last executing test programs: 49.475530204s ago: executing program 0 (id=14): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x54dd5e54}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x8, 0x2c, 0x0, @remote, @local, {[], {{0x3a00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 48.444285747s ago: executing program 0 (id=20): write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB='S\x00'], 0x53) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000240)="d2df8cd2985500000000000000", 0xd, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, 0x0, 0x0, 0x0) 47.619796666s ago: executing program 0 (id=24): r0 = socket$inet6_udp(0xa, 0x2, 0x0) readv(r0, &(0x7f0000001000)=[{&(0x7f0000000500)=""/41, 0x29}], 0x1) recvmmsg(r0, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x10000, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x7ffd, @loopback, 0x627bcafb}, 0x1c) 46.243256728s ago: executing program 0 (id=33): syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[], 0x1, 0x171, &(0x7f0000000480)="$eJzs2rFKw0AYB/DParEUn8Cp0Ax1aJMmWgV3QXDyAcTQ3tXQxEgiSDsFX0BxiI/g6qqbj9DZzU1dXB0kkvRq2zsXCxLB/29o/vTLfXcJ4aarB77X5GGdaC262n8uBL5XaVmbbd7kNo3sElElDcMkuW6Q4vCrPkyihnJD9V5ca9147447LjPVHgAAAAAAAAAAAAAAAAAAAAAA/0T1RYTyUezfcMdlzalq2B/0bNdlQTj+RyNxRod47G9zR2PWTL/aO5GWnd9x4p3ztJ8xU9fSTqUk80byfPqpd6KH/UHd8ewu67Jj07RaxrphbJh61kuXO2qXYk1EpfRnQXo+7XZynujRUM8TUXl0WVp14ouzrHtRfv4CBZMX8YMQzTUKIcdAEdEfWIYIT69E35dK4gNlQVic/lYXR/dsHWSlnBb/keT/6n47yPsHdZat6kO6fzTavttR9k8pjEfPM3lBjO3ZK+kUyo4GkJPPAAAA///+VynD") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000380)='./file0\x00') symlink(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 45.378107168s ago: executing program 0 (id=38): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000004c0)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="04000000400800"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="00000000010000007e923b0ad9"], 0x80}}, 0x44) 44.571964086s ago: executing program 0 (id=42): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newtaction={0x78, 0x30, 0x309, 0x0, 0x2, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xbabd, 0x81, 0x5, 0x1, 0xf7f}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @empty}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 42.096341441s ago: executing program 32 (id=42): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newtaction={0x78, 0x30, 0x309, 0x0, 0x2, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xbabd, 0x81, 0x5, 0x1, 0xf7f}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @empty}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 7.24430925s ago: executing program 2 (id=200): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffd51, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='cpu.max\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[], 0x3) 6.997248171s ago: executing program 4 (id=201): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10000}}, &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r2, r1, 0x25, 0x4, @val=@netfilter={0x5, 0x1, 0x4, 0x1}}, 0x20) 6.61294166s ago: executing program 2 (id=205): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000140)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="050000001b08000000750000000000", @ANYRES16], 0x80}, 0x1, 0x0, 0x0, 0x20040000}, 0x440c0) 6.378634923s ago: executing program 4 (id=206): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x4d) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x301000, 0x0) 6.010523242s ago: executing program 2 (id=209): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0) 5.789562912s ago: executing program 4 (id=210): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x0, r0) readv(r1, &(0x7f0000000480)=[{&(0x7f00000025c0)=""/4101, 0x1005}], 0x1) 5.343053368s ago: executing program 2 (id=213): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000340)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000b00)={0x2c, &(0x7f0000000880)=ANY=[@ANYBLOB="100902"], 0x0, 0x0, 0x0, 0x0}) 4.53495627s ago: executing program 1 (id=215): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = epoll_create1(0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x70000011}) 4.407167127s ago: executing program 4 (id=216): r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000c80)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) 4.26417101s ago: executing program 5 (id=218): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) 3.927860167s ago: executing program 1 (id=219): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000140)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x5, 0x182, 0x9, {0x77359400}, {}, {0x2, 0x0, 0x1}, 0x1, @can={{0x4, 0x1, 0x1, 0x1}, 0x5, 0x1, 0x0, 0x0, "c251541693f8cfd1"}}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4004844) 3.740659452s ago: executing program 5 (id=220): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x38, r1, 0x1, 0x4, 0xfffffffd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}, @NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT={0x8, 0xb, 0xd7}, @NL80211_MESHCONF_CONNECTED_TO_AS={0x5}]}]}, 0x38}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 3.597652045s ago: executing program 3 (id=221): mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x5) r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x200000000000b, &(0x7f0000000080)='\x00', 0x1) setsockopt$inet_opts(r0, 0x0, 0x200000000000c, &(0x7f0000000240)="ea00eb014f000000", 0x8) 3.252002729s ago: executing program 1 (id=222): socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x3, 0x300) r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000800)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0) 2.887690922s ago: executing program 5 (id=223): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc680000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a31000000003c0003803800008008000340000000022c0007800a0001006c696d69740000001c0002800c00024000000000000000050c000140000000000000000414000000110001"], 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40) close(0x3) 2.816286637s ago: executing program 3 (id=224): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x503, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x15615, 0xef}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8, 0x2, @udp=r1}, @IFLA_GTP_FD0={0x8, 0x1, @udp=r2}]}}}]}, 0x40}}, 0x0) 2.605111649s ago: executing program 2 (id=225): r0 = socket$kcm(0x2b, 0x1, 0x0) setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000000040), 0x8) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000000) accept4(r0, 0x0, 0x0, 0x800) 2.535480795s ago: executing program 1 (id=226): syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x1004000, &(0x7f0000000400)={[{@undelete}, {@undelete}, {@undelete}, {@longad}, {@unhide}, {@uid_forget}, {@undelete}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@uid_forget}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@uid}, {@nostrict}, {@session}, {@partition={'partition', 0x3d, 0x6}}]}, 0x1, 0xc34, &(0x7f0000001bc0)="$eJzs3U9sXNd5N+D3XHHEofx9FRM7ipPGxaQtUlmxXP2LqViFO6pptgFkWQjF7AJwJFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjkhJpP49N/WbunHPnnHvH98qC3jkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAET83iuXz5xNj3sUAMCjdHX0q2fOuf8DwMfKdf//DwAAAAAAAAAAAAAAB12KIp6MFLNXV9N49byjfqVdu3tvbHhk624Dqep5pGpf/tTPnjt/4UsvDF3s5pX29Af032ufjddGr19uvDxzZ3Zucn5+cqIxNt2+OTMxueM97Lb/ZqeqA9C48/rdiVu35hvnnj+/4eV7g+/3P3Fi8NLQs6ef6bYdGx4ZGV1vUt/y4UParsLjaBRxOlI8972fplZEFLH7Y1F/tOd+s4FqEqeqSYwNj1QTmWq3phfKF691D0QR0ejp1Oweo63PRfTVHukctteMWCyHXw74VDm90dnWXOvG1GTjWmtuob3Qnpm+ljqjLefTiCIupoiliFjpf3B3tSiiL1J85/hquhERR7rH4YtVYfD24yj2cY47UI6zUYtYKg7BOTvA+qOIVyPFz945GTfLY5Z/4gsRr5b5g4i3ynwpIpUfjAsR723xOeJw6osi/rw8/5dW00R1PeheV658rfGV6VszPW2715Vf8v7wwJXiMd0fBjblo3HAr031KKJVXfFX08P/ZgcAAAAAAAAAAAAAAACAvTYQRXwmUrzyb39U1RVHVZd+/NLQ7w/+/96a8ac/ZD9l2+cjYrHYWU3u0VwYeC1dS2mntcTqTvdcPYr441z/963HPRgAAAAAAAAAAAAAAAAAAICPtSJ+EilefPdkWoreNcXb07cb11s3pjqrwnbX/u2umb62trbWSJ1s5hzPuZhzKedyzpWcUeT+OZs5xwc6O17Mz5dyLudcyRlHcv+czZzjORdzLuVczrmSM/py/5zNnOM5F3Mu5VzOuZIzDsjavQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyVFFPGLSPHtb6ymSBHRjBiPTi73P+7RAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl/lTE9yNF4w+a97f1RUSq/u04Wf5yIZpHy/xkNIfKfCmal3O2quxrfusxjJ/dqaUifhwp+utv3z/h+fzXOs/ufwzirW+uP/tsXyePdF8cfL//iRPHLw2N/NrT2z1OWw3g1JX29N17jbHhkZHRns19+d0/2bNtML9vsTdTJyLm33jz9dbU1OTcwz8oPwK76H6IHqS+gz/T2oEf4SF6EH0HYhiPZ+58DJT3//cixW+/++/dG37n/l+P/9d5dv8OHz//k/X7/4ubd7TD+3/f5n75/