last executing test programs: 1m9.356986973s ago: executing program 2 (id=1167): socket$netlink(0x10, 0x3, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socket$alg(0x26, 0x5, 0x0) syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840) socket$unix(0x1, 0x1, 0x0) syz_usb_connect(0x0, 0x3f, &(0x7f0000000780)=ANY=[@ANYBLOB="12010002f638d408f01002204ddc010203010902"], 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) socket$inet6(0xa, 0x3, 0x8000000003c) socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r1, @ANYBLOB, @ANYRES32=r2], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4) getsockname$packet(r4, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01"], 0x3c}}, 0x0) 1m7.518383576s ago: executing program 2 (id=1176): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x800700, &(0x7f0000000340)={[{@grpjquota}, {@discard}, {@norecovery}, {@noinit_itable}, {@test_dummy_encryption}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@jqfmt_vfsold}, {@dioread_lock}, {@noblock_validity}, {@nouid32}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1") bpf$PROG_LOAD(0x5, 0x0, 0x0) chdir(&(0x7f0000000400)='./file0\x00') syz_mount_image$fuse(0x0, &(0x7f0000000280)='./bus\x00', 0x100000, 0x0, 0x0, 0x0, 0x0) 1m5.161993654s ago: executing program 2 (id=1185): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) r3 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x80000) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x88, &(0x7f0000000200), 0x0) sendto$inet6(r3, 0x0, 0x0, 0x1d, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00'}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, &(0x7f0000000000)=0x8) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socket(0x40000000015, 0x805, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215, 0x100000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x4c}, 0x1, 0xba01}, 0x0) 1m4.217934408s ago: executing program 2 (id=1190): connect$llc(0xffffffffffffffff, &(0x7f0000000180)={0x1a, 0x339, 0x0, 0x8, 0x1, 0x0, @broadcast}, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="240000002e0001002aab70000000000008"], 0x24}], 0x1}, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r0], 0x54}}, 0x0) 1m3.617988965s ago: executing program 2 (id=1191): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000120a09000000f10000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000001080008400000000114000000110001"], 0x6c}}, 0x0) sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x34}}, 0x0) 1m3.10243771s ago: executing program 2 (id=1193): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) r1 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x2a100, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000240)=""/23, 0x17}, &(0x7f00000002c0)=0x40) socket$inet6_sctp(0xa, 0x5, 0x84) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f000001b000)=""/102400, 0x19000) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket(0x848000000015, 0x805, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c) close_range(r0, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x1, 0xb, 0x0, "fbda6b21f1d7479797795318a9b4b19471c838f51ef5dfaee256e99c476c937d", 0x2036315a}) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4623, 0xfffffffd, @local, 0x6}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 47.745433122s ago: executing program 32 (id=1193): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) r1 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x2a100, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000240)=""/23, 0x17}, &(0x7f00000002c0)=0x40) socket$inet6_sctp(0xa, 0x5, 0x84) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f000001b000)=""/102400, 0x19000) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket(0x848000000015, 0x805, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c) close_range(r0, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x1, 0xb, 0x0, "fbda6b21f1d7479797795318a9b4b19471c838f51ef5dfaee256e99c476c937d", 0x2036315a}) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4623, 0xfffffffd, @local, 0x6}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 39.579829008s ago: executing program 3 (id=1278): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000680)={[0xe6, 0x55e, 0xffffffff, 0x4, 0xffffffffffffffff, 0x4, 0x9, 0x100000000000009, 0x4, 0x80, 0x1, 0x794, 0xa, 0x40, 0xc976, 0x6], 0x2, 0x20200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 38.625218713s ago: executing program 3 (id=1280): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000034c0)) bind$tipc(0xffffffffffffffff, 0x0, 0x0) bind$tipc(0xffffffffffffffff, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001480)='./cgroup/syz1\x00', 0x200002, 0x0) r2 = openat$cgroup(r0, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r2, &(0x7f0000000340)='syz0\x00', 0x1ff) r3 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) 38.156020185s ago: executing program 3 (id=1282): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000e00)={'#! ', '', [{0x20, 'cp932Y\xe4\x00\x01mi@\xa9\x04\xa6c\xe3\x80ox\xfc\xe0\x94R\x81a\xbb\x924\xfe\xac\\\xef\xb5E\xfb\xf1@\v2\xca\x9eQ-I\a\xb2\x84\x9b\xea\x82}lB\xdc@(th*\xe0\v\xba\xe6iP\xd8\xfb\x11\x86\x99\x94\xc12\x9fj\xefP\x9c\xc2\xc8\xb1-d\xb3\xb3\xbc \\\x11V%\x87\xd5\x16\xf1\x89|\xfc!\xa1\xda,\xbd\xd0\xedw\x8c\xee\xc3\xe5Ii\x81K\x1b{\xc6b;d+&i\xab\b\xbd\xbd\x8d|d\x8f+\xad\x83\x18\x81\x87(\x1e\x12\x1b\xfe\xc9 bW\xffx\xc0\x868\b!\xd7\x1d-\xaa\xdd\xa3\xe5\x19\xbbA\xa4p\x16\xbc`\xc7\xb4z\b\xb8H\v\x15\xbdD\x17c\xda\xbd?\'t\x10\xf6\xb1l\xb71\x011\xda\xce`\x16\xc7#\x1f\xa4\xfan&\xdaH\xd0\x88\xbf\x01\x13\x80n.\xc5N\a\xeb\xb1\xec|\xf5\xfe\xd0F\xbb\xa9(\xe5 \xb7Ws\xbdu\xca\xc0\a\xb3Z\xa9@\xff\x04\x8c\xbeN\x8c\x98\xb1\xe0\x84\xfa\xca\xc8'}]}, 0x105) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) stat(&(0x7f0000000100)='./file0\x00', 0x0) 37.54367765s ago: executing program 3 (id=1284): creat(&(0x7f0000000300)='./file0\x00', 0xe5) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = getpid() r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x1, 0x1, r1}}, 0x3c) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r2, 0x0, 0x0}, 0x10) 36.621293521s ago: executing program 3 (id=1288): connect$llc(0xffffffffffffffff, &(0x7f0000000180)={0x1a, 0x339, 0x0, 0x8, 0x1, 0x0, @broadcast}, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="240000002e0001002aab70000000000008"], 0x24}], 0x1}, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000100000040000180060001000a00000008000500000000000c0007"], 0x54}}, 0x0) 36.220715965s ago: executing program 3 (id=1290): setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) close_range(r0, 0xffffffffffffffff, 0x2) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00') pread64(r1, &(0x7f0000000180)=""/43, 0xfd8a, 0x3c) 20.793483297s ago: executing program 33 (id=1290): setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) close_range(r0, 0xffffffffffffffff, 0x2) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00') pread64(r1, &(0x7f0000000180)=""/43, 0xfd8a, 0x3c) 8.99760878s ago: executing program 5 (id=1354): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) r1 = socket(0x11, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000500)="5f0921bc35e849a2de69de4da1638f3909fd8282247b11a0d695b53a74cd424581d2", 0x22) sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="020114004f0018000e3580009f0001140000002f0604ac14141de0000003808a8972bd0b72e41082b9a3d206"], 0xdd12}], 0x1}, 0x20040851) readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000280)=""/154, 0x9a}], 0x1) 8.020199365s ago: executing program 5 (id=1358): pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000005540)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000400)='\fv', 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="a5", 0x1}], 0x1}}], 0x2, 0xc8040) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0) splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x6) 7.615230071s ago: executing program 0 (id=1361): r0 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0) ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f00000001c0)={0x5, 0x0, 0x7, 0x1fe, 0xf7fffffd, 0x0, "0ff8000000000000c5c6ff0717c3a86d", 0x0, 0x2, 0x0, 0x6, 0x0, 0x21, 0xff}) 6.95771736s ago: executing program 0 (id=1364): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000ec0)) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) 6.104157086s ago: executing program 0 (id=1366): mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) mkdirat$cgroup(r0, &(0x7f0000000080)='syz0\x00', 0x1ff) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000034c0)) bind$tipc(0xffffffffffffffff, 0x0, 0x0) bind$tipc(0xffffffffffffffff, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001480)='./cgroup/syz1\x00', 0x200002, 0x0) r2 = openat$cgroup(r0, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r2, &(0x7f0000000340)='syz0\x00', 0x1ff) r3 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) 5.320383962s ago: executing program 4 (id=1368): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x40004, 0x966a, 0x2000, 0x4, 0x0, 0x0, 0x2401}) 5.200023623s ago: executing program 0 (id=1369): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x53, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r2, 0x5b02, 0x0) r3 = syz_usb_connect(0x0, 0x0, 0x0, 0x0) syz_usb_control_io(r3, 0x0, &(0x7f0000000900)={0x84, &(0x7f00000003c0)={0x0, 0x5, 0x2, "abe7"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r3, 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x2c000) read$char_usb(r1, 0x0, 0x0) syz_usb_disconnect(r0) 4.704092265s ago: executing program 5 (id=1370): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) r3 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x80000) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x88, &(0x7f0000000200), 0x0) sendto$inet6(r3, 0x0, 0x0, 0x1d, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}]}}}]}, 0x3c}}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000040)=@assoc_value, 0x0) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socket(0x40000000015, 0x805, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215, 0x100000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x4c}, 0x1, 0xba01}, 0x0) 4.581485441s ago: executing program 4 (id=1371): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) r2 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18) sendmsg$can_j1939(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, 0x0, 0x0, {}, 0x1}, 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="0000020000010000001f754a396adc8e58dc933731025f8d629864dafe69e01bb41380ad44874b67652384a7659535d36c47c3a26d5d4b08b670dd855a3feb5b537b45cd4534347d2d7407a437", 0x4d}}, 0x100400ee) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) r5 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r5, &(0x7f0000000080)={0x1d, r4, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18) sendmsg$can_j1939(r5, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, 0x0}, 0xee) 3.94321037s ago: executing program 1 (id=1372): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065cc}, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0) 3.662254353s ago: executing program 5 (id=1373): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4) bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) recvmmsg(r0, &(0x7f0000006f00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001b80)=""/4105, 0x1009}, 0xfffffbfb}], 0x1, 0x10120, 0x0) 3.192039457s ago: executing program 4 (id=1374): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)=@x86={0x0, 0x40, 0x81, 0x0, 0xf43f, 0xb, 0x49, 0x7, 0x2, 0xfb, 0x3, 0xa4, 0x0, 0x4, 0x6bd, 0x2, 0x8, 0x1, 0x7, '\x00', 0x2, 0x5}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000680)={[0xe6, 0x55e, 0xffffffff, 0x4, 0xffffffffffffffff, 0x4, 0x9, 0x100000000000009, 0x4, 0x80, 0x1, 0x794, 0xa, 0x40, 0xc976, 0x6], 0x2, 0x20200}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 3.146174968s ago: executing program 1 (id=1375): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000ec0)) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) 2.87207101s ago: executing program 5 (id=1376): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000001080)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000040)={0x8, 0x8, 0x4, 0xe, 0x1, 0x7, 0x7fffffff, 0x4e3b, r2}, 0x20) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000200), 0xffffffffffffffff) socket$inet(0x2, 0x80000, 0x6) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)={@cgroup, 0xffffffffffffffff, 0x1, 0x2000, 0xffffffffffffffff, @value}, 0x20) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0x83) ioctl$sock_netdev_private(r4, 0x8924, &(0x7f0000000000)) unshare(0x40800) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x64, 0x2, 0x6, 0x101, 0x0, 0x0, {0x1}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0xc0d1}, 0x0) 2.451801895s ago: executing program 0 (id=1377): process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x4) lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x3) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000600), 0x8, 0x440000) fremovexattr(r1, &(0x7f0000000640)=@random={'security.', '-[(!-\x00'}) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000140)=""/82, 0x328000, 0x1800}, 0x20) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$UHID_INPUT(r2, &(0x7f0000000240)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0x0) ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc01c7c02, &(0x7f00000019c0)={0x80000000, 0x0, 0x0}) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$poke(0x4, r3, &(0x7f0000000040), 0x4000007) 2.451530422s ago: executing program 1 (id=1378): mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) mkdirat$cgroup(r0, &(0x7f0000000080)='syz0\x00', 0x1ff) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000034c0)) bind$tipc(0xffffffffffffffff, 0x0, 0x0) bind$tipc(0xffffffffffffffff, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001480)='./cgroup/syz1\x00', 0x200002, 0x0) r2 = openat$cgroup(r0, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r2, &(0x7f0000000340)='syz0\x00', 0x1ff) r3 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) 2.388938473s ago: executing program 4 (id=1379): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@newtfilter={0x480, 0x2c, 0xd2b, 0x10000, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x1}, {}, {0xfff1, 0xfff3}}, [@TCA_RATE={0x6, 0x5, {0x1, 0x49}}, @filter_kind_options=@f_basic={{0xa}, {0x448, 0x2, [@TCA_BASIC_POLICE={0x444, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0xb29, 0xe5bd, 0x2, 0x2, 0x9, 0x1, 0x101, 0x55, 0x7, 0xc3, 0x9, 0x7, 0xa, 0x2, 0x8, 0x5, 0x8001, 0x7, 0x200, 0x9, 0x9, 0x0, 0x2, 0xb, 0x6e, 0x99dc, 0x5, 0x8, 0x3, 0x2, 0x0, 0x3, 0xffffffdf, 0x10, 0xf4f, 0x1, 0x9bd, 0x800, 0x3, 0x101, 0x8001, 0x6, 0x4, 0x1, 0x1, 0xfffffff7, 0x2, 0x6, 0x64d4, 0x3, 0xf, 0x3, 0xfffffffd, 0x6, 0xff, 0x9, 0x4, 0x2, 0xa, 0x6, 0x8, 0x3, 0x5, 0x101, 0x2, 0x404, 0x3ff, 0x5, 0x0, 0xfffffffb, 0x7, 0x7, 0x4566, 0xd96, 0xfffffffa, 0x3ff, 0x2, 0x9, 0x4, 0xefb3, 0x40000, 0x5, 0x8001, 0x6, 0x50000000, 0x6a10, 0x5, 0xd7, 0x1000, 0x7f, 0x3, 0x7fed9e13, 0x14b9, 0x8, 0x80000001, 0x9, 0xb3, 0x1000, 0xd4, 0x7, 0x6, 0x7, 0x8, 0x21, 0x0, 0x3, 0x10001, 0x1, 0x590, 0x7, 0x7, 0x5, 0x32, 0x3, 0x4, 0x7, 0x80000001, 0x3ff, 0xb2, 0x4044a04d, 0x2, 0x5, 0x1000, 0x1, 0x7, 0x400, 0xc542, 0x10000, 0x9, 0x10001, 0x1, 0x3ff, 0x80000000, 0x7a3, 0x0, 0x6, 0x7, 0x7, 0x5, 0x9, 0x8000, 0x395a, 0xfffffffb, 0x0, 0xe, 0x7, 0x6, 0x91e2, 0xb, 0x9, 0x9d93, 0x5, 0x1, 0x8, 0x7fff, 0x7ff, 0xa86, 0xfffffff3, 0x3, 0x2, 0x2, 0x114, 0x7, 0x5, 0x800, 0x0, 0x6, 0x85, 0xea, 0x2, 0x9, 0x7, 0x10000, 0x4, 0xa, 0x7ff, 0x89, 0x3, 0x6, 0x5, 0x4, 0x0, 0x4, 0xcef2, 0x9, 0x80000000, 0x800, 0x0, 0x7f04, 0x1, 0x675ec29f, 0x15, 0x8, 0x2, 0x736, 0xff, 0x5, 0x10000, 0x6, 0x9, 0x8, 0x10001, 0x7, 0x667e, 0x4, 0x3, 0x9, 0x2e, 0x2, 0x80000000, 0x3, 0x8, 0x2, 0x2, 0x3, 0x1000, 0xa, 0x6, 0x81, 0x97, 0x1, 0x37, 0x0, 0x1, 0x1971, 0x8001, 0xa, 0x1, 0xd43, 0x1, 0x2, 0x4, 0xfffffff9, 0x1, 0x5, 0x1000, 0x7f, 0x7ff, 0x7fff, 0xe0000000, 0x3, 0x3, 0xfffffab3, 0x6, 0xdd8, 0x7e7, 0x2, 0x5, 0xfff, 0x9, 0xcb2d, 0x4, 0x1ff, 0x3, 0x4, 0x7]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x805, 0x0, 0x8, 0xfffffffe, 0x6, {0xb, 0x1, 0xcfc4, 0xfffd, 0xfff, 0x2}, {0x7, 0x1, 0x1, 0x8, 0x5b, 0x717}, 0x0, 0x7496, 0xf}}]}]}}]}, 0x480}, 0x1, 0x0, 0x0, 0x20008004}, 0x8000) 1.754459268s ago: executing program 1 (id=1380): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x40004, 0x966a, 0x2000, 0x4, 0x0, 0x0, 0x2401}) 1.144069984s ago: executing program 0 (id=1381): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) r1 = socket(0x11, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000500)="5f0921bc35e849a2de69de4da1638f3909fd8282247b11a0d695b53a74cd424581d26f", 0x23) sendmsg$netlink(r1, 0x0, 0x20040851) readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000280)=""/154, 0x9a}], 0x1) 1.089567424s ago: executing program 5 (id=1382): clock_adjtime(0xe6cee6fee84b2e4a, &(0x7f0000000140)={0x200, 0x1, 0x3, 0x0, 0x7, 0x3, 0xffffffffffffffff, 0x4, 0x1ff, 0x8, 0x5bda, 0x3, 0x180000000000, 0x3, 0x9, 0x4, 0x7f, 0x9, 0x101, 0x2, 0x2360000000, 0x3, 0xfffffffffffffffe, 0x7135, 0x8968, 0x4}) syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x4b, 0x41, 0x46, 0x8, 0x1660, 0x932, 0x80ea, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x5, 0x10, 0xf}}]}}]}}, 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) write(r0, 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000002580)={&(0x7f0000000180)=[{0x63, 0x5000, 0x0, 0x0}], 0x1}) 1.055128397s ago: executing program 1 (id=1383): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="780000001000210400000000fcdbdf", @ANYRES32=0x0, @ANYBLOB="adffa88800200000140003006d6163736563300000000000000000000a000100aaaaaaaaaa2e000009"], 0x78}}, 0x0) 697.033734ms ago: executing program 4 (id=1384): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065cc}, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0) 401.143652ms ago: executing program 1 (id=1385): syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_emit_ethernet(0x56, &(0x7f0000001b40)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dc58c", 0x20, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0xfffd, 0x0, 0x0, {[@nop, @exp_fastopen={0xfe, 0x8, 0xf989, "adb18d07"}]}}}}}}}}, 0x0) ioctl$VIDIOC_S_PARM(0xffffffffffffffff, 0xc0cc5616, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x38, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'batadv0\x00'}, @L2TP_ATTR_L2SPEC_TYPE={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x40800}, 0x20000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r2) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003640)={&(0x7f0000000100)={0x30, r3, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x4000040}, 0x20000004) capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x0, 0x6, 0x0, 0xfffffffc, 0x3}) r4 = memfd_create(&(0x7f0000000000)='\xfb\"a&\x8fe\x11\x8c\xd64\xf9 \x00\x00\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?