last executing test programs: 1m11.895514348s ago: executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r0, 0x28, 0x0, &(0x7f00000054c0)=""/81, &(0x7f0000000080)=0x35) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000f40)=@newtaction={0x95c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x948, 0x1, [@m_police={0x944, 0xe, 0x0, 0x0, {{0xb}, {0x8a8, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x5, 0x7e05844d, 0x0, 0xffffffff, {0x9, 0x1, 0x5, 0x1, 0x9, 0x8000}, {0x1f, 0x0, 0x20, 0x101, 0x906, 0x1000}, 0x53c, 0x7, 0x5}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xd22}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x800, 0xf38, 0x5, 0x7fffffff, 0x4, 0x3, 0x40, 0x9, 0x3, 0x4, 0x81, 0x6, 0x9, 0x1ff, 0x401, 0x0, 0x20, 0x7, 0x0, 0x8, 0x8, 0x80000001, 0x8007fff, 0x7, 0x1000, 0x1000, 0xf824, 0x709f, 0x1, 0xdee, 0x1, 0x40, 0x8, 0x6, 0x5, 0x3c, 0x1, 0xd160, 0x4, 0x8, 0x1, 0x4, 0xfffffff9, 0x97a, 0x1, 0x4, 0x4, 0xfc8b, 0x100, 0x5, 0x1, 0x8001, 0x6, 0x8000, 0x7, 0x201, 0x8001, 0x3, 0x8, 0x8, 0x7fff, 0x1, 0x8, 0x8b92, 0x14, 0x1, 0x800, 0x100, 0x9, 0x4, 0x3, 0x2, 0x83d, 0xffffff7f, 0x1, 0x7f, 0xfffffffd, 0x9, 0x1, 0xfffeffff, 0xfffffff9, 0x4101, 0x2, 0x9, 0x9, 0xa2, 0x6, 0xf482, 0x3, 0x7, 0x7, 0x0, 0x9, 0x46, 0x101, 0x3, 0x200, 0x200, 0x40, 0x72b, 0xf516, 0x2, 0x80, 0x7bce, 0x7fff, 0x6, 0x4, 0x40, 0xffff7fff, 0x6, 0x9, 0x1000, 0x0, 0xf6c, 0x4, 0x80000000, 0x40, 0x1, 0x8, 0x2, 0x0, 0x0, 0x200, 0x65, 0x6, 0x3, 0x3, 0xac84, 0x2, 0xe35, 0xc772, 0x5, 0x3f, 0x4, 0x65a, 0x1, 0x5, 0x1, 0x3, 0x3, 0x3, 0x3, 0x6, 0x4, 0xffff, 0x8, 0xa588, 0x2, 0xff, 0x40, 0x7fff, 0x3, 0x4, 0x9, 0x5cf, 0x246a68e8, 0xe5b0, 0x80, 0x100, 0x800000, 0xfffffff8, 0x2057183d, 0x5, 0x1, 0x20, 0xfffffffb, 0xfffffffe, 0x8, 0x1, 0x0, 0x0, 0x4, 0x0, 0x3ff, 0x4, 0x1, 0x80000001, 0x3, 0x4, 0x5, 0x401, 0x3f, 0x1, 0x1, 0x7, 0x8, 0x6, 0x80000001, 0xffff, 0x824, 0x7ff, 0xfffffff9, 0x7fff, 0x7, 0x2, 0x401, 0x8, 0x20, 0x1, 0x88f4, 0x0, 0x10000, 0x6, 0x81, 0x6, 0x7, 0x10000, 0x9, 0x1, 0x8, 0x81, 0x0, 0x3, 0x8000000, 0x241d, 0x2, 0x5, 0x9, 0x65ef, 0x5, 0x5, 0x7c3e, 0x2, 0x0, 0x80, 0x6, 0x33f, 0x81, 0x40, 0x1, 0x8, 0x41a, 0xfff, 0x80000000, 0x4, 0xfffffff7, 0x80000001, 0x20, 0x806, 0x7f, 0xfffffff8, 0x7ff, 0x7ff, 0x100, 0x0, 0xffffffff, 0x80000001, 0x8000, 0x9, 0x39267843, 0x6, 0x9, 0x9, 0x3, 0x3ff]}], [@TCA_POLICE_RESULT={0x8, 0x5, 0x8001}, @TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x10000000, 0xfffffffd, 0x3fe, 0x9, {0x4, 0x0, 0xc8, 0x0, 0xd596, 0x8}, {0x3, 0x1, 0x3, 0x9, 0x8, 0x4}, 0x8001, 0x7, 0x100}}], [@TCA_POLICE_RESULT={0x8, 0x5, 0x8}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x2c1, 0xbe7, 0xfffffff7, 0x3, 0x4, 0x5f, 0x0, 0xf44, 0x8, 0x16, 0xffffffff, 0x9, 0x20, 0x6, 0x75, 0x80000001, 0xacc, 0x9, 0x0, 0x6, 0x1, 0x7ff, 0x5, 0x2, 0xfd3a, 0x3, 0x8, 0x1, 0x1, 0x5, 0x7, 0x80, 0x7c, 0x101, 0x1, 0x454, 0x6c5, 0x80000000, 0x8, 0x401, 0x101, 0x10001, 0x80000000, 0x5, 0x1, 0x2, 0x290, 0x8, 0x0, 0x80, 0x806, 0x3, 0x7, 0x2, 0x80000001, 0xffff, 0x703, 0x9, 0x1000, 0x3, 0x1, 0x7f, 0x1, 0x1f, 0x1, 0x800, 0xfffffffb, 0x3f, 0x1f, 0x200, 0x4, 0x7, 0x62bc4d06, 0x8, 0xffff, 0x800, 0xffffffc1, 0x3, 0x184a000, 0x8, 0x5df, 0x0, 0x7fffffff, 0x3, 0x7ff, 0x5, 0xc28, 0x0, 0x6, 0x81, 0x1ff, 0x2, 0x80000001, 0x6, 0xfffff1f5, 0x3, 0x5, 0x7fffffff, 0xfffffff7, 0x5, 0xffffff7f, 0x8, 0x80000001, 0x1, 0xdb5487d, 0x4d2, 0xdd0, 0x8001, 0xe3, 0x3, 0xffffff00, 0x1, 0x10, 0x81, 0x81, 0x96, 0x6, 0x5e, 0x1, 0x3e1, 0x4, 0x0, 0x6, 0x2, 0x10001, 0x9, 0x800, 0x8, 0x56, 0x8, 0x5, 0x0, 0x0, 0x5, 0x1, 0x54b, 0x7, 0xfe4, 0x0, 0x101, 0xdc1e, 0x7ff, 0x8, 0x7, 0x1, 0x7fff, 0x5, 0x3, 0x3ff, 0x2, 0x7, 0x8d01, 0x8000, 0x3, 0x3, 0x7093, 0x4, 0x400, 0x7, 0x5, 0x4, 0x2, 0x3, 0x77, 0x0, 0x1f, 0x8, 0xbed, 0x0, 0x1, 0x1, 0x800, 0x7, 0x3f, 0x5, 0x20, 0xff, 0xfffffffa, 0x0, 0xff, 0x20, 0x9, 0xfff, 0xfffffeff, 0x4fd8, 0x2, 0x3, 0x5, 0x0, 0x4, 0x1, 0x4167c209, 0x3, 0x10001, 0x80000000, 0x8, 0x511, 0x3, 0x1, 0x0, 0x3c3b, 0x5, 0x400, 0xffffffff, 0x5, 0x7fffffff, 0x7, 0x5, 0x3, 0x8, 0x2, 0x6, 0x9, 0xc4a5, 0x7f, 0x8, 0x400, 0x5, 0x100, 0x13, 0x9, 0x1ff, 0x8d7, 0x0, 0xfffffc00, 0x7, 0x2, 0x0, 0x10001, 0xffffff1f, 0x3, 0xaba39c9b, 0xff, 0x7, 0x0, 0x2, 0x8, 0x7fff, 0x8, 0x1, 0x4, 0x8, 0x8, 0x7f, 0x800, 0x5, 0x7, 0xe78, 0x1, 0x800, 0x0, 0x0, 0x10000, 0x5, 0x2, 0xffff]}], [@TCA_POLICE_AVRATE={0x8, 0x4, 0x6}]]}, {0x73, 0x6, "0c55b9d9cc8e6b9a43b229a7f8a55bfd1d44e960bbed50178766eae5514cc6e3a38b7ffdc516897a6e4e07e99154367b6941175d70de22f7059c2a837d11563ec7c9d478f9a40ce72722fefb2f643ced0bb3a4d64dc16fafa569624133931658692e595d751a0631cd9e2428f18131"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0x95c}}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0001400200000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) 1m11.173768332s ago: executing program 2: utime(0x0, 0x0) move_pages(0x0, 0x20000000000001ab, &(0x7f0000000000), 0x0, &(0x7f0000000000)=[0x0], 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff020000000000000000000000000001"], 0x0) 1m10.018976756s ago: executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000300)='./file1\x00', 0x2a0642, 0x1ff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4d77e7e4ea571c8c88465936fbb4434c34827db617f8b274c7beba11330b49a1f450a597d0fce517b4a626c6749ae46bd8a0347e61553f4271662c562c188bc6b1aa189809a4b95fa2873cc3668789b4e5c1fc71b2e3bedaa1b4198c7843f16b16e22721feea23e1", @ANYBLOB="01000000000000000000", @ANYRESDEC=r1, @ANYBLOB='\b\x00k\x00J\x00'], 0x24}}, 0x0) write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x40) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r4 = fcntl$dupfd(r3, 0x0, r3) write$sndseq(r4, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote={{0x3}}}], 0x38) ioctl$SG_GET_REQUEST_TABLE(r4, 0x2286, &(0x7f00000018c0)) r5 = socket$inet(0x2, 0x80000, 0x7fffffff) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r9, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r6, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r7, 0x0, 0xffffffffffffffff, 0x1}) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r11 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r11, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r8, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa194f}) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x10, &(0x7f0000000000), 0x4) socket$inet_mptcp(0x2, 0x1, 0x106) 35.401971709s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40, &(0x7f0000000380), 0x84, 0x4dc, &(0x7f0000000c00)="$eJzs3EtvHEUeAPB/tx+JN/bam90F8oAYAsLiYcfO88AFBFIuSKAgFMTJ2E4U4iQoNlISWdggFI4onwA4IvEJOMEFAScQVxBXhBQhXxI4oEY90+OMPeOxHXvGhPn9pLGruqu7q7qqPF1VagfQtgbzH0lEb0T8GBH95ejyBIPlX7cX5yZ+X5ybSCLLTv2WlNLdWpybqCStHLeriAylEen7Seyrc92Zq9fOj09PT10u4iOzF94ambl67elzF8bPTp2dujh24sSRwz3Hj40d3ZJy9uV53fvOpf17Tr5248WJ0zfe+OazPL9ZsX9nzREDG7xCR82WwRhcfi+rPLbBs//d9VWFk85tzAgbkrfavLq6Sv2/PzriTuX1xwvvbWvmgKbKsizbUbN16btsIauWJOUDgH+IRJeGNlX5or+1mI9U5yaqx/Pt4OazURoB5eW+XXzKezojzcfwA+WxUbP8LyJOL/zxUf6JFfMpAADN8EX+/PNU+bmj8invSeO+qnT/LtaGBiLiPxGxOyL+Wzy//D+ilPb+iHhg2dnn17z+4Ip47fPP97VLM1sof/57pljbWv78l1aSDHQUsb5S+buSM+empw4V92Qounbk8dHaUy9Nq335/A8frnb9warnv/yTX7/yLFjk49fOFRN0k+Oz45std8XNd0tTevO15U+WVgLykcGeiNh7F+fP79m5Jz7dX3dn5RY3LH8DW7DOlH0S8Xi5/hdiRflz3UWo/vrk6PFjY0dHdsb01KGRSquo9e13118qgjVDiTXq//XezRexobz+/7XU/su/y3sqK5edA0n1eu3Mxq9x/acPVh3T3G37705eKYW7i21XxmdnL49GdCcLtdvH7hx7ZbxnWfq8/EMH6/f/3RF/flwcty8i8kb8YEQ8FBEHirw/HBGPRMTBBuX/+rlH36xX9+srf3Pl5Z+s+/dvaeV6Rf1vPNBx/qvPV7v++ur/SCk0VGyZHJ9d8zthvRnczL0DAACAe8WBiOiNJB0upuN6I02Hh6P7zgzKzOyTZy69fXGy/I7AQHSllZmu/qr50NFibjiP50eNVcXz/YdL88ZZlmU9pfjwxKXpvu0tOrS9XfX7f8kvta+0xKmW5xBoqg2to632RhtwT1p//19YEc+2PC9Aa3lfG9rX6v0/bWk+gNZb9/d/M9+EA7ZFvf4/H3F7G7ICtFi9/v/qNuQDaD3zf9C+9H9oX7X937w/tIHNvNffKLD7ZIM0SWdzLrp6II3G/wVgIGJjJ/w5jdiaHHZsaUl71lGnO2N958mtnibSNfPT2eAfMbxce8Pz5C1qEmlrm1/jwI6G97nUepca23wlcK3ZGdvmP0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb5K8AAAD//0Oj0ZE=") chroot(&(0x7f0000000000)='.\x00') syz_usb_connect$uac1(0x0, 0x71, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) 33.822032448s ago: executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x84, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x66, 0x33, @probe_response={{{}, {}, @device_b, @device_a, @from_mac=@broadcast}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @val={0x4, 0x6}, @val={0x6, 0x2}, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, [{0xdd, 0x6, "58a298f9c8d6"}]}}]}, 0x84}}, 0x0) 32.460763776s ago: executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup2(r0, r0) sendmsg$DEVLINK_CMD_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x14}, 0x14}}, 0x0) 32.171094948s ago: executing program 4: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) statx(r0, &(0x7f0000008980)='\x00', 0x1000, 0x0, &(0x7f00000089c0)) 32.036660257s ago: executing program 0: r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x3}, 0x18) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) 32.000198427s ago: executing program 1: r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TRIM(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10}, 0x10}}, 0x0) recvmmsg(r0, &(0x7f00000021c0)=[{{&(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)={0x14}, 0x14}}, 0x0) 31.785081083s ago: executing program 4: r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_disconnect(r0) 31.622548673s ago: executing program 1: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100), 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) 31.273275365s ago: executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000300)='./file1\x00', 0x2a0642, 0x1ff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4d77e7e4ea571c8c88465936fbb4434c34827db617f8b274c7beba11330b49a1f450a597d0fce517b4a626c6749ae46bd8a0347e61553f4271662c562c188bc6b1aa189809a4b95fa2873cc3668789b4e5c1fc71b2e3bedaa1b4198c7843f16b16e22721feea23e1", @ANYBLOB="01000000000000000000", @ANYRESDEC=r1, @ANYBLOB='\b\x00k\x00J\x00'], 0x24}}, 0x0) write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x40) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r4 = fcntl$dupfd(r3, 0x0, r3) write$sndseq(r4, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote={{0x3}}}], 0x38) ioctl$SG_GET_REQUEST_TABLE(r4, 0x2286, &(0x7f00000018c0)) r5 = socket$inet(0x2, 0x80000, 0x7fffffff) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r9, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r6, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r7, 0x0, 0xffffffffffffffff, 0x1}) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r11 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r11, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r8, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa194f}) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x10, &(0x7f0000000000), 0x4) socket$inet_mptcp(0x2, 0x1, 0x106) 31.24238639s ago: executing program 0: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'batadv0\x00', &(0x7f0000001880)=@ethtool_stats}) socket$nl_route(0x10, 0x3, 0x0) read(r1, &(0x7f00000004c0)=""/152, 0x98) 31.009348216s ago: executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000041, 0x0, 0x0, 0x0, &(0x7f0000000040)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000003880)=ANY=[@ANYBLOB='huge=always']) chdir(&(0x7f0000000140)='./file0\x00') r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r3, 0x8208200) r4 = open(&(0x7f0000000780)='./bus\x00', 0x14117e, 0x0) mmap(&(0x7f000041c000/0x4000)=nil, 0x4000, 0x7ffffe, 0x4002011, r4, 0x0) ioctl$SNDCTL_SEQ_SYNC(0xffffffffffffffff, 0x5101) ftruncate(r4, 0x5) 30.068544498s ago: executing program 2: mkdir(0x0, 0x0) mkdir(0x0, 0x0) mkdir(0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a2b0c0000000000000000020000000900020073797a32000000000900010073797a30000000002c000480280001800b0001006f626a72"], 0x80}}, 0x0) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x84, &(0x7f0000000280)={0x0, @in6={{0xa, 0x0, 0x0, @dev}}}, 0x90) 29.862270623s ago: executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup2(r0, r0) sendmsg$DEVLINK_CMD_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x14}, 0x14}}, 0x0) 22.991958177s ago: executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x84, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x66, 0x33, @probe_response={{{}, {}, @device_b, @device_a, @from_mac=@broadcast}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @val={0x4, 0x6}, @val={0x6, 0x2}, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, [{0xdd, 0x6, "58a298f9c8d6"}]}}]}, 0x84}}, 0x0) 22.869563111s ago: executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0xf0ff7f}, 0x0) 22.869251806s ago: executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCBRADDBR(r2, 0x89a0, 0x0) 21.808488033s ago: executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100), 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) 21.808355069s ago: executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef91", 0x12) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000007140)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)="4a7a5ac44bc48337607985e55fbfbcc246567c44de23b7fcb6738e03840838", 0x1f}, {&(0x7f0000000300)="41b527cc49159a41ab335f3c5ac0f90700000011224a76773da22896a72a601c810000fc7d531cf7f7ac1cb841ff00000100000001830725708695ee8f50df524666bddd0e1c39b52ee31838c15736f93727094edbdd36f4b4000000000d3b4d68c5bd1a21ee1f445468076fb1301e0fa4ae", 0x72}], 0x2, &(0x7f00000015c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000002ac0)=[{{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f0000001600)=""/137, 0x89}], 0x1}}], 0x40000a4, 0x0, 0x0) 21.808210548s ago: executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCGSID(r1, 0x541b, &(0x7f00000067c0)) bind$unix(r0, &(0x7f0000003000)=@abs={0x0, 0x0, 0x4e21}, 0x6e) pipe2(&(0x7f0000000000), 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_pktinfo(r3, 0x6, 0xd, &(0x7f00000000c0)={0x0, @loopback, @dev}, 0xc) r4 = dup(r2) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/class/power_supply', 0x0, 0x0) socket$inet(0x2, 0x0, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000180)={'syz0', "001a73c11b5a"}, 0xa) recvmsg$inet_nvme(r4, &(0x7f00000014c0)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0}, 0x0) close(r5) socket$packet(0x11, 0x3, 0x300) 21.216270372s ago: executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000300)='./file1\x00', 0x2a0642, 0x1ff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4d77e7e4ea571c8c88465936fbb4434c34827db617f8b274c7beba11330b49a1f450a597d0fce517b4a626c6749ae46bd8a0347e61553f4271662c562c188bc6b1aa189809a4b95fa2873cc3668789b4e5c1fc71b2e3bedaa1b4198c7843f16b16e22721feea23e1", @ANYBLOB="01000000000000000000", @ANYRESDEC=r1, @ANYBLOB='\b\x00k\x00J\x00'], 0x24}}, 0x0) write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x40) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r4 = fcntl$dupfd(r3, 0x0, r3) write$sndseq(r4, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote={{0x3}, 0x4}}], 0x1c) ioctl$SG_GET_REQUEST_TABLE(r4, 0x2286, &(0x7f00000018c0)) r5 = socket$inet(0x2, 0x80000, 0x7fffffff) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r9, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r6, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r7, 0x0, 0xffffffffffffffff, 0x1}) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r11 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r11, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r8, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa194f}) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x10, &(0x7f0000000000), 0x4) socket$inet_mptcp(0x2, 0x1, 0x106) 16.611132953s ago: executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup2(r0, r0) sendmsg$NL80211_CMD_START_P2P_DEVICE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) 15.853768888s ago: executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x84, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x66, 0x33, @probe_response={{{}, {}, @device_b, @device_a, @from_mac=@broadcast}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @val={0x4, 0x6}, @val={0x6, 0x2}, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, [{0xdd, 0x6, "58a298f9c8d6"}]}}]}, 0x84}}, 0x0) 1.656686439s ago: executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) dup3(r1, r0, 0x0) write$FUSE_NOTIFY_POLL(r0, 0x0, 0x0) 1.096952088s ago: executing program 3: prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) socket$nl_generic(0x10, 0x3, 0x10) 632.009608ms ago: executing program 3: r0 = openat$ubi_ctrl(0xffffff9c, &(0x7f00000002c0), 0x0, 0x0) flock(r0, 0x1) 210.340677ms ago: executing program 3: r0 = syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f0000000380)=ANY=[@ANYBLOB="12010000020000402505a1a440000000010109023b000101000007090400001202060000052406000005240020000d240f010000000000000000000905820200020000000905030240"], 0x0) gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_usb_ep_read(r0, 0x3, 0xff33, 0x0) 0s ago: executing program 2: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100), 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) kernel console output (not intermixed with test programs): 957.416592][T11096] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended [ 957.443110][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 957.465330][T11096] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz-executor.2: inode #15: comm syz-executor.2: iget: illegal inode # [ 957.524879][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 957.543751][T11096] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 957.558419][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 957.591858][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 957.925712][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 957.954104][T11096] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 958.625741][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.063178][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.108805][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.167188][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.196599][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.234520][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.270224][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.313140][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.373103][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.403317][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.443240][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.469474][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.495158][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.516496][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.554402][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.574316][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.596489][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.620616][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 959.668733][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.712127][T10852] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 959.783260][T10853] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 959.803455][T10853] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 959.815314][T10853] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 959.833672][T10853] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 959.853251][T10853] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 959.863317][T10853] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 960.266162][T10852] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 960.275235][T11099] EXT4-fs error (device loop2): ext4_validate_block_bitmap:431: comm ext4lazyinit: bg 0: block 19: invalid block bitmap [ 960.394374][T10852] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 960.416846][T10852] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 960.441970][T10852] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 960.618037][T10408] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 962.196297][T10853] Bluetooth: hci15: command tx timeout [ 962.227307][ T2473] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 962.941580][ T2473] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 962.965242][T11120] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 963.690878][ T2473] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 963.757590][ T4294] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 963.803337][ T4294] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 964.017523][ T2473] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 964.273943][T10853] Bluetooth: hci15: command tx timeout [ 965.055284][T10106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 965.132466][T10106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 965.523376][T11136] loop2: detected capacity change from 0 to 4096 [ 965.633422][T11136] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 966.383668][T10853] Bluetooth: hci15: command tx timeout [ 967.306169][ T2473] bridge_slave_1: left allmulticast mode [ 967.381309][ T2473] bridge_slave_1: left promiscuous mode [ 967.389016][ T2473] bridge0: port 2(bridge_slave_1) entered disabled state [ 967.476211][ T2473] bridge_slave_0: left allmulticast mode [ 967.482038][ T2473] bridge_slave_0: left promiscuous mode [ 967.511919][ T2473] bridge0: port 1(bridge_slave_0) entered disabled state [ 968.460312][T10853] Bluetooth: hci15: command tx timeout [ 969.998233][T11173] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 971.197345][ T2473] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 971.258587][ T2473] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 971.287296][ T2473] bond0 (unregistering): Released all slaves [ 971.413647][T11146] pimreg: entered allmulticast mode [ 971.701216][T11106] chnl_net:caif_netlink_parms(): no params data found [ 973.038258][T11188] loop3: detected capacity change from 0 to 2048 [ 973.433982][T11188] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 974.429792][T11106] bridge0: port 1(bridge_slave_0) entered blocking state [ 974.461578][T11106] bridge0: port 1(bridge_slave_0) entered disabled state [ 974.470494][T11106] bridge_slave_0: entered allmulticast mode [ 974.591568][T11106] bridge_slave_0: entered promiscuous mode [ 974.650942][T11106] bridge0: port 2(bridge_slave_1) entered blocking state [ 974.713415][T11106] bridge0: port 2(bridge_slave_1) entered disabled state [ 974.748375][T11106] bridge_slave_1: entered allmulticast mode [ 974.772437][T11106] bridge_slave_1: entered promiscuous mode [ 975.142476][T11213] loop0: detected capacity change from 0 to 32768 [ 975.152338][T11213] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (11213) [ 975.211486][T11213] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 975.221876][T11213] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 975.230725][T11213] BTRFS info (device loop0): using free-space-tree [ 975.350872][T11224] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'. [ 975.438311][T11227] loop3: detected capacity change from 0 to 512 [ 975.465705][ T2473] hsr_slave_0: left promiscuous mode [ 975.770311][ T2473] hsr_slave_1: left promiscuous mode [ 976.350323][ T2473] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 976.398780][ T2473] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 976.453194][T11227] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 976.551938][ T2473] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 976.562670][T11227] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended [ 976.605925][ T29] audit: type=1400 audit(1717520377.522:427): avc: denied { write } for pid=11235 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 976.635401][ T2473] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 976.668062][T11227] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz-executor.3: inode #15: comm syz-executor.3: iget: illegal inode # [ 976.706510][T11227] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 976.781989][T11227] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 976.782411][ T8569] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 976.801728][ T2473] veth1_macvtap: left promiscuous mode [ 976.823004][ T2473] veth0_macvtap: left promiscuous mode [ 976.841334][ T2473] veth1_vlan: left promiscuous mode [ 976.853169][ T2473] veth0_vlan: left promiscuous mode [ 976.895528][T11206] EXT4-fs error (device loop3): ext4_validate_block_bitmap:431: comm syz-executor.3: bg 0: block 19: invalid block bitmap [ 977.621564][T10852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 978.642308][ T29] audit: type=1400 audit(1717520379.552:428): avc: denied { listen } for pid=11250 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 978.753429][ T29] audit: type=1400 audit(1717520379.652:429): avc: denied { accept } for pid=11250 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 979.210773][T11251] loop0: detected capacity change from 0 to 128 [ 979.244412][T11251] udf: Unknown parameter ' @ε|BdZSnHV"KJ V˶#b/(b"'' [ 979.264988][T11249] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 979.347297][ T29] audit: type=1800 audit(1717520380.262:430): pid=11251 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1990 res=0 errno=0 [ 980.097977][ T2473] team0 (unregistering): Port device team_slave_1 removed [ 980.349513][ T2473] team0 (unregistering): Port device team_slave_0 removed [ 982.856202][T11106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 982.927245][T11106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 984.242762][T11106] team0: Port device team_slave_0 added [ 984.288785][T11106] team0: Port device team_slave_1 added [ 984.630586][T11275] loop3: detected capacity change from 0 to 32768 [ 984.703709][T11275] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (11275) [ 984.798004][T11274] loop2: detected capacity change from 0 to 4096 [ 984.841062][T11275] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 984.851393][T11275] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 984.860497][T11275] BTRFS info (device loop3): using free-space-tree [ 984.863205][T11274] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 985.084662][T11106] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 985.124875][T11106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 985.551574][T10853] Bluetooth: hci6: command 0x0406 tx timeout [ 985.780865][T11106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 986.398951][T11106] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 986.624810][T11106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 986.985508][T11106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 988.197169][T10852] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 988.440060][T11106] hsr_slave_0: entered promiscuous mode [ 988.465224][T11106] hsr_slave_1: entered promiscuous mode [ 988.488372][T11106] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 988.499007][T11106] Cannot create hsr debugfs directory [ 988.940797][T11271] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 988.990448][T11312] loop2: detected capacity change from 0 to 4096 [ 989.056471][T11312] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 991.708136][T11341] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 991.720066][T11106] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 991.780958][T11106] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 992.427971][T11106] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 992.565881][T11106] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 993.419246][T11344] loop0: detected capacity change from 0 to 4096 [ 993.460118][T11344] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 994.069924][T11106] 8021q: adding VLAN 0 to HW filter on device bond0 [ 994.620658][T11106] 8021q: adding VLAN 0 to HW filter on device team0 [ 995.301873][ T29] audit: type=1400 audit(1717520396.192:431): avc: denied { bind } for pid=11350 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 995.342014][ T29] audit: type=1400 audit(1717520396.192:432): avc: denied { name_bind } for pid=11350 comm="syz-executor.4" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 995.381126][ T931] bridge0: port 1(bridge_slave_0) entered blocking state [ 995.388446][ T931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 995.451068][ T29] audit: type=1400 audit(1717520396.192:433): avc: denied { node_bind } for pid=11350 comm="syz-executor.4" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 995.511760][ T931] bridge0: port 2(bridge_slave_1) entered blocking state [ 995.519021][ T931] bridge0: port 2(bridge_slave_1) entered forwarding state [ 995.599480][ T29] audit: type=1400 audit(1717520396.362:434): avc: denied { listen } for pid=11350 comm="syz-executor.4" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 995.707739][ T29] audit: type=1400 audit(1717520396.422:435): avc: denied { mounton } for pid=11350 comm="syz-executor.4" path="/root/syzkaller-testdir1474084749/syzkaller.ATNxVp/178/file0" dev="sda1" ino=1972 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=file permissive=1 [ 995.858548][ T29] audit: type=1400 audit(1717520396.622:436): avc: denied { connect } for pid=11350 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 995.937124][T11106] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 996.005016][ T29] audit: type=1400 audit(1717520396.642:437): avc: denied { name_connect } for pid=11350 comm="syz-executor.4" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 996.131340][ T29] audit: type=1400 audit(1717520396.712:438): avc: denied { accept } for pid=11350 comm="syz-executor.4" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 996.274023][ T29] audit: type=1400 audit(1717520396.872:439): avc: denied { write } for pid=11350 comm="syz-executor.4" laddr=::ffff:127.0.0.1 lport=20003 faddr=::ffff:127.0.0.1 fport=55824 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 997.717954][T11376] loop2: detected capacity change from 0 to 4096 [ 997.796398][T11376] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 997.840622][T11376] ntfs3: loop2: Failed to load $MFT (-2). [ 997.896114][T11106] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 997.985676][T11366] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 998.073971][ T6502] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 998.215898][T11106] veth0_vlan: entered promiscuous mode [ 998.288285][T11106] veth1_vlan: entered promiscuous mode [ 998.295355][ T6502] usb 1-1: Using ep0 maxpacket: 16 [ 998.353598][ T6502] usb 1-1: config 0 has no interfaces? [ 998.359195][ T6502] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 998.383728][ T6502] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 998.443388][ T6502] usb 1-1: config 0 descriptor?? [ 998.526534][T11106] veth0_macvtap: entered promiscuous mode [ 998.577719][T11106] veth1_macvtap: entered promiscuous mode [ 998.764086][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 998.770519][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 998.778503][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 998.860757][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.874881][T11395] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'. [ 998.901038][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 998.999135][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 999.044719][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 999.108080][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 999.149367][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 999.250938][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 999.325725][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 999.379682][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 999.434461][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 999.496651][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 999.537896][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 999.581597][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.086954][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1000.143555][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.154049][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1000.170404][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.207501][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1000.238282][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.267333][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1000.314743][ T931] usb 1-1: USB disconnect, device number 10 [ 