l/e07e6/z/Zs+3F/LuRWl9EfeHObO1ERH3+jTdPt++0bk/enpy+cObMl4eGvnz+TO1oRP1We2qy59GeHC4AAAAAAAAAAAAAAACARycV8buRovXj1dSIiHtVvdbgpaFnTz9zJI5U9VYb6rZfG71+ufHyzJ3Zucn5+cmJxth0++bMxORO365elXuNDY/sy2Q+1MA+j3+g/vLM7Btz7dt/uLDl68fql2/ML8y1bm79cgxEEdHs3XKqGvDY8Eg16Kl2a7rqem3LYvpfXi0V8R+R4uaFRvp83pbr/zdX+G+o/1/cvKN9qv//RM+28j1TKuLnkeK3/uLp+Hw1zmPxwDHL7f4mUpy6+LncLo6W7bpj6HyvQKcysGz7P5HiH36xsW23HvLJ9bZnd3xgD4ny/B+PFN//s+/Gr+dtG7//Yevzf2zzjvbp/D/Vs+3Yhu8r2PXUyef/dKR46cm34zfytg/6/o/ud2+czI3vfz/HPp3/T/VsG8zv+5t7M3UAAAAAAAAAAIBDrZaK+NtI8cORvvRC3raTv/83sXlH+/T3vz7ds21ib9Yr+tAHuz6oAAAAAHBA1FIRP4kUtxfevl9DvbH+u6f+83fW6z+H06ZXqz/n+5XqewP28s//eg3m9x3f/bQBAAAAAAAAAAAAAAAAAADgQEmpiBfyeurjVT3/xLbrqS9Hilf+67ncLp0o23XXgR+sfq1fnZk+fXlqauZma6F1Y2qyMTrbujlZ9n0qUqz+9edy36JaX7273nxnjff1tdjnIsXI33XbdtZi765N/tR627Nl209Eiv/8+41tu+tYf2q97bmy7V9Fiq//09ZtT6y3PV+2/W6k+NHXG922x8q23e9H/fR62+dvzhT7cFYAAAAAAAAAAAAAAAAAAAD4uKmlIv40Uvz3naX7tfx5/f9az9PKW9/sWe9/k3vVOv+D1fr/2z1+mPX/q+8VWNzuXQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KMpRRFvRorZq6tpub983lG/0p6+e29seGTrbgOp6nmkal/+1M+eO3/hSy8MXezmB/ffa5+J10avX268PHNndm5yfn5yojE23b45MzG54z3stv9mp6oD0Ljz+t2JW7fmG+eeP7/h5XuD7/c/cWLw0tCzp5/pth0bHhkZ7WnTV3vod39A2mb70SjiLyPFc9/7afphf0QRuz8WH/LZ2W8D1SROVZMYGx6pJjLVbk0vlC9e6x6IIqLR06nZPUaP4FzsSjNisRx+OeBT5fRGZ1tzrRtTk41rrbmF9kJ7Zvpa6oy2nE8jiriYIpYiYqX/wd3VoojXI8V3jq+mf+6PONI9Dl+8OvrVM+e2H0exj3PcgXKcjVrEUnEIztkB1h9F/GOk+Nk7J+Nf+iP6ovMTX4h4tcwfRLwVnfOdyg/GhYj3tvgccTj1RRH/W57/S6vpnf7yetC9rlz5WuMr07dmetp2ryuH/v7wKB3wa1M9ivhRdcVfTf/qv2sAAAAAAAAAAAAAAACAA6SIX40UL757MlX1wfdritvTtxvXWzemOmV93dq/bs302traWiN1splzPOdizqWcyzlXckaR++dslllfWxvPzxdzLuVczrmSM47k/jmbOcdzLuZcyrmccyVn9OX+OZs5x3Mu5lzKuZxzJWcckNo9AAAAAAAAAAAAAAAAAADgo6Wo/knx7W+sprX+zvrS49HJZeuBfuT9XwAAAP//M3/28g==") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x1) r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 2.011778324s ago: executing program 5 (id=227): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) close_range(r0, r0, 0x2) ioctl$VIDIOC_G_JPEGCOMP(r1, 0x808c563d, 0x0) 1.973444695s ago: executing program 3 (id=228): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000008, 0x2a011, r0, 0xc663e000) r1 = socket$inet6(0xa, 0x3, 0x87) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@remote, @in6=@private2, 0x0, 0x0, 0x0, 0x20, 0xa, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x6, 0x0, 0x4}, {0x0, 0x0, 0x20000000000000}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in=@local, 0x2000000, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffc, 0x0, 0x2, 0x3}}, 0xe8) 1.467970264s ago: executing program 2 (id=229): sendmmsg$unix(0xffffffffffffffff, &(0x7f000000a740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)=ANY=[@ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c00000000bd37e25e19c432d2010000eacc7487bd1d701f2c9d5466aefd7dfe819698791d6bb93840870153e269d4398371ae2d0a4b851991d993857783c626f1c40964cf6bccfa5464b51739b60b3f936af7fbe129ab49838a2888defe600d57cab27e7a38a6fb762e3ddfbdc080ccdee727f9214062acfd483e34d787d39d0c1a17a5ade2e6877a9494c7b050a373a72da092234eeaf91a16c3543d8d97b6b8ee568963d1772b06cbc90042c6d58a0c6ac0bc60f3c3", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0xc8, 0x40}}], 0x1, 0x0) r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[]) 1.451915135s ago: executing program 3 (id=230): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x11, 0x2d2, &(0x7f0000000bc0)="$eJzs3U1rE1scx/HfmaRteht6pw+XC3fZa0E3UutG3KRIXoS4ELWJUAwVbQV1YxVXIrp371vwLQhuFN+Arlz5AiIII+fMZJJJJzMxNDMNfj9gmMycM+d/Mg/n/AfsCMAf60rzy9uL3+w/I1VUkV5cljxJNakq6R/9W3uwf7h32Gm3MvbTDRxbyyisaY4V2t1vp9WtKaoR8e23quqD6zAdQRDsfJV0UHYgKJW7+lN40kJ0dbrttcIjy/Z0wnpHJxzHrDFddfVQy2XHAQAoVzT+e9E4X4/m754nbUbD/qkc/yfVLTuAqQsytw6M/y7LCow9vn+7Tf18z6VwdrvXyxLHaXlu6Pu8wjMrMcE0eVmli8VbvL3XaZ/fvdtpeXqmRmSg2Lr7bIWnbk9OtBspuWmGMfpu0meUS64Pc7YP2yPiX5uwxYmZD+aTuW58vVErnv9VA2MPkztS/tCRCuPfGr1H10vfllJ022g0Gl6iyIpr5L+ohUhOL2vpGYl6Z9SKkg8I/Lw4Xa3VoVph7y7k1FoLa+0sJmpt976NqLWeaMv2Jj6bR7c3beaVuWo29F3v1ByY/3s2vk1lXpn9q8ZshkOB+8XD/synN1d1+/SPjRxHulZProl/xYVRof/IvqdhyJOMbS91S5e0fPDo8Z1Kp9O+bxdupizcq8dr5p5LqWVKWPDUX6Oj/qYFhQ8ij9XqDUpFhnruRHdo7x+5he1VVkgHT82ZUMZC82OxJ1IZCwXdo1Cq/kHPLfq+kIBQNDfvCvO/gXxly0327IefMU/PnZBFewzsHDvOgGqJ+qtu6a/fyuCWRmdw4+Zc/5+VzsSrfgY5LfpRnLMhyJr6Waapz7rB838AAAAAAAAAAAAAAAAAAIBZU8R/Jyi7jwAAAAAAAAAAAAAAAAAAAAAAzLr4/b/qvf9X473/d/gvf1fCN7ycyPt/X++L9/8C0/crAAD//zZmik0=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0x7e) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x20040, 0x1ff) 1.387990125s ago: executing program 5 (id=231): r0 = socket$netlink(0x10, 0x3, 0x15) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="39000000130003470fbb65e1c3e4ffff060060001600000056000000250000001900b3c0b6d20300070a0000000084db26b9e4e20000000000", 0x39}], 0x1) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x1, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 1.161698775s ago: executing program 4 (id=232): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x2204080, &(0x7f0000000040)=ANY=[@ANYBLOB="6e6f646f74732c73686f77657865632c6e6f646f74732c6e66733d6e6f7374616c655f726f2c0030a66d3a1127e03fc4ec7721f7c77d616ce2d9a9b0ef6cf77d486df06aac6920f6f13474bc77836cb851c86e0cc5dc8611db21e0dafe4caa2c5b34"], 0x1, 0x28d, &(0x7f0000000640)="$eJzs3b9qFF0cBuCTTUI+8pGQStDGg1Y2Q5LaIkESCC4omhVUECZkosuOu2Fni51gEWsbwdI7EEs7QbyB3IVdmpAqlRGd/DEBq5DdIs/TzMu8c+D8GDhTzu7d969bG0WykfZCbWEk1BZCqB2MhJlQC8e2w50Pbz++e/z02f3Fen3pUYzLi6tz8zHG6Zvfnr/5fOt77/8nX6a/ToSdmRe7e/M/dq7tXN/9ufqqWcRmEdudXkzjWqfTS9fyLK43i1YS48M8S4ssNttF1j3Tb+Sdzc0ypu31qcnNblYUMW2XsZWVsdeJvW4Z05dpsx2TJIlTk4GLaHw6ODwMe4eVYe+GwfP+r7a/DvX/Qtjf7jf6jepa9csr9aXZ+Mf46ar9fr8xetLPVX0824+HyaN+/nx//Gm5XfW/u3sP6ufWT4T1S54dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAqyuJJ2ZO7+73+43Rqk/+1VdpeaW+NHv0wNl+LNwYG9gYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAhRbnVSvM86wqCIJyEYZ9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHinP/0e9k4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpqLcaqV5nnUvMQx7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4qF8BAAD//3nQbMU=") open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00r'], 0x92280) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x121) open_by_handle_at(r0, &(0x7f0000000000)=ANY=[], 0x2080) 1.000519317s ago: executing program 1 (id=233): r0 = creat(&(0x7f0000000540)='./file0\x00', 0x0) close(r0) r1 = socket$packet(0x11, 0x3, 0x300) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000640), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 964.013512ms ago: executing program 5 (id=234): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff0003}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_collapse_huge_page_isolate\x00', r0}, 0x18) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19) 587.685711ms ago: executing program 3 (id=235): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x58, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xf}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x7, 0x2, 0x4, 0x1, 0x9, 0xc}}, {0x4}}]}]}, 0x58}}, 0xc014) 438.689279ms ago: executing program 4 (id=236): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f626172726965722c706172743d3078303030303030303030303030303030392c756d61736b3d3030303030303030303030303030303030302c6e6c733d64656661756c742c747970653df268d6512c756d61736b3d30303030303030303030303030303030303030363734352c000000000000"], 0x3, 0x6b2, &(0x7f0000000280)="$eJzs3U+IHFkdB/BvdSY96QjZ2X/ZKEKGDSy6wWQmzZoIwkYRySFI0Mteh2SyGTLJLpNZyS5iOuoqePIke/CwIvGwIoiIsJ4W17MgePGUe8CbhxzUkfrTMz0znUlPkpkedz8fqK73+r1671e/VFV3V2foAJ9a517L/l6KnDt+/mZZv3unu3j3Tvdav5xkMkkrmahXKTpJ8XFyNvWSz5ZPNsMVD5rnlXsfFhPvfdCtaxPNUvVvbbXdJkN79pIDq5V9Sabr4r9HHnbTeNVSjXNxbbxHVKzGXSbsWD9xMG4rm/TWGlsP3Xz08xbYs27Vr5ubTCUHU7+6lu8D0lwdHn5lGIfOutqW16beTscCAAAAO2/oZ/lBT93P/dzMod0JBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Zivo3A4tmafXL0yn6v//fHvhN/faYw31M716uVt9+atyBAAAAAAAAAMBjOXo/93Mzh/r1laL6zv/FqvJc9fiZvJUbmc9STuRm5rKc5SxlNsnUwEDtm3PLy0uzm7f8ecotV1ZWbjVbnhq65an1cfU2Bjrsfxps6gQAAAAAAAAAn1o/yLm17/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAvKJJ99apanuuXp9KaSHIgSbuYXu3eHmuwj6UO/aNxhwEAAAC751Dx37qwUlSf+Q9Xn/sP5K1cz3IWspzFzOdSdS+g/ujc+luvu3j3TvdauWwe8Gv/3Nb81Yip7z0Mn3mm6vH86hbn8s18J8cznQtZykK+m7ksZz7T+UZVmkuRqebuxdTdO530Y90c79l1tQsbYzs6UC7jO1JF0snlLFSxncjFdj/0VtPvyMBsf2wnG2a8XWaneLUxYo4uNetyj37WrPeGqWrP969mZKbJfZmNpwfzvjn32zxONs40m9bqPajn1mYpqxtneqScH2zWu5Drbd5KW5+J3k/LWv/oO7x1zpMv/v3PF660rl+9cvnG8b1zGD2ijcdEdyATL4yUicUyE73HyMSBx4n/yWk32aivotu7Wr5YbXsoC/lW3silzOd0ZjKbM5nJV3Iq3ZwayOvzW+e1Otda2zvXjn2hKXSS/KRZ76rJBzWUeX16IK+DV7qpqm3wmbUsPTNClop2hmfpH0NDmfhcUyjn+OHAK874bczE7EAmnt06E7/8z0qSG4vXry5dmXtzxPleatblafvu+mv0r57IDm1fs7vl8fJM+Y9VVn6cdUdH2fZsv21DvtrNNy4TzWDr2tqpzue67WFnajnS4dvDRqrbXhg6S7dqOzLQtu5dTt7I4uq7EAD2rFYOvnyw3bnX+Wvn/c6POlc65w98ffLM5Ofb2f+XiT/t+13r162vFi/n/Xw/h8YdKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBLcePudq3OLi/NLe7CQ1gidf5vRB7w9tKmfivqZ9k7vVz3ZR78Ze3qfaKF/IE1udUT9PskW47THEXwnyc5OcXS0zpnYhV2ezJCm86vPdJLWajxJru6RH7gDdsLJ5Wtvnrzx9jtfWrg29/r86/PXT505/erp7pdnb528vLA4P1M/jjtKYCdsfF8KAAAAAAAAAAAA7H278VcWQ6YtemPYVwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/07nXsr+XIrMzJ2bK+t073cVy6ZfXek4kaSUpvpcUHydnUy+ZGhiueNA8r9z78BcvvfdBd22siX7/1obt/vCvlZVt7kWvWTKdZF+zfrjJkca7ODBeb5uB1YrVPSwTdqyfOBi3/wUAAP//0koEbg==") rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000001280)=""/4089, 