\xd9\x96\xab\xc7\x06\xfd\x9b\xab\xc8\x1e\x89]\x13bZ\x8d /#k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\xa1\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xdeL\x1d\x98Zq\xcc%\x98\xb0Yc\xec\xb7\xb5m(9\xde\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1jOB\xdas\xe3\xb47}%)\xb9\xbf{\xce\x94^\xec\xdf\xbcW\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xaeVU\x88\xb0\x842kgA]\x1e\x88\xecif\xee]\x8b\xc6\"\xcej\x84\x06\x8a\x99\x80\xd7\xcf\x96\xed\x89\x1e6\x93+\xec#\x1d2\xb8\x80Z\xf7\x06\xbe\xc9[L\xc5\xc9\xb5\xd6{\xee\xce\x17\x89\xa6r\xc5j\xec\x1b\xaa\x996\x14e\xcf\x8axQ\x8fXeT\'0.\x85\xa2\xc8\xb3c\t\xe8\x1a\x89\xecL\xcf\xd8\xb5\xfb\xbc\tX\x88\xbe\xf4@[\xb2\xd5\x8c\xb9\x0e\x17\x8b\xce\xd09\xd2\xfb\x9e\xef\xabR\x88\x17\x9et\xf7\x9c\x01\x91\xacH\xdb\xf9\xcb\x7fh\x83>\x8e\xe1=\xedR\xc9\xe68h\x19\xafLY\x94\x93\xebT\x15\x817\x9d#\xea\xd2\xa8\xfb^\x8c\x87#\x10', 0x7) fallocate(r4, 0x0, 0x0, 0x100000000) setsockopt(0xffffffffffffffff, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00', 0x6) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xee01}}, './file0\x00'}) setregid(0xee01, r7) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000040)={r6, @in6={{0xa, 0x4e23, 0x9, @mcast1, 0xfffffeff}}}, 0x84) ioctl$SNDCTL_DSP_STEREO(0xffffffffffffffff, 0xc0045003, &(0x7f0000000140)=0xffffdffe) 0s ago: executing program 4 (id=1386): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x5) read$FUSE(0xffffffffffffffff, 0x0, 0x0) write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2}}, 0x48) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000002a40)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)="f0cf4f5969b9de03f7a9b9cbb98e47d374a0230656d74ac395e918b65c507fd0ab65f9fd56a85169d07155f5144a6b1605570af93b32d71144bba849a31a43d49d368afa7c24da62b0902e5d7f21791585e8fda95109c85eb880179b42aff511416e120ed48c287e322be4a1df580bf29a8c864630195ca383285209c21ecf13a25a130e4afdbcf79888eb9093113e2f55", 0x91}], 0x1, 0x0, 0x0, 0x40800}, 0xe91e2c4748845db4) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff}) ioctl$KVM_RUN(r2, 0xae80, 0x0) kernel console output (not intermixed with test programs): terface batadv_slave_0 (retrying later): interface not active [ 224.262242][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 224.269404][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.296150][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 224.422310][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 224.429486][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.456163][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 224.548994][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 224.556390][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.583013][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 224.871807][ T5808] hsr_slave_0: entered promiscuous mode [ 224.883201][ T5808] hsr_slave_1: entered promiscuous mode [ 224.893931][ T5808] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 224.901823][ T5808] Cannot create hsr debugfs directory [ 224.957556][ T5806] hsr_slave_0: entered promiscuous mode [ 224.967265][ T5806] hsr_slave_1: entered promiscuous mode [ 224.975877][ T5806] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 224.985109][ T5806] Cannot create hsr debugfs directory [ 225.040288][ T52] Bluetooth: hci1: command tx timeout [ 225.045966][ T5800] Bluetooth: hci0: command tx timeout [ 225.174005][ T5799] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 225.224729][ T5804] hsr_slave_0: entered promiscuous mode [ 225.233422][ T5804] hsr_slave_1: entered promiscuous mode [ 225.241855][ T5804] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 225.249586][ T5804] Cannot create hsr debugfs directory [ 225.280467][ T52] Bluetooth: hci2: command tx timeout [ 225.343375][ T5799] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 225.448874][ T52] Bluetooth: hci4: command tx timeout [ 225.457596][ T5799] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 225.479147][ T5799] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 225.529946][ T52] Bluetooth: hci3: command tx timeout [ 226.266008][ T5795] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 226.312251][ T5795] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 226.335809][ T5795] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 226.376888][ T5795] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 226.609112][ T5808] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 226.663140][ T5804] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 226.686646][ T5808] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 226.760449][ T5804] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 226.782400][ T5808] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 226.843469][ T5804] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 226.863718][ T5808] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 226.926176][ T5804] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 227.085816][ T5806] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 227.120975][ T52] Bluetooth: hci1: command tx timeout [ 227.124012][ T5800] Bluetooth: hci0: command tx timeout [ 227.150391][ T5799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.174700][ T5806] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 227.202398][ T5806] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 227.285438][ T5806] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 227.366074][ T5800] Bluetooth: hci2: command tx timeout [ 227.526178][ T5800] Bluetooth: hci4: command tx timeout [ 227.544157][ T5799] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.606082][ T5800] Bluetooth: hci3: command tx timeout [ 227.614548][ T4068] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.622280][ T4068] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.698034][ T4068] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.705726][ T4068] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.822999][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.936995][ T5795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.075894][ T5808] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.178605][ T5795] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.224065][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.231686][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.252904][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.260487][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.370962][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.378465][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.477874][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.549026][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.556639][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.680205][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.838183][ T5806] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.933734][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.941335][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.010970][ T5804] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.033497][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.041079][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.219118][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.226717][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.252427][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.260039][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.463749][ T5806] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 229.475513][ T5806] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 229.701493][ T5804] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 229.713146][ T5804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 230.235958][ T5799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.725802][ T5799] veth0_vlan: entered promiscuous mode [ 230.744823][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.865371][ T5799] veth1_vlan: entered promiscuous mode [ 230.936145][ T5795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 231.246630][ T5799] veth0_macvtap: entered promiscuous mode [ 231.345850][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 231.366549][ T5799] veth1_macvtap: entered promiscuous mode [ 231.426406][ T5808] veth0_vlan: entered promiscuous mode [ 231.575545][ T5795] veth0_vlan: entered promiscuous mode [ 231.586082][ T5808] veth1_vlan: entered promiscuous mode [ 231.613779][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 231.703994][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 231.723206][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 231.745106][ T5795] veth1_vlan: entered promiscuous mode [ 231.838910][ T5799] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.850734][ T5799] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.859997][ T5799] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.868965][ T5799] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.979305][ T5806] veth0_vlan: entered promiscuous mode [ 232.079258][ T5806] veth1_vlan: entered promiscuous mode [ 232.108724][ T5808] veth0_macvtap: entered promiscuous mode [ 232.226477][ T5808] veth1_macvtap: entered promiscuous mode [ 232.243800][ T5795] veth0_macvtap: entered promiscuous mode [ 232.307422][ T5795] veth1_macvtap: entered promiscuous mode [ 232.423563][ T5806] veth0_macvtap: entered promiscuous mode [ 232.475584][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.488152][ T5806] veth1_macvtap: entered promiscuous mode [ 232.575646][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.593545][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.675710][ T5795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.720914][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.732048][ T5808] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.741193][ T5808] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.750487][ T5808] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.759478][ T5808] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.823921][ T5795] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.834102][ T5795] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.843355][ T5795] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.852549][ T5795] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.921814][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 233.021414][ T5806] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.030700][ T5806] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.041469][ T5806] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.050668][ T5806] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.202857][ T5804] veth0_vlan: entered promiscuous mode [ 234.291489][ T5804] veth1_vlan: entered promiscuous mode [ 234.628491][ T5804] veth0_macvtap: entered promiscuous mode [ 234.723563][ T5804] veth1_macvtap: entered promiscuous mode [ 235.006310][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.134705][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.223310][ T5804] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.232545][ T5804] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.241740][ T5804] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.250785][ T5804] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.382636][ T4412] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.391191][ T4412] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.640330][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.648407][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 239.058503][ T5799] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 239.311213][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.319367][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 239.629336][ T5037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.638233][ T5037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 239.652767][ T3780] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.660948][ T3780] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.000500][ T3780] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.006738][ T727] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.008598][ T3780] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.020480][ T727] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.181255][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.189325][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.989017][ T5979] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1'. [ 241.615105][ T1884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.623474][ T1884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.908885][ T3780] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.917848][ T3780] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.561316][ T5995] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11'. [ 242.570687][ T5995] netlink: 224 bytes leftover after parsing attributes in process `syz.0.11'. [ 242.997712][ T5995] IPVS: persistence engine module ip_vs_pe_ not found [ 243.655889][ T6015] syz.4.16 uses obsolete (PF_INET,SOCK_PACKET) [ 244.549374][ T6029] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 244.611902][ T6028] Illegal XDP return value 4294967294 on prog (id 5) dev N/A, expect packet loss! [ 244.688304][ T6023] syzkaller0: entered promiscuous mode [ 244.694531][ T6023] syzkaller0: entered allmulticast mode [ 244.724367][ T6031] netlink: 276 bytes leftover after parsing attributes in process `syz.1.23'. [ 245.597592][ T6043] netlink: 892 bytes leftover after parsing attributes in process `syz.0.28'. [ 246.243411][ T6048] bridge0: port 3(vlan2) entered blocking state [ 246.250450][ T6048] bridge0: port 3(vlan2) entered disabled state [ 246.257452][ T6048] vlan2: entered allmulticast mode [ 246.266073][ T6048] bond0: entered allmulticast mode [ 246.272371][ T6048] bond_slave_0: entered allmulticast mode [ 246.278347][ T6048] bond_slave_1: entered allmulticast mode [ 246.290370][ T6048] vlan2: entered promiscuous mode [ 246.295640][ T6048] bond0: entered promiscuous mode [ 246.301119][ T6048] bond_slave_0: entered promiscuous mode [ 246.308116][ T6048] bond_slave_1: entered promiscuous mode [ 247.992701][ T6066] syz.0.35 (6066) used greatest stack depth: 5008 bytes left [ 249.068700][ T6085] netlink: 892 bytes leftover after parsing attributes in process `syz.0.42'. [ 250.433716][ T6103] vxcan1 speed is unknown, defaulting to 1000 [ 250.443508][ T6103] vxcan1 speed is unknown, defaulting to 1000 [ 250.452162][ T6103] vxcan1 speed is unknown, defaulting to 1000 [ 250.842894][ T6107] netlink: 4 bytes leftover after parsing attributes in process `syz.4.50'. [ 251.146403][ T6110] syzkaller1: entered promiscuous mode [ 251.153031][ T6110] syzkaller1: entered allmulticast mode [ 251.340065][ T6103] infiniband syz2: set down [ 251.344891][ T6103] infiniband syz2: added vxcan1 [ 251.657811][ T6103] RDS/IB: syz2: added [ 251.662530][ T6103] smc: adding ib device syz2 with port count 1 [ 251.669030][ T6103] smc: ib device syz2 port 1 has pnetid [ 251.840928][ T6114] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.850816][ T6114] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.206376][ T6124] netlink: 892 bytes leftover after parsing attributes in process `syz.3.57'. [ 252.298676][ T6114] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 252.335979][ T6114] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 253.027615][ T6114] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.039260][ T6114] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.050031][ T6114] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.060026][ T6114] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.760978][ T5847] vxcan1 speed is unknown, defaulting to 1000 [ 253.767525][ T5847] syz2: Port: 1 Link DOWN [ 253.772451][ T24] vxcan1 speed is unknown, defaulting to 1000 [ 253.788125][ T6103] vxcan1 speed is unknown, defaulting to 1000 [ 254.227107][ T6103] vxcan1 speed is unknown, defaulting to 1000 [ 255.160773][ T6103] vxcan1 speed is unknown, defaulting to 1000 [ 255.757010][ T6151] netlink: 36 bytes leftover after parsing attributes in process `syz.2.68'. [ 255.883864][ T6151] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 255.894688][ T6151] batadv_slave_0: entered promiscuous mode [ 255.901002][ T6151] batadv_slave_0: entered allmulticast mode [ 255.918969][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 256.315849][ T6103] vxcan1 speed is unknown, defaulting to 1000 [ 256.992717][ T6103] vxcan1 speed is unknown, defaulting to 1000 [ 257.597924][ T6167] bridge0: port 3(vlan2) entered blocking state [ 257.605102][ T6167] bridge0: port 3(vlan2) entered disabled state [ 257.612320][ T6167] vlan2: entered allmulticast mode [ 257.617670][ T6167] bond0: entered allmulticast mode [ 257.623349][ T6167] bond_slave_0: entered allmulticast mode [ 257.637666][ T6167] bond_slave_1: entered allmulticast mode [ 257.651078][ T6167] vlan2: entered promiscuous mode [ 257.656463][ T6167] bond0: entered promiscuous mode [ 257.662117][ T6167] bond_slave_0: entered promiscuous mode [ 257.663222][ T6169] netlink: 892 bytes leftover after parsing attributes in process `syz.3.73'. [ 257.669033][ T6167] bond_slave_1: entered promiscuous mode [ 257.693689][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 257.950388][ T5037] smc: removing ib device syz2 [ 260.883730][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 261.258488][ T6177] bridge0: port 2(bridge_slave_1) entered disabled state [ 261.267707][ T6177] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.494400][ T6177] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 261.535047][ T6177] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 261.722701][ T6189] netlink: 36 bytes leftover after parsing attributes in process `syz.2.81'. [ 261.784704][ T6177] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.794564][ T6177] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.806065][ T6177] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.815770][ T6177] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.683485][ T6197] syzkaller1: entered promiscuous mode [ 262.689215][ T6197] syzkaller1: entered allmulticast mode [ 262.941389][ T6201] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 263.061228][ T6201] netlink: 4 bytes leftover after parsing attributes in process `syz.0.87'. [ 263.212762][ T6206] netlink: 'syz.1.88': attribute type 12 has an invalid length. [ 263.221668][ T6206] netlink: 132 bytes leftover after parsing attributes in process `syz.1.88'. [ 264.430426][ T6220] netlink: 36 bytes leftover after parsing attributes in process `syz.0.94'. [ 264.460480][ T6220] batadv_slave_0: entered promiscuous mode [ 264.466598][ T6220] batadv_slave_0: entered allmulticast mode [ 264.474201][ T6220] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 265.555910][ T6232] syzkaller1: entered promiscuous mode [ 265.562181][ T6232] syzkaller1: entered allmulticast mode [ 266.496233][ T6246] warning: `syz.3.105' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 268.335970][ T6274] syzkaller1: entered promiscuous mode [ 268.344034][ T6274] syzkaller1: entered allmulticast mode [ 268.386054][ T6273] netlink: 'syz.1.117': attribute type 1 has an invalid length. [ 270.450698][ T6302] bond_slave_0: entered promiscuous mode [ 270.456829][ T6302] bond_slave_1: entered promiscuous mode [ 270.463232][ T6302] vlan2: entered promiscuous mode [ 270.468497][ T6302] bond0: entered promiscuous mode [ 271.028686][ T6308] syzkaller1: entered promiscuous mode [ 271.035038][ T6308] syzkaller1: entered allmulticast mode [ 273.739496][ T6352] syzkaller1: entered promiscuous mode [ 273.745576][ T6352] syzkaller1: entered allmulticast mode [ 275.011723][ T6372] sctp: [Deprecated]: syz.3.154 (pid 6372) Use of int in maxseg socket option. [ 275.011723][ T6372] Use struct sctp_assoc_value instead [ 275.129355][ T6372] veth0_macvtap: left promiscuous mode [ 275.395696][ T6378] bond_slave_0: entered promiscuous mode [ 275.401839][ T6378] bond_slave_1: entered promiscuous mode [ 275.408032][ T6378] vlan2: entered promiscuous mode [ 275.413387][ T6378] bond0: entered promiscuous mode [ 280.761732][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.768597][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.933119][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 287.121041][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 287.130934][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 287.194193][ T6552] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.204295][ T6552] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.964970][ T6552] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 288.412500][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 288.580971][ T6552] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.590841][ T6552] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.600291][ T6552] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.609455][ T6552] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.120580][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 294.451083][ T6660] netlink: 884 bytes leftover after parsing attributes in process `syz.1.250'. [ 295.773615][ T6678] netlink: 830 bytes leftover after parsing attributes in process `syz.4.256'. [ 296.031903][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 298.630910][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 298.641752][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 299.308404][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 299.856017][ T6732] syz_tun: entered allmulticast mode [ 299.893658][ T6730] syz_tun: left allmulticast mode [ 300.449986][ T6738] netlink: 'syz.3.277': attribute type 12 has an invalid length. [ 300.457969][ T6738] netlink: 132 bytes leftover after parsing attributes in process `syz.3.277'. [ 301.376935][ T6758] netlink: 12 bytes leftover after parsing attributes in process `syz.3.284'. [ 303.374531][ T6790] Bluetooth: MGMT ver 1.23 [ 303.634080][ T6794] netlink: 'syz.2.296': attribute type 12 has an invalid length. [ 303.642431][ T6794] netlink: 132 bytes leftover after parsing attributes in process `syz.2.296'. [ 303.671673][ T6790] netlink: 4 bytes leftover after parsing attributes in process `syz.1.294'. [ 305.182444][ T6820] geneve0: entered allmulticast mode [ 305.900313][ T6827] vxcan3: entered allmulticast mode [ 306.218197][ T6834] netlink: 'syz.2.309': attribute type 12 has an invalid length. [ 306.227250][ T6834] netlink: 132 bytes leftover after parsing attributes in process `syz.2.309'. [ 306.410186][ T5847] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 306.603655][ T5847] usb 1-1: Using ep0 maxpacket: 8 [ 306.650262][ T5847] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 306.658285][ T5847] usb 1-1: can't read configurations, error -61 [ 306.891135][ T5847] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 307.086866][ T5847] usb 1-1: Using ep0 maxpacket: 8 [ 307.143621][ T5847] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 307.154558][ T5847] usb 1-1: can't read configurations, error -61 [ 307.205464][ T5847] usb usb1-port1: attempt power cycle [ 307.590291][ T5847] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 307.670141][ T5847] usb 1-1: Using ep0 maxpacket: 8 [ 307.711992][ T5847] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 307.721244][ T5847] usb 1-1: can't read configurations, error -61 [ 307.781814][ T6855] netlink: 24 bytes leftover after parsing attributes in process `syz.2.318'. [ 307.910424][ T5847] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 307.966152][ T5847] usb 1-1: Using ep0 maxpacket: 8 [ 307.992044][ T5847] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 308.000431][ T5847] usb 1-1: can't read configurations, error -61 [ 308.056646][ T5847] usb usb1-port1: unable to enumerate USB device [ 308.448625][ T6857] loop1: detected capacity change from 0 to 32768 [ 308.496095][ T6857] [ 308.496095][ T6857] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 308.496095][ T6857] [ 308.521142][ T6857] ERROR: (device loop1): diWrite: ixpxd invalid [ 308.521142][ T6857] [ 308.533669][ T6857] ERROR: (device loop1): txAbort: [ 308.533669][ T6857] [ 308.552385][ T6857] ERROR: (device loop1): diWrite: ixpxd invalid [ 308.552385][ T6857] [ 308.561370][ T6857] ERROR: (device loop1): txAbort: [ 308.561370][ T6857] [ 308.592917][ T30] audit: type=1326 audit(1747709294.019:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.616780][ T30] audit: type=1326 audit(1747709294.019:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.642721][ T30] audit: type=1326 audit(1747709294.019:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=43 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.664915][ T30] audit: type=1326 audit(1747709294.019:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.687511][ T30] audit: type=1326 audit(1747709294.029:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.688958][ T6857] trusted_key: encrypted_key: insufficient parameters specified [ 308.709534][ T30] audit: type=1326 audit(1747709294.029:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.709912][ T30] audit: type=1326 audit(1747709294.029:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.764744][ T30] audit: type=1326 audit(1747709294.029:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.787289][ T30] audit: type=1326 audit(1747709294.029:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=71 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.810118][ T30] audit: type=1326 audit(1747709294.029:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6853 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7ffc0000 [ 308.929154][ T6859] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.938612][ T6859] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.972175][ T5795] [ 308.972175][ T5795] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 308.972175][ T5795] [ 309.014719][ T5795] [ 309.014719][ T5795] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 309.014719][ T5795] [ 309.154536][ T6859] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 309.179341][ T6859] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 309.775803][ T6859] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.786779][ T6859] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.797747][ T6859] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.808245][ T6859] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.208382][ T6865] vxcan1: entered allmulticast mode [ 312.371669][ T6901] netlink: 'syz.2.335': attribute type 12 has an invalid length. [ 312.380262][ T6901] netlink: 132 bytes leftover after parsing attributes in process `syz.2.335'. [ 312.674305][ T5853] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 312.862260][ T6911] vxcan3: entered allmulticast mode [ 312.880043][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 312.909252][ T5853] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 312.917473][ T5853] usb 5-1: can't read configurations, error -61 [ 313.094737][ T5853] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 313.290524][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 313.344714][ T5853] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 313.352876][ T5853] usb 5-1: can't read configurations, error -61 [ 313.410806][ T5853] usb usb5-port1: attempt power cycle [ 313.796391][ T5853] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 313.853142][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 313.897283][ T5853] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 313.905397][ T5853] usb 5-1: can't read configurations, error -61 [ 314.090318][ T5853] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 314.134844][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 314.182246][ T5853] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 314.190495][ T5853] usb 5-1: can't read configurations, error -61 [ 314.218870][ T5853] usb usb5-port1: unable to enumerate USB device [ 314.761676][ T6945] netlink: 'syz.2.349': attribute type 12 has an invalid length. [ 314.772621][ T6945] netlink: 132 bytes leftover after parsing attributes in process `syz.2.349'. [ 315.414574][ T6949] Bluetooth: MGMT ver 1.23 [ 316.925649][ T6982] netlink: 'syz.4.362': attribute type 12 has an invalid length. [ 316.934037][ T6982] netlink: 132 bytes leftover after parsing attributes in process `syz.4.362'. [ 318.080826][ T5853] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 318.301101][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 318.328138][ T5853] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 318.336600][ T5853] usb 5-1: can't read configurations, error -61 [ 318.506173][ T5853] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 318.705737][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 318.765190][ T5853] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 318.773499][ T5853] usb 5-1: can't read configurations, error -61 [ 318.820930][ T5853] usb usb5-port1: attempt power cycle [ 319.221820][ T5853] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 319.290161][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 319.311524][ T5853] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 319.319505][ T5853] usb 5-1: can't read configurations, error -61 [ 319.341865][ T7021] netlink: 'syz.2.376': attribute type 12 has an invalid length. [ 319.350161][ T7021] netlink: 132 bytes leftover after parsing attributes in process `syz.2.376'. [ 319.510389][ T5853] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 319.564458][ T5853] usb 5-1: Using ep0 maxpacket: 8 [ 319.595507][ T5853] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 319.605605][ T5853] usb 5-1: can't read configurations, error -61 [ 319.635919][ T5853] usb usb5-port1: unable to enumerate USB device [ 320.004158][ T7031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.380'. [ 320.711643][ T7040] netlink: 24 bytes leftover after parsing attributes in process `syz.0.384'. [ 321.301440][ T7047] netlink: 32 bytes leftover after parsing attributes in process `syz.3.387'. [ 321.345028][ T7047] netlink: 4 bytes leftover after parsing attributes in process `syz.3.387'. [ 321.486872][ T7053] netlink: 'syz.0.390': attribute type 12 has an invalid length. [ 321.495481][ T7053] netlink: 132 bytes leftover after parsing attributes in process `syz.0.390'. [ 322.761383][ T7072] netlink: 4 bytes leftover after parsing attributes in process `syz.0.396'. [ 323.161321][ T5853] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 323.173067][ T7080] netlink: 24 bytes leftover after parsing attributes in process `syz.2.400'. [ 323.363142][ T7082] batadv1: entered promiscuous mode [ 323.390113][ T5853] usb 4-1: Using ep0 maxpacket: 8 [ 323.434707][ T5853] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 323.442811][ T5853] usb 4-1: can't read configurations, error -61 [ 323.600247][ T5853] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 323.790061][ T5853] usb 4-1: Using ep0 maxpacket: 8 [ 323.832273][ T5853] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 323.840984][ T5853] usb 4-1: can't read configurations, error -61 [ 323.920179][ T5853] usb usb4-port1: attempt power cycle [ 324.310272][ T5853] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 324.347812][ T5853] usb 4-1: Using ep0 maxpacket: 8 [ 324.362053][ T7097] netlink: 'syz.0.406': attribute type 12 has an invalid length. [ 324.370504][ T7097] netlink: 132 bytes leftover after parsing attributes in process `syz.0.406'. [ 324.413748][ T5853] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 324.421897][ T5853] usb 4-1: can't read configurations, error -61 [ 324.560088][ T5853] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 324.617021][ T5853] usb 4-1: Using ep0 maxpacket: 8 [ 324.666162][ T5853] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 324.674676][ T5853] usb 4-1: can't read configurations, error -61 [ 324.711534][ T5853] usb usb4-port1: unable to enumerate USB device [ 324.856241][ T7105] geneve0: entered allmulticast mode [ 325.781660][ T7121] netlink: 4 bytes leftover after parsing attributes in process `syz.1.414'. [ 326.956255][ T7140] geneve0: entered allmulticast mode [ 326.991143][ T7142] netlink: 'syz.3.423': attribute type 12 has an invalid length. [ 326.999297][ T7142] netlink: 132 bytes leftover after parsing attributes in process `syz.3.423'. [ 327.980156][ T7159] netlink: 24 bytes leftover after parsing attributes in process `syz.4.429'. [ 328.061437][ T5844] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 328.270390][ T5844] usb 4-1: Using ep0 maxpacket: 8 [ 328.312540][ T5844] usb 4-1: config 0 has no interfaces? [ 328.358782][ T5844] usb 4-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 328.368446][ T5844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.377005][ T5844] usb 4-1: Product: syz [ 328.381554][ T5844] usb 4-1: Manufacturer: syz [ 328.386406][ T5844] usb 4-1: SerialNumber: syz [ 328.521033][ T5844] usb 4-1: config 0 descriptor?? [ 328.581799][ T7165] Zero length message leads to an empty skb [ 328.751048][ T7155] netlink: 4 bytes leftover after parsing attributes in process `syz.3.428'. [ 328.811122][ T7155] macvtap0: entered promiscuous mode [ 328.817583][ T7155] macvtap0: entered allmulticast mode [ 328.823371][ T7155] bond0: entered allmulticast mode [ 328.828718][ T7155] bond_slave_0: entered allmulticast mode [ 328.834792][ T7155] bond_slave_1: entered allmulticast mode [ 328.844423][ T7155] 8021q: adding VLAN 0 to HW filter on device macvtap0 [ 328.880475][ T7171] geneve0: entered allmulticast mode [ 328.902413][ T7174] netlink: 28 bytes leftover after parsing attributes in process `syz.3.428'. [ 328.989950][ T5853] usb 4-1: USB disconnect, device number 6 [ 330.129879][ T7193] netlink: 24 bytes leftover after parsing attributes in process `syz.4.444'. [ 331.790631][ T5844] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 332.000191][ T5844] usb 1-1: Using ep0 maxpacket: 8 [ 332.041544][ T5844] usb 1-1: config 0 has no interfaces? [ 332.083441][ T5844] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 332.093738][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 332.102468][ T5844] usb 1-1: Product: syz [ 332.106876][ T5844] usb 1-1: Manufacturer: syz [ 332.112005][ T5844] usb 1-1: SerialNumber: syz [ 332.182879][ T5844] usb 1-1: config 0 descriptor?? [ 332.410754][ T7215] netlink: 4 bytes leftover after parsing attributes in process `syz.0.451'. [ 332.517986][ T7215] macvtap1: entered promiscuous mode [ 332.524424][ T7215] macvtap1: entered allmulticast mode [ 332.533851][ T7215] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 332.646218][ T7215] netlink: 28 bytes leftover after parsing attributes in process `syz.0.451'. [ 332.717978][ T5844] usb 1-1: USB disconnect, device number 6 [ 333.109197][ T7242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.460'. [ 333.169509][ T7241] vxcan3: entered allmulticast mode [ 335.158788][ T7273] vxcan1: entered allmulticast mode [ 335.212351][ T7277] geneve0: entered allmulticast mode [ 335.250614][ T5844] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 335.450352][ T5844] usb 3-1: Using ep0 maxpacket: 8 [ 335.504474][ T5844] usb 3-1: config 0 has no interfaces? [ 335.542259][ T5844] usb 3-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 335.552004][ T5844] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.561896][ T5844] usb 3-1: Product: syz [ 335.566293][ T5844] usb 3-1: Manufacturer: syz [ 335.572101][ T5844] usb 3-1: SerialNumber: syz [ 335.612705][ T5844] usb 3-1: config 0 descriptor?? [ 335.828872][ T7268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.474'. [ 335.873219][ T7268] macvtap1: entered promiscuous mode [ 335.879530][ T7268] macvtap1: entered allmulticast mode [ 335.885353][ T7268] bond0: entered allmulticast mode [ 335.890988][ T7268] bond_slave_0: entered allmulticast mode [ 335.896948][ T7268] bond_slave_1: entered allmulticast mode [ 335.907045][ T7268] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 335.925490][ T7285] netlink: 28 bytes leftover after parsing attributes in process `syz.2.474'. [ 336.092217][ T5844] usb 3-1: USB disconnect, device number 2 [ 338.991372][ T5853] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 339.220657][ T5853] usb 2-1: Using ep0 maxpacket: 8 [ 339.271211][ T5853] usb 2-1: config 0 has no interfaces? [ 339.325484][ T5853] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 339.335842][ T5853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.345040][ T5853] usb 2-1: Product: syz [ 339.349448][ T5853] usb 2-1: Manufacturer: syz [ 339.354869][ T5853] usb 2-1: SerialNumber: syz [ 339.427192][ T5853] usb 2-1: config 0 descriptor?? [ 339.646197][ T7330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.498'. [ 339.685664][ T7330] macvtap1: entered promiscuous mode [ 339.692177][ T7330] macvtap1: entered allmulticast mode [ 339.701619][ T7330] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 339.824436][ T7330] netlink: 28 bytes leftover after parsing attributes in process `syz.1.498'. [ 339.894721][ T5853] usb 2-1: USB disconnect, device number 2 [ 342.181906][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 342.188717][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 342.408132][ T7389] netlink: 12 bytes leftover after parsing attributes in process `syz.0.519'. [ 342.419079][ T7389] tipc: Started in network mode [ 342.425391][ T7389] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 342.434894][ T7389] tipc: Enabling of bearer rejected, failed to enable media [ 342.640732][ T5853] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 342.820566][ T5853] usb 2-1: Using ep0 maxpacket: 8 [ 342.883684][ T5853] usb 2-1: config 0 has no interfaces? [ 342.930885][ T5853] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 342.940391][ T5853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.952168][ T5853] usb 2-1: Product: syz [ 342.956574][ T5853] usb 2-1: Manufacturer: syz [ 342.961611][ T5853] usb 2-1: SerialNumber: syz [ 342.980177][ T5853] usb 2-1: config 0 descriptor?? [ 343.233934][ T7398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.522'. [ 343.288709][ T7398] macvtap2: entered promiscuous mode [ 343.295146][ T7398] macvtap2: entered allmulticast mode [ 343.304583][ T7398] 8021q: adding VLAN 0 to HW filter on device macvtap2 [ 343.380933][ T7412] netlink: 28 bytes leftover after parsing attributes in process `syz.1.522'. [ 343.472685][ T5844] usb 2-1: USB disconnect, device number 3 [ 344.244971][ T7396] Bluetooth: hci0: command 0x0406 tx timeout [ 344.254186][ T5797] Bluetooth: hci1: command 0x0406 tx timeout [ 344.264196][ T5797] Bluetooth: hci2: command 0x0406 tx timeout [ 344.271198][ T5797] Bluetooth: hci4: command 0x0406 tx timeout [ 344.272555][ T7395] Bluetooth: hci3: command 0x0406 tx timeout [ 346.180921][ T24] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 346.371317][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 346.412050][ T24] usb 4-1: config 0 has no interfaces? [ 346.442803][ T24] usb 4-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 346.452744][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 346.461159][ T24] usb 4-1: Product: syz [ 346.465552][ T24] usb 4-1: Manufacturer: syz [ 346.470590][ T24] usb 4-1: SerialNumber: syz [ 346.522240][ T24] usb 4-1: config 0 descriptor?? [ 346.761234][ T7456] netlink: 4 bytes leftover after parsing attributes in process `syz.3.545'. [ 346.879012][ T7456] macvtap1: entered promiscuous mode [ 346.885688][ T7456] macvtap1: entered allmulticast mode [ 346.895102][ T7456] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 347.040339][ T7473] netlink: 28 bytes leftover after parsing attributes in process `syz.3.545'. [ 347.100966][ T24] usb 4-1: USB disconnect, device number 7 [ 347.236182][ T7469] loop0: detected capacity change from 0 to 32768 [ 347.307660][ T7469] [ 347.307660][ T7469] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 347.307660][ T7469] [ 347.334157][ T7469] ERROR: (device loop0): diWrite: ixpxd invalid [ 347.334157][ T7469] [ 347.344199][ T7469] ERROR: (device loop0): txAbort: [ 347.344199][ T7469] [ 347.362719][ T7469] ERROR: (device loop0): diWrite: ixpxd invalid [ 347.362719][ T7469] [ 347.371721][ T7469] ERROR: (device loop0): txAbort: [ 347.371721][ T7469] [ 347.398132][ T30] kauditd_printk_skb: 25 callbacks suppressed [ 347.398200][ T30] audit: type=1326 audit(1747709332.839:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.427105][ T30] audit: type=1326 audit(1747709332.839:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.450276][ T30] audit: type=1326 audit(1747709332.839:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=43 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.473318][ T30] audit: type=1326 audit(1747709332.839:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.495660][ T30] audit: type=1326 audit(1747709332.839:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.516019][ T7479] trusted_key: encrypted_key: insufficient parameters specified [ 347.517915][ T30] audit: type=1326 audit(1747709332.839:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.548612][ T30] audit: type=1326 audit(1747709332.839:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.571746][ T30] audit: type=1326 audit(1747709332.839:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.782369][ T30] audit: type=1326 audit(1747709333.049:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=71 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.804854][ T30] audit: type=1326 audit(1747709333.049:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 347.933764][ T7481] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 347.973378][ T5808] [ 347.973378][ T5808] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 347.973378][ T5808] [ 348.020288][ T5808] [ 348.020288][ T5808] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 348.020288][ T5808] [ 350.380055][ T24] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 350.571119][ T24] usb 2-1: Using ep0 maxpacket: 8 [ 350.615679][ T24] usb 2-1: config 0 has no interfaces? [ 350.644822][ T24] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 350.654775][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 350.663315][ T24] usb 2-1: Product: syz [ 350.667697][ T24] usb 2-1: Manufacturer: syz [ 350.672668][ T24] usb 2-1: SerialNumber: syz [ 350.729105][ T24] usb 2-1: config 0 descriptor?? [ 350.955081][ T7510] netlink: 4 bytes leftover after parsing attributes in process `syz.1.565'. [ 350.992985][ T7510] netlink: 28 bytes leftover after parsing attributes in process `syz.1.565'. [ 351.028162][ T24] usb 2-1: USB disconnect, device number 4 [ 352.742198][ T7512] loop4: detected capacity change from 0 to 32768 [ 352.842891][ T7512] [ 352.842891][ T7512] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 352.842891][ T7512] [ 352.923916][ T7512] ERROR: (device loop4): diWrite: ixpxd invalid [ 352.923916][ T7512] [ 352.980071][ T7512] ERROR: (device loop4): txAbort: [ 352.980071][ T7512] [ 352.990920][ T7549] ERROR: (device loop4): diWrite: ixpxd invalid [ 352.990920][ T7549] [ 353.000002][ T7549] ERROR: (device loop4): txAbort: [ 353.000002][ T7549] [ 353.079147][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 353.079218][ T30] audit: type=1326 audit(1747709338.519:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.108722][ T30] audit: type=1326 audit(1747709338.519:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.131270][ T30] audit: type=1326 audit(1747709338.559:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=43 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.153478][ T30] audit: type=1326 audit(1747709338.559:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.176838][ T30] audit: type=1326 audit(1747709338.559:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.215911][ T30] audit: type=1326 audit(1747709338.659:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.238932][ T30] audit: type=1326 audit(1747709338.659:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.261277][ T30] audit: type=1326 audit(1747709338.659:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.284329][ T30] audit: type=1326 audit(1747709338.689:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=71 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.307153][ T30] audit: type=1326 audit(1747709338.689:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7511 comm="syz.4.566" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 353.352807][ T7512] trusted_key: encrypted_key: insufficient parameters specified [ 353.613643][ T5804] [ 353.613643][ T5804] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 353.613643][ T5804] [ 353.625957][ T5804] [ 353.625957][ T5804] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 353.625957][ T5804] [ 354.344075][ T7567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.581'. [ 354.741187][ T5844] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 354.825814][ T7574] loop0: detected capacity change from 0 to 512 [ 354.843001][ T7574] ======================================================= [ 354.843001][ T7574] WARNING: The mand mount option has been deprecated and [ 354.843001][ T7574] and is ignored by this kernel. Remove the mand [ 354.843001][ T7574] option from the mount to silence this warning. [ 354.843001][ T7574] ======================================================= [ 354.971081][ T5844] usb 4-1: Using ep0 maxpacket: 8 [ 355.017553][ T5844] usb 4-1: config 0 has no interfaces? [ 355.024349][ T7574] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 355.076007][ T5844] usb 4-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 355.085692][ T5844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.094147][ T5844] usb 4-1: Product: syz [ 355.098536][ T5844] usb 4-1: Manufacturer: syz [ 355.103541][ T5844] usb 4-1: SerialNumber: syz [ 355.124713][ T7574] EXT4-fs (loop0): orphan cleanup on readonly fs [ 355.183604][ T7574] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.584: bg 0: block 248: padding at end of block bitmap is not set [ 355.235644][ T5844] usb 4-1: config 0 descriptor?? [ 355.272456][ T7574] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.584: Failed to acquire dquot type 1 [ 355.358683][ T7574] EXT4-fs (loop0): 1 truncate cleaned up [ 355.407299][ T7574] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 355.556174][ T7570] netlink: 4 bytes leftover after parsing attributes in process `syz.3.583'. [ 355.603877][ T7570] netlink: 28 bytes leftover after parsing attributes in process `syz.3.583'. [ 355.666298][ T24] usb 4-1: USB disconnect, device number 8 [ 355.840190][ T7574] syz.0.584 (7574) used greatest stack depth: 3360 bytes left [ 355.862729][ T5808] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.714313][ T5853] IPVS: starting estimator thread 0... [ 357.800203][ T7613] bond0: left allmulticast mode [ 357.805369][ T7613] bond_slave_0: left allmulticast mode [ 357.811415][ T7613] bond_slave_1: left allmulticast mode [ 357.828698][ T7611] IPVS: using max 240 ests per chain, 12000 per kthread [ 358.216307][ T7618] 8021q: adding VLAN 0 to HW filter on device ipvlan0 [ 358.521753][ T7620] netlink: 4 bytes leftover after parsing attributes in process `syz.4.599'. [ 359.070496][ T5844] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 359.255886][ T5844] usb 2-1: Using ep0 maxpacket: 8 [ 359.281834][ T5844] usb 2-1: config 0 has no interfaces? [ 359.319902][ T5844] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 359.329381][ T5844] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 359.337904][ T5844] usb 2-1: Product: syz [ 359.342381][ T5844] usb 2-1: Manufacturer: syz [ 359.347205][ T5844] usb 2-1: SerialNumber: syz [ 359.402932][ T5844] usb 2-1: config 0 descriptor?? [ 359.466559][ T7599] loop3: detected capacity change from 0 to 32768 [ 359.526696][ T7599] [ 359.526696][ T7599] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 359.526696][ T7599] [ 359.586953][ T7599] ERROR: (device loop3): diWrite: ixpxd invalid [ 359.586953][ T7599] [ 359.623647][ T7599] ERROR: (device loop3): txAbort: [ 359.623647][ T7599] [ 359.648594][ T7622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.600'. [ 359.651117][ T7626] ERROR: (device loop3): diWrite: ixpxd invalid [ 359.651117][ T7626] [ 359.666428][ T7626] ERROR: (device loop3): txAbort: [ 359.666428][ T7626] [ 359.678062][ T7622] netlink: 28 bytes leftover after parsing attributes in process `syz.1.600'. [ 359.712608][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 359.712681][ T30] audit: type=1326 audit(1747709345.149:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 359.732101][ T24] usb 2-1: USB disconnect, device number 5 [ 359.798789][ T7599] trusted_key: encrypted_key: insufficient parameters specified [ 359.825018][ T30] audit: type=1326 audit(1747709345.199:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=43 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 359.847505][ T30] audit: type=1326 