last executing test programs: 18.203722791s ago: executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) epoll_create1(0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2c}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 17.686213961s ago: executing program 1: setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8c0c2, 0xc9) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) openat$cgroup_int(r0, 0x0, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x180000e, &(0x7f00000001c0)={[{@usrjquota}, {@mblk_io_submit}, {@acl}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x434, &(0x7f00000002c0)="$eJzs289rHFUcAPDv7CataVMTS/3RtGq0isEfSZPW2oMXRcGDgqCHeoxJWmK3jTQRbAkaRepRCt7Fo+Bf4Ekvop4Er3qXQpFcWj2tzO5MsrvZTbPpJlvdzwcmeW/mLe99d+btvjdvJ4CeNZr+SSIGI+L3iBiqZusLjFb/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvzTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmR0s4NPlssdrq67DtSkk74uNoS2FKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNRm/Y2LJBvHP4Xr2wpsi9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96Tsejfm+YnN6njh1d++6LVsdrxX7ql9edjwawd1/v21r9mdnpp+k5irnXjk4iRvmbxJ2srAUlEHI6IkW3WMf/0N0dbHbt9/JvowDpT+euIp6rnfyUa4s8lm69PTtwTpbnjE/lVsdEvv159s1X9dxR/B6Tnf1/T638t/uGkdr12sf06rv7xecs5zXav/z3J23X7PpxeWro0GbEneb3a6Nr9Uw3lptbLp/GPHWve/w/G+jtxJCLSi/jhiHgkIh7N2v5YRDweEcc2if+nl594r27H2GAb8e+sNP7Zts7/emJPNO5pniie//G7ukqHo4340/N/spIay/Zs5fNvK+3a3tUMAAAA/z2FiBiMpDC+li4Uxserv+E/FPsKpYXFpWfOLnxwcbb6jMBw9BfyO11DNfdDJ7NpfZ6fasifyO4bf1kcqOTHZxZKs90OHnrc/hb9P/VnsdutA3ac57Wgd+n/0Lv0f+hd+j/0rib9f6Ab7QB2X7Pv/4+70A5g9zX0f8t+0EPM/6F36f/Qu/R/6EmLA3H7h+QlJDYkonBXNENihxLd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojH8DAAD//ygv5wk=") r1 = creat(&(0x7f00000001c0)='./file1\x00', 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000200), 0x208e24b) lseek(r1, 0x7ffffc, 0x0) write$binfmt_elf64(r1, &(0x7f0000001a40)=ANY=[], 0xfd14) 16.033474194s ago: executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_INGRESS={0x8, 0xf, 0xfffffffd}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 14.265605988s ago: executing program 1: pipe(&(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000a40)=[{&(0x7f0000000480)="ba", 0x1}], 0x1, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) 13.233301483s ago: executing program 1: r0 = open(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prlimit64(0xffffffffffffffff, 0xe, &(0x7f0000000340)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r2 = getpid() r3 = socket$inet_sctp(0x2, 0x5, 0x84) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000), 0x48) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r4, 0x4b36) ioprio_set$pid(0x3, 0xffffffffffffffff, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f00000ff000/0x1000)=nil, 0x1000, 0xb635773f04ebbeef, 0x810, r0, 0x2dee1000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r7, &(0x7f0000002080)=[{{&(0x7f0000000180)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000000)="ca0fd6d3801886dac6aa3bce47ff0c30aefc6c84be0404c6207f7f6be9d3806971126f3bd85ecb1e294a7f220906d5da65aa5d50e2b8ec89fa23011f873ce5f46b89122ba30a42d4e09ba61435b8a7c3e47276fa0998590f37a8c9280a1ef60dae3b9e77e8e184b81491c9c6a9f6afeabc696d052d683a0c272c89e3daa0517ec339366d79543979fd98a2efa66e5f40ca8a6343eb343fcdf5d59bc23cbf916aab4f05aea1", 0xa5}, {&(0x7f00000001c0)="cdb6a40a11584a15d4b3e1f9c1d956b1b1bd40fe9238a8622f69427a708f83e1b0fe3e3208bb13f558acdc65ad34ac7c6613743d97384bfb04cd509816840e2c82b4da1067341ffaece26a40c6f823bcbae8cf04fb7d1dda3423a3485403e846329147c3991a6e966005755b50d906cc43a4ac30081f55062d72e54b925c6f49f9a9d9f0ae726f8587a247d2ef61e8b7becd6b99d7f4539ab09401b28e459d1efa48d3302a597ed2dfa82dec765c5cb17a2fcb08129547c875cd1fd8e81056eeba2f0087d88e82f6894e", 0xca}, {&(0x7f0000002ec0)="7a57651d857cd0111d7af8598129ec5cf57c79d56198b57b00fec04469832492fdefeafc5cf30c8dac67653753fecb7e2e5c1d92043f6d40b0bd007023d2accf949c47d505580ebb32faa174fe9a9e2a0ea2c46f93ae8536f4c515fd645f014fc97cce1751813348a93a01250ae034f1b3bb5e1ece4681cce4e443c470dffa96a821d562a4817284a2c0c4c69b3e6baad17c8489aa58aaeff1dc8cfba57cf5585f8461583b375ab381ad75440f1f71175e7b3f889593d7e8daa22cf4d58da8a32947a723dd9db3b8dd9a852fe705a8ec64ac39e8a4dd6eb12b5629533feda9446f06a75d278caf15c6fe48e2b67cad04fc36235bb5fe12071ec5f5c5e252dedcecd7766e399be95a59f7f408f98ae59ce69980af9da885d7e6f7e0a2b6d20ba5497e779cd6811ff160f5694a5794272fd4d1cf85a37028c4356f4cd7ad4d0863d73e93c55b2d4a8c37be6b3b0e9abb8e544cb0d89fcb02046b1cb60ae103c706641acaf1f97788268872884e33d2d85589427a66b94028a1a8e9048b884dcb683181b133b99082415d4e8f93ca1f80ac1e73ee8b06ae92cacfb89478a795004401832d41c9a8eae398540bf53d1fed84dc40345f966e3f15c77605222174cca5c3dbe252fdd22a1034d5a7fa446da32cb255c95cfeed05e8d7d886679927cca010216721b8a9d8eccf068a4df78842ac2db53939a5ea25c9845c5f4d5711cd870ac97ac708e506325d25f268aa2ee43a4c35d120472a4a5ccadf7f9650cb7947859d584d1b377f7a2a81a874a4696151436778bf7006ac787032d51277430b838b864bff50ab82bd0cfde51af7863519b9c6f8c3c6e205d90f2e48ba484cb536e5b96a36546fdd207f63753833ce60bd83ddf02c89aef2892449b7f1d15764d645733ed65ac6ced4090d21578a54cbf9c44e13b67327d133fe5dbfb36677ef15496548f3e4156ac5c5702c931245bf0ee7c6f2c1ef4fdfdfa8ad516f543f6fb600aa5785e1cab7e850c99b10025566806121f9b0987e9f0ef5789a17d93e044c4d87b86edd7072a8a99c9e22a605d29e1c94aa127a6298c9c85c0130caece0a1308e0d7470ff9ea676f9a16e6cc8292b034a510f5adfcee0d48919c8f552d20e81f359aebefbe328f6500e669bf8b8def4bf86fd2b8ae9abd154d4e7614dadd058eac5a04c1f1c7277b8158c8e254808baaee101fd63b3a18302c2c86cd56322f03034315eb03d5fd1033741442ee99cd0666807deda47c41860052b0b3f73a93bfa7ac7aea8a0527f8e930f86f98639a814f8e246828a034455e5cfa492b7a33758146ee3bdb309f16a99cd4d21054361f93ee8bfe71ad6e17c7a0d96da4b2329b1b7ec387875685130fb84412d95f8f87a1111c6096b5fd25455245dcebe98011355b2401abffd5d850c64375aeb22c03b12bf1d703b41603d1446b7a649d32149d574ba6546311dd4513f4fb770bce165eea4e3b015651c7c1cc2e3396eed07e59c4ee285f003b67b835d36997f84644b4f579bc4e3ba007db8a88e6898c8005be13ea60376b9b15b", 0x44a}], 0x3, &(0x7f00000004c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x28}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x38}}], 0x1, 0x8040) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r9}, 0x10) sendmmsg$inet(r7, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000001200)="11819ebe", 0x4}], 0x1}}], 0x1, 0x0) 12.556204766s ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r0, &(0x7f0000000000), 0x100000008) ioctl$EVIOCGRAB(r0, 0x80044584, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000140)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x16, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) timer_settime(r1, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) 6.855805583s ago: executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2c}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 6.47353709s ago: executing program 4: r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001) fchdir(r0) prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000240)) socketpair$unix(0x1, 0x3, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000)) io_uring_setup(0xfc2, &(0x7f0000000180)) fcntl$lock(0xffffffffffffffff, 0x25, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x7, &(0x7f0000000000)={0x0, 0x0, 0xd4a4}) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) r3 = socket$qrtr(0x2a, 0x2, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000002030102000000000000000000000010080001000100000016c798a7a8be429f266aaa9fc26d5d401e00572f6bbf0e38b11b74fb052adbead0994c7e8c6a24cc5be3479fc2117ee54cc3b0a38ad3b7f90b31dfae64b66dd684f56214dcdc8185e581b1c33f5ad671e8ac18454066395c8eec06f484df86911de70a9410dc9f2a63839212062db703bd9a386bb2ca210a712924631d3923da233f43ce65cff9022548853c33ff260bfd4ca4580f8a1c80d4548497e4b492b934d2052345915c29838b78932aa8abe8c36f053711e5dc0b6a0812"], 0x1c}}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000380)=@assoc_value, &(0x7f00000003c0)=0x8) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000140)={'virt_wifi0\x00', 0x1}) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000000)={'virt_wifi0\x00'}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x5, &(0x7f0000000080)=[{0x45, 0x0, 0x2}, {}, {}, {0x20, 0x0, 0x0, 0x20}, {0x6}]}) syz_open_dev$vcsn(&(0x7f0000000000), 0x1ff, 0x800002) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x2e) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10065, 0x0) 5.115601339s ago: executing program 3: pipe(&(0x7f0000000580)) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x8) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) 4.833786115s ago: executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r0, 0x4b36) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x0}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x77359400}) 4.083564426s ago: executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f00000001c0)=[@in={0x2, 0x0, @dev}], 0x10) 3.79352752s ago: executing program 4: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) r1 = socket$isdn(0x22, 0x2, 0x26) dup3(0xffffffffffffffff, r1, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000100)=0x6) ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000000)=0x7fffffff) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000040)) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) 3.674948252s ago: executing program 3: socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x0, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) socket(0x1, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xfffffffffffffe4e}, 0x1, 0x0, 0x0, 0x48000}, 0x4040001) r1 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x0}, 0x90) r2 = socket$packet(0x11, 0x3, 0x300) r3 = syz_open_dev$vim2m(&(0x7f0000000c00), 0x200000000000181, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000040)={0x15, 0x1, 0x0, "6106007722366ccef4ba566c4acd3d00e7bfeb8cace586d83a5000"}) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000200)=@gcm_128={{}, "0d54c35538947a23", "1ab9ab66d3cce1a9f43816747889cefb", "a716d7c6", "81b80f4c9a029f04"}, 0x28) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6tnl0\x00', 0x0}) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3e, 0x4) sendto$packet(r2, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r5, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) keyctl$restrict_keyring(0x3, 0xfffffffffffffffb, 0x0, 0x0) request_key(0x0, &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='\x00', 0x0) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x2, 0xfff0}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x6, 0xa, 0x9, 0xfff0, 0x41}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8}, {}, {0x15, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 3.472290483s ago: executing program 2: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) ioperm(0x0, 0x23d, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)={0x77359400}, 0x0) 3.290819208s ago: executing program 0: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) sendto$inet(r0, &(0x7f00000000c0)='G', 0xfffffffffffffca0, 0x8001, 0x0, 0x0) shutdown(r0, 0x1) syz_io_uring_setup(0x19f7, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 2.921732634s ago: executing program 2: setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8c0c2, 0xc9) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, 0x0}) openat$cgroup_int(r0, 0x0, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x180000e, &(0x7f00000001c0)={[{@usrjquota}, {@mblk_io_submit}, {@acl}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x434, &(0x7f00000002c0)="$eJzs289rHFUcAPDv7CataVMTS/3RtGq0isEfSZPW2oMXRcGDgqCHeoxJWmK3jTQRbAkaRepRCt7Fo+Bf4Ekvop4Er3qXQpFcWj2tzO5MsrvZTbPpJlvdzwcmeW/mLe99d+btvjdvJ4CeNZr+SSIGI+L3iBiqZusLjFb/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvzTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmR0s4NPlssdrq67DtSkk74uNoS2FKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNRm/Y2LJBvHP4Xr2wpsi9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96Tsejfm+YnN6njh1d++6LVsdrxX7ql9edjwawd1/v21r9mdnpp+k5irnXjk4iRvmbxJ2srAUlEHI6IkW3WMf/0N0dbHbt9/JvowDpT+euIp6rnfyUa4s8lm69PTtwTpbnjE/lVsdEvv159s1X9dxR/B6Tnf1/T638t/uGkdr12sf06rv7xecs5zXav/z3J23X7PpxeWro0GbEneb3a6Nr9Uw3lptbLp/GPHWve/w/G+jtxJCLSi/jhiHgkIh7N2v5YRDweEcc2if+nl594r27H2GAb8e+sNP7Zts7/emJPNO5pniie//G7ukqHo4340/N/spIay/Zs5fNvK+3a3tUMAAAA/z2FiBiMpDC+li4Uxserv+E/FPsKpYXFpWfOLnxwcbb6jMBw9BfyO11DNfdDJ7NpfZ6fasifyO4bf1kcqOTHZxZKs90OHnrc/hb9P/VnsdutA3ac57Wgd+n/0Lv0f+hd+j/0rib9f6Ab7QB2X7Pv/4+70A5g9zX0f8t+0EPM/6F36f/Qu/R/6EmLA3H7h+QlJDYkonBXNENihxLd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojH8DAAD//ygv5wk=") r1 = creat(&(0x7f00000001c0)='./file1\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_elf64(r1, &(0x7f0000001a40)=ANY=[], 0xfd14) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=ANY=[], 0x0, 0x0) 2.69800549s ago: executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2c}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.533602238s ago: executing program 4: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_INGRESS={0x8, 0xf, 0xfffffffd}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x3}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 2.28250985s ago: executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)) 1.998207374s ago: executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r0, 0x4b36) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x4003, &(0x7f00000008c0)={[{@noinit_itable}, {@jqfmt_vfsv0}, {@discard}, {@bsdgroups}, {@jqfmt_vfsv1}, {@errors_continue}, {@journal_checksum}]}, 0x2, 0x4ef, &(0x7f0000001fc0)="$eJzs3MtrXNUfAPDvnSRt0scv+dVnH9rRKgbFpkmfCxdWFLoRBEXqMiZpqU1baSK0JdgoUsGF0r/Ax07wL3ClG1FxobhV3IpQJJtWFzJyZ+7EO51HHp1kmuTzgUnOuffce865956Ze86ZOwFsWMX0TxKxLSJ+iYj+SrQ2QbHy79bczNhfczNjSZRKL/+ZlNPdnJsZqyatbrc1iwwWIgrvJbG7Qb5Tl6+cHZ2cnLiYxYemC1no3OjpidMT50eOHTt0sO/okZHDbalnWqabu96+sGfnideuvzh28vrr332RlreUrc/Xo2KgfifdrXLoqltSjGLtscx5fPFFXxO258JJ+TgVOlcYFq0ru6x7yu2/v5Qpr+uPF96tptvUyUICKyJt7Jvrls5/ls2W8pKksgGwPnSHNg0bVPWD/uZc2lOdGavvBzfQsh+8ttw4HuUKpfW+lb0qa7rLPdjiQKVv1LNC+d8bESdn//44fUXDcQgAgPb66njEluy+o/qqrCnE/bl0/8tGhQYi4v8RsSMi7snuX+6LKKd9ICIezG2TZPNJrRRvi9ff//zUlwXyt6ttk97/PZPNbdXe/83PXwx0ZbHt5fr3JKfOTE4cyI7JYPRsTuPD9bueH1b7+vmfP2qWfzF3/5e+0vyr94JZOf7ovm2Abnx0evRO6111453ygb1aX/8kupNqKGJnROxaxv7TY3bmyc/3NFtfU/+0nvn696Z/Pmy+8zb0Q0qfRjxROf+zcVv9I5v3SMrzk+feHJq6fOXpM/n5yeGjR0YOD/XG5MSBoepVUe/7H6+9lAXruhELn/+VlZ7/LQ2v//mZy4EkP187tfQ8rv36ftM+zXKv/03JK+VwdV7q0uj09MXhiE3JbP3ykf+2vTTaV5M+rf/gvsbtf0fEP59k2+2OiPQifigiHo6IvVnZH4mIRyNiX4v6f/vcY28060LeDed/fEnnv1ng2R8iGq/qOvvNl3UZf1BcZP3T83+oHBrMloyPTvcuVK9WJc0H7vgAAgAAwBqwNyK2RVLYn41xbotCYf/+iK3zIyhT00+duvDW+fHKMwID0VOojnT158ZDh7Ox4TSebjWSi6frD5bHjUulUqkvjaf998ntna06bHhbm7T/1O/1j7QA682S5tGaPdEGrEnLn0dv/xcygNW1jr7PDyxRi/bvVxxgnVv05/9KPQUHdEyj9n814lYHigKsskbt/9UOlANYfcb/YOPS/mHDWvBhWmBdWtRD8ssI7DjRIk3SvTKZNg8UomZJ+o5X8ysAAxHVxNUvOLbe4W+FiPaUsKutNe2rOaeFhml6ox15RWHBNN1L+CGG1Q0U7o5iVAKbI2KBq3f+YrtaDVxZ6YKVG8FnnX13AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuHP/BgAA//8+adeb") mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x77359400}) 1.676922921s ago: executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x1694, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000002700)={0x1, 0x2, 0x0, &(0x7f0000000200)=[{0x0}], 0x0}, 0x20) 1.288291451s ago: executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000380)={'wpan3\x00', 0x0}) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_DEV(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYRES16], 0x40}, 0x4, 0x700000000000000}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x8b}]}, &(0x7f0000000000)='GPL\x00', 0x5}, 0x90) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, 0x0) sendmsg$NL802154_CMD_NEW_SEC_DEV(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="c58e00000000000000001a00000008000300", @ANYRES32, @ANYBLOB="0c002e8006"], 0x28}}, 0x0) sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r1, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)={0x54, r2, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x8884}, 0x40000) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r7) sendmsg$NLBL_MGMT_C_ADD(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000ec0)={0x114, r8, 0xe701ac47a3d23ecd, 0x0, 0x0, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_DOMAIN={0xce, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x00\x00\x00od\xe6,\xd3@I\x17\xf3\xbees0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93U6\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3im~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\xbfm\x846\xe7\x7fp\x9eCdb\xad;\xa2\x8fs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4\x8fK=E0\xe8R\x83'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @dev}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x114}}, 0x0) 1.168385506s ago: executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSACTIVE(r1, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000002007910480000000000710433000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x14) r2 = epoll_create1(0x0) sendmmsg(r0, &(0x7f0000001680)=[{{&(0x7f0000000480)=@ax25={{0x3, @null, 