0xff9) 340.075256ms ago: executing program 1 (id=237): syz_open_dev$vbi(0x0, 0x1, 0x2) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4(0x0, 0xfffffffffffffffe, 0x8, 0x0) 0s ago: executing program 3 (id=238): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842) ioctl$EVIOCGBITSND(r0, 0x40044591, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x800000, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.23' (ED25519) to the list of known hosts. [ 158.235069][ T5791] cgroup: Unknown subsys name 'net' [ 158.383003][ T5791] cgroup: Unknown subsys name 'cpuset' [ 158.397496][ T5791] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 163.086653][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 163.093426][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 163.884254][ T5791] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 168.054602][ T5814] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 168.072262][ T5818] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 168.080508][ T5818] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 168.088949][ T5818] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 168.098212][ T5818] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 168.106558][ T5818] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 168.111339][ T5822] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 168.114723][ T5823] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 168.123744][ T5822] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 168.133164][ T5818] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 168.137977][ T5822] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 168.143893][ T5824] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 168.153406][ T5822] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 168.158618][ T5818] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 168.167305][ T5822] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 168.177310][ T5818] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 168.178684][ T5818] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 168.193675][ T49] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 168.215490][ T5108] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 168.246265][ T5816] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 168.291184][ T5818] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 168.304269][ T5818] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 168.314480][ T5818] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 168.341072][ T5818] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 168.433358][ T5818] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 169.417563][ T5812] chnl_net:caif_netlink_parms(): no params data found [ 169.917157][ T5817] chnl_net:caif_netlink_parms(): no params data found [ 170.066759][ T5815] chnl_net:caif_netlink_parms(): no params data found [ 170.167551][ T5810] chnl_net:caif_netlink_parms(): no params data found [ 170.284317][ T5816] Bluetooth: hci0: command tx timeout [ 170.288205][ T5818] Bluetooth: hci1: command tx timeout [ 170.289883][ T5816] Bluetooth: hci3: command tx timeout [ 170.351945][ T5816] Bluetooth: hci2: command tx timeout [ 170.521473][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 170.593635][ T5816] Bluetooth: hci4: command tx timeout [ 170.887633][ T5812] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.895622][ T5812] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.903409][ T5812] bridge_slave_0: entered allmulticast mode [ 170.912925][ T5812] bridge_slave_0: entered promiscuous mode [ 171.053632][ T5812] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.061139][ T5812] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.068954][ T5812] bridge_slave_1: entered allmulticast mode [ 171.078440][ T5812] bridge_slave_1: entered promiscuous mode [ 171.238938][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.249787][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.259613][ T5815] bridge_slave_0: entered allmulticast mode [ 171.269233][ T5815] bridge_slave_0: entered promiscuous mode [ 171.391026][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.398853][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.407381][ T5815] bridge_slave_1: entered allmulticast mode [ 171.416680][ T5815] bridge_slave_1: entered promiscuous mode [ 171.427312][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.435920][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.443766][ T5817] bridge_slave_0: entered allmulticast mode [ 171.453382][ T5817] bridge_slave_0: entered promiscuous mode [ 171.470479][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.478448][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.486295][ T5817] bridge_slave_1: entered allmulticast mode [ 171.495752][ T5817] bridge_slave_1: entered promiscuous mode [ 171.506026][ T5810] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.513776][ T5810] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.521328][ T5810] bridge_slave_0: entered allmulticast mode [ 171.530541][ T5810] bridge_slave_0: entered promiscuous mode [ 171.560978][ T5812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.707660][ T5810] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.717437][ T5810] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.725239][ T5810] bridge_slave_1: entered allmulticast mode [ 171.734326][ T5810] bridge_slave_1: entered promiscuous mode [ 171.850095][ T5812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.908074][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.965264][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.041032][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.050992][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.058700][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.067999][ T5825] bridge_slave_0: entered allmulticast mode [ 172.076202][ T5825] bridge_slave_0: entered promiscuous mode [ 172.094990][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.104764][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.112546][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.120122][ T5825] bridge_slave_1: entered allmulticast mode [ 172.129570][ T5825] bridge_slave_1: entered promiscuous mode [ 172.151125][ T5810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.294272][ T5810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.352118][ T5816] Bluetooth: hci3: command tx timeout [ 172.357710][ T5816] Bluetooth: hci1: command tx timeout [ 172.368419][ T5814] Bluetooth: hci0: command tx timeout [ 172.387941][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.406080][ T5812] team0: Port device team_slave_0 added [ 172.432762][ T5814] Bluetooth: hci2: command tx timeout [ 172.451577][ T5815] team0: Port device team_slave_0 added [ 172.523532][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.539931][ T5812] team0: Port device team_slave_1 added [ 172.593527][ T5815] team0: Port device team_slave_1 added [ 172.623285][ T5817] team0: Port device team_slave_0 added [ 172.636370][ T5810] team0: Port device team_slave_0 added [ 172.672027][ T5814] Bluetooth: hci4: command tx timeout [ 172.790417][ T5817] team0: Port device team_slave_1 added [ 172.804901][ T5810] team0: Port device team_slave_1 added [ 172.879380][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.887341][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 172.914018][ T5812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.927804][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.935786][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 172.962120][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.046720][ T5825] team0: Port device team_slave_0 added [ 173.056532][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.063862][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.090107][ T5812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.103795][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.110887][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.137313][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.180824][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 173.188111][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.214382][ T5810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.233220][ T5825] team0: Port device team_slave_1 added [ 173.273079][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 173.280182][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.306408][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.321107][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.329817][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.356358][ T5810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.442005][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 173.449108][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.475563][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.489571][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.496839][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.523678][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.564531][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.571643][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.598187][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.790406][ T5815] hsr_slave_0: entered promiscuous mode [ 173.800902][ T5815] hsr_slave_1: entered promiscuous mode [ 173.889937][ T5810] hsr_slave_0: entered promiscuous mode [ 173.899779][ T5810] hsr_slave_1: entered promiscuous mode [ 173.908392][ T5810] debugfs: 'hsr0' already exists in 'hsr' [ 173.914428][ T5810] Cannot create hsr debugfs directory [ 173.977620][ T5812] hsr_slave_0: entered promiscuous mode [ 173.988252][ T5812] hsr_slave_1: entered promiscuous mode [ 173.996724][ T5812] debugfs: 'hsr0' already exists in 'hsr' [ 174.002778][ T5812] Cannot create hsr debugfs directory [ 174.094283][ T5817] hsr_slave_0: entered promiscuous mode [ 174.104423][ T5817] hsr_slave_1: entered promiscuous mode [ 174.113010][ T5817] debugfs: 'hsr0' already exists in 'hsr' [ 174.118878][ T5817] Cannot create hsr debugfs directory [ 174.272973][ T5825] hsr_slave_0: entered promiscuous mode [ 174.282674][ T5825] hsr_slave_1: entered promiscuous mode [ 174.290961][ T5825] debugfs: 'hsr0' already exists in 'hsr' [ 174.296970][ T5825] Cannot create hsr debugfs directory [ 174.433885][ T5814] Bluetooth: hci0: command tx timeout [ 174.439480][ T5814] Bluetooth: hci1: command tx timeout [ 174.444247][ T5818] Bluetooth: hci3: command tx timeout [ 174.512777][ T5816] Bluetooth: hci2: command tx timeout [ 174.762020][ T5816] Bluetooth: hci4: command tx timeout [ 175.667656][ T5810] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 175.691626][ T5810] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 175.739059][ T5810] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 175.777981][ T5810] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 175.976547][ T5817] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 176.042297][ T5817] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 176.104622][ T5817] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 176.175299][ T5812] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 176.210919][ T5817] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 176.360328][ T5812] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 176.398832][ T5812] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 176.428228][ T5825] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 176.457457][ T5825] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 176.478182][ T5815] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 176.514527][ T5816] Bluetooth: hci1: command tx timeout [ 176.518315][ T5818] Bluetooth: hci0: command tx timeout [ 176.520106][ T5816] Bluetooth: hci3: command tx timeout [ 176.526640][ T5812] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 176.556482][ T5825] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 176.592293][ T5816] Bluetooth: hci2: command tx timeout [ 176.611155][ T5815] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 176.672952][ T5825] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 176.717447][ T5815] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 176.808623][ T5815] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 176.833246][ T5816] Bluetooth: hci4: command tx timeout [ 177.496001][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.528853][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.673240][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.747168][ T5810] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.780654][ T5817] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.833426][ T3970] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.840961][ T3970] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.887325][ T5812] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.920218][ T3970] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.927771][ T3970] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.966733][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.004367][ T3970] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.011972][ T3970] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.026784][ T3970] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.034202][ T3970] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.081339][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.088915][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.150483][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.158053][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.287557][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.358266][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.437074][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.444664][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.563342][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.570806][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.647500][ T5815] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.737671][ T5812] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 178.748458][ T5812] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 178.853326][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.860806][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.096493][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.104075][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.761345][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.946008][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.077979][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.173088][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.207713][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.250373][ T5810] veth0_vlan: entered promiscuous mode [ 181.363746][ T5810] veth1_vlan: entered promiscuous mode [ 181.638541][ T5817] veth0_vlan: entered promiscuous mode [ 181.754141][ T5812] veth0_vlan: entered promiscuous mode [ 181.844106][ T5817] veth1_vlan: entered promiscuous mode [ 181.880447][ T5815] veth0_vlan: entered promiscuous mode [ 181.919765][ T5810] veth0_macvtap: entered promiscuous mode [ 181.940918][ T5812] veth1_vlan: entered promiscuous mode [ 182.038764][ T5815] veth1_vlan: entered promiscuous mode [ 182.055603][ T5810] veth1_macvtap: entered promiscuous mode [ 182.252913][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.307154][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.330702][ T5812] veth0_macvtap: entered promiscuous mode [ 182.363715][ T5817] veth0_macvtap: entered promiscuous mode [ 182.429780][ T5812] veth1_macvtap: entered promiscuous mode [ 182.447866][ T5815] veth0_macvtap: entered promiscuous mode [ 182.482687][ T5817] veth1_macvtap: entered promiscuous mode [ 182.503361][ T3714] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.536415][ T3714] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.563893][ T5815] veth1_macvtap: entered promiscuous mode [ 182.609891][ T3714] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.666524][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.699768][ T3714] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.783478][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.806520][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.828205][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.864632][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.927132][ T14] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.964265][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.995899][ T14] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.033867][ T14] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.089041][ T14] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.152586][ T14] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.192029][ T14] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.201028][ T14] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.258831][ T4107] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.342833][ T4107] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.393929][ T4107] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.444268][ T4107] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.513171][ T4107] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.929008][ T5825] veth0_vlan: entered promiscuous mode [ 184.047762][ T5825] veth1_vlan: entered promiscuous mode [ 184.403107][ T5825] veth0_macvtap: entered promiscuous mode [ 184.521295][ T5825] veth1_macvtap: entered promiscuous mode [ 184.709971][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 184.804117][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.933522][ T4024] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.006338][ T4024] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.059332][ T4024] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.139563][ T4024] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.840968][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.849306][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.968559][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.977825][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.398756][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.406991][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.442732][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.445008][ T3593] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.450797][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.460101][ T3593] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.705401][ T3970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.714268][ T3970] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.891242][ T5815] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 190.045967][ T3556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.054370][ T3556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.255882][ T3556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.264098][ T3556] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 191.681894][ T6010] loop0: detected capacity change from 0 to 32768 [ 191.692261][ T6010] btrfs: Deprecated parameter 'usebackuproot' [ 191.698553][ T6010] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 191.728126][ T6010] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.7 (6010) [ 191.744984][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 191.753677][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 191.786954][ T6010] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 191.797563][ T6010] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 191.806711][ T6010] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 192.005594][ T4024] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.014022][ T4024] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 192.085300][ T6010] BTRFS info (device loop0): rebuilding free space tree [ 192.154584][ T6010] BTRFS info (device loop0): disabling free space tree [ 192.162042][ T6010] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 192.172381][ T6010] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 192.224342][ T6010] BTRFS info (device loop0): setting nodatasum [ 192.235201][ T6010] BTRFS info (device loop0): allowing degraded mounts [ 192.244655][ T6010] BTRFS info (device loop0): setting nodatacow [ 192.251042][ T6010] BTRFS info (device loop0): enabling ssd optimizations [ 192.258276][ T6010] BTRFS info (device loop0): turning on async discard [ 192.265598][ T6010] BTRFS info (device loop0): enabling disk space caching [ 192.273107][ T6010] BTRFS info (device loop0): force clearing of disk cache [ 192.280393][ T6010] BTRFS info (device loop0): doing ref verification [ 192.287343][ T6010] BTRFS info (device loop0): trying to use backup root at mount time [ 192.644462][ T5817] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 192.874830][ T6045] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13'. [ 193.702052][ T6058] loop1: detected capacity change from 0 to 2048 [ 193.773857][ T6058] ======================================================= [ 193.773857][ T6058] WARNING: The mand mount option has been deprecated and [ 193.773857][ T6058] and is ignored by this kernel. Remove the mand [ 193.773857][ T6058] option from the mount to silence this warning. [ 193.773857][ T6058] ======================================================= [ 193.933881][ T6058] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=18576, location=18576 [ 194.033238][ T6058] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 195.117149][ T6081] process 'syz.3.26' launched './file1' with NULL argv: empty string added [ 195.462353][ T6084] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 195.872650][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 196.147078][ T6095] loop0: detected capacity change from 0 to 22 [ 196.206444][ T6095] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 197.112391][ T11] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 197.363869][ T11] usb 2-1: Using ep0 maxpacket: 16 [ 197.426611][ T11] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 197.437285][ T11] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.449314][ T11] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.460236][ T11] usb 2-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 197.473284][ T11] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.547226][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.613488][ T11] usb 2-1: config 0 descriptor?? [ 197.755351][ T6111] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 197.775469][ T6111] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 198.044999][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.120973][ T11] hid-picolcd 0003:04D8:F002.0001: unknown main item tag 0x0 [ 198.128984][ T11] hid-picolcd 0003:04D8:F002.0001: unknown main item tag 0x0 [ 198.137355][ T11] hid-picolcd 0003:04D8:F002.0001: unknown main item tag 0x0 [ 198.145163][ T11] hid-picolcd 0003:04D8:F002.0001: unknown main item tag 0x0 [ 198.152909][ T11] hid-picolcd 0003:04D8:F002.0001: unknown main item tag 0x0 [ 198.297165][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.413043][ T11] hid-picolcd 0003:04D8:F002.0001: No report with id 0xf3 found [ 198.420946][ T11] hid-picolcd 0003:04D8:F002.0001: No report with id 0xf4 found [ 198.463939][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.511574][ T11] usb 2-1: USB disconnect, device number 2 [ 198.996735][ T12] bridge_slave_1: left allmulticast mode [ 199.002771][ T12] bridge_slave_1: left promiscuous mode [ 199.009385][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.073073][ T12] bridge_slave_0: left allmulticast mode [ 199.078918][ T12] bridge_slave_0: left promiscuous mode [ 199.085603][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.537615][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 199.563758][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 199.584000][ T12] bond0 (unregistering): Released all slaves [ 200.151933][ T12] hsr_slave_0: left promiscuous mode [ 200.179820][ T12] hsr_slave_1: left promiscuous mode [ 200.188244][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 200.196437][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 200.216792][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 200.229708][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 200.254949][ T12] veth1_macvtap: left promiscuous mode [ 200.260680][ T12] veth0_macvtap: left promiscuous mode [ 200.267206][ T12] veth1_vlan: left promiscuous mode [ 