last executing test programs: 14.060349457s ago: executing program 3 (id=534): r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x34}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1d"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000009, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 13.519883418s ago: executing program 3 (id=536): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000000c0)={0x18, 0x0, {0x2, @empty, 'veth1_to_bridge\x00'}}, 0x1e) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e) close(r2) 12.491715857s ago: executing program 3 (id=539): syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000008c40)='./file0/file0\x00', 0x0, 0x0, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000005c0)={0x30, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth1_macvtap\x00'}}]}]}, 0x30}}, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x1de) write$binfmt_script(r3, &(0x7f00000019c0)={'#! ', './file0', [{0x20, '\x06^-'}, {0x20, 'gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00'}]}, 0x488) close(r3) r4 = socket$inet6(0xa, 0x2, 0x0) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffd000/0x3000)=nil) munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000) sendto$inet6(r4, 0x0, 0x0, 0x4040000, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c) 10.643370436s ago: executing program 0 (id=546): r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x34}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1d"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000009, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 10.16771989s ago: executing program 0 (id=550): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001340)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a7645100b2ffbdb0ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14faecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9cf53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b2f113ad4c7915c8f82c333a7b350802f03b0057010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f842cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2beaf4510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44be9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2002045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed8c631be6411f9927fe9f6b43ec83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea5919ffff72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff153d20f3681f7a3a31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f5cb6dbb714487a9145e9d2918846e78072e0b8f6df849e7f5e3c7e92292c858570d210720102d509083e7af826d9d9f5e4fb389d782e26f243be0c05b9c60383ad28ea3d21466c8d87a4c9cf649315fbd62a6aa4188abb6d8d42785a4ae50157d76efb9c8df83b1c35daad5afaebc7756af1b80d92e8f96a6332e429f6939c230169307e92acd283063304bf6243a0e1f5487bbd54da9fed9bee94d374cc55333fb5c4760cc9ba610937c0f107ef6fbad781863a56897c93c7de1defeaefcef70692d3a8bbf7a4364eac7d608c69caec0f4df2"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000880), 0x10}, 0x49) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r1}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd6e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x40, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r3}, 0x48) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r4}, &(0x7f0000000700), &(0x7f0000000740)}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={r4, &(0x7f0000000580)="de", &(0x7f0000000600)=""/129}, 0x20) 9.201081753s ago: executing program 0 (id=551): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000080)='./file1\x00', 0x800008, &(0x7f0000000100)={[{@shortname_lower}, {@rodir}, {@utf8no}, {@numtail}, {@uni_xlateno}, {@shortname_winnt}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'iso8859-5'}}]}, 0x1, 0x18a, &(0x7f00000003c0)="$eJzs279qU1EABvAvtWqLQzI4icMFHZxC0yewSgUxICgZFATFNiC9UrAQ0MF0c/AlfJzOPoljB+FK/mhtuGIQa6T5/ZZ8cM6XnDMkuefCfX799d7O/kH/Wf8oa41GVm6nyHEjrazku8MAAOfJcVXlS1VV1eXDrH9KVVWLXhEAcNb8/wPA8nn85OmDrW53+1FRrCXlh0Fv0Ju8FuPxrX5epcxuNtLM14wuEKYm+d797vZGMdbKx3I47Q8HvQun+50006rvdyb94nT/Yso7RzfHbzLqb6aZq/X9zdr+pdy68dPnt9PM55fZT5mdjLon/fedorj7sDvTvzKeBwAAAOdBu/ih9vzebv9qfNKf9/5AGrPn89VcW13s3gFgWR28fbf3oix338wT1qeluSYLglAX1vNfLOM3YcE/TMCZO/nS/1G9Gv71FQEAAAAAAAAAAAAAALP+xeNEi94jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMvnWwAAAP//GhmVsg==") truncate(&(0x7f0000000280)='./file1\x00', 0x1000000) 8.783665779s ago: executing program 0 (id=556): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x44}}, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000200)="4319e2aabc1e4a13e696a7f0d7557242d86bf77f9c16bad30355", 0x1a, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000040)=0xffff, 0x4) sendmmsg$inet(r2, &(0x7f0000000800)=[{{&(0x7f0000000380)={0x2, 0x4e24, @empty}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b68a347c1c43e7920c7f253f428f9879a9c35b520c9cc9e7f7a753a293bb765ce4c47731fadf67da06f3d77e970b15a08dbe9e08e17d5b80a379962e8c5ea6afc978bf144bbfd2c2b88583ca1476deab0cbb505ad621bc8bfe404c8d8b0612c8976af50dd29390d8f3a22f1bdcd0f6e73478cf76e"], 0x10}}, {{&(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10, 0x0}}], 0x2, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c0000002a00090000000000000000000400002c450011802f"], 0x5c}, 0x1, 0x3000000}, 0x0) r3 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000002000)=ANY=[@ANYBLOB=',\x00\x00\x00 \x00\x00\x00\x00\x00~'], 0x2c}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000080)={0x2}) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000001300)=@raw={'raw\x00', 0x41, 0x3, 0x3c8, 0x0, 0x19, 0x0, 0x260, 0x0, 0x330, 0x1f0, 0x1f0, 0x330, 0x1f0, 0x3, 0x0, {[{{@ip={@dev, @dev, 0x0, 0x0, 'wlan1\x00', 'wg1\x00'}, 0x0, 0x1f8, 0x260, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@quota={{0x38}}, @common=@inet=@hashlimit2={{0x150}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'veth0_vlan\x00', 