audit(1747709345.199:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 359.870129][ T30] audit: type=1326 audit(1747709345.199:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 359.893942][ T30] audit: type=1326 audit(1747709345.199:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 359.916417][ T30] audit: type=1326 audit(1747709345.219:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=71 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 359.939351][ T30] audit: type=1326 audit(1747709345.219:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 359.962051][ T30] audit: type=1326 audit(1747709345.219:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=71 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 359.984172][ T30] audit: type=1326 audit(1747709345.219:100): auid=4294967295 uid=0 gid=65280 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 360.007073][ T30] audit: type=1326 audit(1747709345.229:101): auid=4294967295 uid=0 gid=65280 ses=4294967295 subj=unconfined pid=7597 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70fe539 code=0x7ffc0000 [ 360.095075][ T5799] [ 360.095075][ T5799] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 360.095075][ T5799] [ 360.116580][ T5799] [ 360.116580][ T5799] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 360.116580][ T5799] [ 361.301534][ T5844] IPVS: starting estimator thread 0... [ 361.400590][ T7649] IPVS: using max 240 ests per chain, 12000 per kthread [ 361.596355][ T7651] 8021q: adding VLAN 0 to HW filter on device ipvlan0 [ 362.423705][ T7653] bridge0: port 2(bridge_slave_1) entered disabled state [ 362.433485][ T7653] bridge0: port 1(bridge_slave_0) entered disabled state [ 362.754195][ T7653] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 362.778380][ T7653] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 362.968632][ T7653] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.979418][ T7653] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.988951][ T7653] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.999483][ T7653] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.026004][ T32] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 363.210653][ T32] usb 4-1: Using ep0 maxpacket: 8 [ 363.223383][ T32] usb 4-1: config 0 has no interfaces? [ 363.246004][ T32] usb 4-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 363.255434][ T32] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.264622][ T32] usb 4-1: Product: syz [ 363.268967][ T32] usb 4-1: Manufacturer: syz [ 363.273926][ T32] usb 4-1: SerialNumber: syz [ 363.283654][ T32] usb 4-1: config 0 descriptor?? [ 363.531417][ T7671] netlink: 4 bytes leftover after parsing attributes in process `syz.3.617'. [ 363.573674][ T7671] netlink: 28 bytes leftover after parsing attributes in process `syz.3.617'. [ 363.592592][ T5853] usb 4-1: USB disconnect, device number 9 [ 364.131572][ T7682] vxcan5: entered allmulticast mode [ 367.187268][ T7721] vxcan3: entered allmulticast mode [ 367.252289][ T5844] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 367.445891][ T5844] usb 5-1: Using ep0 maxpacket: 8 [ 367.503443][ T5844] usb 5-1: config 0 has no interfaces? [ 367.552258][ T5844] usb 5-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 367.561831][ T5844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 367.570257][ T5844] usb 5-1: Product: syz [ 367.574670][ T5844] usb 5-1: Manufacturer: syz [ 367.579495][ T5844] usb 5-1: SerialNumber: syz [ 367.642749][ T5844] usb 5-1: config 0 descriptor?? [ 367.902965][ T7719] netlink: 4 bytes leftover after parsing attributes in process `syz.4.634'. [ 368.003589][ T7719] netlink: 28 bytes leftover after parsing attributes in process `syz.4.634'. [ 368.059241][ T5844] usb 5-1: USB disconnect, device number 10 [ 370.420948][ T7763] vxcan3: entered allmulticast mode [ 371.690211][ T5844] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 371.919969][ T5844] usb 1-1: Using ep0 maxpacket: 8 [ 371.962188][ T5844] usb 1-1: config 0 has no interfaces? [ 371.987273][ T5844] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 371.996793][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.005698][ T5844] usb 1-1: Product: syz [ 372.010162][ T5844] usb 1-1: Manufacturer: syz [ 372.014967][ T5844] usb 1-1: SerialNumber: syz [ 372.092575][ T5844] usb 1-1: config 0 descriptor?? [ 372.170971][ T7795] bond0: left allmulticast mode [ 372.176373][ T7795] bond_slave_0: left allmulticast mode [ 372.182485][ T7795] bond_slave_1: left allmulticast mode [ 372.337109][ T7784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.657'. [ 372.400773][ T7801] netlink: 28 bytes leftover after parsing attributes in process `syz.0.657'. [ 372.419508][ T5844] usb 1-1: USB disconnect, device number 7 [ 372.815059][ T7805] loop2: detected capacity change from 0 to 512 [ 372.972491][ T7805] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 373.223539][ T7805] EXT4-fs (loop2): orphan cleanup on readonly fs [ 373.269023][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 373.320620][ T7805] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.665: bg 0: block 248: padding at end of block bitmap is not set [ 373.368296][ T7805] __quota_error: 14 callbacks suppressed [ 373.368376][ T7805] Quota error (device loop2): write_blk: dquota write failed [ 373.382701][ T7805] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 373.393128][ T7805] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.665: Failed to acquire dquot type 1 [ 373.418209][ T7805] EXT4-fs (loop2): 1 truncate cleaned up [ 373.468168][ T7805] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 373.777647][ T7814] vxcan3: entered allmulticast mode [ 373.926170][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.986288][ T1884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 373.994693][ T1884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 374.111330][ T7816] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 375.486920][ T24] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 375.660267][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 375.685932][ T24] usb 4-1: config 0 has no interfaces? [ 375.713771][ T24] usb 4-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 375.723692][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 375.732572][ T24] usb 4-1: Product: syz [ 375.736978][ T24] usb 4-1: Manufacturer: syz [ 375.742072][ T24] usb 4-1: SerialNumber: syz [ 375.771556][ T24] usb 4-1: config 0 descriptor?? [ 376.095785][ T7855] netlink: 28 bytes leftover after parsing attributes in process `syz.3.676'. [ 376.141580][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 376.151240][ T24] usb 4-1: USB disconnect, device number 10 [ 376.218464][ T7853] loop1: detected capacity change from 0 to 512 [ 376.274471][ T7853] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 376.432523][ T7853] EXT4-fs (loop1): orphan cleanup on readonly fs [ 376.542730][ T7853] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.680: bg 0: block 248: padding at end of block bitmap is not set [ 376.598708][ T7853] Quota error (device loop1): write_blk: dquota write failed [ 376.607022][ T7853] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 376.618946][ T7853] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.680: Failed to acquire dquot type 1 [ 376.685972][ T7853] EXT4-fs (loop1): 1 truncate cleaned up [ 376.722838][ T7853] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 377.082530][ T5795] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 378.672012][ T7894] vxcan3: entered allmulticast mode [ 378.889525][ T24] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 378.894651][ T7899] loop0: detected capacity change from 0 to 512 [ 378.963138][ T7899] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 379.024245][ T7899] EXT4-fs (loop0): orphan cleanup on readonly fs [ 379.083052][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 379.092331][ T7899] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.695: bg 0: block 248: padding at end of block bitmap is not set [ 379.136718][ T24] usb 3-1: config 0 has no interfaces? [ 379.151041][ T7899] Quota error (device loop0): write_blk: dquota write failed [ 379.159084][ T7899] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 379.170190][ T7899] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.695: Failed to acquire dquot type 1 [ 379.194179][ T24] usb 3-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 379.204606][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 379.213229][ T24] usb 3-1: Product: syz [ 379.218196][ T24] usb 3-1: Manufacturer: syz [ 379.223152][ T24] usb 3-1: SerialNumber: syz [ 379.279557][ T7899] EXT4-fs (loop0): 1 truncate cleaned up [ 379.290455][ T24] usb 3-1: config 0 descriptor?? [ 379.319024][ T7899] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 379.540772][ T7899] syz.0.695 (7899) used greatest stack depth: 3120 bytes left [ 379.576753][ T7891] netlink: 28 bytes leftover after parsing attributes in process `syz.2.693'. [ 379.669971][ T24] usb 3-1: USB disconnect, device number 3 [ 379.777703][ T5808] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.915846][ T7932] vxcan3: entered allmulticast mode [ 381.716483][ T7944] loop2: detected capacity change from 0 to 512 [ 381.786039][ T7944] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 381.828242][ T7944] EXT4-fs (loop2): orphan cleanup on readonly fs [ 381.857431][ T7944] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.712: bg 0: block 248: padding at end of block bitmap is not set [ 381.877163][ T7948] netlink: 4 bytes leftover after parsing attributes in process `syz.4.713'. [ 381.891597][ T7944] Quota error (device loop2): write_blk: dquota write failed [ 381.899917][ T7944] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 381.910459][ T7944] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.712: Failed to acquire dquot type 1 [ 381.996785][ T7944] EXT4-fs (loop2): 1 truncate cleaned up [ 382.038898][ T7944] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 382.210389][ T24] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 382.401468][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 382.428348][ T24] usb 1-1: config 0 has no interfaces? [ 382.457503][ T24] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 382.467132][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 382.475876][ T24] usb 1-1: Product: syz [ 382.483577][ T24] usb 1-1: Manufacturer: syz [ 382.488440][ T24] usb 1-1: SerialNumber: syz [ 382.544945][ T24] usb 1-1: config 0 descriptor?? [ 382.595036][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 382.792411][ T7950] netlink: 28 bytes leftover after parsing attributes in process `syz.0.714'. [ 382.858223][ T5844] usb 1-1: USB disconnect, device number 8 [ 383.432154][ T7974] netlink: 8 bytes leftover after parsing attributes in process `syz.2.722'. [ 384.167443][ T7984] netlink: 4 bytes leftover after parsing attributes in process `syz.0.725'. [ 385.907750][ T8016] netlink: 8 bytes leftover after parsing attributes in process `syz.1.736'. [ 386.000111][ T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 386.137907][ T8020] netlink: 24 bytes leftover after parsing attributes in process `syz.0.738'. [ 386.190167][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 386.218143][ T24] usb 5-1: config 0 has no interfaces? [ 386.236282][ T24] usb 5-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 386.246344][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.254775][ T24] usb 5-1: Product: syz [ 386.259285][ T24] usb 5-1: Manufacturer: syz [ 386.264382][ T24] usb 5-1: SerialNumber: syz [ 386.327818][ T24] usb 5-1: config 0 descriptor?? [ 386.378406][ T8020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.738'. [ 386.553263][ T8014] netlink: 28 bytes leftover after parsing attributes in process `syz.4.735'. [ 386.586813][ T24] usb 5-1: USB disconnect, device number 11 [ 388.238619][ T8054] netlink: 4 bytes leftover after parsing attributes in process `syz.0.748'. [ 389.070193][ T5844] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 389.260163][ T5844] usb 5-1: Using ep0 maxpacket: 8 [ 389.290753][ T5844] usb 5-1: config 0 has no interfaces? [ 389.327696][ T5844] usb 5-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 389.337561][ T5844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.346481][ T5844] usb 5-1: Product: syz [ 389.351049][ T5844] usb 5-1: Manufacturer: syz [ 389.355915][ T5844] usb 5-1: SerialNumber: syz [ 389.376020][ T5844] usb 5-1: config 0 descriptor?? [ 389.702484][ T8063] netlink: 28 bytes leftover after parsing attributes in process `syz.4.754'. [ 389.724271][ T24] usb 5-1: USB disconnect, device number 12 [ 391.064538][ T8089] loop4: detected capacity change from 0 to 512 [ 391.141741][ T8089] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 391.187819][ T8089] EXT4-fs (loop4): orphan cleanup on readonly fs [ 391.283598][ T8089] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.763: bg 0: block 248: padding at end of block bitmap is not set [ 391.359377][ T8089] Quota error (device loop4): write_blk: dquota write failed [ 391.368266][ T8089] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 391.378794][ T8089] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.763: Failed to acquire dquot type 1 [ 391.450303][ T8089] EXT4-fs (loop4): 1 truncate cleaned up [ 391.473222][ T8089] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 391.874444][ T5804] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.198773][ T8101] netlink: 4 bytes leftover after parsing attributes in process `syz.3.769'. [ 392.742240][ T8112] netlink: 'syz.2.772': attribute type 12 has an invalid length. [ 392.750527][ T8112] netlink: 132 bytes leftover after parsing attributes in process `syz.2.772'. [ 393.489995][ T5844] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 393.650145][ T5844] usb 3-1: Using ep0 maxpacket: 8 [ 393.689357][ T5844] usb 3-1: config 0 has no interfaces? [ 393.745170][ T5844] usb 3-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 393.755394][ T5844] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.763887][ T5844] usb 3-1: Product: syz [ 393.768268][ T5844] usb 3-1: Manufacturer: syz [ 393.773243][ T5844] usb 3-1: SerialNumber: syz [ 393.862788][ T5844] usb 3-1: config 0 descriptor?? [ 394.112670][ T8116] netlink: 28 bytes leftover after parsing attributes in process `syz.2.773'. [ 394.178206][ T5844] usb 3-1: USB disconnect, device number 4 [ 394.981863][ T8137] netlink: 'syz.1.783': attribute type 12 has an invalid length. [ 394.990160][ T8137] netlink: 132 bytes leftover after parsing attributes in process `syz.1.783'. [ 395.298434][ T8145] netlink: 24 bytes leftover after parsing attributes in process `syz.2.787'. [ 395.756419][ T8150] bridge0: port 3(vlan0) entered blocking state [ 395.763440][ T8150] bridge0: port 3(vlan0) entered disabled state [ 395.771209][ T8150] vlan0: entered allmulticast mode [ 395.776558][ T8150] bond0: entered allmulticast mode [ 395.782017][ T8150] bond_slave_0: entered allmulticast mode [ 395.788046][ T8150] bond_slave_1: entered allmulticast mode [ 395.800225][ T8150] vlan0: entered promiscuous mode [ 395.805587][ T8150] bond0: entered promiscuous mode [ 395.811291][ T8150] bond_slave_0: entered promiscuous mode [ 395.818234][ T8150] bond_slave_1: entered promiscuous mode [ 395.894209][ T8152] netlink: 4 bytes leftover after parsing attributes in process `syz.1.788'. [ 396.344961][ T8159] netlink: 20 bytes leftover after parsing attributes in process `syz.4.793'. [ 396.433719][ T8159] bond1: entered allmulticast mode [ 396.440700][ T8159] 8021q: adding VLAN 0 to HW filter on device bond1 [ 396.456994][ T8165] hsr0: entered promiscuous mode [ 396.462621][ T8165] hsr0: entered allmulticast mode [ 396.468092][ T8165] hsr_slave_0: entered allmulticast mode [ 396.474340][ T8165] hsr_slave_1: entered allmulticast mode [ 396.481893][ T8165] bond1: (slave hsr0): The slave device specified does not support setting the MAC address [ 396.495835][ T8165] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 396.508738][ T8165] bond1: (slave hsr0): Error -22 calling dev_set_mtu [ 397.179199][ T8175] netlink: 1624 bytes leftover after parsing attributes in process `syz.4.798'. [ 397.330079][ T5853] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 397.490119][ T5853] usb 3-1: Using ep0 maxpacket: 8 [ 397.517628][ T5853] usb 3-1: config 0 has no interfaces? [ 397.542226][ T5853] usb 3-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 397.552699][ T5853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 397.561301][ T5853] usb 3-1: Product: syz [ 397.565685][ T5853] usb 3-1: Manufacturer: syz [ 397.570699][ T5853] usb 3-1: SerialNumber: syz [ 397.621070][ T8180] netlink: 20 bytes leftover after parsing attributes in process `syz.1.800'. [ 397.675459][ T5853] usb 3-1: config 0 descriptor?? [ 397.806279][ T8182] netlink: 24 bytes leftover after parsing attributes in process `syz.0.801'. [ 397.957564][ T8173] netlink: 28 bytes leftover after parsing attributes