit: type=1326 audit(406.520:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12638 comm="syz.0.2018" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4553b68 code=0x7ffc0000 [ 407.984567][ T6431] Bluetooth: hci4: unexpected event for opcode 0x0022 [ 408.282787][ C1] ------------[ cut here ]------------ [ 408.284400][ C1] WARNING: CPU: 1 PID: 12665 at net/mac80211/tx.c:5040 __ieee80211_beacon_get+0xf40/0x12a4 [ 408.286629][ C1] Modules linked in: [ 408.287419][ C1] CPU: 1 UID: 0 PID: 12665 Comm: syz.3.2027 Not tainted 6.13.0-rc3-syzkaller-g573067a5a685 #0 [ 408.289505][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 408.291734][ C1] pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 408.293409][ C1] pc : __ieee80211_beacon_get+0xf40/0x12a4 [ 408.294636][ C1] lr : __ieee80211_beacon_get+0xf40/0x12a4 [ 408.295832][ C1] sp : ffff800080017a60 [ 408.296622][ C1] x29: ffff800080017aa0 x28: 0000000000000000 x27: 0000000000000041 [ 408.298328][ C1] x26: ffff0000ce6ecd80 x25: ffff0000d1e25c00 x24: 0000000000000000 [ 408.299924][ C1] x23: ffff0000cbd08e40 x22: ffff800080017b20 x21: ffff0000ce6ee500 [ 408.301721][ C1] x20: dfff800000000000 x19: ffff0000ce6ee9d0 x18: ffff0000d2218240 [ 408.303493][ C1] x17: ffff800123f1a000 x16: ffff80008069d39c x15: ffff700010002f65 [ 408.305108][ C1] x14: 0000000000000000 x13: 0000000000000007 x12: ffff0000ee3a3c80 [ 408.306860][ C1] x11: 0000000000ff0100 x10: 0000000000ff0100 x9 : 0000000000000000 [ 408.308659][ C1] x8 : ffff0000ee3a3c80 x7 : 0000000000000000 x6 : 0000000000000000 [ 408.310398][ C1] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff80008af75acc [ 408.312052][ C1] x2 : 000000000000000a x1 : 0000000000000000 x0 : 0000000000000000 [ 408.313678][ C1] Call trace: [ 408.314331][ C1] __ieee80211_beacon_get+0xf40/0x12a4 (P) [ 408.315595][ C1] ieee80211_beacon_get_tim+0xbc/0x29c [ 408.316741][ C1] mac80211_hwsim_beacon_tx+0x338/0x70c [ 408.317851][ C1] __iterate_interfaces+0x250/0x504 [ 408.318966][ C1] ieee80211_iterate_active_interfaces_atomic+0xd4/0x180 [ 408.320373][ C1] mac80211_hwsim_beacon+0xcc/0x1c8 [ 408.321456][ C1] __hrtimer_run_queues+0x47c/0xca4 [ 408.322712][ C1] hrtimer_run_softirq+0x158/0x21c [ 408.323789][ C1] handle_softirqs+0x320/0xd34 [ 408.324838][ C1] __do_softirq+0x14/0x20 [ 408.325793][ C1] ____do_softirq+0x14/0x20 [ 408.326789][ C1] call_on_irq_stack+0x24/0x4c [ 408.327809][ C1] do_softirq_own_stack+0x20/0x2c [ 408.328874][ C1] __irq_exit_rcu+0x1d8/0x544 [ 408.329903][ C1] irq_exit_rcu+0x14/0x84 [ 408.330884][ C1] el1_interrupt+0x38/0x68 [ 408.331778][ C1] el1h_64_irq_handler+0x18/0x24 [ 408.332847][ C1] el1h_64_irq+0x6c/0x70 [ 408.333782][ C1] page_ext_get+0x160/0x2e8 (P) [ 408.334890][ C1] page_table_check_set+0xa0/0x408 [ 408.336053][ C1] __page_table_check_ptes_set+0x2d0/0x398 [ 408.337290][ C1] set_pte_range+0x618/0x644 [ 408.338301][ C1] finish_fault+0x968/0xd6c [ 408.339247][ C1] handle_pte_fault+0x2e8c/0x5890 [ 408.340313][ C1] handle_mm_fault+0xf0c/0x17b0 [ 408.341426][ C1] __get_user_pages+0x15e4/0x3134 [ 408.342605][ C1] populate_vma_page_range+0x220/0x2f0 [ 408.343847][ C1] __mm_populate+0x240/0x3d8 [ 408.344835][ C1] vm_mmap_pgoff+0x284/0x38c [ 408.345892][ C1] ksys_mmap_pgoff+0xd0/0x5c8 [ 408.346888][ C1] __arm64_sys_mmap+0xf8/0x110 [ 408.347955][ C1] invoke_syscall+0x98/0x2b8 [ 408.348931][ C1] el0_svc_common+0x130/0x23c [ 408.349939][ C1] do_el0_svc+0x48/0x58 [ 408.350809][ C1] el0_svc+0x54/0x168 [ 408.351751][ C1] el0t_64_sync_handler+0x84/0x108 [ 408.352853][ C1] el0t_64_sync+0x198/0x19c [ 408.353876][ C1] irq event stamp: 27411 [ 408.354866][ C1] hardirqs last enabled at (27410): [] _raw_spin_unlock_irqrestore+0x38/0x98 [ 408.357062][ C1] hardirqs last disabled at (27411): [] el1_dbg+0x24/0x80 [ 408.358824][ C1] softirqs last enabled at (27398): [] handle_softirqs+0xb44/0xd34 [ 408.360842][ C1] softirqs last disabled at (27407): [] __do_softirq+0x14/0x20 [ 408.362906][ C1] ---[ end trace 0000000000000000 ]---