'netpci0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x428) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0) r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x2, 0x8, 0x2}, 0x48) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000062213e3826e88aa2aecc35d351fb534b7d59da6ace63ff2835f10ff5f3dbd40311e9fe50aa2d70eea423dcc3b613096bb27307b55ced40fc9845f79d3c2137364d0f03cff9591fdcd04aa253f3c4e40fdf83729ad5f72e513dfed343fb82b9d208e47209acfef94c6f02cda34851ebe7ef94c9130aa1fb1d7a541e90fbd9df7860c2"], &(0x7f0000000340)='GPL\x00'}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0}, 0x31) r7 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r5, &(0x7f0000000000), &(0x7f0000000140)=@udp6=r7}, 0x20) syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x200}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_submit(0x0, r8, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27}) 7.548385132s ago: executing program 3 (id=560): syz_mount_image$hfsplus(&(0x7f0000000500), &(0x7f0000000280)='./file0\x00', 0x3, &(0x7f0000000040)=ANY=[], 0x4, 0x67b, &(0x7f0000000bc0)="$eJzs3U1oHOf9B/DvrFay5T/Y+id24pZARAxpqaktWSitemjcUooPoQT30LOw5Vh4rQRJKUoojfpObz2k9/SgW6HQ0rshPbe3XEVPKYVechI9ZMuMZlcrafUWyXpJPh8zet5mnnme387O7MxiNsAX1p3raT7Je93y6spEa3Vl4lxdbCUp842kWVcVc0nxYXI760u+VFZ2Gnfaz/uzU3c/+mT14/VSs16q9Ru7bbc/y/WS0SQDdbrd4Gfq796W/l48+PiKzgzLgF07/HzhaLS3Wd7U/vvsesQ7juFzoFi/bm4zklyoTwDVZ4L67NA41sE9BcsnPQAAAAA4BpfWspalXDzpcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAZtJykqH/fv0yL0RQXkpxPMlTXpc6faU+Kkx4BAAAAAAAAAGzxat/a5m6bvLiWtSzlYqfcLqrv/F8qs+12u6z6v7ydhcxkPjeylOksZjHzGU8y0tPR0NL04uL8eLVlcjk7bvlpu++Wtw43dQAAAAAAAAD4wvn2ptLPc2fj+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNimRgPamWy538SBrNJOeTDJXrLSf/6ORPicaure1LfaufPKXBAAAAwGlyaS1rWcrFqjCctIvqnv+56r7/fN7OXBYzm8W0MpP71bOA9bv+xurKRGt1ZeJxuWzv9zv/OdAwhur794Gq1G/PV6s1hvMgs1XNjdzLm2nlfhrdO/+rnfH0H9fPyjEVr9b2ObL7dVrO/Hd1us3dTw8026MxUkVksBuRsc7Dm9LukTjgq7N1T+NpdJ/8XO6/p3als9LOMR9MxrZVXqjTMta/7on5ptj3Pnr654GmcwhbI3Gr5+h7bnMktm/8lb/+8UcPW3OPHj5YuN73MDpLtkZioicSz3ejUCTLfc4Pn6tIjFWRuNIt38n388Ncz2hez3xm8+NMZzEzGc33qtx0fRwXO797Om5vKr2+xyPO6i0x0j2LHmxML1XbXsxsfpA3cz8zeaX6dyvj+UYmM5mpnlf4yj7OtI2+7/rzOw3+2lfrzHCS39Tp6VDG9f974tp7zh2p2nprNqL0zKYoFVuvHWWUXmse7HrU/HKdKffxiz2feh+nrZEY74nEs7sfL39ol38XWnOP5h9Ov1VV/WnPrxZertMyqr/a6cq8q+aBt9ifcujPdPvffHSUbc/2bRuv2i532xrb2q502/Z6pw7Vn+G293Sranu+b9tE1Xa1p23z5633qs9bxxFBAA7lwtcuDA3/e/jvwx8M/3L44fBr57977pvnXhjK4N8Gv9UcG3i58ULx53yQn9b3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKEsvPPuo+nWQObXM62ZfWbO5QAr7yNT1D/kc2QdnupMGoec6WD98p34dM4lhzwS/vLb9amc+ItyFJlm+ZqUs/mM/aRxGmZRZfb8HS7gjLu5+PitmwvvvPv12cfTb8y8MTM3ODk5NTY1+crEzQezrZmx9b8nPUrgadi46Pdt/texDwgAAAAAAAAAAADY03H8d4KTniMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwtt25nuaTFBkfuzFWlldXJlrl0slvrNlM0khS/CQpPkxuZ33JSE93xU77eX926u5Hn6x+vNFXs7N+2el/24eaxXK9ZDTJQJ0eVX/3Dt1f0Y1MGbBrncDBSftfAAAA//+gfAoT") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000001bc0)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYBLOB="f1bcca05ed588d63a576cc3afd51baf29cde2281a84392f4e66ff7f77daa9af727ceae8a8ec95fc1b73083de2de825a0ce27c16bc23b2f7c7fb72585548939698f283e000000255a9a924008f8477e82ba11cdb11efd5ca2f1ab049ce2ccc415d2daf8dac725533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec0e822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4cb1a1fa962a8b0000dc2e319379ea1e5a07aeb3f9cd4e648df4dd18e6253e7b2310a78d63a232a2a40758027a472e7d263ef567a841863787889bf1c90fccf31954a940c8b584ca69a512f28edec086b1c0823c028840eeaf3f5d8769023c01218614f4fa40be9892e7a285ac63f7f97aaa5b8ecc86ea8c6193bc21a2b833e5c2c9c703c4cfa063dd34c245706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99be2aa924949558c800000000000000000000006e90277c25a24d590a7306ae960562b9183b4de2dd5e2fc731ddfd1a23b3e991d947cd026224523abd1156665e5e573a6d1ec598eec9f10790c187deb457eea1eacd5fa617fc1a54c37a12f35b6064784a33e01c316e12434fb0c138cd31274603d85140950017fede1b75615d2729", @ANYBLOB="222f82c7b62090b8af26e2c90ea8b835a4c1b6f7d2c4b4dfe5d91c563722aabee25c06ec3d9e590ad3a28c705bb00605c9d9cbcf71763d8b96d8cf86215a58f349b834705f2e2fd54cf9ac4536babff6db7d9637642610c1c398a2e19a571b3e973fa6d5a012200101000000000000c7852e789ef59973815000000dbf34742f88c2baaa7f4437c8ebbdf1de866279e5524f899e467250c76d09af765af3125abd9478e02c17f29e720748532e9715df72fd51da46fcec95b812aa52a33125a18d5518cff0f48bcd9448f3f8dd57004e0ba3e9508260e2d0bf3448d90000000002000041000000000000000000000000000000000071885e5d8e40447341503fe5ff4faafa9736705b511891456512c599c600bb80b2d3ae0c210d55342a5922265e36b67591a3556eb1a7e40c73f3cb6d6e825db772d7f27f2a8f872613037a4ff4f81d9aa697baa89cbf2a3eb978b81113a08ea197f1e370aec148979e32d5aba89deb793331422452fe7927648401e6ea0000000000000000b7289c33ef6a46e3f0bfa605fefed380d41d2c2d99e5bbab544b8bc729e086f42f7b9193874972da60ff932935848d6693520d4f67a2dd487688d7b0a07e90bd1a498f2cde3101cf14362d70adf128950d4f326b0b3b2e3418b48f67455a9d3b2074b95ad4a5f8d156a5a8b12d45235b33c0e24fcf51d6ff07130fdf4f32f65055dd7c3569bdeef8dc4d74c800e8c0e38829160741bfd390df3f7fd89b687f0460e2a979f94085b4e84b255d51ab9be9246b1dadbdfa599f0833a7163cdc1ac416f2c1477a6e7812d86fca3acce2a75c7187f174615407fef5e130f5d890f2b57da0f242e5f49687042fae6fa90500078ab5645a2e480ecfcf03adf5a60fbf48b3f901684243dcd40c588d569881f4f2c7163b817b634c8b1236573d8638c9afe4d13e88e29a60e251c242aa4cd51f7f6c2eeb42be3536d4f4ad78c2f81b399c7ae1e57ef61791f25cc3e2722393256c3202804bdad1e44fbb19feb2b8642bb9d13a3f7bd6f1c4f7febd40f1ba0528e89eae12fe8c40cfd6924c380383e5d1912f87dce69223fe43d473b6cbe373852b910eac1a2d8ac6b8a74d78c432372e50014ab382cc302c85e76f1cf214f456d27f59222b74595a60fa4f76f823de78e4c14e4f0a841d3c055436aa8eebc8038ddaec93d1360884d44436697b6a68bb7f430dfc599893bb6141636da67058690d704aef58a42d9095abb149eb2742e4ef939549b22f75314c20192106f23326463f8a2c4be40e8c71bcdbd956ce058a1bc230d83259c59f7dd964aaa449ea5b80b331da61881d9d9c8c891ba54639940a04b2aef8526cd4d26238add050c4da08519861c1e108006743995f9c000000000000000d8ae9ac1ec1322fd86531012d8880d718eca430ca55f241416d823180f578dcf4b4e0dcd7fd54512ca37ea6087e82eab1e5dd10b61d6b2311bf081ca76d90421ec4f79f50da0761de6d0dd76ece075e922e74bd556bedb78243dce1ba30b2b6564e48f98de96bc47423749187af4a0b165bc33c2d1119c584df6e49b37c345a60633dfa18c4a40559353f0f2a383c6c5c88d3586c5f908542ee0f252056c26bdb41de01e24f464564ffb205d13e67b86ddb0e28fb69c64a43e38c2ba8c1b6ba9770102b5178da64bfa95206459a8973f9b922343ae88080c5150000000000000000000000f551c873858df95a6c5245f830455ec5f52284b02f6e1d0a2d0490b8cb0e5eee118c5a5b0c322f711fccf3e336c1174361fd0c85d6535c070775d20247b41adf8f8b6a00"/1301, @ANYRES8, @ANYRESOCT, @ANYRES32, @ANYRESDEC, @ANYRES32, @ANYRESHEX, @ANYRESDEC, @ANYRESHEX, @ANYRESHEX, @ANYRESOCT], 