1000.334144][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.344581][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1000.360084][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.370117][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1000.380709][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.405255][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1000.441472][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.603285][T11106] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1000.722473][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1000.783246][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.823287][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1000.868809][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1000.910533][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1000.983246][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.014989][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.040214][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.089360][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.135150][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.157897][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.179123][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.202032][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.235421][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.301007][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.384275][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.428279][T11417] loop0: detected capacity change from 0 to 128 [ 1001.440507][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.465023][T11417] udf: Unknown parameter ' @ε|BdZSnHV"KJ V˶#b/(b"'' [ 1001.489727][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.535729][T11416] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1001.565153][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.603032][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.640074][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.681324][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.749514][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.807631][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.843483][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.859903][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.881491][T11106] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1001.973029][T11106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1001.995610][T11106] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1002.077500][T11106] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1002.122601][ T29] audit: type=1804 audit(1717520403.032:440): pid=11418 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir307795958/syzkaller.amrXEA/9/cgroup.controllers" dev="sda1" ino=1985 res=1 errno=0 [ 1002.161108][T11106] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1002.203042][T11106] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1002.223915][T11106] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1002.329355][ T29] audit: type=1800 audit(1717520403.202:441): pid=11404 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1991 res=0 errno=0 [ 1003.469941][ T9935] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1003.613166][ T9935] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1003.894933][ T7213] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1003.902830][ T7213] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1003.949498][ T29] audit: type=1400 audit(1717520404.862:442): avc: denied { create } for pid=11431 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 1004.065588][T11435] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1004.092407][T11432] loop0: detected capacity change from 0 to 256 [ 1004.328052][ T29] audit: type=1400 audit(1717520405.242:443): avc: denied { remount } for pid=11431 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 1004.365839][T11433] loop2: detected capacity change from 0 to 4096 [ 1004.420884][T11433] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1004.440449][T11433] ntfs3: loop2: Failed to load $MFT (-2). [ 1004.775378][ T29] audit: type=1400 audit(1717520405.682:444): avc: denied { create } for pid=11431 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 1006.544503][T11435] loop1: detected capacity change from 0 to 32768 [ 1006.603804][T11435] btrfs: Deprecated parameter 'usebackuproot' [ 1006.609972][T11435] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 1006.681079][T11435] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (11435) [ 1006.774852][T11435] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1006.818565][T11435] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 1007.078082][T11447] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1007.258157][T11435] BTRFS error (device loop1): open_ctree failed [ 1007.392467][T11452] loop0: detected capacity change from 0 to 4096 [ 1007.548206][T11452] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 1012.813791][T11492] loop2: detected capacity change from 0 to 4096 [ 1012.921127][T11492] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1012.977436][T11492] ntfs3: loop2: Failed to load $MFT (-2). [ 1014.842421][T11506] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1019.968686][T11522] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1020.613123][ T931] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 1021.156646][T11539] loop4: detected capacity change from 0 to 32768 [ 1021.165518][ T931] usb 3-1: Using ep0 maxpacket: 16 [ 1021.209087][ T931] usb 3-1: config 0 has no interfaces? [ 1021.223041][ T931] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1021.232150][ T931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1021.252070][T11539] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (11539) [ 1021.314537][T11539] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1021.324829][T11539] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 1021.333587][T11539] BTRFS info (device loop4): using free-space-tree [ 1021.350874][ T931] usb 3-1: config 0 descriptor?? [ 1021.921356][ T4566] usb 3-1: USB disconnect, device number 28 [ 1026.875473][ T8429] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1027.174561][T11569] loop2: detected capacity change from 0 to 4096 [ 1027.248734][T11572] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1027.385318][T11569] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1027.435540][T11569] ntfs3: loop2: Failed to load $MFT (-2). [ 1029.085597][T11583] loop1: detected capacity change from 0 to 512 [ 1029.114284][T11583] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 1029.245128][T11583] EXT4-fs (loop1): warning: maximal mount count reached, running e2fsck is recommended [ 1029.627402][T11583] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz-executor.1: inode #15: comm syz-executor.1: iget: illegal inode # [ 1029.752159][T11583] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 1029.833795][T11583] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1030.152582][T11581] EXT4-fs error (device loop1): ext4_validate_block_bitmap:431: comm syz-executor.1: bg 0: block 19: invalid block bitmap [ 1030.573481][ T29] audit: type=1401 audit(1717520431.482:445): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t [ 1030.826295][T11608] input: syz0 as /devices/virtual/input/input33 [ 1030.877395][T11106] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1031.740353][ T45] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 1031.983110][ T45] usb 2-1: Using ep0 maxpacket: 16 [ 1032.385154][ T45] usb 2-1: config 0 has no interfaces? [ 1032.410746][ T45] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1032.453727][ T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1032.502315][ T45] usb 2-1: config 0 descriptor?? [ 1032.811716][T11626] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1034.216672][ T5158] usb 2-1: USB disconnect, device number 15 [ 1034.565311][T11632] loop2: detected capacity change from 0 to 4096 [ 1034.734405][T11632] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1034.763210][T11632] ntfs3: loop2: Failed to load $MFT (-2). [ 1035.973104][ T784] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 1036.163195][ T784] usb 3-1: Using ep0 maxpacket: 16 [ 1036.202545][ T784] usb 3-1: config index 0 descriptor too short (expected 25183, got 36) [ 1036.214090][ T784] usb 3-1: config 116 has too many interfaces: 121, using maximum allowed: 32 [ 1036.224015][ T784] usb 3-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 1036.241138][ T784] usb 3-1: config 116 has 0 interfaces, different from the descriptor's value: 121 [ 1036.252143][ T784] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1036.263162][ T784] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1036.518432][T11657] pimreg: entered allmulticast mode [ 1036.766778][T11650] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 1037.301322][ T784] usb 3-1: string descriptor 0 read error: -71 [ 1037.360690][ T784] usb 3-1: USB disconnect, device number 29 [ 1037.981360][T11673] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1038.183212][ T931] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 1038.423190][ T931] usb 5-1: Using ep0 maxpacket: 16 [ 1038.434544][ T931] usb 5-1: config 0 has no interfaces? [ 1038.465736][ T931] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1038.507345][ T931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1038.616157][ T931] usb 5-1: config 0 descriptor?? [ 1040.186766][T11685] loop0: detected capacity change from 0 to 4096 [ 1040.359099][T11685] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1040.455795][T11685] ntfs3: loop0: Failed to load $MFT (-2). [ 1040.459488][ T5158] usb 5-1: USB disconnect, device number 14 [ 1041.814462][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1041.886546][T10853] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1041.903492][T10853] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1041.923522][T10853] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1041.939561][T10853] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1041.974205][T10853] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1041.983063][T10853] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1042.367185][T11716] loop1: detected capacity change from 0 to 512 [ 1042.464826][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1042.466786][T11716] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 1042.571783][T11719] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1042.653757][ T29] audit: type=1804 audit(1717520443.572:446): pid=11712 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2714026361/syzkaller.a9vjSX/135/cgroup.controllers" dev="sda1" ino=1988 res=1 errno=0 [ 1042.689475][ T29] audit: type=1800 audit(1717520443.572:447): pid=11712 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="cgroup.controllers" dev="sda1" ino=1988 res=0 errno=0 [ 1042.722879][T11716] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: iget: bad i_size value: -67835469387268086 [ 1042.748212][T11716] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 1042.826257][T11716] EXT4-fs (loop1): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1042.851051][T11716] ext2 filesystem being mounted at /root/syzkaller-testdir4204848260/syzkaller.8bx8uX/16/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1042.879191][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1043.281406][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1043.448652][T11106] EXT4-fs (loop1): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 1044.043357][T10853] Bluetooth: hci6: command tx timeout [ 1044.641164][ T11] bridge_slave_1: left allmulticast mode [ 1044.688749][ T11] bridge_slave_1: left promiscuous mode [ 1044.733135][ T5157] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 1044.750451][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 1044.943285][ T11] bridge_slave_0: left allmulticast mode [ 1044.949015][ T11] bridge_slave_0: left promiscuous mode [ 1044.953087][ T5157] usb 5-1: Using ep0 maxpacket: 16 [ 1045.013541][ T5157] usb 5-1: config 0 has no interfaces? [ 1045.013709][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 1045.019099][ T5157] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1045.107662][ T5157] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1045.169959][ T5157] usb 5-1: config 0 descriptor?? [ 1046.123654][T10853] Bluetooth: hci6: command tx timeout [ 1046.756542][T11747] loop1: detected capacity change from 0 to 4096 [ 1046.834488][T11747] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1046.857403][T11747] ntfs3: loop1: Failed to load $MFT (-2). [ 1047.153514][ T931] usb 5-1: USB disconnect, device number 15 [ 1047.985356][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1048.019052][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1048.098638][ T11] bond0 (unregistering): Released all slaves [ 1048.196053][T10853] Bluetooth: hci6: command tx timeout [ 1048.506349][T11762] loop4: detected capacity change from 0 to 1024 [ 1048.779476][ T29] audit: type=1400 audit(1717520449.692:448): avc: denied { create } for pid=11761 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 1048.872697][T11708] chnl_net:caif_netlink_parms(): no params data found [ 1048.881098][ T29] audit: type=1400 audit(1717520449.722:449): avc: denied { write } for pid=11764 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 1048.989099][ T29] audit: type=1400 audit(1717520449.732:450): avc: denied { write } for pid=11761 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 1049.122843][T11773] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1049.549420][T11777] loop4: detected capacity change from 0 to 32768 [ 1049.584353][T11777] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (11777) [ 1049.649540][T11777] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1049.659839][T11777] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 1049.668754][T11777] BTRFS info (device loop4): using free-space-tree [ 1050.273212][T10853] Bluetooth: hci6: command tx timeout [ 1051.934594][ T8429] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1052.038304][T10853] Bluetooth: hci14: command 0x0406 tx timeout [ 1052.985773][ T11] hsr_slave_0: left promiscuous mode [ 1053.025217][ T11] hsr_slave_1: left promiscuous mode [ 1053.059770][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1053.099702][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1053.173749][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1053.244988][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1053.353870][ T5158] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 1053.459622][ T11] veth1_macvtap: left promiscuous mode [ 1053.485536][ T11] veth0_macvtap: left promiscuous mode [ 1053.491558][ T11] veth1_vlan: left promiscuous mode [ 1053.502902][ T11] veth0_vlan: left promiscuous mode [ 1053.573153][ T5158] usb 4-1: Using ep0 maxpacket: 16 [ 1053.845198][ T6502] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 1053.905805][ T5158] usb 4-1: config 0 has no interfaces? [ 1053.926678][ T5158] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1054.013388][ T5158] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1054.083496][ T6502] usb 1-1: Using ep0 maxpacket: 16 [ 1054.127184][ T5158] usb 4-1: config 0 descriptor?? [ 1054.138402][ T6502] usb 1-1: config index 0 descriptor too short (expected 25183, got 36) [ 1054.167892][ T6502] usb 1-1: config 116 has too many interfaces: 121, using maximum allowed: 32 [ 1054.188085][ T6502] usb 1-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 1054.213114][ T6502] usb 1-1: config 116 has 0 interfaces, different from the descriptor's value: 121 [ 1054.231550][ T6502] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1054.243501][ T6502] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1054.741999][T11818] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 1055.142675][ T11] pimreg (unregistering): left allmulticast mode [ 1055.233898][ T931] usb 4-1: USB disconnect, device number 17 [ 1055.474963][ T6502] usb 1-1: string descriptor 0 read error: -71 [ 1055.525484][ T6502] usb 1-1: USB disconnect, device number 11 [ 1057.167796][ T29] audit: type=1804 audit(1717520458.082:451): pid=11832 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2714026361/syzkaller.a9vjSX/142/cgroup.controllers" dev="sda1" ino=1988 res=1 errno=0 [ 1057.203425][T11831] loop3: detected capacity change from 0 to 4096 [ 1057.268492][ T29] audit: type=1800 audit(1717520458.082:452): pid=11832 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="cgroup.controllers" dev="sda1" ino=1988 res=0 errno=0 [ 1057.399663][T11831] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1057.465760][T11831] ntfs3: loop3: Failed to load $MFT (-2). [ 1057.569976][T11835] loop4: detected capacity change from 0 to 256 [ 1057.615480][T11835] exfat: Bad value for 'uid' [ 1057.697888][ T11] team0 (unregistering): Port device team_slave_1 removed [ 1057.772568][T11835] loop4: detected capacity change from 0 to 256 [ 1057.890940][T11835] FAT-fs (loop4): Directory bread(block 64) failed [ 1057.913583][T11835] FAT-fs (loop4): Directory bread(block 65) failed [ 1057.950321][T11835] FAT-fs (loop4): Directory bread(block 66) failed [ 1057.968428][T11835] FAT-fs (loop4): Directory bread(block 67) failed [ 1057.978049][ T11] team0 (unregistering): Port device team_slave_0 removed [ 1057.985421][T11835] FAT-fs (loop4): Directory bread(block 68) failed [ 1057.985478][T11835] FAT-fs (loop4): Directory bread(block 69) failed [ 1058.014332][T11835] FAT-fs (loop4): Directory bread(block 70) failed [ 1058.032165][T11835] FAT-fs (loop4): Directory bread(block 71) failed [ 1058.059132][T11835] FAT-fs (loop4): Directory bread(block 72) failed [ 1058.074451][T11835] FAT-fs (loop4): Directory bread(block 73) failed [ 1060.218212][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 1060.227488][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 1061.261697][T11708] bridge0: port 1(bridge_slave_0) entered blocking state [ 1061.308887][T11708] bridge0: port 1(bridge_slave_0) entered disabled state [ 1061.374424][T11708] bridge_slave_0: entered allmulticast mode [ 1061.396935][T11708] bridge_slave_0: entered promiscuous mode [ 1061.437104][T11817] veth0_vlan: entered allmulticast mode [ 1061.455959][T11708] bridge0: port 2(bridge_slave_1) entered blocking state [ 1061.483748][T11708] bridge0: port 2(bridge_slave_1) entered disabled state [ 1061.497527][T11708] bridge_slave_1: entered allmulticast mode [ 1061.541196][T11708] bridge_slave_1: entered promiscuous mode [ 1061.885698][T11708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1061.975831][T11708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1062.326661][T11708] team0: Port device team_slave_0 added [ 1062.407777][T11708] team0: Port device team_slave_1 added [ 1063.188734][T11860] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1063.313906][ T5110] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 1063.374402][T11708] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1063.404803][T11708] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1063.496134][T11708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1063.573819][ T5110] usb 4-1: Using ep0 maxpacket: 16 [ 1063.584599][T11708] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1063.591658][T11708] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1063.635741][ T5110] usb 4-1: config index 0 descriptor too short (expected 25183, got 36) [ 1063.674005][ T5110] usb 4-1: config 116 has too many interfaces: 121, using maximum allowed: 32 [ 1063.716638][ T5110] usb 4-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 1063.727718][T11708] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1063.791408][ T5110] usb 4-1: config 116 has 0 interfaces, different from the descriptor's value: 121 [ 1063.867943][ T5110] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1063.917416][ T5110] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1064.324847][T11854] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 1064.425246][T11708] hsr_slave_0: entered promiscuous mode [ 1064.458054][T11708] hsr_slave_1: entered promiscuous mode [ 1064.632279][T11708] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1064.658430][T11708] Cannot create hsr debugfs directory [ 1069.166862][ T5110] usb 4-1: string descriptor 0 read error: -32 [ 1069.367959][ T5110] usb 4-1: USB disconnect, device number 18 [ 1069.399556][T11874] loop1: detected capacity change from 0 to 256 [ 1069.445917][T11874] exfat: Bad value for 'uid' [ 1069.539237][T11874] loop1: detected capacity change from 0 to 256 [ 1069.584208][T11877] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1069.685481][T11874] FAT-fs (loop1): Directory bread(block 64) failed [ 1069.692098][T11874] FAT-fs (loop1): Directory bread(block 65) failed [ 1069.703560][T11874] FAT-fs (loop1): Directory bread(block 66) failed [ 1069.747922][T11874] FAT-fs (loop1): Directory bread(block 67) failed [ 1069.783232][T11874] FAT-fs (loop1): Directory bread(block 68) failed [ 1069.804217][T11874] FAT-fs (loop1): Directory bread(block 69) failed [ 1069.845928][T11874] FAT-fs (loop1): Directory bread(block 70) failed [ 1069.855354][T11874] FAT-fs (loop1): Directory bread(block 71) failed [ 1069.884648][T11874] FAT-fs (loop1): Directory bread(block 72) failed [ 1069.900534][T11874] FAT-fs (loop1): Directory bread(block 73) failed [ 1070.483174][ T784] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 1070.526572][T11883] loop3: detected capacity change from 0 to 4096 [ 1070.624183][T11883] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1070.697439][T11883] ntfs3: loop3: Failed to load $MFT (-2). [ 1070.704599][ T784] usb 1-1: Using ep0 maxpacket: 32 [ 1070.794072][ T784] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1070.823137][ T784] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1070.859357][ T784] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 1070.889748][ T784] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1070.919232][ T784] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 1070.970753][ T784] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 1070.996789][ T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1071.040032][ T784] usb 1-1: config 0 descriptor?? [ 1071.255272][T11708] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1071.309930][T11708] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1071.369205][T11708] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1071.430862][T11708] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1071.649541][ T784] ntrig 0003:1B96:000A.0003: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.0-1/input0 [ 1072.184930][T11708] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1072.324103][T11886] loop0: detected capacity change from 0 to 4096 [ 1072.354314][T11708] 8021q: adding VLAN 0 to HW filter on device team0 [ 1072.397396][ T6502] bridge0: port 1(bridge_slave_0) entered blocking state [ 1072.404880][ T6502] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1072.495519][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 1072.502846][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1072.755618][T11892] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1072.820721][T11893] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1074.073584][ T784] usb 1-1: USB disconnect, device number 12 [ 1074.242922][T11708] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1074.695979][T11708] veth0_vlan: entered promiscuous mode [ 1074.789818][T11708] veth1_vlan: entered promiscuous mode [ 1075.024924][ T6502] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 1075.096682][T11708] veth0_macvtap: entered promiscuous mode [ 1075.160197][ T5110] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 1075.198208][T11708] veth1_macvtap: entered promiscuous mode [ 1075.293060][ T6502] usb 2-1: Using ep0 maxpacket: 16 [ 1075.320031][ T6502] usb 2-1: config 0 has no interfaces? [ 1075.354514][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1075.383233][ T6502] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1075.403301][ T6502] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1075.443116][ T5110] usb 5-1: Using ep0 maxpacket: 16 [ 1075.465293][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1075.469032][ T6502] usb 2-1: config 0 descriptor?? [ 1075.484584][ T5110] usb 5-1: config 0 has no interfaces? [ 1075.490128][ T5110] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1075.513198][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1075.563998][ T5110] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1075.593092][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1075.616372][ T5110] usb 5-1: config 0 descriptor?? [ 1075.632152][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1075.695809][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1075.773398][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1075.807695][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1075.840685][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1075.923079][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1075.975335][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.039469][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.106991][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.137676][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.177736][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.219704][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.248439][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.312199][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.363133][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.426747][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.479094][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.507306][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.535487][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.595206][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.627567][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.662517][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.744634][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1076.823098][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1076.833959][ T45] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 1076.871020][T11708] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1077.055717][ T45] usb 4-1: Using ep0 maxpacket: 16 [ 1077.107734][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1077.111025][ T45] usb 4-1: config index 0 descriptor too short (expected 25183, got 36) [ 1077.154452][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1077.195012][ T45] usb 4-1: config 116 has too many interfaces: 121, using maximum allowed: 32 [ 1077.219227][ T45] usb 4-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 1077.223193][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1077.255918][ T45] usb 4-1: config 116 has 0 interfaces, different from the descriptor's value: 121 [ 1077.282626][ T45] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1077.318191][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1077.371506][ T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1077.400000][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1077.485317][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1077.655107][ T5110] usb 2-1: USB disconnect, device number 16 [ 1077.659867][ T6502] usb 5-1: USB disconnect, device number 16 [ 1077.676332][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1078.064255][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1078.128488][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1078.153231][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1078.160453][T11922] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1078.184744][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1078.246723][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1078.732904][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1078.810420][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1078.874589][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1078.972440][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1079.013065][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1079.061053][T11916] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 1079.115072][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1079.176541][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1079.211000][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1079.245578][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1079.285972][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1079.326893][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1079.397724][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1079.431733][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1079.499534][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1079.530154][T11708] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1079.580726][T11708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1079.641004][T11708] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1079.817883][T11708] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1079.883118][T11708] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1079.975383][T11708] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1080.024014][T11708] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1080.097772][ T45] usb 4-1: string descriptor 0 read error: -71 [ 1080.160023][ T45] usb 4-1: USB disconnect, device number 19 [ 1082.352029][T11941] loop1: detected capacity change from 0 to 256 [ 1082.373132][ T784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1082.381028][ T784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1082.423392][T11941] exfat: Bad value for 'uid' [ 1082.563402][T11941] loop1: detected capacity change from 0 to 256 [ 1082.636824][ T9487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1082.675697][ T9487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1082.734601][T11941] FAT-fs (loop1): Directory bread(block 64) failed [ 1082.773237][T11941] FAT-fs (loop1): Directory bread(block 65) failed [ 1082.780016][T11941] FAT-fs (loop1): Directory bread(block 66) failed [ 1082.843238][T11941] FAT-fs (loop1): Directory bread(block 67) failed [ 1082.850114][T11941] FAT-fs (loop1): Directory bread(block 68) failed [ 1083.190884][T11941] FAT-fs (loop1): Directory bread(block 69) failed [ 1083.211630][T11941] FAT-fs (loop1): Directory bread(block 70) failed [ 1084.453423][ T5115] Bluetooth: hci15: command 0x0406 tx timeout [ 1084.482571][T11941] FAT-fs (loop1): Directory bread(block 71) failed [ 1084.684953][T11941] FAT-fs (loop1): Directory bread(block 72) failed [ 1084.693129][T11941] FAT-fs (loop1): Directory bread(block 73) failed [ 1085.019277][T11951] loop2: detected capacity change from 0 to 256 [ 1085.055576][T11950] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1085.092248][T11951] exfat: Bad value for 'uid' [ 1085.229774][T11951] loop2: detected capacity change from 0 to 256 [ 1085.607575][T11951] FAT-fs (loop2): Directory bread(block 64) failed [ 1085.643150][T11951] FAT-fs (loop2): Directory bread(block 65) failed [ 1085.680337][T11951] FAT-fs (loop2): Directory bread(block 66) failed [ 1085.726665][T11951] FAT-fs (loop2): Directory bread(block 67) failed [ 1085.769329][T11951] FAT-fs (loop2): Directory bread(block 68) failed [ 1085.828456][T11951] FAT-fs (loop2): Directory bread(block 69) failed [ 1085.871266][T11951] FAT-fs (loop2): Directory bread(block 70) failed [ 1085.910636][T11951] FAT-fs (loop2): Directory bread(block 71) failed [ 1085.940821][T11951] FAT-fs (loop2): Directory bread(block 72) failed [ 1085.967296][T11951] FAT-fs (loop2): Directory bread(block 73) failed [ 1087.853203][ T6502] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 1088.004920][T11969] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1088.093891][ T6502] usb 2-1: Using ep0 maxpacket: 16 [ 1088.125061][ T6502] usb 2-1: config 0 has no interfaces? [ 1088.130650][ T6502] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1088.224930][ T6502] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1088.281313][ T6502] usb 2-1: config 0 descriptor?? [ 1089.584851][ T6502] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 1089.730966][ T5110] usb 2-1: USB disconnect, device number 17 [ 1089.803188][ T6502] usb 3-1: Using ep0 maxpacket: 16 [ 1089.828792][ T6502] usb 3-1: config index 0 descriptor too short (expected 25183, got 36) [ 1089.881467][ T6502] usb 3-1: config 116 has too many interfaces: 121, using maximum allowed: 32 [ 1089.934390][ T6502] usb 3-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 1090.005344][ T6502] usb 3-1: config 116 has 0 interfaces, different from the descriptor's value: 121 [ 1090.077943][ T6502] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1090.203316][ T6502] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1090.514878][T11982] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 