0x3}, [@null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x80, &(0x7f0000001640)=[{&(0x7f0000000500)="b974d5e017d762af139cfd3dc5ac674644bd37aafd10ed601feb065f08c9957eb73173e9defa87c339b05baa4a2d79a323fa3636a576ad43593c482523edab5762b82aa518e3653e6ebd6468b4ac363b13470ad23f18cbcd0a7624a96529f9ddb4c091155ddbc271385f291978ef33db26324df8ad62a6367d0e07762d37443f4e2e60f44fbe259333e42f704629b41d8e699b59b3b0130b2b3424fe6eaa4c11174fa17855587148ae640a7365f70af1e1a3dc56fb28f72e12e0573ccc2131d6827f6f3962086cac048b00548681be64c50378fea01f1a0d02886a010210cba27d824d1a0c693540f4aec0ff93a0977c8b72f9dcbd206931a3dfc76923b96cdbcafb5a02165d33319807460b096d6229a0b0109bc988b6f1b7706413384c49cf9c3b2d219266f68641c184c8594b21182881fd9e81aedd1c48e3c3fa8a254a60db7b637ddfe9970086fc3fdc6c4fc75d4b89bac094d94b14f6746f99717f2efb67244b5535bc50fc683b4fdec61cca23d2aba17d43b34d75ebbe3efbaae29dec7731e199c291cd47add350eb8f26509a32e66a6f94b14a3500ec240ebc44a9fb16843b2409d2bf408516edbef1412000184e86c623280086c8bef0ef4fd6310cfb629641e0f14c6ba6586959faf4ef5b93fdef74c2ae719ef92e264312d88a0fbf96dd8e62bfff92e51659a5d4508c52553d284a5774cc82ed5b576c2e57b0a442d7f86137247b06e278f25ecce7d9fc3cbc472c54966f566e63aafa6b7b22d04f72b4d9223ecb931e962c8a32cbc5f4d74609cae11bb63309c8d634b0f960ae0a7a01041715701ffff2eddbdf05ff48d555c9634c5387c6388f12b7b4689e81d1216ad298f6895eb0f3b23446d9c573b99fce4966221d70e76f9b57a75b9a815445948077cb778626476988292385c1e6ae68870f6fd52784f6f974d93a7db2535d8b8252f9f0b8f36555d9bbf27fbd4220577a3dd59fcab7aabf53e8eb1fd5c0aa64e4a1e59938e6f1d868de82b2573f495b43a38627ca7aadce97913f343d89f3f23f33e742a482299e6c6cc7f619795aef903f75cb2bc70a14c74f2161a4a1f7b57da3c9bc7ae6f7cebd64384891481e2ef4892e538de63ab5be7ffdbd5c7bacf5aa34c04373e16fb7307b2adfe8d3c77155f83d4bce1b89982f9bfe6e437624611534175babe1c9c769d44876eb200457be24814714fec65b11944ce0c9432f58dfc17f841fcd7e9b1c2516923e32e2bc335b4ee841ce1507ea818fa862aee6c061b05ca95e326c38f5a2c974c20351e4152f55e7c06aea41f3ae7383603c492b4771a7705b23c3d265c3a197c93c0e1d1f5c9e0ee62d63fec659eaeee7e18e768c378ed108060689866fb20ef1806227a897ef5b85f724ec824b7c6f298921e31dd570ced49dca995dbde1d96624f46386f07e1d4291a7385bb016c30d9eb47ff963ffb65041b4c805096f217af228bdd9a6a34f8439d7e71e94954544f4de5f0fe5d699fae65093b0b36f5950596b20b758a55e3da207b2ca0905399f7eb056d315f8cf31e4752e6c7f2850c3809e6fb98a009949063936f6c084edb8c319658ee39f872a8df12428f96d481c858a5cac7630d6f2827778079747e7e2b1e7bcdf7127e206d7fba03ab646837fa8b7b1a27d678fb22608a0e9ee03777e3c0455fc2b9f74e7b258c521f9adbc59b605ac779bf86da9eb367a86ce622369eaa6e0b516e5fcbfdadf97449f1e5da786b0d8dcaf54feb878a15e30e20933633714e29f730f7582cd60ad16a6d03d55d8f1a9f38daa9752ca963f73983b942dc3b076b580e03711a8e681f44d30d4052ef52fbcce03c96efb0107b0f12845e224570c5fbf40dc36761140c6a046ec858e4f2203960ca014a8b5e724efe8ade3444caa549f9a4ae16640741f92001eb3f96e409549e023973bf83d7e8ee1ccf1bb351c1382467b7f41d5f69a2e091635d6f20eefbd362d6d6442b0a426b6c9c4c87a35906cb9a4b7623aa8f431772fbaaa223cb51cbdf5fe8f6f2a3c382489f9a40acde5b9d812717cee72743164ee988294c27a7d72b373ad0e69596ed976ff890fe56df720183b278752a09d61a1554ca7d93c04fe27cbd4e2ca18d448810c8d4612893858b23124b09600f956cc36b41c2911f55bcfe06c0e545b8a2a317a9f03391b9afd05bb169dfc03152f05d03be0d0d2538fc76474a6acdade3c17b594a482664a9f0bcf7484887762ff1ac5444c00a44e1bc5d35b62938b420f7076a7716df77464e13dde4113a506c94ed1d7a7d39bd2bcdddb889f9b2535550dbd687867a4950031654b03fe46eeaf5bbf1a780fc3b6d2cbb45628f38b30744e0b143601f3c5573014bdf8f264137f072330e9328d36cbf646bf1405b1f96b16ae6a00f651adebeeda74bedcaa6488e80a9814c357e6522119aab3e433f91e1cb2b2e722a61a049d4064d23662c7b6f5fb8ae5bb5b9ecd129bb3a08ee9e78443523c08864b63e705fec6751c805f57c72ac43fe88ff0c80bd839c599850370d4093b0a1855b16942813831304d084683e7804c7bd51408a6f1f19023cb653899f0771c96e6b8504ea1440beb4cf93ce39e666c8131ba49588371d2b56a80956351d927ec74b3c49d923408793a5b806548675164faa20bb7acd41eb5abe09bf611814d5d547c09cd85c10993e955095a3cb2973535a75e6e2c6753b3ef6e3392801627d7ce03930841c697ee94d11df9dc5a36399700656bd9c9a41de24cc0634c70da3dd22781ac5d87333397b1181f101cab963f32d18229d2b13d6b8b307aa33fb527469e61d262eea14d133d0f54f3a5c0d7dfdc4772018215775d19907abd76bf762815428575d55b95c060173eed7479bda20858e6956ef1b155a5e9516b349124a268023a87c7ac39cbe9f209579dfd8496c764dcf08fa28a9e267f460cf665ba73f52c44ce784331c12c068ee59750589be5df1b23830f24bf947a4871e479f5ba8a6d7a7d3408d3aec04ccc176d0339e1cf82a409a1886403648cfa054ca16cfff8a8c7cd49d121cadbe66b32f25220b1e3436e412c6ee372256dbfefe135fe7fd4b32ee3b1efca16ef88f8d7cc16cb25e9c86763a4592230a34293a14dc82eadfce2a3491add4a23ab9a923af44376108e055c35fc235869ecbfd68789834f2b3f6337ce2cd1f72b1ae7ef951b4f78dd186916298ae12c7e878b1a682aa7b39c360d5c2ffa75798add21b4aaa7a94cadf40b894589db0c8e2c77c6a9ee6acb6b8df6325a544b9b15de8df3e97ff8e80af4891be53bace033ea06a5bb3fbfa49f9b65a441c2c60551551c7bd0f2b2c0584008c7f76f062c18457058cbee1d9cbc82ebdee298a08f83175ca40cb0cd08e6839645b442ce8dd71f955607228658ea4a1204dd3bd2d66d4ae7747a51c77680089e99b85e6d9c860375d6e24e8839d80132e4b34d17bbdcae090b265b6267b9c82d37a0b666594bac52dad2ffb98b7fea875b9b6c1e947db1098afbf2b2c3d0b9b48e7868d0892abea1ab14885197f21a5c8a1e3e900cae7347fb881fbeb9f78aad909e22e0c1665ead6706bcf31d7b7021abdcc07975fe9b8168759f633fb402a1e626d41757c54b406d2585e47b742ea0681078bd72bea74b87e25584aafd3c101f050b91b727465930339fa73e866cc6ec0a8788bf1d433ef94a7b169f80e70d66275639241ee2d0d9f28f69dbd59bc67d9d5304c78d30845ecd44abbfa41469804dd34af5346d68c8d99dd57070e8bd1e0d607c9976ca29edf305a71c204f2703947fc670fcec90f46bdf0b3b6bad4c6d11fb8f2fc98d915a6d33a7231eb81d5568c271d75057f77af09f511df12642aa6ba889151a98796a47d6389a5b028e91fd24d021f80aab0ed69c5fb1bb788081d849899a65112ad39e66a9037b35889eb68d2202321b3336ddbe1d3d8eaab890418decf7b1ef5784341d87190744d8845036e2aa19402e23b63ecd113b96a5eb01031e3b035fdd7b6168fbf50a798bd66533d1275f7e7dd31066a5b0e96073df4cd703bcd10e35ee4c82178457f083f077ecb40647a95ea723f12fb2d58e433d609dcfc40140977b809cdc16cfe1240b06786093f304f62e4c3810174d9b47c4d5996f5fd3c2605148d286e064fa04a259b940af847d6fe42cb3a946b785f469c65a8518c6186860e71ea0647c737444dc1828a8753ae65c498acf63a60a96ffee0851f5eeadfc042bbea837a0876cf6ed3a356135b0ee808dce2f23e56d066ccccffa3d6ce07e25609e13dfba5a1239df46e6109ddae70d22269f8204ad1a3becce48ffb13c2759924025d606bbe15946a7e738a304c92a83eda806038f9f73f16ecb605b23cb291568029ecbf0251e53d28c49f9a40bf204b300ee0f6704a914f540809ba67906f2ce1f9c3a97f012012d986a1b7f753baa40a093f5789b60b0f062b2a2c911d3468731e3b57775691278f5951042adbc0065185144704a3584c4eb1e3b3f8cd984d1e30d535ebb4dcf665096a52cf393f1ef110c4c2be60f2ae1785ef2c277ba5f42522a2dc5ec1bbf007fa4fa96f25af050f976ff42f01197e1dfb6d9fa98b3a1f44974780f8be4d338fd86625675d6a2002e19205ea5795769d3ac2b5e9de18634ea4f730c709aeb9240f729fcd5ea056bd97e8d06c823356f75b09d2f355440c94abe3a220282fd5ea59956a9b618f9e35d17fc48654c01d0bd01d01c6e1100bc87030992209c98c190c36a0632a1c6751abe174c71fe67dd6cf15a2478a958adb67b239706ba3637f8739bcedd57c50f0cad46f328329fee2449597303a9583159a8d7cefdec97929a7bf3d0ecc71214996d7a5a63776c31b3f8f4eebe0f25fc5a22cbcf46af6955eb4a9cb8129c402982cc6ec73d0824d32322a4db1b4016087468fccf1b5efbdee8c00750699bac8ef528b970024db88fc480e4921173f7cd66c958244df789f774d3bbd028e5ecb10c970fc0d3607d4398d149c3a8bda828e093142501ff329818582a9b42c995307ba2d5677637f571aa0610925dbc08a5d055f2014aa43c5d17eaea848c7ede102df0c8d122f08a4f53934653ade2d6a21afe9f683f52863731f2b1bf9dfcdf2fe06c710ffeec6c93fefca4e92c9240d955d418298651444eed0acc42319ad0f72fbb283dd3f2887f36aaafc3286f97eae61269284d6fda8627c84e239d879600385d377741ee5a62f2f59fbefa023014b3655d9f79b649f97bad9d00e0c2c225ea698acf795ba5a9d586f116bf046a5fc6bd645ed93f35bd3d3ea11a16c580b69b6ae19830cb4e5d908a891924b023dd72aa9f2fda15c5ae24d5c3924f12d90f1fab39a259d1bb7415af1247a9acb7cfbf5ff5ca0ea3c7ced93dfe3c5799adb9342dbefb342be0abf60b1aa155a20be75aa868c28235377415a59d03ed4e0c021ccf98e212e1861c14f1e483382d732885a50053b5f62887d6b6e9bb294fe305bb3a5c45e296bc5ae45d504ea12330ca7f5379e1aaea7fac8a28f979d331fe1957e2dbe14dbbc1b9fe8b39019672641ab669dd2abfd1502e188d5366db2153f402e35ace744e409788f7e5bd359d431e0442ef5714d9afea265dfcd25fc0774ad2cab2ce9de194b6ebd6d115aa386f78a10e01908ab0929d1c7155cf6d8414770d0cb18c91792e5a0797b1a5c36ff7da5f7338de84c75ee9d9845b76e037c4bc4aec0502a7464678a619c381a1750f3331ea7b8052c227a7bfb26824e3e9d6399c2d2732d33277eaf07e19197c6da1212131fdda593009c96bfe5b843c0131", 0x1000}, {&(0x7f0000000400)="196a0f3bc4fbf5f938af76e41c73cb74f3e5da9c", 0x14}, {&(0x7f0000001500)="cfc10d6824df7fbf9466d4b43339c05920799179d177c498cf5f5d44142ed4b20ef893183654ab6d55baef19a05b2ab39bba5635dbd7ce6f4ae325868918d8a4e80fc5807582910b7e3b001b4921a4c15ee10048b2c36df2a14c9a21fb86728a3ab782b915cd238b7551ee44806caee7ca462864a099cc1febf33820e12f81c0b71803b07b309f34c94bd482132fc948cc357d3e056ffa897634fefc6b00552355bb4f2c5a70303896ea7acddf2a51df79425578104b7822a78c7eb9f040c1264319a343649afa9dbcbaf4dbf76cfd2eb1c927294e499cf6018c017108f0b52991982fdefd243d8c03ca2da6a88d9a", 0xef}, {&(0x7f0000001600)="80355fdfa3abaf43f380d5e9e8d1b98b87c150f33b1e04", 0x17}], 0x4, &(0x7f0000001780)=[{0x70, 0x119, 0xcc10d1a, "74787b0112fe575cd12b268bacf156ca948825c025e0cdaf4e36241eae54d5173d25501470d0509ea7a542ddf49e072df6070ca52cc9896b47f3f39e07370bd2f0f644d1f75bab1a0a502cb77fa84fe72e30dd566acfdb8858a6e9e04d7604"}, {0xf0, 0x0, 0x7, "43195a63baf1aefacc40f3e19b2d0dfab9ae751595e60911f40ba5d34248579b32109f91fa71dee345a94c3c02884d0812f1ed6f78747227edfe537dc950aedc4ba216f05b1e42d476295f4da72b97f759c4dbb3dc3b089e4c45a56e95896e838037ac3dc557a8a78e1d7a9f63f74dda375c9fd6d783b0c4e14ff50491671eb06bf7b7fa1c2990b0b2eb3ac64e9001943a2dfcd18325269a85690fdf3ed1a11226fa54905991cb06e732a7ef65f1911770d93ecd47addeef3124c492ef2c233b52eb5067252dc36d402779ea4c0a6a08ff158cc1b5a96891ed0793e00794fc8b"}, {0xa8, 0x185, 0x0, "dcc7f04f4f08ac2b435fb20978c86ea18efa954da331f4709c33eee193913779f53232293c922052ca0cba40161dc03924f8a6a16544110f55c67703a7399c7bc363ffed132a7d67a5d3ae8cc2048bcb07bb9303e9c416327ec02bb11af504b042b0bc7a0a360c960b8fcf68e3affa093f0c5310055473cf59d538dd55a301bf3c1b384ecedda58a887af5864d082963b60f06"}], 0x208}}], 0x1, 0x11) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)) write$ppp(r1, &(0x7f0000000440)=')z', 0x2) ppoll(&(0x7f0000000140)=[{r2}], 0x1, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000019c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2f4, 0x5, 0xa, 0x6, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_CHAIN_HOOK={0x44, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1137eb01}, @NFTA_HOOK_DEV={0x14, 0x3, 'dvmrp1\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_to_batadv\x00'}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_CHAIN_USERDATA={0xf1, 0xc, "68ba6874e2a6199c3551038492d72816a5c5ada9e922ba6e1ac0b1a4be313139dcbbd326d0316988285f6f3884c98165b42cc200deac3835075326bed2aec243eca77ae3a83cfa58ae45fc3d7e684b5d32b5e708090840c0eef6acb802915d0e5f13fca26b75d777ff78a7bcdc629c5e701fd5f35c22f95f18a29b1d907987b4a150368d16321387f2c68b03428f60fa17d22e8379370899922cf86f044d2b031cd46322b41247458fb983a6206c2de013326ed3d3bf2d2634cff6044af002a2e68e0ef6d5f8207582f99f8ff269ba85e626aee7bb9892f812db5db94bf48d33738167599b818ff29b864bf3d4"}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_USERDATA={0xb4, 0xc, "b8486717d31bf34de435021553d1d73d60c7402fa8ce2a14660ceadb6d5763e1e7040cbb0ec73147c69e717c8f621e701b096604350f5f56d1879f209c7c8dbf59375851d6a7eb5520b497c932b0e9269b0df706b646d6eceb2d4b35ab3bfcb05c22e58d4b94c9d704914526defd962a410b32e7d3fa23d58268c67658a03408b4df199ec5c9150378045024a041b07b2dc57518c6461b2b01d265326c3d4d3a185357a98afa52db45cd91de2cea1fde"}, @NFTA_CHAIN_USERDATA={0xb1, 0xc, "371f1f857ed82733fd7f0907d35aeef2c1de02c75dc4b39eaafdfcee25dcfb931d3cf52cbd0156d740263131ce9aacfa723b77f3a62ab7b1fbce160fbfc7f0e87eb3245d0a8603fd93496a6048f8dbfe0e55e90c9d849560536a50edf69afc6242244840d5c6fcedae09b3f48451e38bb15f9518bbb874b923de4ad729800457f3ad459a452a0f41c30ec0d8179a4705af4a32f9f232998ee5c17e795cd34a4d530f892979704c4d1e779f918a"}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x10000}]}], {0x14}}, 0x368}}, 0x0) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) r4 = socket$inet6(0x10, 0x2, 0x4) sendto$inet6(r4, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784004000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0) 1.044378101s ago: executing program 2: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x2c, r1, 0xe0536804369fd543, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_BSS_CTS_PROT={0x5}]}, 0x2c}}, 0x0) r3 = socket(0x10, 0x803, 0x6) sendto(0xffffffffffffffff, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f00000037c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x90) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010700000000000000002000000008000300", @ANYRES32=r6], 0x1c}}, 0x0) 966.532716ms ago: executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) syz_io_uring_setup(0x5c90, &(0x7f0000000140)={0x0, 0x0, 0x10100}, &(0x7f0000000600)=0x0, &(0x7f0000000100)=0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) syz_io_uring_submit(r0, r1, &(0x7f0000000740)=@IORING_OP_ACCEPT={0xd, 0xa, 0x0, r2, 0x0}) listen(r2, 0x0) shutdown(r2, 0x1) 421.041825ms ago: executing program 0: openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d11f0000000000000000000000000f00", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000340)={"0180000000000000f2e2ad238a7b44a8d886010284ed9208000000affbf514fd", 0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r2, 0xc0383e04, &(0x7f0000000280)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000a40)=[{}]}) 173.620456ms ago: executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r2], 0x1c}}, 0x0) write$nci(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="6103014003017db278"], 0x9) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000380)=ANY=[], 0xff2e) write$binfmt_script(r5, 0x0, 0x0) ioctl$TIOCVHANGUP(r5, 0x5437, 0x0) fstatfs(0xffffffffffffffff, &(0x7f0000000000)=""/50) r6 = socket(0x0, 0x3, 0x0) socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000080)) sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_usbip_server_init(0x0) syz_usbip_server_init(0x0) syz_usbip_server_init(0x0) syz_usbip_server_init(0x0) syz_usbip_server_init(0x3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 86.927621ms ago: executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000200)={0x7f05, 0x0, 0x0, 0x5, 0x0, "5f330000a90100f9"}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000000c0)=0x13) poll(&(0x7f0000000100)=[{r1}], 0x1, 0xe7f1) ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000006c0)=0x1a) 55.352539ms ago: executing program 0: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="120100005ab05740450c088085e10000000109021200b8dc0000000904"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f00000005c0)={0x34, &(0x7f00000002c0)=ANY=[@ANYBLOB="010001"], 0x0, 0x0, 0x0, 0x0, 0x0}) 0s ago: executing program 4: madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000005c0), 0x4) r1 = dup(r0) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000f00), 0x10) kernel console output (not intermixed with test programs): mode [ 394.068217][ T3383] bridge_slave_1: left promiscuous mode [ 394.074958][ T3383] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.183479][ T3383] bridge_slave_0: left allmulticast mode [ 394.189363][ T3383] bridge_slave_0: left promiscuous mode [ 394.196041][ T3383] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.212936][ T3277] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1216: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 394.255801][ T6478] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 394.288034][ T6478] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 394.321648][ T3277] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 394.325848][ T6478] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 394.338133][ T3277] EXT4-fs (loop0): This should not happen!! Data will be lost [ 394.338133][ T3277] [ 394.338229][ T3277] EXT4-fs (loop0): Total free blocks count 0 [ 394.338319][ T3277] EXT4-fs (loop0): Free/Dirty block details [ 394.338401][ T3277] EXT4-fs (loop0): free_blocks=2415919104 [ 394.338493][ T3277] EXT4-fs (loop0): dirty_blocks=32 [ 394.338578][ T3277] EXT4-fs (loop0): Block reservation details [ 394.338658][ T3277] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 394.582375][ T6571] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.603571][ T6478] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 394.633508][ T6478] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 394.648597][ T6478] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 395.113623][ T3383] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 395.238512][ T3383] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 395.304270][ T3383] bond0 (unregistering): Released all slaves [ 396.163315][ T6977] loop0: detected capacity change from 0 to 40427 [ 396.223304][ T6977] F2FS-fs (loop0): invalid crc value [ 396.283282][ T6977] F2FS-fs (loop0): Found nat_bits in checkpoint [ 396.558410][ T6977] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 396.759826][ T6458] Bluetooth: hci0: command tx timeout [ 396.884941][ T3383] hsr_slave_0: left promiscuous mode [ 397.020651][ T3383] hsr_slave_1: left promiscuous mode [ 397.032337][ T3383] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 397.040117][ T3383] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 397.076985][ T3383] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 397.085934][ T3383] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 397.156701][ T3383] veth1_macvtap: left promiscuous mode [ 397.162811][ T3383] veth0_macvtap: left promiscuous mode [ 397.168702][ T3383] veth1_vlan: left promiscuous mode [ 397.174827][ T3383] veth0_vlan: left promiscuous mode [ 398.166419][ T3383] team0 (unregistering): Port device team_slave_1 removed [ 398.201146][ T3383] team0 (unregistering): Port device team_slave_0 removed [ 398.871548][ T6458] Bluetooth: hci0: command tx timeout [ 400.161769][ T6974] chnl_net:caif_netlink_parms(): no