0x1, 0x0, &(0x7f0000000000)) 7.464575545s ago: executing program 0 (id=561): setresuid(0xee01, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000980), 0x76, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="180200000000000000136f56e8d5ad8bec40cd95a8208b407200004000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200002d454ca6639661e100b7030000000000208500006994b79ef951f29c90e55e16d53300"], &(0x7f0000000840)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) pselect6(0x40, &(0x7f00000045c0), 0x0, &(0x7f0000004640)={0xf8}, 0x0, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000740)={0x3, 0x0, [{0x2, 0x86, &(0x7f0000000280)=""/134}, {0x4000, 0x80, &(0x7f0000000400)=""/128}, {0xd000, 0xc3, &(0x7f00000004c0)=""/195}]}) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000) r3 = dup2(r1, r1) readv(r3, &(0x7f0000000100)=[{&(0x7f00000001c0)=""/125, 0x48}], 0x1) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000040)=0x1) capset(&(0x7f0000000080)={0x20071026}, 0x0) r4 = getpid() prlimit64(r4, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x5}]}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="98ade6d81acbfa3ac76feaefb4c7585a5edd027d603699693fb8b7848826496459fc1c305bcb0f70137cd6545d6597a679e4133d88f9643cbdb4fcef6f703a19c5ffa60875363f12f7b332cab241c554140f85032088d8ee1b7d88eb1ab88f66560aa13807d38b34776b7dac87bf773af438f69c39317cbddb99467505cd86d570612692b017d0c9be32dc657100dc140116a814d8d56a68452dd4bbec", @ANYRES16=r2, @ANYRES16=r4], &(0x7f0000000040)='syzkaller\x00', 0xd1d4, 0x0, 0x0, 0x41000, 0x59, '\x00', 0x0, 0x2}, 0x90) socketpair(0x1d, 0x5, 0x5, &(0x7f0000000640)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10) clock_nanosleep(0x8, 0x2, &(0x7f0000000080)={0x77359400}, 0x0) socket$nl_route(0x10, 0x3, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) fanotify_init(0x200, 0x0) r6 = memfd_create(&(0x7f00000008c0)='-\x88\x8cG\xf3\xbd\xbd\xe2\xd0@\x1e\x8b\xf4\x87\x0e\x81\b\x84\xa2m\x00\v\xd7\xc8h:\xb4\x1e\xed\xd09Y\x18\x00H\x19r\x984\xa6Ey\xdbQ\b\xb1S\xf1:)\x00\xca\xd7Uw\x1e\xbc\xfa2\xb3\xbb\x8d\xac\xac\x97a}knh#\x01\x00\x00\x00\x00\x00\x00\x80\x10d\xee\xa7\x8b\x066\xb8G\xd1c\xe1$\xe8\x97k\xde\xc5\xe96\xddU)(\xe9M\xcd\xf5\xcc\x82n=\x7f=\xcdJxR\xa5~\xb80a\xa9\xb2\x04K\x98\x93=\xabw\x05\x1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 _\x99=\x12\xb3\x15\x1b?\xd7\x95\xc4\x85y\xef\xef\xff\xff\xff\xff\xff\xff\xff\xff\xb3\x02\x03\x00\x00\x00\x00\x00\x00', 0x9) r7 = dup(r6) fanotify_mark(r7, 0x40, 0x4000007b, r3, 0x0) 3.661710335s ago: executing program 2 (id=565): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r0, &(0x7f00000004c0)={0x293, 0x7d, 0x0, {{0x500, 0xf0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232) 3.54945174s ago: executing program 1 (id=567): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000014007910480000000000790030000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x21) 3.506237423s ago: executing program 0 (id=568): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GENEVE_ID={0x8}, @IFLA_GENEVE_TTL_INHERIT={0x5, 0xc, 0x1}]}}}]}, 0x44}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x18, 0x1, 0x2, 0x0, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x4}]}, 0x18}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = syz_open_dev$swradio(&(0x7f0000000040), 0x0, 0x2) ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000000)={0x1, 0x4}) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], &(0x7f0000000240)='GPL\x00', 0x76, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r4, 0x0, 0x0) syz_usb_control_io(r4, &(0x7f0000000580)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="000080000000800002a3032718cadc34f93c507a320e94de67bf8157990d0000f9be3cbc0693752d4d4621e9a0276c30c4ab37cb6a85f74cecdf6e0c9d6ee261cd96f8575c110e2e18a139dece33acee60e2f8ace6350545ed8dbc4f87ef7af2852fe0554c2cad587f3d81dae3114fa52c4556f9fb6e25ee505012c33fa23110b30a8d3db8167f37ae8d4ac064dc9d148bdab12c6585f98be8d074db5c9d8dca1a0b35c762bf32979d9b02dc2cc0183d8de5b6d2c4445fbf70c1ad082abcbb62a6b5ede8c6e3ccbf52c06575eb3f29517a93067d36d1fbb4c0a9aa0730cf"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r4, 0x0, 0x0) r5 = syz_open_dev$hiddev(&(0x7f0000000000), 0x0, 0x0) syz_usb_control_io(r4, &(0x7f0000000100)={0x2c, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0003"], 0x0, 0x0, 0x0}, 0x0) ioctl$HIDIOCSREPORT(r5, 0x81044804, &(0x7f0000000040)={0x1}) syz_usb_control_io$hid(r4, &(0x7f0000000b00)={0x24, 0x0, &(0x7f0000000a40)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0}, 0x0) 3.505669975s ago: executing program 3 (id=569): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28) r1 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000300)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x1) 3.464181537s ago: executing program 1 (id=570): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x68, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_OKEY={0x8, 0x5, 0x929d}, @IFLA_GRE_ENCAP_SPORT={0x6}, @IFLA_GRE_ENCAP_FLAGS={0x6}, @IFLA_GRE_ENCAP_TYPE={0x6}, @IFLA_GRE_REMOTE={0x14, 0x7, @dev}]}}}]}, 0x68}}, 0x0) 3.35006989s ago: executing program 2 (id=571): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x2, &(0x7f0000000040)=@raw=[@ldst, @exit], 0x0, 0x4}, 0x90) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff0100000000000000000000000000010c00028005000100000000004700028005000100010000000600034000000000060005"], 