in process `syz.2.797'. [ 398.020135][ T5853] usb 3-1: USB disconnect, device number 5 [ 399.338789][ T8206] netlink: 4 bytes leftover after parsing attributes in process `syz.2.810'. [ 399.692208][ T8215] netlink: 20 bytes leftover after parsing attributes in process `syz.3.813'. [ 400.803866][ T5844] IPVS: starting estimator thread 0... [ 400.911736][ T8237] IPVS: using max 240 ests per chain, 12000 per kthread [ 401.100264][ T5844] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 401.300566][ T5844] usb 4-1: Using ep0 maxpacket: 8 [ 401.331028][ T5844] usb 4-1: config 0 has no interfaces? [ 401.358056][ T5844] usb 4-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 401.368235][ T5844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.376676][ T5844] usb 4-1: Product: syz [ 401.381414][ T5844] usb 4-1: Manufacturer: syz [ 401.386233][ T5844] usb 4-1: SerialNumber: syz [ 401.497207][ T5844] usb 4-1: config 0 descriptor?? [ 401.733471][ T8235] netlink: 28 bytes leftover after parsing attributes in process `syz.3.820'. [ 401.793125][ T5844] usb 4-1: USB disconnect, device number 11 [ 401.964651][ T8254] netlink: 20 bytes leftover after parsing attributes in process `syz.4.827'. [ 403.052292][ T8270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.833'. [ 403.623561][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.631140][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 404.066161][ T8285] netlink: 20 bytes leftover after parsing attributes in process `syz.3.839'. [ 404.521831][ T8291] netlink: 24 bytes leftover after parsing attributes in process `syz.0.843'. [ 405.009025][ T8296] netlink: 'syz.1.846': attribute type 4 has an invalid length. [ 406.127831][ T8318] netlink: 12 bytes leftover after parsing attributes in process `syz.2.854'. [ 406.510958][ T8326] netlink: 24 bytes leftover after parsing attributes in process `syz.0.858'. [ 406.672814][ T8326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.858'. [ 406.841040][ T5844] IPVS: starting estimator thread 0... [ 406.970258][ T8331] IPVS: using max 240 ests per chain, 12000 per kthread [ 408.083284][ T8351] netlink: 12 bytes leftover after parsing attributes in process `syz.4.869'. [ 408.832237][ T8363] netlink: 24 bytes leftover after parsing attributes in process `syz.2.875'. [ 408.965619][ T8363] netlink: 8 bytes leftover after parsing attributes in process `syz.2.875'. [ 409.720437][ T8383] netlink: 12 bytes leftover after parsing attributes in process `syz.0.883'. [ 410.798935][ T8403] netlink: 24 bytes leftover after parsing attributes in process `syz.3.891'. [ 411.073082][ T8403] netlink: 8 bytes leftover after parsing attributes in process `syz.3.891'. [ 411.686317][ T8419] netlink: 12 bytes leftover after parsing attributes in process `syz.3.896'. [ 413.064658][ T8442] netlink: 24 bytes leftover after parsing attributes in process `syz.2.906'. [ 413.205966][ T8442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.906'. [ 413.569424][ T8454] netlink: 40 bytes leftover after parsing attributes in process `syz.3.910'. [ 413.702903][ T30] audit: type=1326 audit(1747709399.149:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8455 comm="syz.1.909" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x0 [ 417.867953][ T8528] netlink: 4 bytes leftover after parsing attributes in process `syz.0.935'. [ 418.833183][ T8496] loop3: detected capacity change from 0 to 32768 [ 418.897620][ T8496] workqueue: Failed to create a rescuer kthread for wq "bcachefs_btree_io": -EINTR [ 418.897869][ T8496] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 418.955556][ T8496] bcachefs: bch2_fs_get_tree() error: ENOMEM_fs_other_alloc [ 421.330026][ T8577] netlink: 4 bytes leftover after parsing attributes in process `syz.1.954'. [ 422.304883][ T8589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.958'. [ 423.358102][ T8603] Invalid ELF header magic: != ELF [ 424.044725][ T8610] netlink: 4 bytes leftover after parsing attributes in process `syz.2.967'. [ 424.078434][ T8613] loop0: detected capacity change from 0 to 256 [ 424.236920][ T8613] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 425.891172][ T8634] netlink: 8 bytes leftover after parsing attributes in process `syz.0.977'. [ 425.932172][ T8634] netlink: 8 bytes leftover after parsing attributes in process `syz.0.977'. [ 426.452377][ T8644] netlink: 4 bytes leftover after parsing attributes in process `syz.0.982'. [ 426.489193][ T8649] netlink: 4 bytes leftover after parsing attributes in process `syz.1.980'. [ 428.681201][ T8674] netlink: 4 bytes leftover after parsing attributes in process `syz.0.995'. [ 430.539252][ T5088] Bluetooth: hci2: unexpected cc 0x0c5b length: 5 > 1 [ 430.546720][ T5088] Bluetooth: hci2: unexpected event for opcode 0x0c5b [ 431.646159][ T8702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1004'. [ 432.622820][ T8714] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1007'. [ 434.057654][ T8724] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1012'. [ 435.532488][ T8744] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1018'. [ 436.311148][ T8758] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1022'. [ 438.192537][ T8777] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1032'. [ 440.450164][ T8813] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1045'. [ 443.043594][ T8847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1059'. [ 443.504276][ T8850] loop1: detected capacity change from 0 to 256 [ 443.594762][ T8850] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 444.463864][ T8835] loop2: detected capacity change from 0 to 32768 [ 444.508614][ T8835] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/loop2": -EINTR [ 444.943735][ T8871] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1070'. [ 445.661225][ T8884] loop3: detected capacity change from 0 to 256 [ 445.778833][ T8884] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 446.457325][ T8891] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1077'. [ 447.500700][ T5844] usb 4-1: new full-speed USB device number 12 using dummy_hcd [ 447.594892][ T8909] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1084'. [ 447.740662][ T5844] usb 4-1: config 1 interface 0 has no altsetting 0 [ 447.756533][ T8918] netlink: 1760 bytes leftover after parsing attributes in process `syz.0.1085'. [ 447.769539][ T5844] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 447.779133][ T5844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.788358][ T5844] usb 4-1: Product: syz [ 447.793001][ T5844] usb 4-1: Manufacturer: syz [ 447.797824][ T5844] usb 4-1: SerialNumber: syz [ 448.539523][ T5844] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 448.804674][ T8926] loop0: detected capacity change from 0 to 256 [ 448.938263][ C0] usblp0: nonzero write bulk status received: -71 [ 448.955651][ T5844] usb 4-1: USB disconnect, device number 12 [ 448.984795][ T8926] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 449.184000][ T8904] usblp0: removed [ 449.356095][ T8932] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1091'. [ 450.475940][ T8953] netlink: 1760 bytes leftover after parsing attributes in process `syz.0.1098'. [ 451.208965][ T8963] loop3: detected capacity change from 0 to 256 [ 451.332319][ T8963] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 454.097790][ T8997] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 454.259424][ T8997] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 454.342445][ T9002] loop4: detected capacity change from 0 to 256 [ 454.404764][ T9002] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 456.150164][ T5844] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 456.361890][ T5844] usb 1-1: Using ep0 maxpacket: 8 [ 456.412762][ T5844] usb 1-1: config 0 has no interfaces? [ 456.461051][ T5844] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 456.470653][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 456.478903][ T5844] usb 1-1: Product: syz [ 456.483675][ T5844] usb 1-1: Manufacturer: syz [ 456.488476][ T5844] usb 1-1: SerialNumber: syz [ 456.561589][ T9033] loop1: detected capacity change from 0 to 256 [ 456.664310][ T5844] usb 1-1: config 0 descriptor?? [ 456.690717][ T9033] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 456.882761][ T9021] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1126'. [ 456.895521][ T9021] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1126'. [ 456.913371][ T5844] usb 1-1: USB disconnect, device number 9 [ 457.229723][ C1] hrtimer: interrupt took 215802 ns [ 458.052885][ T9050] syzkaller0: entered promiscuous mode [ 458.058619][ T9050] syzkaller0: entered allmulticast mode [ 458.735305][ T9061] loop0: detected capacity change from 0 to 1024 [ 458.803037][ T9061] EXT4-fs (loop0): Can't support bigalloc feature without extents feature [ 458.803037][ T9061] [ 458.814498][ T9061] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 459.833905][ T5853] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 459.926574][ T24] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 459.990084][ T5853] usb 3-1: Using ep0 maxpacket: 8 [ 460.023552][ T5853] usb 3-1: config 0 has no interfaces? [ 460.056629][ T5853] usb 3-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 460.066381][ T5853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 460.075506][ T5853] usb 3-1: Product: syz [ 460.080212][ T5853] usb 3-1: Manufacturer: syz [ 460.085083][ T5853] usb 3-1: SerialNumber: syz [ 460.117448][ T5853] usb 3-1: config 0 descriptor?? [ 460.151995][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 460.163739][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 460.174038][ T24] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 460.183885][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.217740][ T24] usb 4-1: config 0 descriptor?? [ 460.338155][ T9072] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1147'. [ 460.357485][ T9072] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1147'. [ 460.378758][ T5853] usb 3-1: USB disconnect, device number 6 [ 460.610703][ T9086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1152'. [ 460.642904][ T24] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0 [ 460.675079][ T24] cp2112 0003:10C4:EA90.0001: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0 [ 460.846067][ T24] cp2112 0003:10C4:EA90.0001: error requesting version [ 460.885788][ T24] cp2112 0003:10C4:EA90.0001: probe with driver cp2112 failed with error -71 [ 460.950652][ T24] usb 4-1: USB disconnect, device number 13 [ 461.370104][ T5853] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 461.538816][ T9089] fido_id[9089]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 461.569990][ T5853] usb 1-1: Using ep0 maxpacket: 32 [ 461.597034][ T5853] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 461.609932][ T5853] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 461.705400][ T5853] usb 1-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 461.715978][ T5853] usb 1-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 461.725008][ T5853] usb 1-1: Product: syz [ 461.729803][ T5853] usb 1-1: Manufacturer: syz [ 461.734622][ T5853] usb 1-1: SerialNumber: syz [ 461.825332][ T5853] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input5 [ 462.082734][ T5844] usb 1-1: USB disconnect, device number 10 [ 462.272106][ T5844] appletouch 1-1:1.0: input: appletouch disconnected [ 463.020878][ T9116] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.1163'. [ 463.173849][ T9119] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1165'. [ 463.843840][ T9128] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1168'. [ 463.980381][ T5844] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 464.001626][ T9128] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1168'. [ 464.140446][ T5844] usb 3-1: Using ep0 maxpacket: 8 [ 464.190641][ T5844] usb 3-1: config 0 has no interfaces? [ 464.214828][ T5844] usb 3-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 464.224585][ T5844] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 464.232967][ T5844] usb 3-1: Product: syz [ 464.237346][ T5844] usb 3-1: Manufacturer: syz [ 464.242453][ T5844] usb 3-1: SerialNumber: syz [ 464.267726][ T5844] usb 3-1: config 0 descriptor?? [ 464.484306][ T9125] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1167'. [ 464.510702][ T9125] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1167'. [ 464.550871][ T5844] usb 3-1: USB disconnect, device number 7 [ 465.069310][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 465.076179][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 465.607661][ T9146] loop2: detected capacity change from 0 to 512 [ 465.948630][ T9151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1178'. [ 466.382421][ T9146] EXT4-fs (loop2): Test dummy encryption mode enabled [ 466.392921][ T9131] loop4: detected capacity change from 0 to 32768 [ 466.446021][ T9131] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section members_v1: device 0: not enough buckets (got 0, max 64) [ 466.446021][ T9131] members_v1 (size 64): [ 466.446021][ T9131] Device: 0 [ 466.446021][ T9131] Label: (none) [ 466.446021][ T9131] UUID: 7af6772b-00de-4159-84cd-1faead05ac08 [ 466.446021][ T9131] Size: 0 [ 466.446021][ T9131] read errors: 0 [ 466.446021][ T9131] write errors: 0 [ 466.446021][ T9131] checksum errors: 0 [ 466.446021][ T9131] seqread iops: 0 [ 466.446021][ T9131] seqwrite iops: 0 [ 466.446021][ T9131] randread iops: 0 [ 466.446021][ T9131] randwrite iops: 0 [ 466.446021][ T9131] Bucket size: 131072 [ 466.446021][ T9131] First bucket: 0 [ 466.446021][ T9131] Buckets: 0 [ 466.446021][ T9131] Last mount: 1714681267 [ 466.446021][ T9131] Last superblock write: 0 [ 466.446021][ T9131] State: rw [ 466.446021][ T9131] Data allowed: journal,btree,user [ 466.446021][ T9131] Has data: (none) [ 466.446021][ T9131] Btree allocated bitmap blocksize:256 [ 466.446021][ T9131] Btree allocated bitmap: 0000000000000000000000000000000000000000000000000000000000000000 [ 466.446021][ T9131] Durability: [ 466.446901][ T9131] bcachefs: bch2_fs_get_tree() error: invalid_sb_members [ 466.458579][ T9146] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.1176: corrupted in-inode xattr: invalid ea_ino [ 466.731486][ T9146] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1176: couldn't read orphan inode 15 (err -117) [ 466.835660][ T9160] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.1180'. [ 466.859863][ T9146] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 467.228267][ T9146] fscrypt (loop2): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))") [ 467.425234][ T9170] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1182'. [ 467.562925][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 467.590552][ T9170] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1182'. [ 468.116157][ T9177] bridge0: port 3(vlan1) entered blocking state [ 468.123514][ T9177] bridge0: port 3(vlan1) entered disabled state [ 468.130789][ T9177] vlan1: entered allmulticast mode [ 468.136135][ T9177] bond0: entered allmulticast mode [ 468.141757][ T9177] bond_slave_0: entered allmulticast mode [ 468.147709][ T9177] bond_slave_1: entered allmulticast mode [ 468.162009][ T9177] vlan1: entered promiscuous mode [ 468.720116][ T5844] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 468.920150][ T5844] usb 5-1: Using ep0 maxpacket: 8 [ 468.943618][ T5844] usb 5-1: config 0 has no interfaces? [ 468.990085][ T5844] usb 5-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 468.999628][ T5844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 469.008513][ T5844] usb 5-1: Product: syz [ 469.013015][ T5844] usb 5-1: Manufacturer: syz [ 469.017845][ T5844] usb 5-1: SerialNumber: syz [ 469.037967][ T5844] usb 5-1: config 0 descriptor?? [ 469.144439][ T9187] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 469.258283][ T9182] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1186'. [ 469.300540][ T9182] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1186'. [ 469.346676][ T5844] usb 5-1: USB disconnect, device number 13 [ 469.452616][ T9191] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1191'. [ 470.081668][ T9196] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma? [ 470.402765][ T9201] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.1194'. [ 471.187028][ T9207] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1197'. [ 471.422151][ T9207] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1197'. [ 472.172662][ T9220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1203'. [ 473.010692][ T5844] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 473.195189][ T5844] usb 5-1: Using ep0 maxpacket: 8 [ 473.247243][ T5844] usb 5-1: config 0 has no interfaces? [ 473.296039][ T5844] usb 5-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 473.306256][ T5844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.314797][ T5844] usb 5-1: Product: syz [ 473.319258][ T5844] usb 5-1: Manufacturer: syz [ 473.324283][ T5844] usb 5-1: SerialNumber: syz [ 473.414224][ T5844] usb 5-1: config 0 descriptor?? [ 473.634766][ T9225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1205'. [ 473.644659][ T9225] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1205'. [ 473.755582][ T9245] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1205'. [ 474.069027][ T5844] usb 5-1: USB disconnect, device number 14 [ 475.152205][ T9257] __nla_validate_parse: 1 callbacks suppressed [ 475.152276][ T9257] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1216'. [ 475.870852][ T30] audit: type=1326 audit(1747709461.289:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9264 comm="syz.4.1220" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x0 [ 476.549020][ T9272] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1223'. [ 477.460890][ T5844] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 477.646117][ T5844] usb 1-1: Using ep0 maxpacket: 8 [ 477.687993][ T5844] usb 1-1: config 0 has no interfaces? [ 477.722314][ T5844] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 477.731624][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 477.740072][ T5844] usb 1-1: Product: syz [ 477.744410][ T5844] usb 1-1: Manufacturer: syz [ 477.749123][ T5844] usb 1-1: SerialNumber: syz [ 477.825475][ T5844] usb 1-1: config 0 descriptor?? [ 478.061193][ T9280] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1226'. [ 478.071029][ T9280] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1226'. [ 478.126036][ T9286] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1226'. [ 478.243758][ T9263] loop3: detected capacity change from 0 to 32768 [ 478.422354][ T5853] usb 1-1: USB disconnect, device number 11 [ 478.490491][ T9263] bcachefs (00441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 478.679177][ T9263] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names [ 478.679177][ T9263] allowing incompatible features above 0.0: (unknown version) [ 478.710317][ T9263] bcachefs (loop3): initializing new filesystem [ 478.732406][ T9263] bcachefs (loop3): going read-write [ 478.740561][ T9263] bcachefs (loop3): bch2_journal_reclaim_start(): error creating journal reclaim thread EINTR [ 478.751683][ T9263] bcachefs (loop3): flushing journal and stopping allocators, journal seq 0 [ 478.854597][ T9263] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 0 [ 478.960762][ T9263] bcachefs (loop3): unclean shutdown complete, journal seq 1 [ 479.014368][ T9263] bcachefs (loop3): bch2_fs_initialize(): error EINTR [ 479.021694][ T9263] bcachefs (loop3): bch2_fs_start(): error starting filesystem EINTR [ 479.030582][ T9263] bcachefs (loop3): shutting down [ 479.140658][ T9302] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1230'. [ 479.182190][ T9263] bcachefs (loop3): shutdown complete [ 480.359282][ T30] audit: type=1326 audit(1747709465.789:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9313 comm="syz.1.1235" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x0 [ 480.437456][ T9316] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1236'. [ 481.856381][ T9263] bcachefs: bch2_fs_get_tree() error: EINTR [ 482.480226][ T5844] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 482.673143][ T5844] usb 2-1: Using ep0 maxpacket: 8 [ 482.715529][ T5844] usb 2-1: config 0 has no interfaces? [ 482.743495][ T5844] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 482.752959][ T5844] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 482.761327][ T5844] usb 2-1: Product: syz [ 482.765694][ T5844] usb 2-1: Manufacturer: syz [ 482.770523][ T5844] usb 2-1: SerialNumber: syz [ 482.825361][ T5844] usb 2-1: config 0 descriptor?? [ 483.060505][ T9329] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1242'. [ 483.070111][ T9329] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1242'. [ 483.150307][ T9338] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1242'. [ 483.388185][ T5844] usb 2-1: USB disconnect, device number 6 [ 483.691616][ T9346] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1244'. [ 483.835367][ T9347] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1248'. [ 483.909262][ T9347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1248'. [ 484.377288][ T30] audit: type=1326 audit(1747709469.819:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9350 comm="syz.4.1250" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x0 [ 485.892137][ T5088] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 485.931938][ T5088] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 485.947521][ T5088] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 485.981773][ T5088] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 486.048619][ T5088] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 486.780375][ T5844] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 486.950038][ T5844] usb 5-1: Using ep0 maxpacket: 8 [ 486.997554][ T5844] usb 5-1: config 0 has no interfaces? [ 487.021806][ T5844] usb 5-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 487.031273][ T5844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 487.039510][ T5844] usb 5-1: Product: syz [ 487.043995][ T5844] usb 5-1: Manufacturer: syz [ 487.048698][ T5844] usb 5-1: SerialNumber: syz [ 487.138031][ T5844] usb 5-1: config 0 descriptor?? [ 487.242422][ T9384] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1262'. [ 487.335557][ T9384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1262'. [ 487.354822][ T9381] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1261'. [ 487.364584][ T9381] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1261'. [ 487.476156][ T9389] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1261'. [ 487.537995][ T5853] usb 5-1: USB disconnect, device number 15 [ 487.810872][ T9375] chnl_net:caif_netlink_parms(): no params data found [ 488.080606][ T5800] Bluetooth: hci5: command tx timeout [ 488.221451][ T9393] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1265'. [ 488.839152][ T30] audit: type=1326 audit(1747709474.279:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9397 comm="syz.0.1267" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x0 [ 489.498943][ T9409] loop4: detected capacity change from 0 to 256 [ 489.728219][ T9375] bridge0: port 1(bridge_slave_0) entered blocking state [ 489.736112][ T9375] bridge0: port 1(bridge_slave_0) entered disabled state [ 489.744204][ T9375] bridge_slave_0: entered allmulticast mode [ 489.752541][ T9375] bridge_slave_0: entered promiscuous mode [ 489.820998][ T5844] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 489.855292][ T9375] bridge0: port 2(bridge_slave_1) entered blocking state [ 489.863528][ T9375] bridge0: port 2(bridge_slave_1) entered disabled state [ 489.871360][ T9375] bridge_slave_1: entered allmulticast mode [ 489.879505][ T9375] bridge_slave_1: entered promiscuous mode [ 489.989578][ T5844] usb 4-1: Using ep0 maxpacket: 8 [ 490.012532][ T9409] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 490.029405][ T5844] usb 4-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d [ 490.038842][ T5844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.047161][ T5844] usb 4-1: Product: syz [ 490.052227][ T5844] usb 4-1: Manufacturer: syz [ 490.056998][ T5844] usb 4-1: SerialNumber: syz [ 490.160603][ T5800] Bluetooth: hci5: command tx timeout [ 490.194444][ T5844] usb 4-1: config 0 descriptor?? [ 490.288965][ T5844] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 490.358534][ T9375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 490.397754][ T9375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 490.585137][ T9375] team0: Port device team_slave_0 added [ 490.659373][ T9375] team0: Port device team_slave_1 added [ 490.841830][ T9375] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 490.849051][ T9375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 490.875479][ T9375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 490.902255][ T9375] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 490.909472][ T9375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 490.936098][ T9375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 491.237648][ T9375] hsr_slave_0: entered promiscuous mode [ 491.247665][ T9375] hsr_slave_1: entered promiscuous mode [ 491.256641][ T9375] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 491.264794][ T9375] Cannot create hsr debugfs directory [ 491.305126][ T5844] gspca_sonixj: reg_w err -71 [ 491.310254][ T5844] sonixj 4-1:0.0: probe with driver sonixj failed with error -71 [ 491.388541][ T5844] usb 4-1: USB disconnect, device number 14 [ 492.047367][ T9418] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1274'. [ 492.140409][ T9418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1274'. [ 492.258261][ T5800] Bluetooth: hci5: command tx timeout [ 492.460819][ T4412] vlan1: left allmulticast mode [ 492.465929][ T4412] bond0: left allmulticast mode [ 492.471365][ T4412] bond_slave_0: left allmulticast mode [ 492.477057][ T4412] bond_slave_1: left allmulticast mode [ 492.482968][ T4412] vlan1: left promiscuous mode [ 492.489389][ T4412] bridge0: port 3(vlan1) entered disabled state [ 492.670720][ T4412] bridge_slave_1: left promiscuous mode [ 492.677297][ T4412] bridge0: port 2(bridge_slave_1) entered disabled state [ 492.748997][ T4412] bridge_slave_0: left allmulticast mode [ 492.755279][ T4412] bridge_slave_0: left promiscuous mode [ 492.761957][ T4412] bridge0: port 1(bridge_slave_0) entered disabled state [ 492.781704][ T9422] loop3: detected capacity change from 0 to 1024 [ 492.832566][ T9422] EXT4-fs: Ignoring removed nobh option [ 492.838439][ T9422] EXT4-fs: inline encryption not supported [ 492.845222][ T9422] EXT4-fs: Ignoring removed bh option [ 493.063660][ T9422] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 493.183247][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 493.242068][ T9429] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1277'. [ 493.306732][ T4412] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 493.359971][ T4412] bond_slave_0: left promiscuous mode [ 493.360493][ T5853] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 493.402599][ T4412] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 493.434303][ T4412] bond_slave_1: left promiscuous mode [ 493.442572][ T4412] bond0 (unregistering): Released all slaves [ 493.570061][ T5853] usb 2-1: Using ep0 maxpacket: 8 [ 493.602660][ T5853] usb 2-1: config 0 has no interfaces? [ 493.624254][ T5853] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 493.634421][ T5853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 493.642980][ T5853] usb 2-1: Product: syz [ 493.647361][ T5853] usb 2-1: Manufacturer: syz [ 493.652396][ T5853] usb 2-1: SerialNumber: syz [ 493.710930][ T9431] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 493.731589][ T5853] usb 2-1: config 0 descriptor?? [ 493.866963][ T9435] loop4: detected capacity change from 0 to 512 [ 493.949568][ T9425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1276'. [ 493.958960][ T9425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1276'. [ 494.006117][ T9425] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1276'. [ 494.027522][ T5853] usb 2-1: USB disconnect, device number 7 [ 494.087149][ T9435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 494.101119][ T9435] ext4 filesystem being mounted at /260/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 494.281217][ T4412] hsr_slave_0: left promiscuous mode [ 494.299236][ T4412] hsr_slave_1: left promiscuous mode [ 494.307764][ T4412] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 494.321497][ T5800] Bluetooth: hci5: command tx timeout [ 494.620218][ T5804] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 495.066885][ T4412] team0 (unregistering): Port device team_slave_1 removed [ 495.156796][ T4412] team0 (unregistering): Port device team_slave_0 removed [ 495.844469][ T9375] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 495.943202][ T9375] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 495.983407][ T9455] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1286'. [ 496.168259][ T9375] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 496.214534][ T4412] IPVS: stop unused estimator thread 0... [ 496.223684][ T9375] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 496.278841][ T9455] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1286'. [ 496.306810][ T9459] loop1: detected capacity change from 0 to 512 [ 496.407771][ T9459] EXT4-fs (loop1): can't read group descriptor 0 [ 496.435206][ T9462] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1288'. [ 497.180006][ T24] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 497.349491][ T9375] 8021q: adding VLAN 0 to HW filter on device bond0 [ 497.403202][ T5853] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 497.418111][ T24] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 497.430456][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 497.441787][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 497.451970][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 497.465258][ T24] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 497.474847][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 497.498819][ T9375] 8021q: adding VLAN 0 to HW filter on device team0 [ 497.518282][ T24] usb 1-1: config 0 descriptor?? [ 497.623155][ T4412] bridge0: port 1(bridge_slave_0) entered blocking state [ 497.630936][ T4412] bridge0: port 1(bridge_slave_0) entered forwarding state [ 497.670692][ T5853] usb 2-1: Using ep0 maxpacket: 8 [ 497.702789][ T5853] usb 2-1: config 0 has no interfaces? [ 497.729827][ T4412] bridge0: port 2(bridge_slave_1) entered blocking state [ 497.732499][ T5853] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 497.737583][ T4412] bridge0: port 2(bridge_slave_1) entered forwarding state [ 497.746525][ T5853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 497.762733][ T5853] usb 2-1: Product: syz [ 497.767368][ T5853] usb 2-1: Manufacturer: syz [ 497.772481][ T5853] usb 2-1: SerialNumber: syz [ 497.885397][ T5853] usb 2-1: config 0 descriptor?? [ 498.099578][ T24] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 498.144355][ T9472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1292'. [ 498.154224][ T9472] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1292'. [ 498.206137][ T9375] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 498.235573][ T9472] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1292'. [ 498.247121][ T24] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 498.269320][ T5847] usb 2-1: USB disconnect, device number 8 [ 498.364050][ T24] usb 1-1: USB disconnect, device number 12 [ 498.715287][ T9476] fido_id[9476]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 499.121657][ T9482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1295'. [ 499.500201][ T9486] input: syz0 as /devices/virtual/input/input7 [ 499.888004][ T9375] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 500.472905][ T9499] netlink: 'syz.1.1299': attribute type 1 has an invalid length. [ 500.663875][ T9503] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1299'. [ 500.783191][ T9499] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1299'. [ 500.795636][ T9499] 8021q: adding VLAN 0 to HW filter on device bond1 [ 506.830237][ T9510] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 507.279644][ T5800] Bluetooth: hci2: unexpected event for opcode 0x202f [ 507.920433][ T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 508.076054][ T9375] veth0_vlan: entered promiscuous mode [ 508.117728][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 508.144562][ T9375] veth1_vlan: entered promiscuous mode [ 508.155763][ T9] usb 2-1: config 0 has no interfaces? [ 508.176886][ T9] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 508.186284][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 508.194828][ T9] usb 2-1: Product: syz [ 508.199109][ T9] usb 2-1: Manufacturer: syz [ 508.203916][ T9] usb 2-1: SerialNumber: syz [ 508.297711][ T9] usb 2-1: config 0 descriptor?? [ 508.413911][ T9375] veth0_macvtap: entered promiscuous mode [ 508.484998][ T9375] veth1_macvtap: entered promiscuous mode [ 508.539184][ T9521] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1305'. [ 508.549003][ T9521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1305'. [ 508.681684][ T9521] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1305'. [ 508.724145][ T9375] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 508.757699][ T9] usb 2-1: USB disconnect, device number 9 [ 508.839156][ T9375] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 508.903630][ T9375] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.912886][ T9375] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.921917][ T9375] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.930896][ T9375] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 510.087949][ T9546] netlink: 'syz.0.1312': attribute type 1 has an invalid length. [ 510.176427][ T9546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1312'. [ 510.287884][ T9546] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1312'. [ 510.300179][ T9546] 8021q: adding VLAN 0 to HW filter on device bond1 [ 510.973488][ T9556] loop0: detected capacity change from 0 to 256 [ 511.071340][ T9556] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 511.514828][ T5800] Bluetooth: hci2: unexpected event for opcode 0x202f [ 511.687496][ T9560] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 512.140094][ T9567] loop0: detected capacity change from 0 to 2048 [ 512.234158][ T9567] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 512.297264][ T9567] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 512.330786][ T9571] loop4: detected capacity change from 0 to 1024 [ 512.418369][ T9571] EXT4-fs: Ignoring removed nobh option [ 512.426029][ T9571] EXT4-fs: inline encryption not supported [ 512.432309][ T9571] EXT4-fs: Ignoring removed bh option [ 512.652456][ T9571] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 512.842932][ T24] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 513.081034][ T24] usb 2-1: Using ep0 maxpacket: 8 [ 513.115821][ T24] usb 2-1: config 0 has no interfaces? [ 513.178826][ T5804] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.205277][ T24] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=dc.4d [ 513.205580][ T5088] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 513.215391][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 513.225989][ T5088] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 513.230983][ T24] usb 2-1: Product: syz [ 513.231085][ T24] usb 2-1: Manufacturer: syz [ 513.231176][ T24] usb 2-1: SerialNumber: syz [ 513.264619][ T5088] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 513.284142][ T5088] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 513.296329][ T5088] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 513.530508][ T24] usb 2-1: config 0 descriptor?? [ 513.781246][ T9573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1320'. [ 513.790678][ T9573] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1320'. [ 513.886137][ T9573] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1320'. [ 513.986388][ T24] usb 2-1: USB disconnect, device number 10 [ 514.456281][ T9579] chnl_net:caif_netlink_parms(): no params data found [ 515.111381][ T9601] netlink: 'syz.1.1323': attribute type 1 has an invalid length. [ 515.204338][ T9603] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1323'. [ 515.225476][ T9601] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1323'. [ 515.238288][ T9601] 8021q: adding VLAN 0 to HW filter on device bond2 [ 515.374728][ T5088] Bluetooth: hci3: command tx timeout [ 515.441392][ T4412] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 515.449584][ T4412] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 515.639896][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 515.648149][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 515.949523][ T9612] loop0: detected capacity change from 0 to 256 [ 516.080639][ T9612] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 516.152755][ T5088] Bluetooth: hci0: unexpected event for opcode 0x202f [ 516.342929][ T9579] bridge0: port 1(bridge_slave_0) entered blocking state [ 516.350891][ T9579] bridge0: port 1(bridge_slave_0) entered disabled state [ 516.358641][ T9579] bridge_slave_0: entered allmulticast mode [ 516.368671][ T9579] bridge_slave_0: entered promiscuous mode [ 516.411661][ T9579] bridge0: port 2(bridge_slave_1) entered blocking state [ 516.419414][ T9579] bridge0: port 2(bridge_slave_1) entered disabled state [ 516.427845][ T9579] bridge_slave_1: entered allmulticast mode [ 516.438075][ T9579] bridge_slave_1: entered promiscuous mode [ 516.900686][ T9579] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 516.984707][ T9616] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 517.011428][ T9579] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 517.184301][ T9579] team0: Port device team_slave_0 added [ 517.233324][ T9579] team0: Port device team_slave_1 added [ 517.274451][ T9624] loop4: detected capacity change from 0 to 1024 [ 517.316585][ T9624] EXT4-fs: Ignoring removed nobh option [ 517.322809][ T9624] EXT4-fs: inline encryption not supported [ 517.328952][ T9624] EXT4-fs: Ignoring removed bh option [ 517.440131][ T5088] Bluetooth: hci3: command tx timeout [ 517.496686][ T9624] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 517.531954][ T9579] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 517.539234][ T9579] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 517.570203][ T9579] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 517.593870][ T9579] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 517.602056][ T9579] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 517.631158][ T9579] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 517.942575][ T5804] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 518.128391][ T9579] hsr_slave_0: entered promiscuous mode [ 518.141613][ T9579] hsr_slave_1: entered promiscuous mode [ 518.151562][ T9579] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 518.159338][ T9579] Cannot create hsr debugfs directory [ 518.872725][ T9642] netlink: 'syz.5.1335': attribute type 1 has an invalid length. [ 519.112178][ T9642] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1335'. [ 519.390963][ T9579] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 519.498539][ T9579] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 519.521093][ T5088] Bluetooth: hci3: command tx timeout [ 519.552180][ T9579] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 519.575286][ T9579] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 519.672431][ T9647] loop1: detected capacity change from 0 to 256 [ 519.778094][ T9647] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 520.828011][ T9579] 8021q: adding VLAN 0 to HW filter on device bond0 [ 521.021988][ T9579] 8021q: adding VLAN 0 to HW filter on device team0 [ 521.122442][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 521.130515][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 521.254674][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 521.262589][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 521.601941][ T5088] Bluetooth: hci3: command tx timeout [ 522.400734][ T9675] netlink: 'syz.5.1347': attribute type 1 has an invalid length. [ 522.465223][ T9675] netlink: 'syz.5.1347': attribute type 16 has an invalid length. [ 522.604944][ T9677] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1347'. [ 523.578013][ T9687] loop0: detected capacity change from 0 to 256 [ 523.666868][ T9579] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 523.743258][ T9687] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 525.301325][ T9708] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1359'. [ 526.042702][ T5088] Bluetooth: hci2: unexpected event for opcode 0x202f [ 526.500498][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.507172][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 526.936040][ T9579] veth0_vlan: entered promiscuous mode [ 527.143408][ T9579] veth1_vlan: entered promiscuous mode [ 527.607776][ T9579] veth0_macvtap: entered promiscuous mode [ 527.719233][ T9579] veth1_macvtap: entered promiscuous mode [ 528.078531][ T9579] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 528.142219][ T9579] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 528.183100][ T24] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 528.361013][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 528.412040][ T9579] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 528.421369][ T9579] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 528.430557][ T9579] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 528.439563][ T9579] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 528.503020][ T24] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 528.511651][ T24] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 528.521864][ T24] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 528.532000][ T24] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 528.542282][ T24] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 528.555784][ T24] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 528.565327][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 528.635671][ T9735] bridge0: port 3(vlan2) entered blocking state [ 528.642621][ T9735] bridge0: port 3(vlan2) entered disabled state [ 528.650097][ T9735] vlan2: entered allmulticast mode [ 528.655445][ T9735] bond0: entered allmulticast mode [ 528.660936][ T9735] bond_slave_0: entered allmulticast mode [ 528.666896][ T9735] bond_slave_1: entered allmulticast mode [ 528.679330][ T9735] vlan2: entered promiscuous mode [ 528.686943][ T9735] bond0: entered promiscuous mode [ 528.693059][ T9735] bond_slave_0: entered promiscuous mode [ 528.700163][ T9735] bond_slave_1: entered promiscuous mode [ 528.728657][ T4068] bridge_slave_1: left allmulticast mode [ 528.734765][ T4068] bridge_slave_1: left promiscuous mode [ 528.741613][ T4068] bridge0: port 2(bridge_slave_1) entered disabled state [ 528.769536][ T4068] bridge_slave_0: left allmulticast mode [ 528.775707][ T4068] bridge_slave_0: left promiscuous mode [ 528.782508][ T4068] bridge0: port 1(bridge_slave_0) entered disabled state [ 528.994075][ T24] usb 1-1: GET_CAPABILITIES returned 6c [ 529.000258][ T24] usbtmc 1-1:16.0: can't read capabilities [ 529.261749][ T24] usb 1-1: USB disconnect, device number 13 [ 529.303650][ T9746] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1372'. [ 529.511829][ T4068] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 529.553208][ T4068] bond_slave_0: left promiscuous mode [ 529.578430][ T4068] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 529.651750][ T4068] bond_slave_1: left promiscuous mode [ 529.659419][ T4068] bond0 (unregistering): Released all slaves [ 530.198083][ T4068] hsr_slave_0: left promiscuous mode [ 530.250482][ T4068] hsr_slave_1: left promiscuous mode [ 530.258325][ T4068] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 530.308769][ T4068] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 530.918835][ T4068] team0 (unregistering): Port device team_slave_1 removed [ 531.003934][ T4068] team0 (unregistering): Port device team_slave_0 removed [ 532.082033][ T4068] IPVS: stop unused estimator thread 0... [ 532.094349][ T9787] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1383'. [ 532.340086][ T5844] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 532.362111][ T9790] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1384'. [ 532.518700][ T5844] usb 6-1: Using ep0 maxpacket: 8 [ 532.544390][ T5844] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 532.553980][ T5844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 532.563162][ T5844] usb 6-1: Product: syz [ 532.567938][ T5844] usb 6-1: Manufacturer: syz [ 532.573096][ T5844] usb 6-1: SerialNumber: syz [ 532.660675][ T5844] usb 6-1: config 0 descriptor?? [ 532.687151][ T5844] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 532.695948][ T5844] usb 6-1: setting power ON [ 532.700863][ T5844] dvb-usb: bulk message failed: -22 (2/0) [ 532.820931][ T5844] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 532.887437][ T9786] dvb-usb: bulk message failed: -22 (3/0) [ 532.894811][ T9786] ===================================================== [ 532.902605][ T9786] BUG: KMSAN: uninit-value in cxusb_i2c_xfer+0x1303/0x18e0 [ 532.910381][ T9786] cxusb_i2c_xfer+0x1303/0x18e0 [ 532.915471][ T9786] __i2c_transfer+0xeca/0x30e0 [ 532.920587][ T9786] i2c_transfer+0x300/0x4b0 [ 532.925238][ T9786] i2c_transfer_buffer_flags+0x138/0x200 [ 532.931258][ T9786] i2cdev_write+0x214/0x2b0 [ 532.935857][ T9786] vfs_write+0x463/0x1560 [ 532.940495][ T9786] __ia32_sys_write+0x1f9/0x4d0 [ 532.945462][ T9786] ia32_sys_call+0x30f2/0x42c0 [ 532.950477][ T9786] __do_fast_syscall_32+0xb0/0x110 [ 532.955758][ T9786] do_fast_syscall_32+0x38/0x80 [ 532.960934][ T9786] do_SYSENTER_32+0x1f/0x30 [ 532.965569][ T9786] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 532.972115][ T9786] [ 532.974505][ T9786] Local variable ac.i created at: [ 532.979570][ T9786] __schedule+0xdad/0x7720 [ 532.984263][ T9786] schedule+0x17d/0x3c0 [ 532.988566][ T9786] [ 532.991724][ T9786] CPU: 0 UID: 0 PID: 9786 Comm: syz.5.1382 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(undef) [ 533.002354][ T9786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 533.012572][ T9786] ===================================================== [ 533.019557][ T9786] Disabling lock debugging due to kernel taint [ 533.026026][ T9786] Kernel panic - not syncing: kmsan.panic set ... [ 533.032536][ T9786] CPU: 0 UID: 0 PID: 9786 Comm: syz.5.1382 Tainted: G B 6.15.0-rc7-syzkaller #0 PREEMPT(undef) [ 533.044655][ T9786] Tainted: [B]=BAD_PAGE [ 533.048856][ T9786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 533.059030][ T9786] Call Trace: [ 533.062369][ T9786] [ 533.065355][ T9786] __dump_stack+0x26/0x30 [ 533.069800][ T9786] dump_stack_lvl+0x53/0x270 [ 533.074520][ T9786] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 533.080465][ T9786] dump_stack+0x1e/0x25 [ 533.084855][ T9786] panic+0x4bd/0xd50 [ 533.088963][ T9786] kmsan_report+0x29d/0x2a0 [ 533.093607][ T9786] ? vprintk_default+0x3f/0x50 [ 533.098511][ T9786] ? __msan_warning+0x96/0x120 [ 533.103430][ T9786] ? cxusb_i2c_xfer+0x1303/0x18e0 [ 533.108577][ T9786] ? __i2c_transfer+0xeca/0x30e0 [ 533.113607][ T9786] ? i2c_transfer+0x300/0x4b0 [ 533.118391][ T9786] ? i2c_transfer_buffer_flags+0x138/0x200 [ 533.124304][ T9786] ? i2cdev_write+0x214/0x2b0 [ 533.129076][ T9786] ? vfs_write+0x463/0x1560 [ 533.133779][ T9786] ? __ia32_sys_write+0x1f9/0x4d0 [ 533.138917][ T9786] ? ia32_sys_call+0x30f2/0x42c0 [ 533.143939][ T9786] ? __do_fast_syscall_32+0xb0/0x110 [ 533.149351][ T9786] ? do_fast_syscall_32+0x38/0x80 [ 533.154492][ T9786] ? do_SYSENTER_32+0x1f/0x30 [ 533.159320][ T9786] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 533.165983][ T9786] ? kmsan_get_metadata+0x105/0x1b0 [ 533.171517][ T9786] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 533.177997][ T9786] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 533.184208][ T9786] ? kmsan_get_metadata+0x105/0x1b0 [ 533.189548][ T9786] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 533.196019][ T9786] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 533.202241][ T9786] ? mutex_unlock+0x29/0x50 [ 533.206868][ T9786] ? kmsan_get_metadata+0x105/0x1b0 [ 533.212215][ T9786] __msan_warning+0x96/0x120 [ 533.216919][ T9786] cxusb_i2c_xfer+0x1303/0x18e0 [ 533.221891][ T9786] ? kmsan_get_metadata+0x105/0x1b0 [ 533.227211][ T9786] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 533.233160][ T9786] ? __rcu_read_unlock+0x6d/0xd0 [ 533.238308][ T9786] ? aa_file_perm+0x24c/0x18d0 [ 533.243233][ T9786] ? kmsan_get_metadata+0x105/0x1b0 [ 533.248585][ T9786] ? __pfx_cxusb_i2c_xfer+0x10/0x10 [ 533.253921][ T9786] ? __pfx_cxusb_i2c_xfer+0x10/0x10 [ 533.259244][ T9786] __i2c_transfer+0xeca/0x30e0 [ 533.264130][ T9786] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 533.270585][ T9786] ? __pfx_i2c_adapter_lock_bus+0x10/0x10 [ 533.276529][ T9786] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 533.282739][ T9786] ? __pfx_i2c_adapter_lock_bus+0x10/0x10 [ 533.288584][ T9786] i2c_transfer+0x300/0x4b0 [ 533.293195][ T9786] i2c_transfer_buffer_flags+0x138/0x200 [ 533.298952][ T9786] i2cdev_write+0x214/0x2b0 [ 533.303552][ T9786] ? __pfx_i2cdev_write+0x10/0x10 [ 533.308668][ T9786] vfs_write+0x463/0x1560 [ 533.313103][ T9786] ? stack_depot_save_flags+0x35/0x7c0 [ 533.318657][ T9786] ? __fget_files+0x3b9/0x4a0 [ 533.323441][ T9786] ? kmsan_get_metadata+0x105/0x1b0 [ 533.328767][ T9786] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 533.335220][ T9786] ? kmsan_get_metadata+0x105/0x1b0 [ 533.340564][ T9786] __ia32_sys_write+0x1f9/0x4d0 [ 533.345558][ T9786] ia32_sys_call+0x30f2/0x42c0 [ 533.350431][ T9786] __do_fast_syscall_32+0xb0/0x110 [ 533.355700][ T9786] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 533.361573][ T9786] do_fast_syscall_32+0x38/0x80 [ 533.366573][ T9786] do_SYSENTER_32+0x1f/0x30 [ 533.371216][ T9786] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 533.377685][ T9786] RIP: 0023:0xf7f23539 [ 533.381838][ T9786] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 533.401664][ T9786] RSP: 002b:00000000f504655c EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 533.410200][ T9786] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000 [ 533.418268][ T9786] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 533.426317][ T9786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 533.434372][ T9786] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 533.442419][ T9786] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 533.450485][ T9786] [ 533.453845][ T9786] Kernel Offset: disabled [ 533.458246][ T9786] Rebooting in 86400 seconds..