params data found [ 400.902535][ T6478] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 400.922272][ T6478] Bluetooth: hci0: command tx timeout [ 400.929824][ T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 400.947574][ T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 400.993207][ T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 401.008513][ T50] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 401.017517][ T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 402.380183][ T6974] bridge0: port 1(bridge_slave_0) entered blocking state [ 402.388011][ T6974] bridge0: port 1(bridge_slave_0) entered disabled state [ 402.395815][ T6974] bridge_slave_0: entered allmulticast mode [ 402.404944][ T6974] bridge_slave_0: entered promiscuous mode [ 402.518396][ T7015] chnl_net:caif_netlink_parms(): no params data found [ 402.549527][ T6974] bridge0: port 2(bridge_slave_1) entered blocking state [ 402.557429][ T6974] bridge0: port 2(bridge_slave_1) entered disabled state [ 402.566223][ T6974] bridge_slave_1: entered allmulticast mode [ 402.575432][ T6974] bridge_slave_1: entered promiscuous mode [ 402.771487][ T7028] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 402.856324][ T6974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 402.901830][ T6974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 402.949546][ T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 402.961358][ T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 402.972646][ T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 402.995866][ T6478] Bluetooth: hci0: command tx timeout [ 403.008743][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 403.067087][ T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 403.079874][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 403.151791][ T6458] Bluetooth: hci2: command tx timeout [ 403.193493][ T6974] team0: Port device team_slave_0 added [ 403.410836][ T6974] team0: Port device team_slave_1 added [ 403.414051][ T1226] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.423389][ T1226] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.607393][ T6974] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 403.615813][ T6974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 403.642487][ T6974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 403.769883][ T6974] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 403.777533][ T6974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 403.804111][ T6974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 404.260791][ T6974] hsr_slave_0: entered promiscuous mode [ 404.296485][ T6974] hsr_slave_1: entered promiscuous mode [ 404.678396][ T7015] bridge0: port 1(bridge_slave_0) entered blocking state [ 404.686302][ T7015] bridge0: port 1(bridge_slave_0) entered disabled state [ 404.694167][ T7015] bridge_slave_0: entered allmulticast mode [ 404.703468][ T7015] bridge_slave_0: entered promiscuous mode [ 404.705524][ T3383] IPVS: stop unused estimator thread 0... [ 404.816480][ T7015] bridge0: port 2(bridge_slave_1) entered blocking state [ 404.824636][ T7015] bridge0: port 2(bridge_slave_1) entered disabled state [ 404.832666][ T7015] bridge_slave_1: entered allmulticast mode [ 404.841721][ T7015] bridge_slave_1: entered promiscuous mode [ 405.327423][ T6458] Bluetooth: hci3: command tx timeout [ 405.334670][ T6458] Bluetooth: hci2: command tx timeout [ 405.546964][ T7030] chnl_net:caif_netlink_parms(): no params data found [ 405.589685][ T7015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 405.658947][ T3383] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 405.670574][ T3383] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 1] type 1 family 0 port 65023 - 0 [ 405.681378][ T3383] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.812887][ T7015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 405.873324][ T7042] loop1: detected capacity change from 0 to 40427 [ 405.909809][ T3383] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 405.920530][ T3383] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 1] type 1 family 0 port 65023 - 0 [ 405.931279][ T3383] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.945625][ T7042] F2FS-fs (loop1): invalid crc value [ 406.049219][ T7042] F2FS-fs (loop1): Found nat_bits in checkpoint [ 406.340499][ T7015] team0: Port device team_slave_0 added [ 406.350547][ T7042] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 406.374312][ T3383] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 406.385217][ T3383] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 1] type 1 family 0 port 65023 - 0 [ 406.395967][ T3383] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 406.524026][ T7015] team0: Port device team_slave_1 added [ 406.554801][ T3383] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 406.565539][ T3383] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 1] type 1 family 0 port 65023 - 0 [ 406.576266][ T3383] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 406.912078][ T7015] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 406.919250][ T7015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 406.949485][ T7015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 407.056853][ T7015] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 407.064448][ T7015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 407.093771][ T7015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 407.391872][ T6458] Bluetooth: hci2: command tx timeout [ 407.397503][ T6458] Bluetooth: hci3: command tx timeout [ 407.582586][ T7015] hsr_slave_0: entered promiscuous mode [ 407.619995][ T7015] hsr_slave_1: entered promiscuous mode [ 407.640570][ T7015] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 407.652326][ T7015] Cannot create hsr debugfs directory [ 407.716984][ T3383] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 65023 - 0 [ 407.727856][ T3383] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 407.771016][ T6974] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 407.971444][ T6974] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 408.067741][ T3383] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 65023 - 0 [ 408.079246][ T3383] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.246458][ T7030] bridge0: port 1(bridge_slave_0) entered blocking state [ 408.254820][ T7030] bridge0: port 1(bridge_slave_0) entered disabled state [ 408.267554][ T7030] bridge_slave_0: entered allmulticast mode [ 408.276840][ T7030] bridge_slave_0: entered promiscuous mode [ 408.294587][ T6974] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 408.385044][ T3383] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 65023 - 0 [ 408.395905][ T3383] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.496406][ T6974] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 408.538343][ T7030] bridge0: port 2(bridge_slave_1) entered blocking state [ 408.546230][ T7030] bridge0: port 2(bridge_slave_1) entered disabled state [ 408.554117][ T7030] bridge_slave_1: entered allmulticast mode [ 408.567435][ T7030] bridge_slave_1: entered promiscuous mode [ 408.718870][ T3383] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 65023 - 0 [ 408.729953][ T3383] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.167497][ T7030] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 409.331985][ T7060] loop1: detected capacity change from 0 to 32768 [ 409.367045][ T7030] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 409.446660][ T3383] bridge_slave_1: left allmulticast mode [ 409.452835][ T3383] bridge_slave_1: left promiscuous mode [ 409.459411][ T3383] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.471033][ T6458] Bluetooth: hci3: command tx timeout [ 409.479384][ T50] Bluetooth: hci2: command tx timeout [ 409.512665][ T7060] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 409.527181][ T3383] bridge_slave_0: left allmulticast mode [ 409.533227][ T3383] bridge_slave_0: left promiscuous mode [ 409.539580][ T3383] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.559882][ T3383] bridge_slave_1: left allmulticast mode [ 409.566707][ T3383] bridge_slave_1: left promiscuous mode [ 409.575686][ T3383] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.617005][ T3383] bridge_slave_0: left allmulticast mode [ 409.623116][ T3383] bridge_slave_0: left promiscuous mode [ 409.629613][ T3383] bridge0: port 1(bridge_slave_0) entered disabled state [ 410.064962][ T7060] XFS (loop1): Ending clean mount [ 410.084809][ T7060] XFS (loop1): Quotacheck needed: Please wait. [ 410.194765][ T7060] XFS (loop1): Quotacheck: Done. [ 410.346655][ T29] kauditd_printk_skb: 160 callbacks suppressed [ 410.346729][ T29] audit: type=1800 audit(1717779189.349:195): pid=7060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=9292 res=0 errno=0 [ 410.464439][ T5071] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 410.636408][ T3383] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 410.663232][ T3383] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 410.708094][ T3383] bond0 (unregistering): Released all slaves [ 410.736144][ T3383] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 410.761141][ T3383] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 410.809552][ T3383] bond0 (unregistering): Released all slaves [ 410.996145][ T7030] team0: Port device team_slave_0 added [ 411.293673][ T7030] team0: Port device team_slave_1 added [ 411.551889][ T50] Bluetooth: hci3: command tx timeout [ 411.595071][ T7030] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 411.602416][ T7030] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 411.629081][ T7030] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 411.761966][ T7030] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 411.778341][ T7030] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 411.804797][ T7030] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 412.032456][ T7082] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 412.192569][ T7030] hsr_slave_0: entered promiscuous mode [ 412.202799][ T7030] hsr_slave_1: entered promiscuous mode [ 412.219073][ T7030] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 412.227258][ T7030] Cannot create hsr debugfs directory [ 412.448986][ T3383] hsr_slave_0: left promiscuous mode [ 412.463262][ T3383] hsr_slave_1: left promiscuous mode [ 412.473752][ T3383] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 412.481994][ T3383] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 412.492575][ T3383] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 412.500231][ T3383] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 412.526127][ T3383] hsr_slave_0: left promiscuous mode [ 412.538668][ T3383] hsr_slave_1: left promiscuous mode [ 412.547506][ T3383] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 412.555355][ T3383] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 412.574703][ T3383] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 412.582926][ T3383] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 412.606517][ T3383] veth1_macvtap: left promiscuous mode [ 412.613042][ T3383] veth0_macvtap: left promiscuous mode [ 412.618959][ T3383] veth1_vlan: left promiscuous mode [ 412.624681][ T3383] veth0_vlan: left promiscuous mode [ 412.632254][ T3383] veth1_macvtap: left promiscuous mode [ 412.637962][ T3383] veth0_macvtap: left promiscuous mode [ 412.644085][ T3383] veth1_vlan: left promiscuous mode [ 412.649580][ T3383] veth0_vlan: left promiscuous mode [ 413.777976][ T3383] team0 (unregistering): Port device team_slave_1 removed [ 413.849080][ T3383] team0 (unregistering): Port device team_slave_0 removed [ 414.732092][ T3383] team0 (unregistering): Port device team_slave_1 removed [ 414.785383][ T3383] team0 (unregistering): Port device team_slave_0 removed [ 415.608749][ T6974] 8021q: adding VLAN 0 to HW filter on device bond0 [ 415.698643][ T7015] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 415.710794][ T7084] loop1: detected capacity change from 0 to 32768 [ 415.738876][ T7084] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (7084) [ 415.843073][ T7015] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 415.964229][ T6974] 8021q: adding VLAN 0 to HW filter on device team0 [ 416.027563][ T7015] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 416.160817][ T7015] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 416.231939][ T779] bridge0: port 1(bridge_slave_0) entered blocking state [ 416.239622][ T779] bridge0: port 1(bridge_slave_0) entered forwarding state [ 416.446956][ T779] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.454719][ T779] bridge0: port 2(bridge_slave_1) entered forwarding state [ 416.459228][ T7088] loop0: detected capacity change from 0 to 40427 [ 416.488911][ T7088] F2FS-fs (loop0): invalid crc value [ 416.622809][ T7088] F2FS-fs (loop0): Found nat_bits in checkpoint [ 416.911190][ T7088] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 417.408066][ T7030] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 417.577408][ T7030] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 417.653452][ T7030] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 417.721812][ T7030] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 418.031028][ T7015] 8021q: adding VLAN 0 to HW filter on device bond0 [ 418.272713][ T7015] 8021q: adding VLAN 0 to HW filter on device team0 [ 418.401401][ T779] bridge0: port 1(bridge_slave_0) entered blocking state [ 418.409057][ T779] bridge0: port 1(bridge_slave_0) entered forwarding state [ 418.539771][ T779] bridge0: port 2(bridge_slave_1) entered blocking state [ 418.547518][ T779] bridge0: port 2(bridge_slave_1) entered forwarding state [ 418.974980][ T6974] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 419.278187][ T7030] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.506623][ T7030] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.604095][ T780] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.611914][ T780] bridge0: port 1(bridge_slave_0) entered forwarding state [ 419.756656][ T780] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.764468][ T780] bridge0: port 2(bridge_slave_1) entered forwarding state [ 420.696585][ T7116] nullb0: AHDI p2 [ 420.751356][ T3383] IPVS: stop unused estimator thread 0... [ 420.869531][ T7015] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 421.148845][ T7030] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 421.257601][ T6974] veth0_vlan: entered promiscuous mode [ 421.398342][ T6974] veth1_vlan: entered promiscuous mode [ 421.581167][ T7015] veth0_vlan: entered promiscuous mode [ 421.803623][ T7015] veth1_vlan: entered promiscuous mode [ 421.856767][ T7030] veth0_vlan: entered promiscuous mode [ 421.884353][ T6974] veth0_macvtap: entered promiscuous mode [ 421.948960][ T6974] veth1_macvtap: entered promiscuous mode [ 422.011928][ T7030] veth1_vlan: entered promiscuous mode [ 422.157898][ T6974] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.168811][ T6974] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.179018][ T6974] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.191861][ T6974] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.210182][ T6974] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 422.292898][ T6974] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.304519][ T6974] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.314751][ T6974] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.325510][ T6974] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.340083][ T6974] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 422.382804][ T7015] veth0_macvtap: entered promiscuous mode [ 422.422499][ T7131] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 422.498606][ T6974] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.508391][ T6974] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.517477][ T6974] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.526540][ T6974] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.551981][ T7030] veth0_macvtap: entered promiscuous mode [ 422.569397][ T7015] veth1_macvtap: entered promiscuous mode [ 422.589191][ T7030] veth1_macvtap: entered promiscuous mode [ 422.735173][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.746033][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.759800][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.772842][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.782995][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.793862][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.811786][ T7015] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 422.881598][ T7030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.893864][ T7030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.907556][ T7030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.921862][ T7030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.932465][ T7030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.943175][ T7030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.953299][ T7030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.963986][ T7030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.978901][ T7030] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 423.035309][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.047857][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.058073][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.068857][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.079070][ T7015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.089891][ T7015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.110284][ T7015] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 423.174019][ T7030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.184755][ T7030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.194820][ T7030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.205519][ T7030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.217714][ T7030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.229104][ T7030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.240213][ T7030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.251005][ T7030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.265973][ T7030] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 423.358283][ T7015] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.369450][ T7015] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.378598][ T7015] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.387703][ T7015] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.414181][ T7030] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.423321][ T7030] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.432481][ T7030] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.441681][ T7030] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.515090][ T7162] loop0: detected capacity change from 0 to 40427 [ 427.576989][ T7162] F2FS-fs (loop0): invalid crc value [ 427.611086][ T7162] F2FS-fs (loop0): Found nat_bits in checkpoint [ 427.920920][ T7162] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 429.930689][ T7196] loop1: detected capacity change from 0 to 64 [ 429.976436][ T7196] minix: Unknown parameter '0000000000000000000300000000000000000003' [ 430.612433][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 430.621220][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 430.650684][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 430.658725][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 431.083577][ T3383] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 431.095022][ T3383] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 431.221862][ T7213] nullb0: AHDI p2 [ 431.291461][ T7219] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 431.315945][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 431.324196][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 431.461217][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 431.469341][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 431.481496][ T5166] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 431.587749][ T3383] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 431.596072][ T3383] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 431.913216][ T5166] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 431.921193][ T5166] usb 5-1: can't read configurations, error -61 [ 432.126747][ T5166] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 432.397954][ T7232] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 432.515013][ T7230] loop2: detected capacity change from 0 to 2048 [ 432.612152][ T5166] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 432.620038][ T5166] usb 5-1: can't read configurations, error -61 [ 432.665405][ T7232] ip6tnl1: entered allmulticast mode [ 432.716279][ T5166] usb usb5-port1: attempt power cycle [ 432.735671][ T7230] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 433.035726][ T7230] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1216: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 433.136442][ T7230] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 30 with error 28 [ 433.151536][ T7230] EXT4-fs (loop2): This should not happen!! Data will be lost [ 433.151536][ T7230] [ 433.162251][ T7230] EXT4-fs (loop2): Total free blocks count 0 [ 433.168465][ T7230] EXT4-fs (loop2): Free/Dirty block details [ 433.174679][ T7230] EXT4-fs (loop2): free_blocks=2415919104 [ 433.180757][ T7230] EXT4-fs (loop2): dirty_blocks=32 [ 433.186076][ T7230] EXT4-fs (loop2): Block reservation details [ 433.192373][ T7230] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 433.223047][ T5166] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 433.456630][ T7234] loop3: detected capacity change from 0 to 40427 [ 433.496165][ T7229] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 433.511009][ T5166] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 433.518932][ T5166] usb 5-1: can't read configurations, error -61 [ 433.529682][ T7234] F2FS-fs (loop3): invalid crc value [ 433.585975][ T7234] F2FS-fs (loop3): Found nat_bits in checkpoint [ 433.655590][ T7247] loop0: detected capacity change from 0 to 512 [ 433.680810][ T5166] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 433.884986][ T7234] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 433.974424][ T5166] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 433.983674][ T5166] usb 5-1: can't read configurations, error -61 [ 434.019661][ T5166] usb usb5-port1: unable to enumerate USB device [ 434.815515][ T7259] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 435.210712][ T5122] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 435.473454][ T5122] usb 5-1: Using ep0 maxpacket: 8 [ 435.592392][ T5122] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 435.614522][ T5122] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 435.624877][ T5122] usb 5-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 435.634450][ T5122] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.679091][ T5122] usb 5-1: config 0 descriptor?? [ 436.177906][ T7267] loop3: detected capacity change from 0 to 1764 [ 436.355815][ T7270] loop2: detected capacity change from 0 to 512 [ 436.450476][ T7270] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 436.455631][ T5122] usbhid 5-1:0.0: can't add hid device: -71 [ 436.463627][ T7270] ext4 filesystem being mounted at /root/syzkaller-testdir2541955241/syzkaller.51II7q/5/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 436.469806][ T5122] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 436.544920][ T5122] usb 5-1: USB disconnect, device number 8 [ 436.607064][ T7270] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #2: comm syz-executor.2: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 436.872460][ T7030] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 437.833168][ T7277] loop3: detected capacity change from 0 to 2048 [ 438.013550][ T7277] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 438.216747][ T7277] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1216: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 438.328630][ T7280] loop4: detected capacity change from 0 to 40427 [ 438.343614][ T7286] loop1: detected capacity change from 0 to 1024 [ 438.345623][ T7280] F2FS-fs (loop4): invalid crc value [ 438.354603][ T7277] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 30 with error 28 [ 438.375915][ T7277] EXT4-fs (loop3): This should not happen!! Data will be lost [ 438.375915][ T7277] [ 438.388053][ T7277] EXT4-fs (loop3): Total free blocks count 0 [ 438.394389][ T7277] EXT4-fs (loop3): Free/Dirty block details [ 438.400605][ T7277] EXT4-fs (loop3): free_blocks=2415919104 [ 438.406541][ T7277] EXT4-fs (loop3): dirty_blocks=32 [ 438.412342][ T7277] EXT4-fs (loop3): Block reservation details [ 438.418528][ T7277] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 438.468664][ T7280] F2FS-fs (loop4): Found nat_bits in checkpoint [ 438.490001][ T7276] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 438.753710][ T7280] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 438.871922][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 439.101048][ T5122] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 439.320598][ T5122] usb 3-1: device descriptor read/64, error -71 [ 439.597466][ T5122] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 439.627964][ T7302] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 439.717516][ T7303] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'. [ 439.810909][ T5122] usb 3-1: device descriptor read/64, error -71 [ 439.947562][ T5122] usb usb3-port1: attempt power cycle [ 440.391904][ T5122] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 440.522223][ T5122] usb 3-1: device descriptor read/8, error -71 [ 440.770463][ T7312] xt_CT: You must specify a L4 protocol and not use inversions on it [ 440.802149][ T5122] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 440.911833][ T5122] usb 3-1: device descriptor read/8, error -71 [ 441.047570][ T5122] usb usb3-port1: unable to enumerate USB device [ 441.655587][ T7322] loop0: detected capacity change from 0 to 128 [ 441.684759][ T7312] loop4: detected capacity change from 0 to 40427 [ 441.717308][ T7312] F2FS-fs (loop4): invalid crc value [ 441.772977][ T7312] F2FS-fs (loop4): Found nat_bits in checkpoint [ 441.976172][ T7322] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 442.058720][ T7322] ext4 filesystem being mounted at /root/syzkaller-testdir1351708950/syzkaller.IbQiFK/39/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 442.074765][ T7312] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 442.600918][ T29] audit: type=1804 audit(1717779221.159:196): pid=7312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3309907535/syzkaller.RT2Yxo/5/file0/bus" dev="loop4" ino=10 res=1 errno=0 [ 442.712237][ T6974] syz-executor.4: attempt to access beyond end of device [ 442.712237][ T6974] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 443.307910][ T7333] loop2: detected capacity change from 0 to 40427 [ 443.344138][ T6571] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 443.366824][ T7333] F2FS-fs (loop2): invalid crc value [ 443.682583][ T7333] F2FS-fs (loop2): Found nat_bits in checkpoint [ 444.002542][ T7333] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 444.726610][ T7349] loop0: detected capacity change from 0 to 512 [ 444.828831][ T7349] EXT4-fs (loop0): bad s_want_extra_isize: 11962 [ 445.280224][ T7347] loop3: detected capacity change from 0 to 32768 [ 445.331929][ T7347] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 445.399998][ T7349] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 445.674185][ T7347] XFS (loop3): Ending clean mount [ 445.722275][ T7347] XFS (loop3): Quotacheck needed: Please wait. [ 445.770237][ T5122] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0xae/0x2f0, xfs_bnobt block 0x8 [ 445.782614][ T5122] XFS (loop3): Unmount and run xfs_repair [ 445.788679][ T5122] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 445.798199][ T5122] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 445.807741][ T5122] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10 ................ [ 445.817048][ T5122] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab ..*.w.B.......K. [ 445.826241][ T5122] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01 ....[.O......... [ 445.835471][ T5122] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00 ...6............ [ 445.851673][ T5122] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 445.862911][ T5122] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 445.872256][ T5122] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 445.905622][ T3383] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x354/0x5c0" at daddr 0x8 len 8 error 74 [ 445.923731][ T7347] XFS (loop3): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 446.314194][ T780] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0xae/0x2f0, xfs_bnobt block 0x8 [ 446.326813][ T780] XFS (loop3): Unmount and run xfs_repair [ 446.332921][ T780] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 446.340672][ T780] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 446.356856][ T780] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10 ................ [ 446.368261][ T780] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab ..*.w.B.......K. [ 446.377447][ T780] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01 ....[.O......... [ 446.386645][ T780] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00 ...6............ [ 446.395823][ T780] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 446.405055][ T780] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 446.414235][ T780] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 446.470665][ T3561] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x354/0x5c0" at daddr 0x8 len 8 error 74 [ 446.483002][ T3561] XFS (loop3): page discard on page ffffea00016ec930, inode 0x42c, pos 0. [ 446.646053][ T780] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0xae/0x2f0, xfs_bnobt block 0x8 [ 446.664548][ T780] XFS (loop3): Unmount and run xfs_repair [ 446.672658][ T780] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 446.680265][ T780] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff AB3B............ [ 446.689460][ T780] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10 ................ [ 446.699989][ T780] 00000020: a2 f8 2a ab 77 f8 42 86 af d4 a8 f7 00 a7 4b ab ..*.w.B.......K. [ 446.709423][ T780] 00000030: 00 00 00 00 5b fd 4f dd 00 00 00 05 00 00 00 01 ....[.O......... [ 446.718634][ T780] 00000040: 00 00 02 36 00 00 0d ca 00 00 00 00 00 00 00 00 ...6............ [ 446.727846][ T780] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 446.737184][ T780] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 446.746377][ T780] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 446.778172][ T4277] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x354/0x5c0" at daddr 0x8 len 8 error 74 [ 446.790582][ T4277] XFS (loop3): page discard on page ffffea000166e5d0, inode 0x42c, pos 53248. [ 446.895011][ T7015] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 446.928860][ T7015] XFS (loop3): Uncorrected metadata errors detected; please run xfs_repair. [ 447.036338][ T7376] loop0: detected capacity change from 0 to 1024 [ 447.048453][ T7378] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 447.105662][ T7376] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 447.148682][ T7376] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e11d, mo2=0002] [ 447.177972][ T7376] System zones: 0-1, 2-3, 4-36, 98-101, 102-102 [ 447.193572][ T7376] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 447.308482][ T7376] EXT4-fs error (device loop0): ext4_lookup:1854: inode #13: comm syz-executor.0: iget: bad extended attribute block 8589934592 [ 447.443218][ T7384] EXT4-fs error (device loop0): ext4_lookup:1854: inode #13: comm syz-executor.0: iget: bad extended attribute block 8589934592 [ 448.177613][ T6571] EXT4-fs error (device loop0): __ext4_iget:4913: inode #15: block 1803188595: comm syz-executor.0: invalid block [ 448.190251][ T780] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 448.267148][ T6571] EXT4-fs error (device loop0): __ext4_iget:4913: inode #15: block 1803188595: comm syz-executor.0: invalid block [ 448.988307][ T7392] loop1: detected capacity change from 0 to 40427 [ 449.034166][ T7392] F2FS-fs (loop1): invalid crc value [ 449.126969][ T7392] F2FS-fs (loop1): Found nat_bits in checkpoint [ 449.380744][ T780] usb 5-1: Using ep0 maxpacket: 8 [ 449.386502][ T7392] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 449.396615][ T6571] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.580105][ T780] usb 5-1: unable to get BOS descriptor or descriptor too short [ 449.664656][ T3078] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 449.855832][ T3078] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 449.931254][ T780] usb 5-1: New USB device found, idVendor=08d1, idProduct=0001, bcdDevice=5a.be [ 449.947097][ T780] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.959085][ T780] usb 5-1: Product: syz [ 449.963894][ T780] usb 5-1: Manufacturer: syz [ 449.968718][ T780] usb 5-1: SerialNumber: syz [ 450.046455][ T3078] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.092611][ T780] usb 5-1: config 0 descriptor?? [ 450.147544][ T780] usb 5-1: selecting invalid altsetting 1 [ 450.153671][ T780] catc 5-1:0.0: Can't set altsetting 1. [ 450.159566][ T780] catc 5-1:0.0: probe with driver catc failed with error -5 [ 450.284392][ T3078] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 450.436779][ T780] usb 5-1: USB disconnect, device number 9 [ 450.531150][ T3078] bridge_slave_1: left allmulticast mode [ 450.537043][ T3078] bridge_slave_1: left promiscuous mode [ 450.543671][ T3078] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.599072][ T7405] fuse: Bad value for 'user_id' [ 450.615661][ T3078] bridge_slave_0: left allmulticast mode [ 450.622038][ T3078] bridge_slave_0: left promiscuous mode [ 450.628601][ T3078] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.402609][ T3078] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 451.506592][ T3078] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 451.588001][ T3078] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 451.664498][ T3078] bond0 (unregistering): Released all slaves [ 452.517922][ T7421] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 452.664408][ T3078] hsr_slave_0: left promiscuous mode [ 452.725407][ T3078] hsr_slave_1: left promiscuous mode [ 452.751224][ T3078] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 452.759001][ T3078] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 452.797406][ T3078] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 452.806514][ T3078] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 452.905217][ T3078] veth1_macvtap: left promiscuous mode [ 452.911600][ T3078] veth0_macvtap: left promiscuous mode [ 452.917504][ T3078] veth1_vlan: left promiscuous mode [ 452.923240][ T3078] veth0_vlan: left promiscuous mode [ 453.127365][ T6458] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 453.136849][ T6458] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 453.146203][ T6458] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 453.159333][ T6458] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 453.170743][ T6458] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 453.179876][ T6458] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 453.874243][ T3078] team0 (unregistering): Port device team_slave_1 removed [ 453.898985][ T3078] team0 (unregistering): Port device team_slave_0 removed [ 455.235474][ T50] Bluetooth: hci4: command tx timeout [ 455.320031][ T7440] loop4: detected capacity change from 0 to 4096 [ 455.347337][ T7440] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 455.518621][ T7425] chnl_net:caif_netlink_parms(): no params data found [ 455.592151][ T7452] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 455.734777][ T7448] loop1: detected capacity change from 0 to 4096 [ 455.739608][ T7440] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 455.940779][ T7460] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 456.132007][ T7463] syzkaller1: entered promiscuous mode [ 456.137715][ T7463] syzkaller1: entered allmulticast mode [ 456.874244][ T7471] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 457.310576][ T50] Bluetooth: hci4: command tx timeout [ 457.324389][ T7425] bridge0: port 1(bridge_slave_0) entered blocking state [ 457.332287][ T7425] bridge0: port 1(bridge_slave_0) entered disabled state [ 457.339982][ T7425] bridge_slave_0: entered allmulticast mode [ 457.349192][ T7425] bridge_slave_0: entered promiscuous mode [ 457.481052][ T7425] bridge0: port 2(bridge_slave_1) entered blocking state [ 457.488730][ T7425] bridge0: port 2(bridge_slave_1) entered disabled state [ 457.496565][ T7425] bridge_slave_1: entered allmulticast mode [ 457.505667][ T7425] bridge_slave_1: entered promiscuous mode [ 457.536394][ T7475] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 457.928050][ T7425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 458.118992][ T7425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 458.456087][ T7478] loop1: detected capacity change from 0 to 32768 [ 458.560856][ T7478] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 458.571559][ T7478] BTRFS info (device loop1): using sha256 (sha256-generic) checksum algorithm [ 458.582882][ T7478] BTRFS info (device loop1): using free-space-tree [ 458.628705][ T7425] team0: Port device team_slave_0 added [ 458.702600][ T7425] team0: Port device team_slave_1 added [ 458.919500][ T7425] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 458.926767][ T7425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 458.954371][ T7425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 458.987443][ T7425] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 458.994789][ T7425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 459.022598][ T7425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 459.317855][ T29] audit: type=1800 audit(1717779238.219:197): pid=7478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=264 res=0 errno=0 [ 459.408376][ T50] Bluetooth: hci4: command tx timeout [ 459.555679][ T7425] hsr_slave_0: entered promiscuous mode [ 459.606898][ T5071] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 459.613879][ T7425] hsr_slave_1: entered promiscuous mode [ 459.688304][ T7425] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 459.696219][ T7425] Cannot create hsr debugfs directory [ 461.017541][ T7514] input: syz0 as /devices/virtual/input/input6 [ 461.404723][ T7425] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 461.437066][ T7425] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 461.466147][ T7522] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 461.472277][ T50] Bluetooth: hci4: command tx timeout [ 461.487309][ T7425] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 461.532318][ T7425] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 462.819165][ T7425] 8021q: adding VLAN 0 to HW filter on device bond0 [ 462.952095][ T29] audit: type=1800 audit(1717779241.939:198): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1950 res=0 errno=0 [ 462.952322][ T29] audit: type=1800 audit(1717779241.979:199): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1950 res=0 errno=0 [ 462.997352][ T7425] 8021q: adding VLAN 0 to HW filter on device team0 [ 463.035532][ T5122] bridge0: port 1(bridge_slave_0) entered blocking state [ 463.036031][ T5122] bridge0: port 1(bridge_slave_0) entered forwarding state [ 463.103010][ T5122] bridge0: port 2(bridge_slave_1) entered blocking state [ 463.103518][ T5122] bridge0: port 2(bridge_slave_1) entered forwarding state [ 463.689414][ T7425] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 463.689536][ T7425] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 463.787163][ T7538] loop4: detected capacity change from 0 to 32768 [ 463.803874][ T7538] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (7538) [ 463.882981][ T7538] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 463.883227][ T7538] BTRFS info (device loop4): using sha256 (sha256-generic) checksum algorithm [ 463.885451][ T7538] BTRFS info (device loop4): using free-space-tree [ 464.027742][ T7539] loop2: detected capacity change from 0 to 4096 [ 464.492566][ T29] audit: type=1800 audit(1717779243.509:200): pid=7538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=264 res=0 errno=0 [ 464.849471][ T1226] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.849740][ T1226] ieee802154 phy1 wpan1: encryption failed: -22 [ 464.893044][ T6974] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 465.455851][ T7425] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 465.981224][ T7425] veth0_vlan: entered promiscuous mode [ 465.992733][ T7571] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 466.051895][ T7572] tap0: tun_chr_ioctl cmd 1074025677 [ 466.057632][ T7572] tap0: linktype set to 776 [ 466.094486][ T7425] veth1_vlan: entered promiscuous mode [ 466.334778][ T7425] veth0_macvtap: entered promiscuous mode [ 466.395913][ T7425] veth1_macvtap: entered promiscuous mode [ 466.597734][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 466.608521][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 466.618650][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 466.636549][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 466.648784][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 466.659557][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 466.669679][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 466.680600][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 466.699001][ T7425] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 466.818827][ T7577] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 466.961554][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 466.972485][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 466.982633][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 466.994443][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 467.004605][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 467.015355][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 467.025505][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 467.043572][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 467.060664][ T7425] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 467.108255][ T7425] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 467.117512][ T7425] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 467.127946][ T7425] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 467.145479][ T7425] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.394996][ T6458] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 469.413360][ T6458] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 469.423386][ T6458] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 469.440575][ T6458] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 469.451910][ T6458] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 469.460866][ T6458] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 469.759717][ T7602] loop4: detected capacity change from 0 to 128 [ 470.258570][ T7611] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 470.269527][ T7611] tipc: Invalid UDP bearer configuration [ 470.269719][ T7611] tipc: Enabling of bearer rejected, failed to enable media [ 470.431833][ T7601] chnl_net:caif_netlink_parms(): no params data found [ 470.706309][ T7617] loop4: detected capacity change from 0 to 512 [ 470.842316][ T7617] EXT4-fs: Mount option(s) incompatible with ext2 [ 470.969206][ T4277] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.113391][ T7617] loop4: detected capacity change from 0 to 512 [ 471.155864][ T4277] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.178128][ T7617] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2250: inode #12: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 471.242747][ T7617] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 12 (err -117) [ 471.258057][ T7614] loop1: detected capacity change from 0 to 4096 [ 471.292410][ T7614] ntfs3: Unknown parameter '1844674407370955161501777777777777777777777' [ 471.302132][ T7617] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 471.312163][ T4277] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.487317][ T4277] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.552637][ T50] Bluetooth: hci5: command tx timeout [ 471.717626][ T6974] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 472.036721][ T7630] loop2: detected capacity change from 0 to 2048 [ 472.044298][ T4277] bridge_slave_1: left allmulticast mode [ 472.050167][ T4277] bridge_slave_1: left promiscuous mode [ 472.065727][ T4277] bridge0: port 2(bridge_slave_1) entered disabled state [ 472.111562][ T4277] bridge_slave_0: left allmulticast mode [ 472.117429][ T4277] bridge_slave_0: left promiscuous mode [ 472.124079][ T4277] bridge0: port 1(bridge_slave_0) entered disabled state [ 472.192996][ T7630] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 472.734795][ T7639] loop4: detected capacity change from 0 to 8 [ 472.750019][ T4277] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 472.799603][ T4277] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 472.837626][ T4277] bond0 (unregistering): Released all slaves [ 472.868376][ T7639] SQUASHFS error: zlib decompression failed, data probably corrupt [ 472.877844][ T7639] SQUASHFS error: Failed to read block 0x9b: -5 [ 472.884671][ T7639] SQUASHFS error: Unable to read metadata cache entry [99] [ 472.892247][ T7639] SQUASHFS error: Unable to read inode 0x127 [ 472.936329][ T7601] bridge0: port 1(bridge_slave_0) entered blocking state [ 472.944148][ T7601] bridge0: port 1(bridge_slave_0) entered disabled state [ 472.952075][ T7601] bridge_slave_0: entered allmulticast mode [ 472.961175][ T7601] bridge_slave_0: entered promiscuous mode [ 473.087218][ T7601] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.096587][ T7601] bridge0: port 2(bridge_slave_1) entered disabled state [ 473.104458][ T7601] bridge_slave_1: entered allmulticast mode [ 473.113482][ T7601] bridge_slave_1: entered promiscuous mode [ 473.402502][ T7601] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 473.441111][ T5122] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 473.574956][ T7601] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 473.630891][ T50] Bluetooth: hci5: command tx timeout [ 473.784223][ T4277] hsr_slave_0: left promiscuous mode [ 473.805403][ T4277] hsr_slave_1: left promiscuous mode [ 473.834138][ T4277] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 473.842427][ T4277] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 473.861707][ T4277] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 473.869363][ T4277] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 473.911054][ T29] audit: type=1326 audit(1717779252.919:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7647 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7770e7cf69 code=0x0 [ 473.943920][ T4277] veth1_macvtap: left promiscuous mode [ 473.949620][ T4277] veth0_macvtap: left promiscuous mode [ 473.956016][ T4277] veth1_vlan: left promiscuous mode [ 473.961643][ T4277] veth0_vlan: left promiscuous mode [ 473.975866][ T5122] usb 3-1: config 1 interface 0 altsetting 5 bulk endpoint 0x1 has invalid maxpacket 8 [ 473.985893][ T5122] usb 3-1: config 1 interface 0 altsetting 5 bulk endpoint 0x82 has invalid maxpacket 560 [ 473.996229][ T5122] usb 3-1: config 1 interface 0 has no altsetting 0 [ 474.350973][ T5122] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 474.360952][ T5122] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 474.369208][ T5122] usb 3-1: Product: А [ 474.373636][ T5122] usb 3-1: Manufacturer: ᐇ [ 474.378462][ T5122] usb 3-1: SerialNumber: О [ 474.481946][ T7636] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 474.541860][ T7636] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 474.930627][ T4277] team0 (unregistering): Port device team_slave_1 removed [ 474.982763][ T4277] team0 (unregistering): Port device team_slave_0 removed [ 475.372029][ T5122] usblp 3-1:1.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 5 proto 2 vid 0x0525 pid 0xA4A8 [ 475.476462][ T7601] team0: Port device team_slave_0 added [ 475.521376][ T5122] usb 3-1: USB disconnect, device number 9 [ 475.548306][ T5122] usblp0: removed [ 475.582325][ T7601] team0: Port device team_slave_1 added [ 475.716835][ T50] Bluetooth: hci5: command tx timeout [ 475.847910][ T7601] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 475.855329][ T7601] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 475.881697][ T7601] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 476.055058][ T7601] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 476.062371][ T7601] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 476.088639][ T7601] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 476.263890][ T7665] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 476.613639][ T7601] hsr_slave_0: entered promiscuous mode [ 476.645351][ T7601] hsr_slave_1: entered promiscuous mode [ 476.684486][ T7601] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 476.692691][ T7601] Cannot create hsr debugfs directory [ 476.746896][ T780] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 476.755188][ T780] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 477.033916][ T3111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.042231][ T3111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 477.806912][ T50] Bluetooth: hci5: command tx timeout [ 478.114617][ T7679] loop1: detected capacity change from 0 to 256 [ 478.646141][ T7601] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 478.742632][ T7601] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 478.841350][ T7601] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 478.936233][ T7601] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 478.982012][ T5071] FAT-fs (loop1): error, invalid access to FAT (entry 0x000004ff) [ 479.032182][ T5071] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 479.234910][ T7687] loop4: detected capacity change from 0 to 128 [ 479.417215][ T7687] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 479.439407][ T7687] ext4 filesystem being mounted at /root/syzkaller-testdir3309907535/syzkaller.RT2Yxo/30/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 479.968764][ T7691] loop0: detected capacity change from 0 to 32768 [ 480.281487][ T7691] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 480.465952][ T4277] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 65023 - 0 [ 480.476832][ T4277] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.607492][ T7691] XFS (loop0): Ending clean mount [ 480.621663][ T7691] XFS (loop0): Quotacheck needed: Please wait. [ 480.666244][ T4277] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 65023 - 0 [ 480.677813][ T4277] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.695066][ T6974] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 480.804386][ T4277] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 65023 - 0 [ 480.815188][ T4277] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.843526][ T7691] XFS (loop0): Quotacheck: Done. [ 481.041898][ T4277] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 65023 - 0 [ 481.052869][ T4277] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 481.192239][ T7425] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 481.502286][ T4277] bridge_slave_1: left allmulticast mode [ 481.508180][ T4277] bridge_slave_1: left promiscuous mode [ 481.515943][ T4277] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.568454][ T4277] bridge_slave_0: left allmulticast mode [ 481.575807][ T4277] bridge_slave_0: left promiscuous mode [ 481.582464][ T4277] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.471484][ T4277] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 482.582122][ T4277] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 482.625509][ T4277] bond0 (unregistering): Released all slaves [ 482.645939][ T4277] bond1 (unregistering): Released all slaves [ 483.353866][ T7601] 8021q: adding VLAN 0 to HW filter on device bond0 [ 483.427563][ T7719] loop0: detected capacity change from 0 to 512 [ 483.481585][ T7719] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 483.539442][ T7719] EXT4-fs (loop0): orphan cleanup on readonly fs [ 483.606103][ T7719] Quota error (device loop0): v2_read_file_info: Block with free entry 32513 out of range (1, 6). [ 483.617645][ T7719] EXT4-fs warning (device loop0): ext4_enable_quotas:7100: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 483.639743][ T6458] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 483.665613][ T7719] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 483.674118][ T6458] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 483.691305][ T7719] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #16: comm syz-executor.0: casefold flag without casefold feature [ 483.699146][ T6458] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 483.752522][ T6458] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 483.788242][ T6458] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 483.792387][ T7719] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 16 (err -117) [ 483.817099][ T6458] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 483.884293][ T7719] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 483.920958][ T7601] 8021q: adding VLAN 0 to HW filter on device team0 [ 483.981075][ T4277] hsr_slave_0: left promiscuous mode [ 483.989161][ T4277] hsr_slave_1: left promiscuous mode [ 484.011167][ T4277] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 484.018868][ T4277] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 484.040700][ T7719] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 484.052570][ T4277] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 484.060265][ T4277] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 484.122066][ T4277] veth1_to_batadv: left promiscuous mode [ 484.128855][ T4277] veth1_macvtap: left promiscuous mode [ 484.134749][ T4277] veth0_macvtap: left promiscuous mode [ 484.140785][ T4277] veth1_vlan: left promiscuous mode [ 484.146240][ T4277] veth0_vlan: left promiscuous mode [ 484.587541][ T4277] team0 (unregistering): Port device vlan2 removed [ 484.796822][ T7425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 484.997279][ T4277] team0 (unregistering): Port device team_slave_1 removed [ 485.082960][ T4277] team0 (unregistering): Port device team_slave_0 removed [ 485.626323][ T5117] bridge0: port 1(bridge_slave_0) entered blocking state [ 485.633852][ T5117] bridge0: port 1(bridge_slave_0) entered forwarding state [ 485.646555][ T5117] bridge0: port 2(bridge_slave_1) entered blocking state [ 485.654017][ T5117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 485.921072][ T50] Bluetooth: hci1: command tx timeout [ 486.047914][ T7601] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 486.135756][ T7732] loop2: detected capacity change from 0 to 64 [ 486.218633][ T7732] hfs: unable to parse mount options [ 486.664430][ T7736] loop0: detected capacity change from 0 to 128 [ 486.829002][ T7736] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 486.964811][ T7736] ext4 filesystem being mounted at /root/syzkaller-testdir274993477/syzkaller.5QnLQ7/4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 487.207152][ T7732] loop2: detected capacity change from 0 to 32768 [ 487.262751][ T7721] chnl_net:caif_netlink_parms(): no params data found [ 487.301576][ T7732] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 487.397358][ T7736] netlink: 'syz-executor.0': attribute type 21 has an invalid length. [ 487.406031][ T7736] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.0'. [ 487.504326][ T780] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 487.803456][ T7425] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 487.902260][ T780] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 487.915114][ T780] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 487.929258][ T780] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 487.960516][ T780] usb 5-1: config 0 descriptor?? [ 487.966863][ T50] Bluetooth: hci1: command tx timeout [ 488.012239][ T7732] XFS (loop2): Ending clean mount [ 488.061427][ T7732] XFS (loop2): Quotacheck needed: Please wait. [ 488.099333][ T7601] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 488.159986][ T7732] XFS (loop2): Quotacheck: Done. [ 488.430029][ T7742] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 488.564722][ T780] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor [ 488.672098][ T780] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0001/input/input7 [ 488.752682][ T7721] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.761305][ T7721] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.768965][ T7721] bridge_slave_0: entered allmulticast mode [ 488.778300][ T7721] bridge_slave_0: entered promiscuous mode [ 488.841720][ T7601] veth0_vlan: entered promiscuous mode [ 488.889891][ T780] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 488.929894][ T7721] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.937767][ T7721] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.946702][ T7721] bridge_slave_1: entered allmulticast mode [ 488.965012][ T7721] bridge_slave_1: entered promiscuous mode [ 488.993574][ T7601] veth1_vlan: entered promiscuous mode [ 489.295295][ T7721] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 489.334755][ T43] usb 5-1: USB disconnect, device number 10 [ 489.385810][ T7721] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 489.499929][ T7030] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 489.741826][ T7601] veth0_macvtap: entered promiscuous mode [ 489.765436][ T7721] team0: Port device team_slave_0 added [ 489.805515][ T7721] team0: Port device team_slave_1 added [ 489.838245][ T7601] veth1_macvtap: entered promiscuous mode [ 490.030659][ T50] Bluetooth: hci1: command tx timeout [ 490.096446][ T7721] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 490.103698][ T7721] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 490.130062][ T7721] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 490.253307][ T7601] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.264147][ T7601] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.274339][ T7601] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.291107][ T7601] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.302886][ T7601] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.313636][ T7601] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.328525][ T7601] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 490.342626][ T7721] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 490.349775][ T7721] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 490.376263][ T7721] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 490.539713][ T7770] loop4: detected capacity change from 0 to 16 [ 490.603325][ T7770] erofs: (device loop4): mounted with root inode @ nid 36. [ 490.691561][ T5166] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 490.745433][ T7721] hsr_slave_0: entered promiscuous mode [ 490.812295][ T7721] hsr_slave_1: entered promiscuous mode [ 490.833234][ T7721] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 490.841373][ T7721] Cannot create hsr debugfs directory [ 490.852087][ T7601] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.862863][ T7601] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.873037][ T7601] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.883884][ T7601] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.894038][ T7601] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.904780][ T7601] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.919936][ T7601] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 490.993104][ T5166] usb 1-1: Using ep0 maxpacket: 32 [ 491.089556][ T7601] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.106474][ T7601] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.116892][ T7601] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.125859][ T7601] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.177647][ T5166] usb 1-1: config 0 has an invalid interface number: 40 but max is 1 [ 491.186314][ T5166] usb 1-1: config 0 has no interface number 1 [ 491.192595][ T5166] usb 1-1: config 0 interface 40 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 491.202751][ T5166] usb 1-1: config 0 interface 40 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 491.212846][ T5166] usb 1-1: config 0 interface 40 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0 [ 491.223387][ T5166] usb 1-1: config 0 interface 40 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 491.461639][ T5166] usb 1-1: New USB device found, idVendor=1b3d, idProduct=931e, bcdDevice=d1.78 [ 491.472033][ T5166] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 491.480244][ T5166] usb 1-1: Product: syz [ 491.485060][ T5166] usb 1-1: Manufacturer: syz [ 491.489785][ T5166] usb 1-1: SerialNumber: syz [ 491.553207][ T5166] usb 1-1: config 0 descriptor?? [ 491.635123][ T5166] ftdi_sio 1-1:0.40: FTDI USB Serial Device converter detected [ 491.645211][ T5166] ftdi_sio ttyUSB0: unknown device type: 0xd178 [ 491.694323][ T5166] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 491.703076][ T5166] ftdi_sio ttyUSB1: unknown device type: 0xd178 [ 491.932267][ T7777] warning: `syz-executor.2' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 491.957884][ T5166] usb 1-1: USB disconnect, device number 10 [ 491.967140][ T5166] ftdi_sio 1-1:0.40: device disconnected [ 491.974719][ T5166] ftdi_sio 1-1:0.0: device disconnected [ 492.121185][ T50] Bluetooth: hci1: command tx timeout [ 492.708567][ T7721] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 492.826363][ T7721] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 492.893704][ T7721] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 492.967108][ T7721] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 494.173996][ T7721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 494.439390][ T7721] 8021q: adding VLAN 0 to HW filter on device team0 [ 494.510359][ T5117] bridge0: port 1(bridge_slave_0) entered blocking state [ 494.518065][ T5117] bridge0: port 1(bridge_slave_0) entered forwarding state [ 494.658530][ T5117] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.666327][ T5117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 496.002410][ T7802] loop4: detected capacity change from 0 to 64 [ 496.073589][ T7802] hfs: unable to parse mount options [ 496.978899][ T7802] loop4: detected capacity change from 0 to 32768 [ 497.191374][ T7802] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 497.857629][ T7802] XFS (loop4): Ending clean mount [ 497.969498][ T7802] XFS (loop4): Quotacheck needed: Please wait. [ 498.229270][ T7802] XFS (loop4): Quotacheck: Done. [ 499.688608][ T7721] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 499.813201][ T6974] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 500.062768][ T7721] veth0_vlan: entered promiscuous mode [ 500.185635][ T7721] veth1_vlan: entered promiscuous mode [ 500.472050][ T7721] veth0_macvtap: entered promiscuous mode [ 500.549954][ T7721] veth1_macvtap: entered promiscuous mode [ 500.742869][ T7721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 500.753885][ T7721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.763975][ T7721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 500.774776][ T7721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.785000][ T7721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 500.795735][ T7721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.805809][ T7721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 500.816838][ T7721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.832191][ T7721] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 500.888748][ T7721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 500.899519][ T7721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.909690][ T7721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 500.920583][ T7721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.930661][ T7721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 500.941372][ T7721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.951462][ T7721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 500.962276][ T7721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 500.977398][ T7721] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 501.054176][ T7721] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.063407][ T7721] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.074763][ T7721] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.084301][ T7721] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.708133][ T3277] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 501.716503][ T3277] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 501.870113][ T3277] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 501.879689][ T3277] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 502.639917][ T7857] loop4: detected capacity change from 0 to 64 [ 502.690889][ T7857] hfs: unable to parse mount options [ 502.783362][ T7861] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0 [ 502.805605][ T7862] loop0: detected capacity change from 0 to 64 [ 502.848391][ T7861] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 502.916070][ T7861] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 503.558819][ T7857] loop4: detected capacity change from 0 to 32768 [ 503.654340][ T7857] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 504.244937][ T7857] XFS (loop4): Ending clean mount [ 504.276258][ T7857] XFS (loop4): Quotacheck needed: Please wait. [ 504.368326][ T7857] XFS (loop4): Quotacheck: Done. [ 504.828167][ T7887] loop3: detected capacity change from 0 to 2048 [ 504.939901][ T7893] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 505.163743][ T7887] loop3: detected capacity change from 0 to 736 [ 505.383593][ T6974] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 505.390771][ T7887] loop3: detected capacity change from 0 to 164 [ 505.509682][ T7887] lo: entered allmulticast mode [ 505.577525][ T7887] dvmrp0: entered allmulticast mode [ 505.788450][ T7887] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 505.881151][ T7887] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 507.019744][ T3277] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.028131][ T3277] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 507.066653][ T7912] loop3: detected capacity change from 0 to 64 [ 507.138128][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.146564][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 508.338806][ T7925] loop3: detected capacity change from 0 to 512 [ 508.624828][ T7925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 508.639186][ T7925] ext4 filesystem being mounted at /root/syzkaller-testdir612537669/syzkaller.zJYW4W/7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 508.857781][ T7925] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1216: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 508.889992][ T7925] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 508.903301][ T7925] EXT4-fs (loop3): This should not happen!! Data will be lost [ 508.903301][ T7925] [ 508.915463][ T7925] EXT4-fs (loop3): Total free blocks count 0 [ 508.932816][ T7925] EXT4-fs (loop3): Free/Dirty block details [ 508.939047][ T7925] EXT4-fs (loop3): free_blocks=65280 [ 508.945108][ T7925] EXT4-fs (loop3): dirty_blocks=23 [ 508.950557][ T7925] EXT4-fs (loop3): Block reservation details [ 508.956752][ T7925] EXT4-fs (loop3): i_reserved_data_blocks=23 [ 508.990674][ T29] audit: type=1804 audit(1717779288.019:202): pid=7933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir612537669/syzkaller.zJYW4W/7/file0/file1" dev="loop3" ino=15 res=1 errno=0 [ 509.016703][ T29] audit: type=1804 audit(1717779288.019:203): pid=7932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir612537669/syzkaller.zJYW4W/7/file0/file1" dev="loop3" ino=15 res=1 errno=0 [ 509.394847][ T7601] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.618114][ T7942] loop0: detected capacity change from 0 to 256 [ 509.930433][ T7942] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 511.139845][ T7950] loop3: detected capacity change from 0 to 1024 [ 511.200898][ T7950] EXT4-fs: Ignoring removed oldalloc option [ 511.217770][ T7950] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 511.227179][ T7950] EXT4-fs (loop3): Cannot use DAX on a filesystem that may contain inline data [ 511.366999][ T7955] kvm: kvm [7953]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x17e00004080 [ 511.452831][ T7955] kvm: kvm [7953]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x2e700000000 [ 511.516841][ T7955] kvm: kvm [7953]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x34e00004080 [ 512.632416][ T7958] delete_channel: no stack [ 513.235013][ T7970] mmap: syz-executor.2 (7970) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 513.486840][ T7976] 9pnet_fd: Insufficient options for proto=fd [ 518.110894][ T6458] Bluetooth: hci0: command 0x0406 tx timeout [ 520.357317][ T8000] delete_channel: no stack [ 524.439746][ T8055] delete_channel: no stack [ 526.389787][ T1226] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.396738][ T1226] ieee802154 phy1 wpan1: encryption failed: -22 [ 528.430599][ T6458] Bluetooth: hci3: command 0x0406 tx timeout [ 529.092927][ T8096] kvm: kvm [8095]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x17e00004080 [ 529.154248][ T8096] kvm: kvm [8095]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x2e700000000 [ 529.172645][ T8096] kvm: kvm [8095]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x34e00004080 [ 529.945181][ T8103] delete_channel: no stack [ 530.486649][ T8124] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.4'. [ 530.713991][ T8126] loop2: detected capacity change from 0 to 512 [ 530.914626][ T8126] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 530.923875][ T8126] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 530.962810][ T8126] System zones: 0-1, 15-15, 18-18, 34-34 [ 531.013320][ T8126] EXT4-fs (loop2): orphan cleanup on readonly fs [ 531.020049][ T8126] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 531.030098][ T8126] EXT4-fs warning (device loop2): ext4_enable_quotas:7100: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 531.047712][ T8126] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 531.119726][ T8126] EXT4-fs error (device loop2): ext4_orphan_get:1420: comm syz-executor.2: bad orphan inode 16 [ 531.219596][ T8126] ext4_test_bit(bit=15, block=18) = 1 [ 531.225406][ T8126] is_bad_inode(inode)=0 [ 531.229748][ T8126] NEXT_ORPHAN(inode)=0 [ 531.234268][ T8126] max_ino=32 [ 531.237669][ T8126] i_nlink=2 [ 531.248277][ T8126] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 531.954674][ T8126] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 535.942353][ T7030] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 536.080858][ T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 536.301086][ T8166] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.3'. [ 536.361719][ T8168] overlay: ./file0 is not a directory [ 536.373800][ T8168] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000' [ 536.460756][ T5166] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 536.540883][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 536.552167][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 536.562281][ T10] usb 5-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 536.577896][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 536.664386][ T10] usb 5-1: config 0 descriptor?? [ 536.779801][ T8160] delete_channel: no stack [ 536.901019][ T5166] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 536.912609][ T5166] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 536.922786][ T5166] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 536.932196][ T5166] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 536.979925][ T5166] usb 1-1: config 0 descriptor?? [ 537.325308][ T10] itetech 0003:06CB:73F5.0002: unbalanced collection at end of report description [ 537.396725][ T10] itetech 0003:06CB:73F5.0002: probe with driver itetech failed with error -22 [ 537.410491][ T5122] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 537.506768][ T5124] usb 5-1: USB disconnect, device number 11 [ 537.533003][ T5166] hid (null): bogus close delimiter [ 537.680590][ T5122] usb 4-1: Using ep0 maxpacket: 8 [ 537.759147][ T5166] usb 1-1: language id specifier not provided by device, defaulting to English [ 538.021813][ T5122] usb 4-1: New USB device found, idVendor=19d2, idProduct=1119, bcdDevice=39.9d [ 538.033138][ T5122] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 538.041835][ T5122] usb 4-1: Product: syz [ 538.046256][ T5122] usb 4-1: Manufacturer: syz [ 538.051178][ T5122] usb 4-1: SerialNumber: syz [ 538.193228][ T5122] usb 4-1: bad CDC descriptors [ 538.265255][ T5166] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0003/input/input8 [ 538.363317][ T5166] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0003/input/input9 [ 538.400520][ T5122] usb 4-1: USB disconnect, device number 13 [ 538.421995][ T5166] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0003/input/input10 [ 538.476387][ T5166] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0003/input/input11 [ 538.535337][ T5166] uclogic 0003:256C:006D.0003: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0 [ 539.165447][ T5166] usb 1-1: USB disconnect, device number 11 [ 540.072010][ T779] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 540.450863][ T5166] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 540.522708][ T779] usb 3-1: config 0 has no interfaces? [ 540.528489][ T779] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 540.538066][ T779] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 540.616702][ T8200] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.3'. [ 540.637805][ T779] usb 3-1: config 0 descriptor?? [ 540.910921][ T5166] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 540.922461][ T5166] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 540.932697][ T5166] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 540.942091][ T5166] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 541.292952][ T5166] usb 1-1: config 0 descriptor?? [ 541.369523][ T5122] usb 3-1: USB disconnect, device number 10 [ 541.856640][ T5166] hid (null): bogus close delimiter [ 541.899521][ T8202] delete_channel: no stack [ 542.103822][ T5166] usb 1-1: language id specifier not provided by device, defaulting to English [ 542.550851][ T5166] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0004/input/input12 [ 542.649341][ T5166] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0004/input/input13 [ 542.744187][ T5166] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0004/input/input14 [ 542.822915][ T5166] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0004/input/input15 [ 542.925498][ T5166] uclogic 0003:256C:006D.0004: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0 [ 542.977108][ T5166] usb 1-1: USB disconnect, device number 12 [ 543.136444][ T5169] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 543.411529][ T5169] usb 4-1: Using ep0 maxpacket: 8 [ 543.484036][ T8228] bond_slave_0: entered promiscuous mode [ 543.490045][ T8228] bond_slave_1: entered promiscuous mode [ 543.496227][ T8228] macvlan2: entered allmulticast mode [ 543.501916][ T8228] bond0: entered allmulticast mode [ 543.507241][ T8228] bond_slave_0: entered allmulticast mode [ 543.513478][ T8228] bond_slave_1: entered allmulticast mode [ 543.524475][ T8228] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 543.856200][ T5169] usb 4-1: New USB device found, idVendor=19d2, idProduct=1119, bcdDevice=39.9d [ 543.865697][ T5169] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 543.874058][ T5169] usb 4-1: Product: syz [ 543.877073][ T8228] bond0: left allmulticast mode [ 543.878360][ T5169] usb 4-1: Manufacturer: syz [ 543.878472][ T5169] usb 4-1: SerialNumber: syz [ 543.893647][ T8228] bond_slave_0: left allmulticast mode [ 543.899335][ T8228] bond_slave_1: left allmulticast mode [ 543.905193][ T8228] bond_slave_0: left promiscuous mode [ 543.910895][ T8228] bond_slave_1: left promiscuous mode [ 544.028856][ T8231] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 544.048325][ T5169] usb 4-1: bad CDC descriptors [ 544.156481][ T8235] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.4'. [ 544.309172][ T5169] usb 4-1: USB disconnect, device number 14 [ 544.716075][ T8241] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 545.562735][ T8253] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 545.568361][ T8240] delete_channel: no stack [ 546.311488][ T8263] bond_slave_0: entered promiscuous mode [ 546.317496][ T8263] bond_slave_1: entered promiscuous mode [ 546.323715][ T8263] macvlan2: entered allmulticast mode [ 546.329927][ T8263] bond0: entered allmulticast mode [ 546.335499][ T8263] bond_slave_0: entered allmulticast mode [ 546.341767][ T8263] bond_slave_1: entered allmulticast mode [ 546.352555][ T8263] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 546.388799][ T8263] bond0: left allmulticast mode [ 546.397023][ T8263] bond_slave_0: left allmulticast mode [ 546.402908][ T8263] bond_slave_1: left allmulticast mode [ 546.408641][ T8263] bond_slave_0: left promiscuous mode [ 546.414340][ T8263] bond_slave_1: left promiscuous mode [ 547.502591][ T5124] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 547.791653][ T5124] usb 3-1: Using ep0 maxpacket: 8 [ 547.963161][ T8286] syz-executor.0[8286] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 547.963735][ T8286] syz-executor.0[8286] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 548.246849][ T5124] usb 3-1: New USB device found, idVendor=19d2, idProduct=1119, bcdDevice=39.9d [ 548.268938][ T5124] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 548.277544][ T5124] usb 3-1: Product: syz [ 548.282374][ T5124] usb 3-1: Manufacturer: syz [ 548.287342][ T5124] usb 3-1: SerialNumber: syz [ 549.719765][ T5124] usb 3-1: bad CDC descriptors [ 549.828011][ T29] audit: type=1326 audit(1717779328.749:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8293 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x0 [ 550.000033][ T5117] usb 3-1: USB disconnect, device number 11 [ 550.139935][ T8300] loop4: detected capacity change from 0 to 1024 [ 550.205341][ T8302] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.1'. [ 550.404404][ T8153] hfsplus: b-tree write err: -5, ino 3 [ 550.986650][ T8314] bond_slave_0: entered promiscuous mode [ 550.992685][ T8314] bond_slave_1: entered promiscuous mode [ 551.000198][ T8314] macvlan2: entered allmulticast mode [ 551.007907][ T8314] bond0: entered allmulticast mode [ 551.013629][ T8314] bond_slave_0: entered allmulticast mode [ 551.019507][ T8314] bond_slave_1: entered allmulticast mode [ 551.030599][ T8314] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 551.130561][ T29] audit: type=1800 audit(1717779330.129:205): pid=8315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="sda1" ino=1955 res=0 errno=0 [ 551.291020][ T8314] bond0: left allmulticast mode [ 551.296132][ T8314] bond_slave_0: left allmulticast mode [ 551.302232][ T8314] bond_slave_1: left allmulticast mode [ 551.308055][ T8314] bond_slave_0: left promiscuous mode [ 551.313765][ T8314] bond_slave_1: left promiscuous mode [ 551.409572][ T8315] loop4: detected capacity change from 0 to 512 [ 551.492917][ T8315] EXT4-fs: Ignoring removed mblk_io_submit option [ 551.535582][ T8315] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 551.614876][ T8315] EXT4-fs (loop4): 1 truncate cleaned up [ 551.623170][ T8315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 553.295561][ T6974] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 553.727259][ T29] audit: type=1326 audit(1717779332.709:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x0 [ 553.782553][ T5122] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 553.847378][ T8348] loop3: detected capacity change from 0 to 512 [ 553.890009][ T8348] EXT4-fs: Ignoring removed mblk_io_submit option [ 553.918088][ T8348] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 553.998017][ T8348] EXT4-fs (loop3): 1 truncate cleaned up [ 554.003979][ T8348] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 554.100748][ T5122] usb 3-1: Using ep0 maxpacket: 16 [ 554.238761][ T5122] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 554.249362][ T5122] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 554.260948][ T5122] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 554.394259][ T5122] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 554.403798][ T5122] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 554.412630][ T5122] usb 3-1: Manufacturer: syz [ 554.482700][ T5122] usb 3-1: config 0 descriptor?? [ 554.953399][ T5122] usb 3-1: USB disconnect, device number 12 [ 555.562343][ T7601] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.789635][ T8373] syz-executor.1: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 555.806383][ T8373] CPU: 0 PID: 8373 Comm: syz-executor.1 Tainted: G W 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 555.818127][ T8373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 555.828389][ T8373] Call Trace: [ 555.831828][ T8373] [ 555.834916][ T8373] dump_stack_lvl+0x216/0x2d0 [ 555.839894][ T8373] dump_stack+0x1e/0x30 [ 555.844316][ T8373] warn_alloc+0x455/0x650 [ 555.848920][ T8373] ? __vmalloc_node_range+0xd6/0x28b0 [ 555.854579][ T8373] __vmalloc_node_range+0x130/0x28b0 [ 555.860142][ T8373] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 555.866225][ T8373] ? should_fail_ex+0x4a/0x800 [ 555.871255][ T8373] ? kmsan_get_metadata+0x146/0x1d0 [ 555.876713][ T8373] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 555.882789][ T8373] ? kmsan_get_metadata+0x146/0x1d0 [ 555.888234][ T8373] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 555.894301][ T8373] vmalloc_user+0x90/0xb0 [ 555.898890][ T8373] ? xskq_create+0x105/0x270 [ 555.903720][ T8373] xskq_create+0x105/0x270 [ 555.908363][ T8373] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 555.914436][ T8373] xsk_init_queue+0x115/0x1f0 [ 555.919413][ T8373] xsk_setsockopt+0x882/0xcc0 [ 555.924390][ T8373] do_sock_setsockopt+0x4bb/0x7d0 [ 555.929732][ T8373] ? __pfx_xsk_setsockopt+0x10/0x10 [ 555.935246][ T8373] __sys_setsockopt+0x33a/0x4b0 [ 555.940387][ T8373] __x64_sys_setsockopt+0xe8/0x170 [ 555.945808][ T8373] x64_sys_call+0x13bb/0x3b50 [ 555.950784][ T8373] do_syscall_64+0xcf/0x1e0 [ 555.955566][ T8373] ? clear_bhb_loop+0x25/0x80 [ 555.960530][ T8373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.966716][ T8373] RIP: 0033:0x7fa01627cf69 [ 555.971338][ T8373] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 555.991212][ T8373] RSP: 002b:00007fa0170320c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 555.999891][ T8373] RAX: ffffffffffffffda RBX: 00007fa0163b3f80 RCX: 00007fa01627cf69 [ 556.008081][ T8373] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003 [ 556.016257][ T8373] RBP: 00007fa0162da6fe R08: 0000000000000020 R09: 0000000000000000 [ 556.024437][ T8373] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 556.032620][ T8373] R13: 000000000000000b R14: 00007fa0163b3f80 R15: 00007fffe97440c8 [ 556.040830][ T8373] [ 556.051381][ T8373] Mem-Info: [ 556.054699][ T8373] active_anon:15416 inactive_anon:14 isolated_anon:0 [ 556.054699][ T8373] active_file:3 inactive_file:46654 isolated_file:0 [ 556.054699][ T8373] unevictable:0 dirty:22 writeback:0 [ 556.054699][ T8373] slab_reclaimable:4445 slab_unreclaimable:21894 [ 556.054699][ T8373] mapped:18621 shmem:1663 pagetables:593 [ 556.054699][ T8373] sec_pagetables:0 bounce:0 [ 556.054699][ T8373] kernel_misc_reclaimable:0 [ 556.054699][ T8373] free:416092 free_pcp:1132 free_cma:0 [ 556.101497][ T8373] Node 0 active_anon:60072kB inactive_anon:56kB active_file:12kB inactive_file:186484kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:74428kB dirty:40kB writeback:0kB shmem:5064kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4736kB pagetables:2428kB sec_pagetables:0kB all_unreclaimable? no [ 556.138093][ T8373] Node 1 active_anon:1536kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:0kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 556.169813][ T8373] Node 0 DMA free:4096kB boost:0kB min:160kB low:200kB high:240kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 556.197147][ T8373] lowmem_reserve[]: 0 895 1208 1208 1208 [ 556.203202][ T8373] Node 0 DMA32 free:659040kB boost:0kB min:36112kB low:45140kB high:54168kB reserved_highatomic:0KB active_anon:18864kB inactive_anon:56kB active_file:12kB inactive_file:93572kB unevictable:0kB writepending:12kB present:3129332kB managed:955484kB mlocked:0kB bounce:0kB free_pcp:1720kB local_pcp:848kB free_cma:0kB [ 556.237692][ T8373] lowmem_reserve[]: 0 0 313 313 313 [ 556.244516][ T8373] Node 0 Normal free:14980kB boost:0kB min:12648kB low:15808kB high:18968kB reserved_highatomic:0KB active_anon:41208kB inactive_anon:0kB active_file:0kB inactive_file:92912kB unevictable:0kB writepending:28kB present:1048576kB managed:321032kB mlocked:0kB bounce:0kB free_pcp:2808kB local_pcp:2040kB free_cma:0kB [ 556.274371][ T8373] lowmem_reserve[]: 0 0 0 0 0 [ 556.279362][ T8373] Node 1 Normal free:986252kB boost:0kB min:41188kB low:51484kB high:61780kB reserved_highatomic:0KB active_anon:1536kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:0kB writepending:0kB present:4194304kB managed:1045456kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 556.310085][ T8373] lowmem_reserve[]: 0 0 0 0 0 [ 556.315423][ T8373] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB [ 556.335756][ T8373] Node 0 DMA32: 486*4kB (UME) 481*8kB (UME) 350*16kB (UME) 237*32kB (UME) 129*64kB (UME) 104*128kB (UME) 68*256kB (UME) 32*512kB (UME) 9*1024kB (UME) 7*2048kB (ME) 137*4096kB (UM) = 659040kB [ 556.358156][ T8373] Node 0 Normal: 29*4kB (UME) 26*8kB (UE) 62*16kB (UME) 25*32kB (UM) 37*64kB (UME) 24*128kB (UM) 3*256kB (UM) 3*512kB (UM) 3*1024kB (UME) 1*2048kB (M) 0*4096kB = 14980kB [ 556.376467][ T8373] Node 1 Normal: 1*4kB (U) 1*8kB (M) 8*16kB (U) 12*32kB (U) 10*64kB (UM) 10*128kB (UM) 1*256kB (M) 1*512kB (M) 4*1024kB (U) 4*2048kB (U) 237*4096kB (M) = 986252kB [ 556.394132][ T8373] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 556.403934][ T8373] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 556.413697][ T8373] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 556.423484][ T8373] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 556.437634][ T8373] 48277 total pagecache pages [ 556.443796][ T8373] 14 pages in swap cache [ 556.448127][ T8373] Free swap = 124432kB [ 556.452460][ T8373] Total swap = 124996kB [ 556.456712][ T8373] 2097051 pages RAM [ 556.460836][ T8373] 0 pages HighMem/MovableOnly [ 556.465608][ T8373] 1515534 pages reserved [ 556.469952][ T8373] 0 pages cma reserved [ 556.639556][ T29] audit: type=1800 audit(1717779335.669:207): pid=8372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1960 res=0 errno=0 [ 556.776990][ T8372] loop0: detected capacity change from 0 to 512 [ 556.868112][ T8372] EXT4-fs: Ignoring removed mblk_io_submit option [ 556.904590][ T8372] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 557.090752][ T8372] EXT4-fs (loop0): 1 truncate cleaned up [ 557.096620][ T8372] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 557.919934][ T7425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 558.729459][ T29] audit: type=1326 audit(1717779337.739:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8404 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa01627cf69 code=0x0 [ 558.869673][ T8408] loop1: detected capacity change from 0 to 512 [ 558.939735][ T8408] EXT4-fs: Ignoring removed mblk_io_submit option [ 558.965492][ T8408] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 559.125016][ T8408] EXT4-fs (loop1): 1 truncate cleaned up [ 559.131067][ T8408] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 560.005789][ T7721] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.616030][ T29] audit: type=1800 audit(1717779339.579:209): pid=8430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="sda1" ino=1945 res=0 errno=0 [ 560.889863][ T8430] loop4: detected capacity change from 0 to 512 [ 560.986245][ T8430] EXT4-fs: Ignoring removed mblk_io_submit option [ 561.048205][ T8430] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 561.197778][ T8430] EXT4-fs (loop4): 1 truncate cleaned up [ 561.203796][ T8430] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 562.404250][ T6974] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.120996][ T29] audit: type=1326 audit(1717779342.099:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8463 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55e987cf69 code=0x0 [ 563.234883][ T8467] loop4: detected capacity change from 0 to 512 [ 563.260452][ T8467] EXT4-fs: Ignoring removed mblk_io_submit option [ 563.281201][ T8467] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 563.377987][ T8467] EXT4-fs (loop4): 1 truncate cleaned up [ 563.384054][ T8467] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 563.893721][ T8472] loop0: detected capacity change from 0 to 164 [ 563.926863][ T8472] Unable to read rock-ridge attributes [ 564.433141][ T6974] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.581773][ T8482] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 564.591436][ T8482] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 564.601182][ T8482] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 565.142266][ T29] audit: type=1800 audit(1717779344.119:211): pid=8494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="sda1" ino=1948 res=0 errno=0 [ 565.384890][ T8494] loop1: detected capacity change from 0 to 512 [ 565.474971][ T8494] EXT4-fs: Ignoring removed mblk_io_submit option [ 565.485312][ T8494] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 565.697702][ T8494] EXT4-fs (loop1): 1 truncate cleaned up [ 565.704122][ T8494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 566.495997][ T29] audit: type=1326 audit(1717779345.529:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafd587cf69 code=0x0 [ 566.556292][ T7721] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.723590][ T8522] loop2: detected capacity change from 0 to 512 [ 566.756546][ T8522] EXT4-fs: Ignoring removed mblk_io_submit option [ 566.793486][ T8522] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 566.904548][ T8522] EXT4-fs (loop2): 1 truncate cleaned up [ 566.911529][ T8522] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 567.612649][ T7030] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.328105][ T8539] loop3: detected capacity change from 0 to 512 [ 568.368509][ T8539] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 568.429463][ T8539] EXT4-fs (loop3): 1 truncate cleaned up [ 568.435591][ T8539] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.533064][ T8539] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: overlapping e_value [ 568.652098][ T8539] EXT4-fs warning (device loop3): ext4_xattr_set_entry:1793: inode #15: comm syz-executor.3: unable to update i_inline_off [ 568.665673][ T8539] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2847: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 569.346911][ T8552] EXT4-fs error (device loop3): ext4_xattr_ibody_get:653: inode #15: comm syz-executor.3: corrupted in-inode xattr: overlapping e_value [ 569.420433][ T8552] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: overlapping e_value [ 569.629537][ T8539] syz-executor.3 (8539) used greatest stack depth: 4080 bytes left [ 570.530312][ C1] sched: RT throttling activated [ 571.346670][ T7601] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 571.442162][ T29] audit: type=1800 audit(1717779350.479:213): pid=8567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1949 res=0 errno=0 [ 571.775822][ T8567] loop0: detected capacity change from 0 to 512 [ 571.830044][ T8567] EXT4-fs: Ignoring removed mblk_io_submit option [ 571.862920][ T8567] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 571.973094][ T8567] EXT4-fs (loop0): 1 truncate cleaned up [ 571.978949][ T8567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 572.232914][ T29] audit: type=1326 audit(1717779351.209:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafd587cf69 code=0x0 [ 572.388743][ T8580] loop2: detected capacity change from 0 to 512 [ 572.518009][ T8580] EXT4-fs: Ignoring removed mblk_io_submit option [ 572.576936][ T8580] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 572.720940][ T8580] EXT4-fs (loop2): 1 truncate cleaned up [ 572.726919][ T8580] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 573.261621][ T7425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.817210][ T7030] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.053157][ T8625] ptrace attach of "/root/syz-executor.3 exec"[7601] was attempted by "/root/syz-executor.3 exec"[8625] [ 576.160927][ T29] audit: type=1326 audit(1717779355.159:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8624 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.184933][ T29] audit: type=1326 audit(1717779355.179:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8624 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.214334][ T29] audit: type=1326 audit(1717779355.189:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8624 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.239523][ T29] audit: type=1326 audit(1717779355.199:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8624 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.263510][ T29] audit: type=1326 audit(1717779355.249:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8624 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.575822][ T8632] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 576.622659][ T8632] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 576.654238][ T8632] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 576.729140][ T8638] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 576.784549][ T8632] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(14) [ 576.791460][ T8632] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 576.799990][ T8632] vhci_hcd vhci_hcd.0: Device attached [ 576.854429][ T29] audit: type=1326 audit(1717779355.809:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.877870][ T29] audit: type=1326 audit(1717779355.809:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.901547][ T29] audit: type=1326 audit(1717779355.829:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.931092][ T29] audit: type=1326 audit(1717779355.829:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.956327][ T29] audit: type=1326 audit(1717779355.829:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 576.979501][ T29] audit: type=1326 audit(1717779355.829:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 577.002733][ T29] audit: type=1326 audit(1717779355.909:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 577.032450][ T29] audit: type=1326 audit(1717779355.909:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 577.057738][ T29] audit: type=1326 audit(1717779355.909:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 577.081028][ T29] audit: type=1326 audit(1717779355.909:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x7ffc0000 [ 577.109645][ T8642] vhci_hcd: connection closed [ 577.120549][ T11] vhci_hcd: stop threads [ 577.129754][ T11] vhci_hcd: release socket [ 577.134445][ T11] vhci_hcd: disconnect device [ 578.252916][ T8649] delete_channel: no stack [ 578.666389][ T8658] loop2: detected capacity change from 0 to 512 [ 578.716846][ T8658] EXT4-fs: Ignoring removed mblk_io_submit option [ 578.767582][ T8658] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 578.932235][ T8658] EXT4-fs (loop2): 1 truncate cleaned up [ 578.938212][ T8658] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 579.560789][ T6458] Bluetooth: hci4: command 0x0406 tx timeout [ 579.676496][ T8677] 9pnet_fd: Insufficient options for proto=fd [ 579.876746][ T8678] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.0'. [ 579.931852][ T7030] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 581.020952][ T8690] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 581.770605][ T8697] nftables ruleset with unbound chain [ 583.987072][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 583.987143][ T29] audit: type=1800 audit(1717779363.019:233): pid=8716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="sda1" ino=1957 res=0 errno=0 [ 584.066659][ T8703] delete_channel: no stack [ 584.158575][ T8716] loop1: detected capacity change from 0 to 512 [ 584.214373][ T8716] EXT4-fs: Ignoring removed mblk_io_submit option [ 584.275709][ T8716] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 584.548486][ T8716] EXT4-fs (loop1): 1 truncate cleaned up [ 584.554615][ T8716] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 585.243027][ T7721] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.263963][ T8741] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 586.827822][ T29] audit: type=1326 audit(1717779365.629:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fafd587cf69 code=0x0 [ 586.850411][ C0] vkms_vblank_simulate: vblank timer overrun [ 587.743013][ T1226] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.749680][ T1226] ieee802154 phy1 wpan1: encryption failed: -22 [ 588.358886][ T8751] delete_channel: no stack [ 588.441450][ T29] audit: type=1800 audit(1717779367.369:235): pid=8764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="sda1" ino=1961 res=0 errno=0 [ 588.534051][ T8764] loop3: detected capacity change from 0 to 512 [ 588.561819][ T8764] EXT4-fs: Ignoring removed mblk_io_submit option [ 588.576731][ T8764] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 588.669258][ T8764] EXT4-fs (loop3): 1 truncate cleaned up [ 588.675727][ T8764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 589.085574][ T29] audit: type=1326 audit(1717779368.119:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8768 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55e987cf69 code=0x0 [ 589.725893][ T7601] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 590.898691][ T29] audit: type=1326 audit(1717779369.829:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55e987cf69 code=0x0 [ 593.236684][ T8803] delete_channel: no stack [ 593.323072][ T8817] loop0: detected capacity change from 0 to 512 [ 593.349684][ T29] audit: type=1800 audit(1717779372.299:238): pid=8817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1937 res=0 errno=0 [ 593.389934][ T8817] EXT4-fs: Ignoring removed mblk_io_submit option [ 593.414460][ T8817] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 593.465626][ T8817] EXT4-fs (loop0): 1 truncate cleaned up [ 593.471951][ T8817] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.951068][ T29] audit: type=1326 audit(1717779372.959:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8820 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8a0647cf69 code=0x0 [ 594.620190][ T7425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.910623][ T6458] Bluetooth: hci5: command 0x0406 tx timeout [ 595.282950][ T29] audit: type=1326 audit(1717779374.139:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55e987cf69 code=0x0 [ 598.344777][ T8854] delete_channel: no stack [ 598.765373][ T29] audit: type=1800 audit(1717779377.739:241): pid=8869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1948 res=0 errno=0 [ 599.004147][ T8869] loop2: detected capacity change from 0 to 512 [ 599.124926][ T8869] EXT4-fs: Ignoring removed mblk_io_submit option [ 599.143233][ T8869] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 599.456754][ T8869] EXT4-fs (loop2): 1 truncate cleaned up [ 599.462893][ T8869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 599.689294][ T8881] loop0: detected capacity change from 0 to 512 [ 599.777791][ T8881] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349) [ 599.787918][ T8881] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 600.206046][ T7030] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 601.350141][ T79] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 601.359570][ T79] ===================================================== [ 601.366837][ T79] BUG: KMSAN: uninit-value in nci_ntf_packet+0x2ac8/0x39c0 [ 601.374318][ T79] nci_ntf_packet+0x2ac8/0x39c0 [ 601.379354][ T79] nci_rx_work+0x288/0x5d0 [ 601.390823][ T79] process_scheduled_works+0xa81/0x1bd0 [ 601.398520][ T79] worker_thread+0xea5/0x1560 [ 601.405304][ T79] kthread+0x3e2/0x540 [ 601.409563][ T79] ret_from_fork+0x6d/0x90 [ 601.416213][ T79] ret_from_fork_asm+0x1a/0x30 [ 601.421288][ T79] [ 601.423692][ T79] Uninit was created at: [ 601.428162][ T79] kmem_cache_alloc_node+0x622/0xc90 [ 601.433678][ T79] kmalloc_reserve+0x13d/0x4a0 [ 601.438624][ T79] __alloc_skb+0x35b/0x7a0 2024/06/07 16:56:20 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 601.438890][ T8910] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 601.443226][ T79] virtual_ncidev_write+0x6d/0x290 [ 601.443367][ T79] vfs_write+0x497/0x14d0 [ 601.443502][ T79] ksys_write+0x20f/0x4c0 [ 601.467905][ T79] __x64_sys_write+0x93/0xe0 [ 601.472809][ T79] x64_sys_call+0x3062/0x3b50 [ 601.477774][ T79] do_syscall_64+0xcf/0x1e0 [ 601.477918][ T79] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.478060][ T79] [ 601.478092][ T79] CPU: 0 PID: 79 Comm: kworker/u8:5 Tainted: G W 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 601.478204][ T79] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 601.478276][ T79] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 601.478379][ T79] ===================================================== [ 601.478411][ T79] Disabling lock debugging due to kernel taint [ 601.478448][ T79] Kernel panic - not syncing: kmsan.panic set ... [ 601.478492][ T79] CPU: 0 PID: 79 Comm: kworker/u8:5 Tainted: G B W 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 601.478597][ T79] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 601.478662][ T79] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 601.478764][ T79] Call Trace: [ 601.478800][ T79] [ 601.478834][ T79] dump_stack_lvl+0x216/0x2d0 [ 601.478976][ T79] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 601.479118][ T79] dump_stack+0x1e/0x30 [ 601.479251][ T79] panic+0x4e2/0xcd0 [ 601.479389][ T79] ? kmsan_get_metadata+0xf1/0x1d0 [ 601.479523][ T79] kmsan_report+0x2d5/0x2e0 [ 601.479644][ T79] ? __msan_warning+0x95/0x120 [ 601.479740][ T79] ? nci_ntf_packet+0x2ac8/0x39c0 [ 601.479861][ T79] ? nci_rx_work+0x288/0x5d0 [ 601.479961][ T79] ? process_scheduled_works+0xa81/0x1bd0 [ 601.480089][ T79] ? worker_thread+0xea5/0x1560 [ 601.480209][ T79] ? kthread+0x3e2/0x540 [ 601.480344][ T79] ? ret_from_fork+0x6d/0x90 [ 601.480453][ T79] ? ret_from_fork_asm+0x1a/0x30 [ 601.480596][ T79] ? vprintk_default+0x3e/0x50 [ 601.480749][ T79] ? vprintk+0xee/0xf0 [ 601.480858][ T79] ? _printk+0x157/0x190 [ 601.480993][ T79] ? kmsan_get_metadata+0x146/0x1d0 [ 601.481111][ T79] ? nci_add_new_protocol+0x159/0x870 [ 601.481236][ T79] ? nci_add_new_protocol+0x51/0x870 [ 601.481368][ T79] ? nci_add_new_protocol+0x5a0/0x870 [ 601.481498][ T79] __msan_warning+0x95/0x120 [ 601.481597][ T79] nci_ntf_packet+0x2ac8/0x39c0 [ 601.481734][ T79] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 601.481924][ T79] nci_rx_work+0x288/0x5d0 [ 601.482038][ T79] ? __pfx_nci_rx_work+0x10/0x10 [ 601.482149][ T79] process_scheduled_works+0xa81/0x1bd0 [ 601.482312][ T79] worker_thread+0xea5/0x1560 [ 601.482463][ T79] kthread+0x3e2/0x540 [ 601.482595][ T79] ? __pfx_worker_thread+0x10/0x10 [ 601.482727][ T79] ? __pfx_kthread+0x10/0x10 [ 601.482859][ T79] ret_from_fork+0x6d/0x90 [ 601.482966][ T79] ? __pfx_kthread+0x10/0x10 [ 601.483104][ T79] ret_from_fork_asm+0x1a/0x30 [ 601.483266][ T79] [ 601.483522][ T79] Kernel Offset: disabled