1090.732692][T11989] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1091.090034][ T6502] usb 3-1: string descriptor 0 read error: -71 [ 1091.206202][ T6502] usb 3-1: USB disconnect, device number 30 [ 1091.631822][T11997] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1092.739147][ T29] audit: type=1400 audit(1717520493.652:453): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.169 src=30006 daddr=10.128.1.152 dest=39026 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 1093.455215][T12012] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1095.762290][T12022] pimreg: entered allmulticast mode [ 1095.892714][T12035] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1096.323201][ T45] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 1096.593286][ T45] usb 4-1: Using ep0 maxpacket: 16 [ 1096.615385][ T45] usb 4-1: config 0 has no interfaces? [ 1096.652877][ T45] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1096.773372][ T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1096.816856][ T45] usb 4-1: config 0 descriptor?? [ 1097.166887][ T6502] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 1097.199331][T12047] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1097.413074][ T6502] usb 3-1: Using ep0 maxpacket: 16 [ 1097.482319][ T6502] usb 3-1: config 0 has no interfaces? [ 1097.495249][ T6502] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1097.521607][ T6502] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1097.588011][ T6502] usb 3-1: config 0 descriptor?? [ 1097.886828][T12040] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 1098.226884][ T45] usb 3-1: USB disconnect, device number 31 [ 1098.510175][T12055] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1098.738857][ T5157] usb 4-1: USB disconnect, device number 20 [ 1099.360881][T12063] veth0_vlan: entered allmulticast mode [ 1099.452232][T12066] syz-executor.1[12066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1099.452495][T12066] syz-executor.1[12066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1099.470231][T12066] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1100.018447][ T29] audit: type=1400 audit(1717520500.792:454): avc: denied { egress } for pid=24 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 1100.176747][ T29] audit: type=1400 audit(1717520500.792:455): avc: denied { sendto } for pid=24 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1 [ 1100.377361][ T29] audit: type=1804 audit(1717520501.292:456): pid=12073 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir4204848260/syzkaller.8bx8uX/41/cgroup.controllers" dev="sda1" ino=1994 res=1 errno=0 [ 1100.510325][ T29] audit: type=1800 audit(1717520501.292:457): pid=12073 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="cgroup.controllers" dev="sda1" ino=1994 res=0 errno=0 [ 1101.289248][T12083] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1101.783356][T12088] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1102.514550][ T5157] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 1102.763089][ T5157] usb 1-1: Using ep0 maxpacket: 16 [ 1102.827891][ T5157] usb 1-1: config 0 has no interfaces? [ 1102.843152][ T5157] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1102.903797][ T5157] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1102.921867][ T7213] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1102.977529][ T5115] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1102.984424][ T5157] usb 1-1: config 0 descriptor?? [ 1103.012764][ T5115] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1103.022351][ T5115] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1103.034184][ T5115] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1103.042488][ T5115] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 1103.050827][ T5115] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1103.145046][T12097] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1103.308009][T12108] loop2: detected capacity change from 0 to 512 [ 1103.369247][T12108] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 1103.392834][ T7213] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1103.582290][T12112] syz-executor.1[12112] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1103.582546][T12112] syz-executor.1[12112] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1103.637702][T12112] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1104.171971][T12108] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended [ 1104.252076][T12108] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz-executor.2: inode #15: comm syz-executor.2: iget: illegal inode # [ 1104.357268][T12108] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 1104.411283][T12108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1104.443337][ T7213] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1104.545877][T12099] EXT4-fs error (device loop2): ext4_validate_block_bitmap:431: comm syz-executor.2: bg 0: block 19: invalid block bitmap [ 1104.777968][ T7213] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1104.869231][ T4566] usb 1-1: USB disconnect, device number 13 [ 1104.998224][ T29] audit: type=1804 audit(1717520505.912:458): pid=12121 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir4204848260/syzkaller.8bx8uX/47/cgroup.controllers" dev="sda1" ino=1991 res=1 errno=0 [ 1105.107928][ T29] audit: type=1800 audit(1717520505.912:459): pid=12121 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="cgroup.controllers" dev="sda1" ino=1991 res=0 errno=0 [ 1105.158248][T10853] Bluetooth: hci9: command tx timeout [ 1105.402193][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1105.709643][ T7213] bridge_slave_1: left allmulticast mode [ 1105.718761][ T7213] bridge_slave_1: left promiscuous mode [ 1105.736565][ T7213] bridge0: port 2(bridge_slave_1) entered disabled state [ 1105.808264][ T7213] bridge_slave_0: left allmulticast mode [ 1105.830210][ T7213] bridge_slave_0: left promiscuous mode [ 1105.855399][ T7213] bridge0: port 1(bridge_slave_0) entered disabled state [ 1107.255535][T10853] Bluetooth: hci9: command tx timeout [ 1107.359090][T12134] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1108.032663][T12145] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1108.442707][T12138] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1108.658827][ T7213] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1108.755757][ T7213] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1108.803586][ T7213] bond0 (unregistering): Released all slaves [ 1109.313495][T10853] Bluetooth: hci9: command tx timeout [ 1109.770881][T12152] loop1: detected capacity change from 0 to 32768 [ 1109.836051][T12154] syz-executor.3[12154] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1109.836311][T12154] syz-executor.3[12154] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1109.859210][T12154] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1110.019404][T12152] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (12152) [ 1110.086796][T12152] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1110.097045][T12152] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 1110.105847][T12152] BTRFS info (device loop1): using free-space-tree [ 1114.382466][T10853] Bluetooth: hci9: command tx timeout [ 1114.763026][T12156] can0: slcan on ptm0. [ 1114.990908][T11106] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1115.443625][T12173] can0 (unregistered): slcan off ptm0. [ 1116.066049][T12203] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 1116.527652][ T7213] hsr_slave_0: left promiscuous mode [ 1116.635071][ T7213] hsr_slave_1: left promiscuous mode [ 1116.678156][ T7213] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1116.695640][ T7213] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1116.746451][ T7213] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1116.763208][ T7213] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1116.958540][ T7213] veth1_macvtap: left promiscuous mode [ 1116.976088][ T7213] veth0_macvtap: left promiscuous mode [ 1117.001237][ T7213] veth1_vlan: left promiscuous mode [ 1117.041926][ T7213] veth0_vlan: left promiscuous mode [ 1117.787545][T12217] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1117.937473][ T7213] pimreg (unregistering): left allmulticast mode [ 1119.099552][T12206] loop1: detected capacity change from 0 to 32768 [ 1119.124907][T12206] gfs2: Bad value for 'commit' [ 1120.271176][T12226] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1120.649499][ T7213] team0 (unregistering): Port device team_slave_1 removed [ 1120.874635][ T7213] team0 (unregistering): Port device team_slave_0 removed [ 1121.638681][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 1121.650827][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 1122.631793][T12230] loop1: detected capacity change from 0 to 32768 [ 1122.641688][T12230] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (12230) [ 1122.679524][T12230] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1122.690134][T12230] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 1122.699004][T12230] BTRFS info (device loop1): using free-space-tree [ 1124.520382][T11106] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1127.109199][T12259] can0: slcan on ptm0. [ 1127.329851][T12104] chnl_net:caif_netlink_parms(): no params data found [ 1127.330819][T12259] can0 (unregistered): slcan off ptm0. [ 1128.337395][T12104] bridge0: port 1(bridge_slave_0) entered blocking state [ 1128.375006][T12104] bridge0: port 1(bridge_slave_0) entered disabled state [ 1128.417827][T12104] bridge_slave_0: entered allmulticast mode [ 1128.461400][T12104] bridge_slave_0: entered promiscuous mode [ 1128.501832][T12287] IPVS: set_ctl: invalid protocol: 92 100.1.1.1:4 [ 1128.541450][T12104] bridge0: port 2(bridge_slave_1) entered blocking state [ 1128.577137][T12104] bridge0: port 2(bridge_slave_1) entered disabled state [ 1128.619339][T12104] bridge_slave_1: entered allmulticast mode [ 1128.655719][T12104] bridge_slave_1: entered promiscuous mode [ 1128.734268][T12289] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1128.969902][T12104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1129.096500][T12104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1129.443917][T12104] team0: Port device team_slave_0 added [ 1129.501499][T12104] team0: Port device team_slave_1 added [ 1129.774575][T12104] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1129.808565][T12104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1129.937345][T12104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1129.983168][T12104] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1129.998282][T12104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1130.117452][T12104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1130.522273][T12295] loop0: detected capacity change from 0 to 32768 [ 1130.532051][T12295] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (12295) [ 1130.573410][T12295] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1130.583835][T12295] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 1130.592597][T12295] BTRFS info (device loop0): using free-space-tree [ 1130.978705][T12104] hsr_slave_0: entered promiscuous mode [ 1131.067942][T12104] hsr_slave_1: entered promiscuous mode [ 1131.125953][T12104] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1131.161003][T12297] kvm: emulating exchange as write [ 1131.193007][T12104] Cannot create hsr debugfs directory [ 1132.548218][ T8569] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1134.191012][T12329] can0: slcan on ptm0. [ 1134.853944][T12326] can0 (unregistered): slcan off ptm0. [ 1135.432211][T12342] loop2: detected capacity change from 0 to 2048 [ 1135.470663][T12104] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1135.543505][T12104] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1135.616765][T12342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1135.661440][T12104] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1135.670265][ T29] audit: type=1400 audit(1717520536.582:460): avc: denied { read } for pid=12341 comm="syz-executor.2" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 1135.756451][T12104] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1135.938419][T11708] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1137.040843][T12104] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1137.182335][T12104] 8021q: adding VLAN 0 to HW filter on device team0 [ 1137.338366][ T5158] bridge0: port 1(bridge_slave_0) entered blocking state [ 1137.345734][ T5158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1137.477147][ T5158] bridge0: port 2(bridge_slave_1) entered blocking state [ 1137.484496][ T5158] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1138.372633][ T29] audit: type=1400 audit(1717520539.222:461): avc: denied { setopt } for pid=12355 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 1138.793052][T12363] syz-executor.3[12363] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1138.801963][T12363] syz-executor.3[12363] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1139.363009][T12363] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1140.826149][T12380] can0: slcan on ptm0. [ 1140.967695][T12104] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1141.419335][ T29] audit: type=1400 audit(1717520542.322:462): avc: denied { getopt } for pid=12389 comm="syz-executor.3" laddr=127.0.0.1 lport=39070 faddr=127.0.0.2 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 1141.610925][T12377] can0 (unregistered): slcan off ptm0. [ 1142.154221][ T29] audit: type=1326 audit(1717520543.062:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12396 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fede1c7cf69 code=0x0 [ 1142.659578][T12104] veth0_vlan: entered promiscuous mode [ 1142.713528][T12104] veth1_vlan: entered promiscuous mode [ 1142.782263][T12410] syz-executor.1[12410] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1142.782517][T12410] syz-executor.1[12410] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1142.799352][T12410] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1143.292317][T12104] veth0_macvtap: entered promiscuous mode [ 1143.478286][T12104] veth1_macvtap: entered promiscuous mode [ 1143.614616][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1143.633652][ T5155] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 1143.659305][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1143.693156][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1143.713799][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1143.734284][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1143.785019][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1143.803278][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1143.833255][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1143.846535][ T5155] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1143.873039][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1143.894886][ T5155] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1143.913014][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1143.922888][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1143.923399][ T5155] usb 3-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 1143.955505][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1143.973027][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1143.994989][ T5155] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1144.013047][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.028876][ T5155] usb 3-1: config 0 descriptor?? [ 