200.273660][ T12] veth0_vlan: left promiscuous mode [ 201.849747][ T5814] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 201.899379][ T5814] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 201.921360][ T12] team0 (unregistering): Port device team_slave_1 removed [ 201.943086][ T5814] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 201.980519][ T5814] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 202.001939][ T12] team0 (unregistering): Port device team_slave_0 removed [ 202.027947][ T5814] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 203.650381][ T6147] chnl_net:caif_netlink_parms(): no params data found [ 203.775450][ T6174] netlink: 4 bytes leftover after parsing attributes in process `syz.4.59'. [ 203.953246][ T30] audit: type=1326 audit(1758760593.830:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.2.60" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f53539 code=0x0 [ 204.113759][ T5814] Bluetooth: hci2: command tx timeout [ 204.983734][ T6188] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 205.474420][ T6147] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.488118][ T6147] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.496002][ T6147] bridge_slave_0: entered allmulticast mode [ 205.505453][ T6147] bridge_slave_0: entered promiscuous mode [ 205.594301][ T6147] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.602149][ T6147] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.609784][ T6147] bridge_slave_1: entered allmulticast mode [ 205.619243][ T6147] bridge_slave_1: entered promiscuous mode [ 206.051378][ T6198] loop4: detected capacity change from 0 to 128 [ 206.192851][ T5814] Bluetooth: hci2: command tx timeout [ 206.228665][ T6147] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.394505][ T6147] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.672622][ T6206] loop3: detected capacity change from 0 to 512 [ 206.844640][ T6206] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 206.910425][ T6147] team0: Port device team_slave_0 added [ 206.960340][ T6147] team0: Port device team_slave_1 added [ 207.141247][ T6206] EXT4-fs (loop3): shut down requested (1) [ 207.510305][ T5812] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 207.530242][ T6147] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 207.538791][ T6147] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.565247][ T6147] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 207.732579][ T6147] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 207.739695][ T6147] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.767239][ T6147] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.092479][ T6225] warning: `syz.2.76' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 208.175445][ T6147] hsr_slave_0: entered promiscuous mode [ 208.185690][ T6147] hsr_slave_1: entered promiscuous mode [ 208.197039][ T6147] debugfs: 'hsr0' already exists in 'hsr' [ 208.204071][ T6147] Cannot create hsr debugfs directory [ 208.279889][ T5814] Bluetooth: hci2: command tx timeout [ 208.825707][ T6234] loop3: detected capacity change from 0 to 128 [ 208.868756][ T6229] loop4: detected capacity change from 0 to 4096 [ 209.103607][ T6239] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 209.269579][ T30] audit: type=1800 audit(1758760599.170:3): pid=6229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.78" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 209.290453][ T30] audit: type=1800 audit(1758760599.170:4): pid=6229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.78" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 210.362075][ T6242] loop2: detected capacity change from 0 to 32768 [ 210.375819][ T5814] Bluetooth: hci2: command tx timeout [ 210.837362][ T6147] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 211.016417][ T6147] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 211.120561][ T6147] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 211.243681][ T6147] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 211.476656][ T6256] netlink: 16 bytes leftover after parsing attributes in process `syz.4.88'. [ 212.601290][ T6147] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.818668][ T6147] 8021q: adding VLAN 0 to HW filter on device team0 [ 212.952196][ T6273] netlink: 24 bytes leftover after parsing attributes in process `syz.2.86'. [ 213.007888][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.015459][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.027442][ T6277] loop4: detected capacity change from 0 to 256 [ 213.034499][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.042044][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.104977][ T6277] exfat: Deprecated parameter 'namecase' [ 213.266025][ T11] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 213.288503][ T6277] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 213.389923][ T6280] sch_fq: defrate 0 ignored. [ 213.465424][ T11] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.477166][ T11] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.487765][ T11] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 213.497222][ T11] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.564903][ T11] usb 2-1: config 0 descriptor?? [ 214.150943][ T11] arvo 0003:1E7D:30D4.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.1-1/input0 [ 214.271114][ T11] arvo 0003:1E7D:30D4.0002: couldn't init struct arvo_device [ 214.282773][ T11] arvo 0003:1E7D:30D4.0002: couldn't install keyboard [ 214.318789][ T11] arvo 0003:1E7D:30D4.0002: probe with driver arvo failed with error -71 [ 214.420642][ T11] usb 2-1: USB disconnect, device number 3 [ 214.525902][ T1562] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 214.743567][ T1562] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 214.755009][ T1562] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.768257][ T1562] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 214.783287][ T1562] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 214.792699][ T1562] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.839815][ T6299] loop2: detected capacity change from 0 to 128 [ 215.044467][ T1562] usb 4-1: config 0 descriptor?? [ 215.297522][ T6292] fido_id[6292]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 215.518330][ T6147] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 215.599549][ T1562] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 215.809250][ T1562] usb 4-1: USB disconnect, device number 2 [ 216.385783][ T6307] fido_id[6307]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 216.489173][ T6314] loop1: detected capacity change from 0 to 8 [ 217.050169][ T6320] input: syz1 as /devices/virtual/input/input6 [ 217.478317][ T6324] netlink: 'syz.4.108': attribute type 25 has an invalid length. [ 217.486738][ T6324] netlink: 184 bytes leftover after parsing attributes in process `syz.4.108'. [ 217.496883][ T6324] netlink: 12 bytes leftover after parsing attributes in process `syz.4.108'. [ 218.020464][ T6331] netlink: 7 bytes leftover after parsing attributes in process `syz.3.110'. [ 218.083951][ T6331] netlink: 60 bytes leftover after parsing attributes in process `syz.3.110'. [ 218.093466][ T6331] netlink: 60 bytes leftover after parsing attributes in process `syz.3.110'. [ 218.655384][ T6147] veth0_vlan: entered promiscuous mode [ 218.694315][ T6331] netlink: 7 bytes leftover after parsing attributes in process `syz.3.110'. [ 218.795238][ T6147] veth1_vlan: entered promiscuous mode [ 218.890615][ T6340] netlink: 'syz.1.113': attribute type 11 has an invalid length. [ 219.102152][ T6147] veth0_macvtap: entered promiscuous mode [ 219.229298][ T6147] veth1_macvtap: entered promiscuous mode [ 219.458167][ T6147] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.539836][ T6147] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.547262][ T6350] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 219.637730][ T3714] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.681347][ T3714] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.745969][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.775229][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.745440][ T6371] netlink: 8 bytes leftover after parsing attributes in process `syz.4.122'. [ 220.840147][ T6360] loop2: detected capacity change from 0 to 4096 [ 222.217236][ T5893] IPVS: starting estimator thread 0... [ 222.333276][ T6391] IPVS: using max 240 ests per chain, 12000 per