0xe4}}, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f00000000c0)=0xa3b6, 0x4) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x1, 0x0, @mcast1={0xff, 0x5}}, 0x1c) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x1, 0x0, @mcast1={0xff, 0x5}}, 0x1c) unshare(0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00'}, 0x10) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x20001400) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1804"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x80) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) write$cgroup_type(r5, &(0x7f0000000000), 0x248800) 3.327926609s ago: executing program 1 (id=572): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x44}}, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000200)="4319e2aabc1e4a13e696a7f0d7557242d86bf77f9c16bad30355", 0x1a, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000040)=0xffff, 0x4) sendmmsg$inet(r2, &(0x7f0000000800)=[{{&(0x7f0000000380)={0x2, 0x4e24, @empty}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b68a347c1c43e7920c7f253f428f9879a9c35b520c9cc9e7f7a753a293bb765ce4c47731fadf67da06f3d77e970b15a08dbe9e08e17d5b80a379962e8c5ea6afc978bf144bbfd2c2b88583ca1476deab0cbb505ad621bc8bfe404c8d8b0612c8976af50dd29390d8f3a22f1bdcd0f6e73478cf76e"], 0x10}}, {{&(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10, 0x0}}], 0x2, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c0000002a00090000000000000000000400002c450011802f"], 0x5c}, 0x1, 0x3000000}, 0x0) r3 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000002000)=ANY=[@ANYBLOB=',\x00\x00\x00 \x00\x00\x00\x00\x00~'], 0x2c}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000080)={0x2}) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000001300)=@raw={'raw\x00', 0x41, 0x3, 0x3c8, 0x0, 0x19, 0x0, 0x260, 0x0, 0x330, 0x1f0, 0x1f0, 0x330, 0x1f0, 0x3, 0x0, {[{{@ip={@dev, @dev, 0x0, 0x0, 'wlan1\x00', 'wg1\x00'}, 0x0, 0x1f8, 0x260, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@quota={{0x38}}, @common=@inet=@hashlimit2={{0x150}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'veth0_vlan\x00', 'netpci0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x428) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/locks\x00', 0x0, 0x0) r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x2, 0x8, 0x2}, 0x48) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000062213e3826e88aa2aecc35d351fb534b7d59da6ace63ff2835f10ff5f3dbd40311e9fe50aa2d70eea423dcc3b613096bb27307b55ced40fc9845f79d3c2137364d0f03cff9591fdcd04aa253f3c4e40fdf83729ad5f72e513dfed343fb82b9d208e47209acfef94c6f02cda34851ebe7ef94c9130aa1fb1d7a541e90fbd9df7860c2"], &(0x7f0000000340)='GPL\x00'}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0}, 0x31) r7 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r5, &(0x7f0000000000), &(0x7f0000000140)=@udp6=r7}, 0x20) syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x200}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_submit(0x0, r8, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27}) 2.634197002s ago: executing program 4 (id=574): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f00000005c0)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c8}, 0x50) 2.441748583s ago: executing program 4 (id=575): r0 = syz_io_uring_setup(0x60f2, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x3, r3, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0}}) io_uring_enter(r0, 0x5b43, 0x0, 0x0, 0x0, 0x0) shutdown(r3, 0x1) 2.431444113s ago: executing program 3 (id=576): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ab9fd540501d6f60d414000000010902120001000040000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00010c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000009c0)={0x44, &(0x7f0000000600)=ANY=[@ANYBLOB="000028000000e97c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.255571944s ago: executing program 1 (id=577): syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0a00402000"], 0xd) syz_emit_vhci(0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000080)='./file1\x00', 0x1000004, &(0x7f00000000c0)=ANY=[@ANYRESOCT, @ANYRESHEX], 0x3, 0x7a3, &(0x7f0000000a80)="$eJzs3U1sHOX5APBnHBuCkSLE/68URSFMApWCFMx6DaYWB1jWY3tgvWvtrqtEVUUj4iArDiAoaskFokrQVq2qnnqkXLn11qpSK/XQ9lSpHHrpDYlTRaV+iaqq5Gpmdx1/2+QTyO9ned/Z2Wfe95n1eJ6dtWc2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBI6tOVyngSjby5eDrdWX263Zrf5fFBf7/e0Gzw9IZxI5LiOw4ejE/+0Zv3/1cePlzcnIijvXtH42DRHIxLdx++58n/Gx4aLL9LQlfr+D7jkoi3iqQunF1ZWXr1BiRyE33/l596kX+vFrezWTPvtPL52myW5p1WOjU5WXl0bqaTzuSNrHOm083m03o7q3Vb7fRk/eF0fGpqIs3GzrQWm7PTtUY2mPnEI9VKZTJ9dmwhq7U7reajz0anPpc3GnlztoypVr4VRcwTxYb4XN5Nu1ltPk3PL68sTeyVahE0vt0DB3rbz9GH7vno9Q//vrxUbJA7dZL0N8zq+Hi1Oj75+NTjT1Qqw9VKdeOMyiaxFhFDEUXEDdlo+Ry5vjtwuAZD/fofjcijGYtxOtJtvkaiHtPRjlbMF/f/NLIlom9Q/7/86F//sNu46+v/oMrfd+XhI1HW/2O9e8d2qv/b5nozv16LN+JSXIizsRIrsRSv3vKM9vgautYekg33ZiOLZuTRiVbkMR+1ck7an5PGVEzGZFTi+ZiLmehEGjORRyOy6MSZ6EQ3snKLqkc7sqhFN1rRjjRORj0ejjTGYyqmYiLSyGIszkQrFqMZszEdtbKX87FcPu8Tm7I8fFf84sU/fvRuMb0WNL7bahUv5oqgv+0StKXc71r/V1eL1wubI9T/290N2IvD1Vkd1H8AAADgCysp330vjv9H4v5yaiZvZF+71WkBAAAA11H5l/+jRTNSTN0fSXH8X9km8oObnhsAAABwfSTlOXZJRIzGA72p87Ecb8VSbPcmAAAAAPA5VP79/1jRjEa8Wc4YXC7F8T8AAAB8QXx3p2vsfzi4xm5n4c7kVyMRMZJcXjj9UHKxVsTVLh7oLddvvrrWY3fmSHKo30nZTA5fujuJiOF6djQZXP3yv3f22o/L2yPDa4vvdK3/pN3eNYHYPYHyXvwgjvdijp/rtef6jyS9UUZn8kY2Vm81niwviVh8d19/afnbEcXo32vOH0ri/PLK0tgLL6+cK3O5XPRy+WL/AopbrqO4Sy6r/Wcg7t9+jUfKEzH64472xq2sX/+h3uJDu4+ZrB/z7TjRizkx2mtHB4/0xjxYjDk+9uR41GqHhrrZ6e7rq+vWvp/F+DWu+dvxYC/mwZMP9pptsqhuyOKlrVlU12exv+di31m8e/zN0//6bSvJJvbKYuJTZLF6IGJzFgC3yvnyqj9XqtBdZRX6z2pPUf831d27BkvuY1/7zyujrL3KGCy/rtYNx+bqfqXv/VX31ejt0U/2Yk72Xk8MH9mmrlS22aO/svzK7/p79Mfe/8lPv37s9z8rx72q6vZ+PNyL6Tdx7292qLHFOv9wU1V9r1jivR3H7TSqSVyOOPDNi6/E4dfeuPTI8sWzLy69uPRStToxWXmsUnm8GiPlS4V+s0umANy+9v6MnR0j7uh3kTy201F1v+Ldu/YvBWPxQrwcK3EuTpVnG0TEA9uPO7ru3xBO7XHUOrruE15O7XFseSW2ujU2iR1iJ9Y9Y1/6cdl8ckN+HABwU5zYow7vUv/X3pk/tcdx98ZavunoOHau5dv5yg19NgDg9pC1P05Gu+8k7Xa+8Pz41NR4rTuXpe1W/bm0nU/PZmne7Gbt+lytOZulC+1Wt1UfvHE8nXXSzuLCQqvdTWda7TSGOvnp8pPf0/5Hv3ey+Vqzm9c7C42s1snSeqvZrdW76XTeqacLi8808s5c1i4X7ixk9Xwmr9e6eauZdlqL7Xo2lqadLFsXmE9nzW4+kxeTzXShnc/X2pcjorE4n6XTWafezhe6rV6Hg7Hy5kyrPV92O7Z19f9ys59vAPgseO2NSxfOrqwsvXp1E3/eT/CtXkcAYCNVGgAAAAAAAAAAAAAAPvu2nq5XzL2GMwI/3cSdccOHuG0nih/kZyCNWzvxjaeeurBTzDNv3je3v362/03Z7lTXdw5F3PHzH/XmPL1z8Hf6v3/XZ00/iIirWHw12SVmw27ijpu/ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACArf4XAAD//7hdYFI=") 