1144.043169][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1144.089289][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.115584][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1144.143114][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.165367][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1144.176160][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.190549][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1144.210211][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.222798][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1144.237588][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.251996][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1144.284181][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.310813][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1144.343258][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.388480][T12104] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1144.476799][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.521662][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.553286][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.580445][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.612554][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.635115][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.659795][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.694971][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.715420][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.731732][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.754354][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.786550][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.813078][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.837771][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.857284][T12425] loop0: detected capacity change from 0 to 512 [ 1144.864110][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.894961][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.923262][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1144.949991][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1144.971901][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1145.025432][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1145.051958][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1145.065796][ T5156] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 1145.097249][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1145.120791][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1145.149778][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1145.176344][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1145.217460][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1145.255791][T12104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1145.273719][ T5156] usb 2-1: Using ep0 maxpacket: 8 [ 1145.279855][T12104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1145.289869][ T5156] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1145.289926][ T5156] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1145.289998][ T5156] usb 2-1: New USB device found, idVendor=0000, idProduct=1846, bcdDevice= 0.00 [ 1145.290042][ T5156] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1145.303023][ T5156] usb 2-1: config 0 descriptor?? [ 1145.373538][T12104] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1145.535455][T12104] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1145.545139][T12104] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1145.563170][T12104] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1145.576660][T12104] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1145.618264][T12425] loop0: detected capacity change from 0 to 512 [ 1145.752159][T12425] EXT4-fs (loop0): Test dummy encryption mode enabled [ 1145.862159][T12425] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 1145.947284][ T5156] usbhid 2-1:0.0: can't add hid device: -71 [ 1145.965124][ T5156] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 1145.978937][T12425] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1146.021308][ T5156] usb 2-1: USB disconnect, device number 18 [ 1146.039287][T12425] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (20423!=33349) [ 1146.104920][T12425] EXT4-fs (loop0): group descriptors corrupted! [ 1146.271191][ T9935] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1146.352585][ T9935] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1146.452700][ T5155] usbhid 3-1:0.0: can't add hid device: -71 [ 1146.459198][ T5155] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1146.483753][ T5155] usb 3-1: USB disconnect, device number 32 [ 1146.671909][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1146.706794][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1147.033161][ T5183] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 1147.060333][T12425] EXT4-fs: Can't set or change test_dummy_encryption on remount [ 1147.246291][ T5183] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1147.277699][ T5183] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1147.311482][ T5183] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1147.344999][ T5183] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1147.426575][ T5183] usb 2-1: config 0 descriptor?? [ 1147.768676][T12447] loop4: detected capacity change from 0 to 512 [ 1147.835958][T12447] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 1147.985894][T12447] EXT4-fs (loop4): warning: maximal mount count reached, running e2fsck is recommended [ 1148.114546][T12447] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz-executor.4: inode #15: comm syz-executor.4: iget: illegal inode # [ 1148.163001][T12447] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 1148.192176][ T5183] usb 2-1: language id specifier not provided by device, defaulting to English [ 1148.217669][T12447] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1148.417187][T12444] EXT4-fs error (device loop4): ext4_validate_block_bitmap:431: comm syz-executor.4: bg 0: block 19: invalid block bitmap [ 1148.649566][ T5183] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0004/input/input34 [ 1148.718885][ T5183] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0004/input/input35 [ 1148.798317][ T5183] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0004/input/input36 [ 1148.887066][ T5183] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0004/input/input37 [ 1149.052830][T12104] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1149.067132][ T5183] uclogic 0003:256C:006D.0004: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0 [ 1149.145142][ T5183] usb 2-1: USB disconnect, device number 19 [ 1149.645857][ T29] audit: type=1326 audit(1717520550.532:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12453 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6d16a7cf69 code=0x0 [ 1149.784711][T12462] syz-executor.4[12462] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1149.784961][T12462] syz-executor.4[12462] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1149.808142][T12462] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1150.493123][T12465] loop1: detected capacity change from 0 to 256 [ 1153.598208][T12486] loop2: detected capacity change from 0 to 128 [ 1153.643038][T12486] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (16076!=39978) [ 1153.702166][T12486] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 1153.959126][T11708] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1155.483807][T12505] syz-executor.2[12505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1155.484062][T12505] syz-executor.2[12505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1155.500273][T12505] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1155.825380][ T29] audit: type=1326 audit(1717520556.712:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12502 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faee0e7cf69 code=0x0 [ 1159.229580][ T29] audit: type=1400 audit(1717520560.142:466): avc: denied { connect } for pid=12542 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 1159.366084][ T29] audit: type=1326 audit(1717520560.282:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12544 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f73c207cf69 code=0x0 [ 1159.770626][T12553] syz-executor.0[12553] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1159.770882][T12553] syz-executor.0[12553] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1159.786879][T12553] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1160.486390][T12543] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1160.607793][ T29] audit: type=1400 audit(1717520561.522:468): avc: denied { setopt } for pid=12542 comm="syz-executor.3" laddr=::1 lport=57402 faddr=::1 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 1165.089540][T12597] syz-executor.1[12597] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1165.089796][T12597] syz-executor.1[12597] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1165.493197][T12597] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1165.537952][ T5115] Bluetooth: hci6: command 0x0406 tx timeout [ 1166.138560][ T29] audit: type=1326 audit(1717520567.052:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12598 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6d16a7cf69 code=0x0 [ 1166.652120][T12606] can0: slcan on ptm0. [ 1167.423047][T12603] can0 (unregistered): slcan off ptm0. [ 1167.495195][ T29] audit: type=1400 audit(1717520568.412:470): avc: denied { create } for pid=12617 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 1167.635743][ T29] audit: type=1400 audit(1717520568.472:471): avc: denied { connect } for pid=12617 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 1169.413436][T12627] loop3: detected capacity change from 0 to 1024 [ 1169.809627][T12635] loop1: detected capacity change from 0 to 2048 [ 1169.821857][T12636] syz-executor.4[12636] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1169.822123][T12636] syz-executor.4[12636] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1169.838144][T12636] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1169.933636][T12635] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1170.092122][T12627] hfsplus: xattr searching failed [ 1170.532045][ T29] audit: type=1326 audit(1717520571.402:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12640 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fede1c7cf69 code=0x0 [ 1171.523524][ T29] audit: type=1400 audit(1717520572.372:473): avc: denied { ioctl } for pid=12633 comm="syz-executor.1" path="socket:[60132]" dev="sockfs" ino=60132 ioctlcmd=0x8941 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1171.549604][ C1] vkms_vblank_simulate: vblank timer overrun [ 1171.581600][ T7213] hfsplus: b-tree write err: -5, ino 4 [ 1171.643194][T12647] loop4: detected capacity change from 0 to 64 [ 1171.850264][T11106] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1172.041549][ T29] audit: type=1804 audit(1717520572.952:474): pid=12647 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3450188348/syzkaller.ZJHaEt/9/file1/bus" dev="loop4" ino=3 res=1 errno=0 [ 1172.400862][T12655] can0: slcan on ptm0. [ 1172.544562][T12657] loop3: detected capacity change from 0 to 1024 [ 1173.223485][T12652] can0 (unregistered): slcan off ptm0. [ 1174.184871][T12677] syz-executor.4[12677] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1174.185128][T12677] syz-executor.4[12677] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1174.201982][T12677] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1175.024312][ T29] audit: type=1326 audit(1717520575.932:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12683 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff0c967cf69 code=0x0 [ 1175.047757][ C1] vkms_vblank_simulate: vblank timer overrun [ 1177.521316][T12700] can0: slcan on ptm0. [ 1178.223148][T12698] can0 (unregistered): slcan off ptm0. [ 1178.551155][ T29] audit: type=1400 audit(1717520579.462:476): avc: denied { connect } for pid=12707 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 1178.704542][ T29] audit: type=1400 audit(1717520579.622:477): avc: denied { name_bind } for pid=12709 comm="syz-executor.1" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 1178.708819][ C1] net_ratelimit: 2 callbacks suppressed [ 1178.708843][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 1179.315851][T12715] syz-executor.2[12715] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1179.316108][T12715] syz-executor.2[12715] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1179.332515][T12715] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1179.498939][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 1181.051705][T12728] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1181.233262][ T29] audit: type=1400 audit(1717520582.152:478): avc: denied { ioctl } for pid=12727 comm="syz-executor.4" path="socket:[60736]" dev="sockfs" ino=60736 ioctlcmd=0x941d scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 1181.835870][ T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1181.928826][T12733] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 1181.952123][T12733] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1181.983283][T12733] caif0: entered promiscuous mode [ 1181.994033][T12733] caif0: entered allmulticast mode [ 1182.006295][T12733] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1182.241588][ T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.696200][ T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1183.048770][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1183.083829][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 1183.091074][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 1183.729376][T12749] syz-executor.3[12749] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1183.729554][T12749] syz-executor.3[12749] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1183.767738][T12749] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1184.452661][T10853] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1184.465670][ T35] bridge_slave_1: left allmulticast mode [ 1184.471405][ T35] bridge_slave_1: left promiscuous mode [ 1184.473117][T10853] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1184.487659][T10853] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1184.498670][T10853] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1184.515847][T10853] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1184.525606][T10853] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1184.566017][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 1184.834355][ T35] bridge_slave_0: left allmulticast mode [ 1184.903048][ T35] bridge_slave_0: left promiscuous mode [ 1184.909049][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 1185.353447][ T5157] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 1185.539035][ T5157] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1185.570143][ T5157] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1185.601440][ T5157] usb 2-1: config 0 descriptor?? [ 1185.828050][ T5157] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 1185.884810][ T5157] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1185.918175][ T5157] [drm:udl_init] *ERROR* Selecting channel failed [ 1186.159587][ T5157] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2 [ 1186.190682][ T5157] [drm] Initialized udl on minor 2 [ 1186.253282][ T5157] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1186.385240][ T5157] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 1186.407781][ T5157] usb 2-1: USB disconnect, device number 20 [ 1186.416083][T12188] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 1186.432694][T12188] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 1186.598295][T10853] Bluetooth: hci6: command tx timeout [ 1187.044845][ T29] audit: type=1400 audit(1717520587.962:479): avc: denied { shutdown } for pid=12770 comm="syz-executor.0" laddr=::ffff:100.1.1.2 lport=33730 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 1187.630910][T12785] syz-executor.4[12785] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1187.631169][T12785] syz-executor.4[12785] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1187.647146][T12785] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1188.680329][T10853] Bluetooth: hci6: command tx timeout [ 1189.208484][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1189.328635][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1189.362025][ T35] bond0 (unregistering): Released all slaves [ 1189.413339][ T5155] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 1189.675065][ T5155] usb 1-1: Using ep0 maxpacket: 16 [ 1189.795663][ T5155] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1189.831382][ T5155] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1189.874771][ T5155] usb 1-1: Product: syz [ 1189.879031][ T5155] usb 1-1: Manufacturer: syz [ 1189.916222][ T5155] usb 1-1: SerialNumber: syz [ 1190.089149][ T5155] r8152-cfgselector 1-1: Unknown version 0x0000 [ 1190.101029][ T5155] r8152-cfgselector 1-1: config 0 descriptor?? [ 1190.414766][ T5155] r8152-cfgselector 1-1: Unknown version 0x0000 [ 1190.458090][ T5155] r8152-cfgselector 1-1: bad CDC descriptors [ 1190.523803][ T5155] r8152-cfgselector 1-1: USB disconnect, device number 14 [ 1190.775313][T10853] Bluetooth: hci6: command tx timeout [ 1191.763136][ T5157] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 1192.036194][ T5157] usb 5-1: Using ep0 maxpacket: 16 [ 1192.056850][ T5157] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1192.068053][ T5157] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1192.104411][ T5157] usb 5-1: Product: syz [ 1192.125462][ T5157] usb 5-1: Manufacturer: syz [ 1192.143155][ T5157] usb 5-1: SerialNumber: syz [ 1192.156992][ T5157] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1192.164122][ T5157] r8152-cfgselector 5-1: config 0 descriptor?? [ 1192.193643][ T35] hsr_slave_0: left promiscuous mode [ 1192.234569][ T35] hsr_slave_1: left promiscuous mode [ 1192.298395][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1192.313136][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1192.405308][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1192.412845][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1192.613211][ T5157] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1192.615359][ T35] veth1_macvtap: left promiscuous mode [ 1192.619752][ T5157] r8152-cfgselector 5-1: bad CDC descriptors [ 1192.641089][ T35] veth0_macvtap: left promiscuous mode [ 1192.655470][ T35] veth1_vlan: left promiscuous mode [ 1192.668024][ T35] veth0_vlan: left promiscuous mode [ 1192.685517][ T5157] r8152-cfgselector 5-1: USB disconnect, device number 17 [ 1192.833784][T10853] Bluetooth: hci6: command tx timeout [ 1193.854374][T12826] syz-executor.4[12826] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1193.854641][T12826] syz-executor.4[12826] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1193.870901][T12826] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1194.070996][ T35] pimreg (unregistering): left allmulticast mode [ 1198.867686][ T35] team0 (unregistering): Port device team_slave_1 removed [ 1199.378864][ T35] team0 (unregistering): Port device team_slave_0 removed [ 1201.380835][ T29] audit: type=1400 audit(1717520602.292:480): avc: denied { unmount } for pid=8569 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 1201.815021][T12872] syz-executor.4[12872] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1201.815273][T12872] syz-executor.4[12872] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1201.830915][T12872] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1204.794676][ T5183] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 1205.034484][ T5183] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1205.056370][ T5183] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1205.105281][ T5183] usb 4-1: Product: syz [ 1205.115242][ T5183] usb 4-1: Manufacturer: syz [ 1205.135313][ T5183] usb 4-1: SerialNumber: syz [ 1205.177868][ T5183] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1205.554887][ T4566] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1205.995972][ T5156] usb 4-1: USB disconnect, device number 21 [ 1206.713675][T12751] chnl_net:caif_netlink_parms(): no params data found [ 1206.770380][ T4566] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 1206.846358][ T4566] ath9k_htc: Failed to initialize the device [ 1206.913034][ T5156] usb 4-1: ath9k_htc: USB layer deinitialized [ 1207.340541][ T5156] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 1207.538553][T12906] syz-executor.0[12906] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1207.538805][T12906] syz-executor.0[12906] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1207.561970][T12906] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1207.716431][T12751] bridge0: port 1(bridge_slave_0) entered blocking state [ 1207.767041][ T5156] usb 4-1: device descriptor read/all, error -71 [ 1207.771468][T12751] bridge0: port 1(bridge_slave_0) entered disabled state [ 1207.823574][T12751] bridge_slave_0: entered allmulticast mode [ 1207.843270][T12751] bridge_slave_0: entered promiscuous mode [ 1207.861606][T12751] bridge0: port 2(bridge_slave_1) entered blocking state [ 1207.870073][T12751] bridge0: port 2(bridge_slave_1) entered disabled state [ 1207.881702][T12751] bridge_slave_1: entered allmulticast mode [ 1207.900117][T12751] bridge_slave_1: entered promiscuous mode [ 1208.235906][T12751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1208.303408][T12751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1208.724240][T12751] team0: Port device team_slave_0 added [ 1208.775232][T12751] team0: Port device team_slave_1 added [ 1208.879007][ T29] audit: type=1400 audit(1717520609.792:481): avc: denied { map } for pid=12920 comm="syz-executor.3" path="socket:[61719]" dev="sockfs" ino=61719 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 1209.148934][T12751] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1209.200572][T12751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1209.303115][T12751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1209.343255][T12751] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1209.367907][T12751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1209.481920][T12751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1209.947295][T12751] hsr_slave_0: entered promiscuous mode [ 1210.006603][T12751] hsr_slave_1: entered promiscuous mode [ 1210.053119][T12751] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1210.060851][T12751] Cannot create hsr debugfs directory [ 1211.109696][ T29] audit: type=1400 audit(1717520612.022:482): avc: denied { create } for pid=12938 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 1211.205653][ T29] audit: type=1400 audit(1717520612.022:483): avc: denied { write } for pid=12938 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 1211.553452][ T6502] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 1211.763239][ T6502] usb 5-1: Using ep0 maxpacket: 32 [ 1211.797272][ T6502] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1211.859054][ T6502] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1211.921952][ T6502] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1211.952385][T12950] syz-executor.3[12950] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1211.952708][T12950] syz-executor.3[12950] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1211.969841][T12950] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1212.011680][ T6502] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 1212.041546][ T6502] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1212.099808][ T6502] usb 5-1: config 0 descriptor?? [ 1212.531194][T12751] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1212.609077][ T6502] ntrig 0003:1B96:000A.0005: unknown main item tag 0x0 [ 1212.638240][ T6502] ntrig 0003:1B96:000A.0005: unknown main item tag 0x0 [ 1212.652802][ T6502] ntrig 0003:1B96:000A.0005: unknown main item tag 0x0 [ 1212.700182][ T6502] ntrig 0003:1B96:000A.0005: unknown main item tag 0x0 [ 1212.709263][T12751] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1212.732194][ T6502] ntrig 0003:1B96:000A.0005: unknown main item tag 0x0 [ 1212.808057][T12751] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1212.825975][ T6502] ntrig 0003:1B96:000A.0005: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0 [ 1212.862775][ T6502] usb 5-1: USB disconnect, device number 18 [ 1212.893988][T12751] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1213.539749][T12751] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1213.642380][T12751] 8021q: adding VLAN 0 to HW filter on device team0 [ 1213.668400][T12975] loop1: detected capacity change from 0 to 128 [ 1213.713714][T12975] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 1213.758404][ T5157] bridge0: port 1(bridge_slave_0) entered blocking state [ 1213.765755][ T5157] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1213.816058][T12975] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 1213.861565][ T5157] bridge0: port 2(bridge_slave_1) entered blocking state [ 1213.868930][ T5157] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1213.969689][T12975] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D. [ 1214.023532][T12975] EXT4-fs error (device loop1): __ext4_find_entry:1693: inode #2: comm syz-executor.1: checksumming directory block 0 [ 1214.191964][T11106] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1214.345027][T12751] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1214.740872][ T29] audit: type=1400 audit(1717520615.652:484): avc: denied { create } for pid=12982 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 1214.843107][ T29] audit: type=1400 audit(1717520615.652:485): avc: denied { ioctl } for pid=12982 comm="syz-executor.3" path="socket:[62598]" dev="sockfs" ino=62598 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 1215.003199][ T29] audit: type=1400 audit(1717520615.742:486): avc: denied { write } for pid=12982 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 1215.320885][T12994] syz-executor.1[12994] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1215.321143][T12994] syz-executor.1[12994] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1215.347022][T12994] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1215.650118][T12751] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1216.182225][T12751] veth0_vlan: entered promiscuous mode [ 1216.259815][T12751] veth1_vlan: entered promiscuous mode [ 1216.441003][ T29] audit: type=1400 audit(1717520617.352:487): avc: denied { getopt } for pid=13007 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1216.520945][T12751] veth0_macvtap: entered promiscuous mode [ 1216.624134][T12751] veth1_macvtap: entered promiscuous mode [ 1216.737626][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1216.805510][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1216.846505][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1216.883286][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1216.922523][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1216.954249][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1216.995049][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.055264][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.074700][T13015] loop1: detected capacity change from 0 to 512 [ 1217.104582][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.190511][T13015] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 1217.222922][T13015] System zones: 1-12 [ 1217.231047][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.295314][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.333193][T13015] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 33619980: comm syz-executor.1: invalid block [ 1217.334272][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.404875][T13015] EXT4-fs error (device loop1): ext4_free_branches:1027: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 1) [ 1217.444099][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.486890][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.503427][T13015] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz-executor.1: bg 0: block 361: padding at end of block bitmap is not set [ 1217.524089][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.546063][T13015] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 1217.574380][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.585765][T13015] EXT4-fs error (device loop1): ext4_clear_blocks:881: inode #13: comm syz-executor.1: attempt to clear invalid blocks 33619980 len 1 [ 1217.612565][T13015] EXT4-fs error (device loop1): ext4_free_branches:1027: inode #13: comm syz-executor.1: invalid indirect mapped block 1819239214 (level 0) [ 1217.666275][T13015] EXT4-fs (loop1): 1 truncate cleaned up [ 1217.676648][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.700594][T13015] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1217.728983][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.768680][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.789323][T13015] EXT4-fs error (device loop1): dx_probe:822: inode #2: comm syz-executor.1: Directory hole found for htree index block [ 1217.810148][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.851977][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.892984][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.914584][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1217.944271][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1217.977271][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1218.027050][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.064921][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1218.102145][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.164990][T12751] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1218.250537][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.282785][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.322530][ T29] audit: type=1400 audit(1717520619.232:488): avc: denied { read } for pid=13021 comm="syz-executor.0" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 1218.357776][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.404543][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.425424][ T29] audit: type=1400 audit(1717520619.232:489): avc: denied { open } for pid=13021 comm="syz-executor.0" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 1218.450367][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.485424][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.509225][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.522227][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.542248][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.562575][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.613595][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.632565][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.657775][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.684440][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.706972][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.743018][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1218.777725][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1218.819849][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1219.125366][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1219.137579][T13028] syz-executor.4[13028] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1219.137755][T13028] syz-executor.4[13028] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1219.154709][T13028] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1219.185622][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1219.224551][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1219.237129][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1219.249665][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1219.268580][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1219.292163][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1219.338943][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1219.373025][T12751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1219.411811][T12751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1219.539456][T11106] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1219.556384][T12751] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1220.004729][T12751] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1220.065555][T12751] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1220.099539][T12751] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1220.133303][T12751] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1220.459483][ T29] audit: type=1400 audit(1717520621.372:490): avc: denied { nlmsg_write } for pid=13036 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 1220.607843][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1220.621511][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1220.795480][ T931] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1220.813445][ T931] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1221.553148][ T5155] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 1221.789552][ T5155] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1221.830855][ T5155] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1221.871053][ T5155] usb 5-1: Product: syz [ 1221.926464][ T5155] usb 5-1: Manufacturer: syz [ 1221.940470][ T5155] usb 5-1: SerialNumber: syz [ 1221.998647][ T5155] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1222.159150][ T6502] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1226.119759][ T5115] Bluetooth: hci9: command 0x0406 tx timeout [ 1231.064797][ T29] audit: type=1400 audit(1717520631.982:491): avc: denied { ioctl } for pid=13075 comm="syz-executor.3" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0x6607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1232.918742][ C1] hrtimer: interrupt took 17178850 ns [ 1248.727238][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 1248.742944][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 1251.877769][ T29] audit: type=1400 audit(1717520652.792:492): avc: denied { lock } for pid=13103 comm="syz-executor.3" path="/dev/ubi_ctrl" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 1252.793042][ T5158] usb 4-1: new full-speed USB device number 24 using dummy_hcd [ 1252.838532][ T19] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-.... } 2672 jiffies s: 50493 root: 0x2/. [ 1252.933162][ T19] rcu: blocking rcu_node structures (internal RCU debug): [ 1252.940379][ T19] Sending NMI from CPU 0 to CPUs 1: [ 1252.945777][ C1] NMI backtrace for cpu 1 [ 1252.945793][ C1] CPU: 1 PID: 13057 Comm: syz-executor.2 Not tainted 6.10.0-rc2-syzkaller-00007-gf06ce441457d #0 [ 1252.945825][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 1252.945841][ C1] RIP: 0010:unwind_next_frame+0x134e/0x23a0 [ 1252.945892][ C1] Code: 40 84 ed 48 8b 0c 24 0f 85 ba f0 ff ff e8 1a fb 50 00 48 89 df c6 05 c0 97 ac 11 01 e8 db e6 ff ff 48 8b 0c 24 e9 9d f0 ff ff fd fa 50 00 ba a8 00 00 00 4c 89 ee 48 89 df e8 1d ea ff ff 31 [ 1252.945919][ C1] RSP: 0018:ffffc90000a17ab8 EFLAGS: 00000046 [ 1252.945941][ C1] RAX: 0000000000000000 RBX: ffffc90000a17b38 RCX: ffffffff813cde29 [ 1252.945960][ C1] RDX: ffff88802e901e00 RSI: 0000000000000004 RDI: 0000000000000001 [ 1252.945983][ C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000004 [ 1252.946000][ C1] R10: 0000000000000003 R11: 0000000000000002 R12: ffffffff91209e40 [ 1252.946018][ C1] R13: ffffc9000325f648 R14: ffffffff91209e44 R15: 0000000000000003 [ 1252.946036][ C1] FS: 0000555559ef9480(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 1252.946064][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1252.946084][ C1] CR2: 0000001b2ec2a000 CR3: 0000000031752000 CR4: 00000000003506f0 [ 1252.946102][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1252.946119][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1252.946137][ C1] Call Trace: [ 1252.946146][ C1] [ 1252.946155][ C1] ? show_regs+0x8c/0xa0 [ 1252.946195][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 1252.946228][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1252.946264][ C1] ? nmi_handle+0x1a9/0x5c0 [ 1252.946304][ C1] ? unwind_next_frame+0x134e/0x23a0 [ 1252.946345][ C1] ? default_do_nmi+0x6a/0x160 [ 1252.946379][ C1] ? exc_nmi+0x170/0x1e0 [ 1252.946411][ C1] ? end_repeat_nmi+0xf/0x53 [ 1252.946447][ C1] ? unwind_next_frame+0x789/0x23a0 [ 1252.946487][ C1] ? unwind_next_frame+0x134e/0x23a0 [ 1252.946528][ C1] ? unwind_next_frame+0x134e/0x23a0 [ 1252.946569][ C1] ? unwind_next_frame+0x134e/0x23a0 [ 1252.946609][ C1] [ 1252.946618][ C1] [ 1252.946627][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1252.946663][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1252.946701][ C1] arch_stack_walk+0x100/0x170 [ 1252.946730][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1252.946766][ C1] stack_trace_save+0x95/0xd0 [ 1252.946802][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1252.946838][ C1] ? hlock_class+0x4e/0x130 [ 1252.946869][ C1] ? __lock_acquire+0x14f4/0x3b30 [ 1252.946909][ C1] kasan_save_stack+0x33/0x60 [ 1252.946949][ C1] ? kasan_save_stack+0x33/0x60 [ 1252.946991][ C1] ? kasan_save_track+0x14/0x30 [ 1252.947027][ C1] ? __kasan_kmalloc+0xaa/0xb0 [ 1252.947063][ C1] ? dummy_urb_enqueue+0x8d/0x8a0 [ 1252.947089][ C1] ? usb_hcd_submit_urb+0x2d1/0x2090 [ 1252.947132][ C1] ? usb_submit_urb+0x87c/0x1730 [ 1252.947160][ C1] ? ath9k_hif_usb_reg_in_cb+0x494/0x690 [ 1252.947188][ C1] ? __usb_hcd_giveback_urb+0x364/0x5c0 [ 1252.947229][ C1] ? usb_hcd_giveback_urb+0x396/0x450 [ 1252.947269][ C1] ? dummy_timer+0x17f6/0x3900 [ 1252.947294][ C1] ? __hrtimer_run_queues+0x20c/0xcc0 [ 1252.947326][ C1] ? hrtimer_interrupt+0x31b/0x800 [ 1252.947358][ C1] ? __sysvec_apic_timer_interrupt+0x10f/0x450 [ 1252.947400][ C1] ? sysvec_apic_timer_interrupt+0x43/0xb0 [ 1252.947440][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1252.947475][ C1] ? unwind_next_frame+0x110d/0x23a0 [ 1252.947514][ C1] ? arch_stack_walk+0x100/0x170 [ 1252.947540][ C1] ? stack_trace_save+0x95/0xd0 [ 1252.947575][ C1] ? kasan_save_stack+0x33/0x60 [ 1252.947611][ C1] ? kasan_save_track+0x14/0x30 [ 1252.947648][ C1] ? kasan_save_free_info+0x3b/0x60 [ 1252.947678][ C1] ? poison_slab_object+0xf7/0x160 [ 1252.947715][ C1] ? __kasan_slab_free+0x32/0x50 [ 1252.947753][ C1] ? kmem_cache_free+0x12f/0x3a0 [ 1252.947792][ C1] ? kfree_skbmem+0x10e/0x200 [ 1252.947831][ C1] ? kfree_skb_reason+0x138/0x210 [ 1252.947861][ C1] ? ip6_mc_input+0x7ad/0xfd0 [ 1252.947901][ C1] ? ipv6_rcv+0x45a/0x680 [ 1252.947940][ C1] ? __netif_receive_skb_one_core+0x12e/0x1e0 [ 1252.947983][ C1] ? __netif_receive_skb+0x1d/0x160 [ 1252.948020][ C1] ? process_backlog+0x133/0x760 [ 1252.948056][ C1] ? __napi_poll.constprop.0+0xb7/0x550 [ 1252.948095][ C1] ? net_rx_action+0x9b6/0xf10 [ 1252.948132][ C1] ? handle_softirqs+0x216/0x8f0 [ 1252.948161][ C1] ? irq_exit_rcu+0xbb/0x120 [ 1252.948191][ C1] ? sysvec_apic_timer_interrupt+0x95/0xb0 [ 1252.948233][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1252.948274][ C1] kasan_save_track+0x14/0x30 [ 1252.948311][ C1] __kasan_kmalloc+0xaa/0xb0 [ 1252.948348][ C1] dummy_urb_enqueue+0x8d/0x8a0 [ 1252.948374][ C1] ? usb_hcd_map_urb_for_dma+0x39e/0x1190 [ 1252.948418][ C1] usb_hcd_submit_urb+0x2d1/0x2090 [ 1252.948463][ C1] ? __pfx_usb_hcd_submit_urb+0x10/0x10 [ 1252.948504][ C1] ? lock_acquire+0x1b1/0x560 [ 1252.948544][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1252.948584][ C1] ? find_held_lock+0x2d/0x110 [ 1252.948615][ C1] ? ath9k_hif_usb_reg_in_cb+0x487/0x690 [ 1252.948644][ C1] usb_submit_urb+0x87c/0x1730 [ 1252.948674][ C1] ? do_raw_spin_unlock+0x172/0x230 [ 1252.948703][ C1] ath9k_hif_usb_reg_in_cb+0x494/0x690 [ 1252.948732][ C1] __usb_hcd_giveback_urb+0x364/0x5c0 [ 1252.948779][ C1] usb_hcd_giveback_urb+0x396/0x450 [ 1252.948821][ C1] dummy_timer+0x17f6/0x3900 [ 1252.948849][ C1] ? debug_object_deactivate+0x1f0/0x370 [ 1252.948883][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 1252.948926][ C1] ? __hrtimer_run_queues+0x5a7/0xcc0 [ 1252.948956][ C1] ? __pfx_lock_release+0x10/0x10 [ 1252.949009][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 1252.949035][ C1] ? timerqueue_del+0x83/0x150 [ 1252.949064][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 1252.949088][ C1] __hrtimer_run_queues+0x20c/0xcc0 [ 1252.949122][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1252.949154][ C1] ? ktime_get_update_offsets_now+0x201/0x310 [ 1252.949199][ C1] hrtimer_interrupt+0x31b/0x800 [ 1252.949238][ C1] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 1252.949281][ C1] sysvec_apic_timer_interrupt+0x43/0xb0 [ 1252.949322][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1252.949356][ C1] RIP: 0010:unwind_next_frame+0x110d/0x23a0 [ 1252.949400][ C1] Code: ea 03 80 3c 02 00 0f 85 93 10 00 00 4c 89 63 40 e8 58 fd 50 00 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 0f b6 04 02 <84> c0 74 08 3c 03 0f 8e 25 10 00 00 44 8b 23 89 ee 44 89 e7 e8 6a [ 1252.949427][ C1] RSP: 0018:ffffc90000a18660 EFLAGS: 00000a02 [ 1252.949447][ C1] RAX: 0000000000000000 RBX: ffffc90000a186e0 RCX: ffffffff813ce55e [ 1252.949465][ C1] RDX: 1ffff920001430dc RSI: ffffffff813ce798 RDI: 0000000000000001 [ 1252.949483][ C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000004 [ 1252.949500][ C1] R10: 0000000000000000 R11: 0000000000000002 R12: ffffffff911fa408 [ 1252.949518][ C1] R13: ffffc9000325fc00 R14: 0000000000000000 R15: 0000000000000001 [ 1252.949539][ C1] ? unwind_next_frame+0xebe/0x23a0 [ 1252.949579][ C1] ? unwind_next_frame+0x10f8/0x23a0 [ 1252.949621][ C1] ? schedule_preempt_disabled+0x13/0x30 [ 1252.949662][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1252.949699][ C1] arch_stack_walk+0x100/0x170 [ 1252.949728][ C1] ? __down_write_common+0x950/0x13f0 [ 1252.949756][ C1] ? kfree_skbmem+0x10e/0x200 [ 1252.949794][ C1] stack_trace_save+0x95/0xd0 [ 1252.949829][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1252.949865][ C1] ? __pfx_mark_lock+0x10/0x10 [ 1252.949904][ C1] kasan_save_stack+0x33/0x60 [ 1252.949940][ C1] ? kasan_save_stack+0x33/0x60 [ 1252.949981][ C1] ? kasan_save_track+0x14/0x30 [ 1252.950017][ C1] ? kasan_save_free_info+0x3b/0x60 [ 1252.950047][ C1] ? poison_slab_object+0xf7/0x160 [ 1252.950084][ C1] ? __kasan_slab_free+0x32/0x50 [ 1252.950121][ C1] ? kmem_cache_free+0x12f/0x3a0 [ 1252.950160][ C1] ? kfree_skbmem+0x10e/0x200 [ 1252.950198][ C1] ? kfree_skb_reason+0x138/0x210 [ 1252.950228][ C1] ? ip6_mc_input+0x7ad/0xfd0 [ 1252.950268][ C1] ? ipv6_rcv+0x45a/0x680 [ 1252.950306][ C1] ? __netif_receive_skb_one_core+0x12e/0x1e0 [ 1252.950344][ C1] ? __netif_receive_skb+0x1d/0x160 [ 1252.950381][ C1] ? process_backlog+0x133/0x760 [ 1252.950416][ C1] ? __napi_poll.constprop.0+0xb7/0x550 [ 1252.950454][ C1] ? net_rx_action+0x9b6/0xf10 [ 1252.950490][ C1] ? handle_softirqs+0x216/0x8f0 [ 1252.950519][ C1] ? irq_exit_rcu+0xbb/0x120 [ 1252.950548][ C1] ? sysvec_apic_timer_interrupt+0x95/0xb0 [ 1252.950588][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1252.950622][ C1] ? __free_object+0x512/0xcb0 [ 1252.950651][ C1] ? debug_object_free+0x299/0x500 [ 1252.950681][ C1] ? percpu_counter_destroy_many+0xac/0x390 [ 1252.950718][ C1] ? __mmdrop+0x2cf/0x470 [ 1252.950746][ C1] ? finish_task_switch.isra.0+0x7af/0xcc0 [ 1252.950772][ C1] ? __schedule+0xf1d/0x5d00 [ 1252.950806][ C1] ? schedule+0xe7/0x350 [ 1252.950840][ C1] ? schedule_preempt_disabled+0x13/0x30 [ 1252.950887][ C1] kasan_save_track+0x14/0x30 [ 1252.950924][ C1] kasan_save_free_info+0x3b/0x60 [ 1252.950956][ C1] poison_slab_object+0xf7/0x160 [ 1252.950999][ C1] __kasan_slab_free+0x32/0x50 [ 1252.951038][ C1] kmem_cache_free+0x12f/0x3a0 [ 1252.951077][ C1] ? skb_release_data+0x761/0x980 [ 1252.951104][ C1] ? kfree_skbmem+0x10e/0x200 [ 1252.951144][ C1] kfree_skbmem+0x10e/0x200 [ 1252.951183][ C1] kfree_skb_reason+0x138/0x210 [ 1252.951215][ C1] ip6_mc_input+0x7ad/0xfd0 [ 1252.951256][ C1] ? __pfx_ip6_mc_input+0x10/0x10 [ 1252.951298][ C1] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 1252.951341][ C1] ? __pfx_ip6_mc_input+0x10/0x10 [ 1252.951381][ C1] ipv6_rcv+0x45a/0x680 [ 1252.951421][ C1] ? __pfx_ipv6_rcv+0x10/0x10 [ 1252.951459][ C1] __netif_receive_skb_one_core+0x12e/0x1e0 [ 1252.951498][ C1] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 1252.951539][ C1] ? mark_held_locks+0x9f/0xe0 [ 1252.951579][ C1] __netif_receive_skb+0x1d/0x160 [ 1252.951617][ C1] process_backlog+0x133/0x760 [ 1252.951656][ C1] __napi_poll.constprop.0+0xb7/0x550 [ 1252.951697][ C1] net_rx_action+0x9b6/0xf10 [ 1252.951737][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 1252.951776][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 1252.951813][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1252.951849][ C1] ? __pfx_run_timer_base+0x10/0x10 [ 1252.951892][ C1] handle_softirqs+0x216/0x8f0 [ 1252.951924][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 1252.951956][ C1] irq_exit_rcu+0xbb/0x120 [ 1252.951991][ C1] sysvec_apic_timer_interrupt+0x95/0xb0 [ 1252.952033][ C1] [ 1252.952041][ C1] [ 1252.952050][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1252.952085][ C1] RIP: 0010:__free_object+0x512/0xcb0 [ 1252.952117][ C1] Code: 3f 10 0f 85 10 ff ff ff 48 c7 c7 a0 93 65 8e e8 b4 ad 61 06 48 83 3c 24 00 0f 85 08 01 00 00 9c 58 f6 c4 02 0f 85 85 02 00 00 <48> b8 00 00 00 00 00 fc ff df 48 8b 4c 24 08 48 01 c1 c7 01 00 00 [ 1252.952142][ C1] RSP: 0018:ffffc9000325f6f0 EFLAGS: 00000246 [ 1252.952161][ C1] RAX: 0000000000000002 RBX: ffff88806554c070 RCX: 1ffffffff2850276 [ 1252.952180][ C1] RDX: 0000000000000000 RSI: ffffffff8b2cade0 RDI: ffffffff8b900000 [ 1252.952198][ C1] RBP: ffff888064c711f8 R08: 0000000000000001 R09: fffffbfff284d65e [ 1252.952217][ C1] R10: ffffffff9426b2f7 R11: 0000000000000001 R12: ffff8880b933a650 [ 1252.952235][ C1] R13: ffff888060159540 R14: ffffc9000325f748 R15: ffff88806554c070 [ 1252.952260][ C1] ? lock_acquire+0x1b1/0x560 [ 1252.952299][ C1] ? find_held_lock+0x2d/0x110 [ 1252.952329][ C1] ? __pfx___free_object+0x10/0x10 [ 1252.952362][ C1] ? mark_held_locks+0x9f/0xe0 [ 1252.952401][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1252.952439][ C1] debug_object_free+0x299/0x500 [ 1252.952470][ C1] ? debug_object_deactivate+0x1f0/0x370 [ 1252.952502][ C1] ? __pfx_debug_object_free+0x10/0x10 [ 1252.952534][ C1] ? __pfx_lock_release+0x10/0x10 [ 1252.952574][ C1] ? mark_held_locks+0x9f/0xe0 [ 1252.952615][ C1] percpu_counter_destroy_many+0xac/0x390 [ 1252.952652][ C1] ? free_percpu+0x7e9/0x1110 [ 1252.952683][ C1] __mmdrop+0x2cf/0x470 [ 1252.952712][ C1] finish_task_switch.isra.0+0x7af/0xcc0 [ 1252.952740][ C1] ? __switch_to+0x749/0x1390 [ 1252.952769][ C1] __schedule+0xf1d/0x5d00 [ 1252.952805][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 1252.952843][ C1] ? hlock_class+0x4e/0x130 [ 1252.952878][ C1] ? mark_lock+0xb5/0xc60 [ 1252.952917][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 1252.952956][ C1] ? lock_acquire+0x1b1/0x560 [ 1252.953003][ C1] ? __pfx___schedule+0x10/0x10 [ 1252.953039][ C1] ? schedule+0x298/0x350 [ 1252.953073][ C1] ? __pfx_lock_release+0x10/0x10 [ 1252.953112][ C1] ? __down_write_common+0x8a1/0x13f0 [ 1252.953143][ C1] schedule+0xe7/0x350 [ 1252.953178][ C1] schedule_preempt_disabled+0x13/0x30 [ 1252.953217][ C1] __down_write_common+0x950/0x13f0 [ 1252.953248][ C1] ? __pfx___down_write_common+0x10/0x10 [ 1252.953280][ C1] ? __pfx___might_resched+0x10/0x10 [ 1252.953309][ C1] ? __pfx_ima_file_mmap+0x10/0x10 [ 1252.953341][ C1] down_write_killable+0x4b/0x70 [ 1252.953369][ C1] ? vm_mmap_pgoff+0x160/0x360 [ 1252.953408][ C1] vm_mmap_pgoff+0x160/0x360 [ 1252.953448][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1252.953488][ C1] ? __x64_sys_futex+0x1e1/0x4c0 [ 1252.953525][ C1] ? __x64_sys_futex+0x1ea/0x4c0 [ 1252.953562][ C1] ksys_mmap_pgoff+0x7d/0x5d0 [ 1252.953599][ C1] __x64_sys_mmap+0x125/0x190 [ 1252.953641][ C1] do_syscall_64+0xcd/0x250 [ 1252.953669][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1252.953702][ C1] RIP: 0033:0x7f181ba7cfa3 [ 1252.953722][ C1] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 b0 ff ff ff 64 c7 [ 1252.953747][ C1] RSP: 002b:00007ffe858c0a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1252.953772][ C1] RAX: ffffffffffffffda RBX: 00007f181a4006c0 RCX: 00007f181ba7cfa3 [ 1252.953790][ C1] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000 [ 1252.953808][ C1] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000 [ 1252.953825][ C1] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffe858c0cc0 [ 1252.953843][ C1] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000 [ 1252.953865][ C1] [ 1254.338242][ C1] sched: RT throttling activated [ 1256.324068][ T5158] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 1256.331742][ T5158] usb 4-1: can't read configurations, error -71 [ 1257.060516][ T5117] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 1257.122581][T13114] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 1257.545792][T13114] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 1258.153218][T13114] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 2024/06/04 17:04:19 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 1258.545618][T13114] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 1258.725428][T13114] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 1258.988338][ T29] audit: type=1400 audit(1717520659.852:493): avc: denied { recv } for pid=13057 comm="syz-executor.2" saddr=10.128.0.169 src=49764 daddr=10.128.1.152 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1