kthread [ 223.903178][ T6409] loop3: detected capacity change from 0 to 4096 [ 224.066012][ T6421] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 224.534139][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.540741][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 224.631476][ T6426] loop1: detected capacity change from 0 to 1024 [ 224.742662][ T6426] EXT4-fs: Ignoring removed mblk_io_submit option [ 224.878754][ T6426] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.096424][ T30] audit: type=1326 audit(1758760614.990:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6425 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 225.123402][ T30] audit: type=1326 audit(1758760614.990:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6425 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 225.145699][ T30] audit: type=1326 audit(1758760615.000:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6425 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=81 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 225.167763][ T30] audit: type=1326 audit(1758760615.000:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6425 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 225.190415][ T30] audit: type=1326 audit(1758760615.000:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6425 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=353 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 225.215374][ T30] audit: type=1326 audit(1758760615.060:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6425 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 225.238476][ T30] audit: type=1326 audit(1758760615.060:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6425 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 225.554387][ T6438] netlink: 120 bytes leftover after parsing attributes in process `syz.4.142'. [ 225.571036][ T5815] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.649901][ T6439] syzkaller1: tun_chr_ioctl cmd 2148553947 [ 226.857623][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.3.149'. [ 226.984480][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.3.149'. [ 227.071518][ T3714] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.086388][ T3714] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.186423][ T3714] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.194620][ T3714] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.614947][ T6464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.150'. [ 227.659739][ T6465] loop4: detected capacity change from 0 to 1024 [ 227.821590][ T6465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.506281][ T5825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.934074][ T6487] netlink: 4 bytes leftover after parsing attributes in process `syz.4.158'. [ 229.066801][ T6489] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 229.460597][ T6494] netlink: 'syz.2.162': attribute type 10 has an invalid length. [ 229.469097][ T6494] netlink: 40 bytes leftover after parsing attributes in process `syz.2.162'. [ 229.593377][ T6494] team0: Port device netdevsim1 added [ 230.236373][ T6504] loop4: detected capacity change from 0 to 1024 [ 230.420904][ T6507] loop3: detected capacity change from 0 to 1024 [ 230.480710][ T6504] hfsplus: bad catalog entry type [ 230.515227][ T6511] Driver unsupported XDP return value 0 on prog (id 19) dev N/A, expect packet loss! [ 230.587349][ T6513] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 230.597802][ T6513] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 230.935049][ T14] hfsplus: b-tree write err: -5, ino 4 [ 231.204282][ T6517] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 232.256579][ T6534] binder: 6531:6534 ioctl c0306201 800002c0 returned -14 [ 232.279834][ T3714] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 232.291582][ T6530] Zero length message leads to an empty skb [ 232.328012][ T3714] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 232.392429][ T3714] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 232.422549][ T3683] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 232.882595][ T6544] loop2: detected capacity change from 0 to 256 [ 232.957109][ T6544] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 232.968277][ T6544] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 233.128560][ T6544] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 234.400644][ T6571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.195'. [ 234.410848][ T6571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.195'. [ 234.437565][ T6571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.195'. [ 234.446918][ T6571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.195'. [ 234.708323][ T6575] loop5: detected capacity change from 0 to 1024 [ 235.217344][ T4107] hfsplus: b-tree write err: -5, ino 4 [ 236.152697][ T6600] bridge0: entered promiscuous mode [ 236.158213][ T6600] macsec1: entered allmulticast mode [ 236.167499][ T6600] bridge0: entered allmulticast mode [ 236.215981][ T6603] loop5: detected capacity change from 0 to 256 [ 236.803457][ T30] audit: type=1326 audit(1758760626.700:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 236.950040][ T30] audit: type=1326 audit(1758760626.800:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 236.973299][ T30] audit: type=1326 audit(1758760626.830:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 236.995839][ T30] audit: type=1326 audit(1758760626.840:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 237.020838][ T30] audit: type=1326 audit(1758760626.840:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 237.044217][ T30] audit: type=1326 audit(1758760626.840:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 237.067475][ T30] audit: type=1326 audit(1758760626.840:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 237.093663][ T30] audit: type=1326 audit(1758760626.840:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 237.118113][ T30] audit: type=1326 audit(1758760626.840:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ce567 code=0x7ffc0000 [ 237.140383][ T30] audit: type=1326 audit(1758760626.840:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 237.276826][ T5867] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 237.457826][ T5867] usb 3-1: Using ep0 maxpacket: 8 [ 237.529994][ T5867] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 237.539591][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.617891][ T5867] usb 3-1: config 0 descriptor?? [ 237.972492][ T5867] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 238.103609][ T5893] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 238.374744][ T5893] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 238.384505][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.393258][ T5893] usb 5-1: Product: syz [ 238.397597][ T5893] usb 5-1: Manufacturer: syz [ 238.402532][ T5893] usb 5-1: SerialNumber: syz [ 238.511212][ T5893] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 238.573190][ T5867] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 238.583703][ T5867] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 238.649949][ T5871] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 238.679357][ T5867] asix 3-1:0.0: probe with driver asix failed with error -71 [ 238.791320][ T5867] usb 3-1: USB disconnect, device number 2 [ 239.556379][ T6642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 239.567772][ T6642] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 239.713195][ T5871] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 239.723951][ T5871] ath9k_htc: Failed to initialize the device [ 239.941904][ T5871] usb 5-1: ath9k_htc: USB layer deinitialized [ 240.044927][ T5893] usb 5-1: USB disconnect, device number 2 [ 240.379915][ T6655] loop1: detected capacity change from 0 to 2048 [ 240.482045][ T6655] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 240.601177][ T6655] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 240.899077][ T6667] loop3: detected capacity change from 0 to 64 [ 241.072181][ T5867] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 241.184577][ T6670] loop4: detected capacity change from 0 to 512 [ 241.285135][ T5867] usb 3-1: Using ep0 maxpacket: 16 [ 241.309288][ T5867] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 241.320136][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 241.331882][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 241.341927][ T5867] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 241.351972][ T5867] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 241.554736][ T5867] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 241.564272][ T5867] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 241.572819][ T5867] usb 3-1: Manufacturer: syz [ 241.624314][ T5867] usb 3-1: config 0 descriptor?? [ 242.069045][ T6684] loop4: detected capacity change from 0 to 1024 [ 242.178649][ T5867] rc_core: IR keymap rc-hauppauge not found [ 242.184949][ T5867] Registered IR keymap rc-empty [ 242.190680][ T5867] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 242.234937][ T6684] ===================================================== [ 242.242703][ T6684] BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x1173/0x17e0 [ 242.250460][ T6684] hfsplus_rename_cat+0x1173/0x17e0 [ 242.256112][ T6684] hfsplus_rename+0x1fc/0x2f0 [ 242.260979][ T6684] vfs_rename+0x1f4e/0x2530 [ 242.265915][ T6684] do_renameat2+0x1484/0x1a50 [ 242.270778][ T6684] __ia32_sys_rename+0xd7/0x140 [ 242.271151][ T5867] mceusb 3-1:0.0: Error: mce write submit urb error = -90 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 242.276103][ T6684] ia32_sys_call+0x351c/0x4310 [ 242.276211][ T6684] __do_fast_syscall_32+0xb0/0x150 [ 242.293661][ T6684] do_fast_syscall_32+0x38/0x80 [ 242.298670][ T6684] do_SYSENTER_32+0x1f/0x30 [ 242.303484][ T6684] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.313314][ T6684] [ 242.315725][ T6684] Uninit was stored to memory at: [ 242.320937][ T6684] hfsplus_rename_cat+0x10a9/0x17e0 [ 242.327589][ T6684] hfsplus_rename+0x1fc/0x2f0 [ 242.332786][ T6684] vfs_rename+0x1f4e/0x2530 [ 242.337466][ T6684] do_renameat2+0x1484/0x1a50 [ 242.342449][ T6684] __ia32_sys_rename+0xd7/0x140 [ 242.347480][ T6684] ia32_sys_call+0x351c/0x4310 [ 242.352753][ T6684] __do_fast_syscall_32+0xb0/0x150 [ 242.358031][ T6684] do_fast_syscall_32+0x38/0x80 [ 242.363335][ T6684] do_SYSENTER_32+0x1f/0x30 [ 242.367996][ T6684] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.374692][ T6684] [ 242.377102][ T6684] Uninit was stored to memory at: [ 242.382454][ T6684] hfsplus_create_cat+0x18fb/0x1910 [ 242.383350][ T5867] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 242.387806][ T6684] hfsplus_fill_super+0x211d/0x2730 [ 242.387920][ T6684] get_tree_bdev_flags+0x6e3/0x920 [ 242.402648][ T5867] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input7 [ 242.404980][ T6684] get_tree_bdev+0x38/0x50 [ 242.436707][ T6684] hfsplus_get_tree+0x35/0x40 [ 242.444881][ T6684] vfs_get_tree+0xb0/0x5c0 [ 242.449492][ T6684] do_new_mount+0x733/0x1420 [ 242.454528][ T6684] path_mount+0x6db/0x1e90 [ 242.459120][ T6684] __se_sys_mount+0x6eb/0x7d0 [ 242.464188][ T6684] __ia32_sys_mount+0xe2/0x150 [ 242.469128][ T6684] ia32_sys_call+0x2c16/0x4310 [ 242.474142][ T6684] __do_fast_syscall_32+0xb0/0x150 [ 242.479416][ T6684] do_fast_syscall_32+0x38/0x80 [ 242.484786][ T6684] do_SYSENTER_32+0x1f/0x30 [ 242.489449][ T6684] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.496117][ T6684] [ 242.498510][ T6684] Uninit was created at: [ 242.503148][ T6684] __alloc_frozen_pages_noprof+0x689/0xf00 [ 242.512639][ T6684] alloc_pages_mpol+0x328/0x860 [ 242.517678][ T6684] alloc_frozen_pages_noprof+0xf7/0x200 [ 242.524665][ T6684] allocate_slab+0x24d/0x1220 [ 242.529514][ T6684] ___slab_alloc+0xff3/0x3470 [ 242.534466][ T6684] kmem_cache_alloc_lru_noprof+0x922/0xed0 [ 242.541007][ T6684] hfsplus_alloc_inode+0x5a/0xd0 [ 242.546212][ T6684] alloc_inode+0x87/0x4a0 [ 242.550717][ T6684] iget_locked+0x239/0x12d0 [ 242.555540][ T6684] hfsplus_iget+0x5c/0xb80 [ 242.560107][ T6684] hfsplus_btree_open+0x128/0x1cf0 [ 242.565589][ T6684] hfsplus_fill_super+0x1161/0x2730 [ 242.570969][ T6684] get_tree_bdev_flags+0x6e3/0x920 [ 242.576386][ T6684] get_tree_bdev+0x38/0x50 [ 242.580992][ T6684] hfsplus_get_tree+0x35/0x40 [ 242.586532][ T6684] vfs_get_tree+0xb0/0x5c0 [ 242.591135][ T6684] do_new_mount+0x733/0x1420 [ 242.596080][ T6684] path_mount+0x6db/0x1e90 [ 242.600677][ T6684] __se_sys_mount+0x6eb/0x7d0 [ 242.605764][ T6684] __ia32_sys_mount+0xe2/0x150 [ 242.610721][ T6684] ia32_sys_call+0x2c16/0x4310 [ 242.619314][ T6684] __do_fast_syscall_32+0xb0/0x150 [ 242.625857][ T6684] do_fast_syscall_32+0x38/0x80 [ 242.630884][ T6684] do_SYSENTER_32+0x1f/0x30 [ 242.635748][ T6684] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.642416][ T6684] [ 242.644867][ T6684] CPU: 1 UID: 0 PID: 6684 Comm: syz.4.236 Not tainted syzkaller #0 PREEMPT(none) [ 242.654355][ T6684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 242.664711][ T6684] ===================================================== [ 242.671969][ T6684] Disabling lock debugging due to kernel taint [ 242.678268][ T6684] Kernel panic - not syncing: kmsan.panic set ... [ 242.684845][ T6684] CPU: 1 UID: 0 PID: 6684 Comm: syz.4.236 Tainted: G B syzkaller #0 PREEMPT(none) [ 242.695933][ T6684] Tainted: [B]=BAD_PAGE [ 242.700186][ T6684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 242.710490][ T6684] Call Trace: [ 242.713895][ T6684] [ 242.716945][ T6684] __dump_stack+0x26/0x30 [ 242.725468][ T6684] dump_stack_lvl+0x53/0x270 [ 242.730276][ T6684] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 242.736382][ T6684] dump_stack+0x1e/0x25 [ 242.740739][ T6684] vpanic+0x361/0xc50 [ 242.744923][ T6684] panic+0x15d/0x160 [ 242.749040][ T6684] kmsan_report+0x31c/0x320 [ 242.753717][ T6684] ? __msan_warning+0x1b/0x30 [ 242.758548][ T6684] ? hfsplus_rename_cat+0x1173/0x17e0 [ 242.764132][ T6684] ? hfsplus_rename+0x1fc/0x2f0 [ 242.769179][ T6684] ? vfs_rename+0x1f4e/0x2530 [ 242.774045][ T6684] ? do_renameat2+0x1484/0x1a50 [ 242.779101][ T6684] ? __ia32_sys_rename+0xd7/0x140 [ 242.784343][ T6684] ? ia32_sys_call+0x351c/0x4310 [ 242.789454][ T6684] ? __do_fast_syscall_32+0xb0/0x150 [ 242.794913][ T6684] ? do_fast_syscall_32+0x38/0x80 [ 242.800081][ T6684] ? do_SYSENTER_32+0x1f/0x30 [ 242.804890][ T6684] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.811596][ T6684] ? kmsan_get_metadata+0xfb/0x160 [ 242.816882][ T6684] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 242.822889][ T6684] ? hfsplus_bnode_dump+0x50a/0x560 [ 242.828743][ T6684] ? kmsan_get_metadata+0xfb/0x160 [ 242.834098][ T6684] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 242.840093][ T6684] ? hfsplus_brec_remove+0x92f/0xa60 [ 242.845586][ T6684] ? kmsan_get_metadata+0xfb/0x160 [ 242.850904][ T6684] __msan_warning+0x1b/0x30 [ 242.855537][ T6684] hfsplus_rename_cat+0x1173/0x17e0 [ 242.860929][ T6684] ? kfree+0xf1/0xec0 [ 242.865083][ T6684] ? filter_irq_stacks+0x49/0x190 [ 242.870283][ T6684] ? stack_depot_save_flags+0x35/0x7b0 [ 242.875901][ T6684] ? kmsan_get_metadata+0xfb/0x160 [ 242.881191][ T6684] ? kmsan_get_metadata+0xfb/0x160 [ 242.886576][ T6684] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 242.893053][ T6684] ? kmsan_get_metadata+0xfb/0x160 [ 242.898417][ T6684] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 242.904505][ T6684] ? kmsan_get_metadata+0xfb/0x160 [ 242.909832][ T6684] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 242.915914][ T6684] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 242.922591][ T6684] hfsplus_rename+0x1fc/0x2f0 [ 242.927443][ T6684] ? __pfx_hfsplus_rename+0x10/0x10 [ 242.932806][ T6684] vfs_rename+0x1f4e/0x2530 [ 242.937583][ T6684] do_renameat2+0x1484/0x1a50 [ 242.942523][ T6684] __ia32_sys_rename+0xd7/0x140 [ 242.947571][ T6684] ia32_sys_call+0x351c/0x4310 [ 242.952460][ T6684] __do_fast_syscall_32+0xb0/0x150 [ 242.957717][ T6684] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 242.963746][ T6684] do_fast_syscall_32+0x38/0x80 [ 242.968834][ T6684] do_SYSENTER_32+0x1f/0x30 [ 242.973522][ T6684] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.980545][ T6684] RIP: 0023:0xf70ae539 [ 242.984762][ T6684] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 243.004506][ T6684] RSP: 002b:00000000f549e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000026 [ 243.013170][ T6684] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000080000380 [ 243.021260][ T6684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 243.029332][ T6684] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 243.037404][ T6684] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 243.045485][ T6684] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 243.053595][ T6684] [ 243.057140][ T6684] Kernel Offset: disabled [ 243.061527][ T6684] Rebooting in 86400 seconds..