2.130998604s ago: executing program 4 (id=578): mkdir(&(0x7f0000000100)='./file0\x00', 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x103200, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r4, 0x26, &(0x7f0000000380)={0x1}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r5, 0x26, &(0x7f0000000380)) chroot(0x0) 1.659916474s ago: executing program 1 (id=579): setresuid(0xee01, 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000980), 0x76, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000007c0)=ANY=[@ANYBLOB="180200000000000000136f56e8d5ad8bec40cd95a8208b407200004000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200002d454ca6639661e100b7030000000000208500006994b79ef951f29c90e55e16d53300"], &(0x7f0000000840)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) pselect6(0x40, &(0x7f00000045c0), 0x0, &(0x7f0000004640)={0xf8}, 0x0, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000740)={0x3, 0x0, [{0x2, 0x86, &(0x7f0000000280)=""/134}, {0x4000, 0x80, &(0x7f0000000400)=""/128}, {0xd000, 0xc3, &(0x7f00000004c0)=""/195}]}) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000) r3 = dup2(r1, r1) readv(r3, &(0x7f0000000100)=[{&(0x7f00000001c0)=""/125, 0x48}], 0x1) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000040)=0x1) capset(&(0x7f0000000080)={0x20071026}, 0x0) r4 = getpid() prlimit64(r4, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x5}]}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="98ade6d81acbfa3ac76feaefb4c7585a5edd027d603699693fb8b7848826496459fc1c305bcb0f70137cd6545d6597a679e4133d88f9643cbdb4fcef6f703a19c5ffa60875363f12f7b332cab241c554140f85032088d8ee1b7d88eb1ab88f66560aa13807d38b34776b7dac87bf773af438f69c39317cbddb99467505cd86d570612692b017d0c9be32dc657100dc140116a814d8d56a68452dd4bbec", @ANYRES16=r2, @ANYRES16=r4], &(0x7f0000000040)='syzkaller\x00', 0xd1d4, 0x0, 0x0, 0x41000, 0x59, '\x00', 0x0, 0x2}, 0x90) socketpair(0x1d, 0x5, 0x5, &(0x7f0000000640)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10) clock_nanosleep(0x8, 0x2, &(0x7f0000000080)={0x77359400}, 0x0) socket$nl_route(0x10, 0x3, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) fanotify_init(0x200, 0x0) r6 = memfd_create(&(0x7f00000008c0)='-\x88\x8cG\xf3\xbd\xbd\xe2\xd0@\x1e\x8b\xf4\x87\x0e\x81\b\x84\xa2m\x00\v\xd7\xc8h:\xb4\x1e\xed\xd09Y\x18\x00H\x19r\x984\xa6Ey\xdbQ\b\xb1S\xf1:)\x00\xca\xd7Uw\x1e\xbc\xfa2\xb3\xbb\x8d\xac\xac\x97a}knh#\x01\x00\x00\x00\x00\x00\x00\x80\x10d\xee\xa7\x8b\x066\xb8G\xd1c\xe1$\xe8\x97k\xde\xc5\xe96\xddU)(\xe9M\xcd\xf5\xcc\x82n=\x7f=\xcdJxR\xa5~\xb80a\xa9\xb2\x04K\x98\x93=\xabw\x05\x1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 _\x99=\x12\xb3\x15\x1b?\xd7\x95\xc4\x85y\xef\xef\xff\xff\xff\xff\xff\xff\xff\xff\xb3\x02\x03\x00\x00\x00\x00\x00\x00', 0x9) r7 = dup(r6) fanotify_mark(r7, 0x40, 0x4000007b, r3, 0x0) 789.577242ms ago: executing program 4 (id=580): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x16}]}, @NFT_MSG_NEWSETELEM={0x64, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x3c, 0x3, 0x0, 0x1, [{0x38, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x1c, 0xb, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc}, @NFTA_COUNTER_PACKETS={0xc}]}}}]}]}]}]}], {0x14, 0x10}}, 0xe8}}, 0x0) 751.535983ms ago: executing program 2 (id=581): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r0, &(0x7f00000004c0)={0x293, 0x7d, 0x0, {{0x500, 0xf0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232) 656.177509ms ago: executing program 4 (id=582): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x68, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_OKEY={0x8, 0x5, 0x929d}, @IFLA_GRE_ENCAP_SPORT={0x6}, @IFLA_GRE_ENCAP_FLAGS={0x6}, @IFLA_GRE_ENCAP_TYPE={0x6}, @IFLA_GRE_REMOTE={0x14, 0x7, @dev}]}}}]}, 0x68}}, 0x0) 541.500192ms ago: executing program 4 (id=583): syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000008c40)='./file0/file0\x00', 0x0, 0x0, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000005c0)={0x30, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth1_macvtap\x00'}}]}]}, 0x30}}, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x1de) write$binfmt_script(r3, &(0x7f00000019c0)={'#! ', './file0', [{0x20, '\x06^-'}, {0x20, 'gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t\x92\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\xc9.\x8br\xf9\xde\xd6\xe6\x14O\xc8\xff3ZA\xea\xd4\xa9]7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\xa9\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00'}]}, 0x488) close(r3) r4 = socket$inet6(0xa, 0x2, 0x0) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffd000/0x3000)=nil) munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000) sendto$inet6(r4, 0x0, 0x0, 0x4040000, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c) 470.885479ms ago: executing program 2 (id=584): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000240)=""/214, 0xd6}, {&(0x7f0000000a00)=""/242, 0xf2}, {&(0x7f0000001140)=""/4043, 0xfcb}, {&(0x7f00000007c0)=""/191, 0xbf}, {&(0x7f0000000500)=""/217, 0xd9}, {&(0x7f00000000c0)=""/42, 0x2a}, {&(0x7f0000000b00)=""/210, 0xd2}, {&(0x7f0000000600)=""/117, 0x75}, {&(0x7f0000000340)=""/48, 0x30}, {&(0x7f0000000040)=""/59, 0x3b}], 0xa}, 0x0) 211.479328ms ago: executing program 2 (id=585): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f00000005c0)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c8}, 0x50) 44.514957ms ago: executing program 2 (id=586): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000f40), 0x2, 0x0) syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000)) r2 = dup3(r1, 0xffffffffffffffff, 0x0) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="34040000", @ANYRES16=0x0, @ANYBLOB="10002bbd7000fddbdf250000000006001c0060910000050005000100000008000a000400000008000c0004000000"], 0x34}, 0x1, 0x0, 0x0, 0x8}, 0x4000) socket$inet6_sctp(0xa, 0x0, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x400, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000b00)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==") sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="89000000120081ae08060c0f006b3f007f03e3f70000000000e2ffca1b4e0906a6bd", 0x22}], 0x1}, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000300)) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x28) syz_open_procfs(0x0, &(0x7f0000000780)='map_files\x00') lseek(0xffffffffffffffff, 0x0, 0x0) getdents64(0xffffffffffffffff, 0xffffffffffffffff, 0x43) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/12], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26) r6 = dup2(r5, r4) sendmmsg$inet6(r6, &(0x7f00000088c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001880)=ANY=[@ANYBLOB="200000000000000029000000360000000001000000000000010200000502000088000000000000002900000039000000000e000000000000fc020000000000000000000000080000ff010000000000000000000000000001fe88000000000000000000000000000100000000000000000000000000000000ff010000000000000000000000000001ff0100000000007fffb31a00000000002100011400000000f6ffff280000004300"/180], 0xc0}}, {{&(0x7f0000001940)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000001ec0)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x00', @ANYBLOB="9fb919f3c635460a1ffd466ba66a96e7f10303f03c4f4a0f5230672feb40fadc0c5671ada31551", @ANYBLOB], 0x28}}, {{&(0x7f0000001fc0)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c, &(0x7f0000004340)=[{&(0x7f0000002000)}, {&(0x7f00000020c0)}, {0x0}, {0x0}, {0x0}], 0x5}}, {{&(0x7f00000043c0)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000004740)=[{0x0}, {&(0x7f0000004440)="0d536fa326c4bf8df0f421a07937bae5ab230fb1e28e9e750cf185050286542829c1be0f97b3829b9473779c58ab80b41d82a1669d43446e49e16acd336e32fa2fab7ad1f6d5c6154b3ed72b452f09df572675894298f1b58602daf737d5f0de86e51319468b5576d4a64cd785fc79b63da9b235e47a23ea", 0x78}, {&(0x7f0000004540)}, {&(0x7f0000004580)}, {&(0x7f0000004680)="31fd1a9bc9b6c4590b22cf7e516f0a60ef08014f33b27fba4efdccad24ac5076bc446ceb0e945a80ebfcb873df13f0f1369138e3311a7ca9f517610625fb70cc2524a5d8868b4886ad0812218923a98c6f449dfb1d42325107160cef9e4ced767c9c969118e1d60c2048deb87aeccc0dbe9e2c1d16c6b5b7a3e0edbcc252b8e9bd4bfefefae75ed70f3c217b8db2ccff6f2da1f994c72404ff182a21f6ea93d7988115bc391bc3536a4f", 0xaa}], 0x5}}, {{&(0x7f0000004980)={0xa, 0x0, 0x0, @mcast1}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}], 0x6, 0x0) accept$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x3, @default}, [@bcast, @default, @remote, @netrom, @null, @netrom, @null, @bcast]}, &(0x7f0000000080)=0x48) 0s ago: executing program 1 (id=587): r0 = socket$inet6(0xa, 0x3, 0xff) syz_emit_ethernet(0x46, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x0, 0x200}}}}}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8d}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6) futex(&(0x7f0000001300)=0x80000001, 0x800000000006, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='l%\x86\xce6\xdb\f\xcf\x19|\xc9O\x7f\xce\x8f\x7f\x1c\xeay\x06\x00\x00\x00\a0\r\x13\xaa\x84r\xd7^\xe82\x0f\x1a\xf1\x02\x00\x1e&{\xee2\x95I\xca\xbevl\x12\xb6 \xd4') prctl$PR_SET_SECCOMP(0x10, 0x0, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) signalfd(0xffffffffffffffff, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000500)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xc9) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.102' (ED25519) to the list of known hosts. [ 64.911548][ T5081] cgroup: Unknown subsys name 'net' [ 65.049527][ T5081] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.738054][ T5081] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 67.475390][ T5107] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.477098][ T5104] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.486434][ T5107] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.493499][ T5104] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.498638][ T5107] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.506470][ T5104] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.514891][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.520496][ T5104] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.526897][ T5107] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.534076][ T5104] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.547882][ T5104] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.551236][ T5108] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.555635][ T5104] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.570945][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.571753][ T5104] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.580368][ T5107] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.585778][ T5104] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.601406][ T5106] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.601667][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.610352][ T5109] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.616319][ T5107] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.623685][ T5109] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.629873][ T5107] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.637809][ T5108] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.644394][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.651687][ T5108] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.658174][ T5107] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.664744][ T5109] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.671864][ T5108] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.680249][ T5109] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.404683][ T5090] chnl_net:caif_netlink_parms(): no params data found [ 68.459076][ T5097] chnl_net:caif_netlink_parms(): no params data found [ 68.473470][ T5091] chnl_net:caif_netlink_parms(): no params data found [ 68.550649][ T5096] chnl_net:caif_netlink_parms(): no params data found [ 68.562736][ T5092] chnl_net:caif_netlink_parms(): no params data found [ 68.722289][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.730152][ T5090] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.737493][ T5090] bridge_slave_0: entered allmulticast mode [ 68.745825][ T5090] bridge_slave_0: entered promiscuous mode [ 68.788972][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.796265][ T5090] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.803857][ T5090] bridge_slave_1: entered allmulticast mode [ 68.811001][ T5090] bridge_slave_1: entered promiscuous mode [ 68.884487][ T5097] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.896007][ T5097] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.903319][ T5097] bridge_slave_0: entered allmulticast mode [ 68.911647][ T5097] bridge_slave_0: entered promiscuous mode [ 68.951687][ T5090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.962409][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.969739][ T5097] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.977011][ T5097] bridge_slave_1: entered allmulticast mode [ 68.985109][ T5097] bridge_slave_1: entered promiscuous mode [ 69.015032][ T5092] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.025473][ T5092] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.032805][ T5092] bridge_slave_0: entered allmulticast mode [ 69.040478][ T5092] bridge_slave_0: entered promiscuous mode [ 69.047897][ T5091] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.055261][ T5091] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.062647][ T5091] bridge_slave_0: entered allmulticast mode [ 69.069982][ T5091] bridge_slave_0: entered promiscuous mode [ 69.080053][ T5090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.113427][ T5096] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.123641][ T5096] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.131033][ T5096] bridge_slave_0: entered allmulticast mode [ 69.138145][ T5096] bridge_slave_0: entered promiscuous mode [ 69.146587][ T5092] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.154050][ T5092] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.161462][ T5092] bridge_slave_1: entered allmulticast mode [ 69.168616][ T5092] bridge_slave_1: entered promiscuous mode [ 69.175734][ T5091] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.183209][ T5091] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.190681][ T5091] bridge_slave_1: entered allmulticast mode [ 69.197719][ T5091] bridge_slave_1: entered promiscuous mode [ 69.222343][ T5097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.236693][ T5097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.246447][ T5096] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.253855][ T5096] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.261168][ T5096] bridge_slave_1: entered allmulticast mode [ 69.268214][ T5096] bridge_slave_1: entered promiscuous mode [ 69.345403][ T5090] team0: Port device team_slave_0 added [ 69.380858][ T5092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.393920][ T5092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.418509][ T5091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.430980][ T5090] team0: Port device team_slave_1 added [ 69.453266][ T5096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.490104][ T5091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.527444][ T5097] team0: Port device team_slave_0 added [ 69.541746][ T5096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.567209][ T5092] team0: Port device team_slave_0 added [ 69.577315][ T5092] team0: Port device team_slave_1 added [ 69.598918][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.606611][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.633369][ T5090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.647668][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.654765][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.681440][ T5090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.695333][ T5097] team0: Port device team_slave_1 added [ 69.760001][ T5109] Bluetooth: hci2: command tx timeout [ 69.760009][ T5098] Bluetooth: hci4: command tx timeout [ 69.760329][ T5098] Bluetooth: hci3: command tx timeout [ 69.765756][ T5109] Bluetooth: hci1: command tx timeout [ 69.771939][ T54] Bluetooth: hci0: command tx timeout [ 69.786328][ T5096] team0: Port device team_slave_0 added [ 69.798332][ T5096] team0: Port device team_slave_1 added [ 69.822094][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.829089][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.855640][ T5092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.868752][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.875957][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.902059][ T5092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.917149][ T5091] team0: Port device team_slave_0 added [ 69.945238][ T5097] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.952424][ T5097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.978859][ T5097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.017737][ T5091] team0: Port device team_slave_1 added [ 70.040329][ T5097] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.047320][ T5097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.073494][ T5097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.086623][ T5096] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.094692][ T5096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.121398][ T5096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.166384][ T5090] hsr_slave_0: entered promiscuous mode [ 70.173423][ T5090] hsr_slave_1: entered promiscuous mode [ 70.192003][ T5096] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.199006][ T5096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.225918][ T5096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.280440][ T5092] hsr_slave_0: entered promiscuous mode [ 70.287137][ T5092] hsr_slave_1: entered promiscuous mode [ 70.294000][ T5092] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.302547][ T5092] Cannot create hsr debugfs directory [ 70.316199][ T5091] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.327721][ T5091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.357932][ T5091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.371385][ T5091] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.378387][ T5091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.404769][ T5091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.517759][ T5097] hsr_slave_0: entered promiscuous mode [ 70.524462][ T5097] hsr_slave_1: entered promiscuous mode [ 70.532181][ T5097] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.540356][ T5097] Cannot create hsr debugfs directory [ 70.583980][ T5096] hsr_slave_0: entered promiscuous mode [ 70.592284][ T5096] hsr_slave_1: entered promiscuous mode [ 70.598630][ T5096] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.606794][ T5096] Cannot create hsr debugfs directory [ 70.700803][ T5091] hsr_slave_0: entered promiscuous mode [ 70.707819][ T5091] hsr_slave_1: entered promiscuous mode [ 70.715154][ T5091] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.723717][ T5091] Cannot create hsr debugfs directory [ 71.256473][ T5090] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.280394][ T5090] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.293793][ T5090] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.306622][ T5090] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.395333][ T5092] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 71.406073][ T5092] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 71.421637][ T5092] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 71.442204][ T5092] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 71.550879][ T5097] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 71.576866][ T5097] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 71.598820][ T5097] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 71.611146][ T5097] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 71.725210][ T5096] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 71.735874][ T5096] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 71.748450][ T5096] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 71.764311][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.772586][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.796656][ T5096] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 71.840417][ T4489] Bluetooth: hci0: command tx timeout [ 71.845894][ T4489] Bluetooth: hci2: command tx timeout [ 71.849840][ T5098] Bluetooth: hci3: command tx timeout [ 71.852953][ T4489] Bluetooth: hci4: command tx timeout [ 71.860002][ T54] Bluetooth: hci1: command tx timeout [ 71.915855][ T5091] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 71.950041][ T5091] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 71.961783][ T5091] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 71.982379][ T5091] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 72.021064][ T5090] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.147205][ T5090] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.163762][ T5092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.202926][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.210353][ T5147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.259299][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.266592][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.329423][ T5092] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.376356][ T927] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.383767][ T927] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.418421][ T927] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.425646][ T927] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.443956][ T5097] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.498386][ T5096] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.586580][ T5097] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.614088][ T5091] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.655821][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.663095][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.676691][ T5096] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.725581][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.732792][ T5147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.787320][ T5147] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.794521][ T5147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.826437][ T5091] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.849263][ T5150] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.856544][ T5150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.901176][ T927] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.908374][ T927] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.961209][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.968415][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.070978][ T5090] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.227752][ T5092] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.403208][ T5090] veth0_vlan: entered promiscuous mode [ 73.487285][ T5090] veth1_vlan: entered promiscuous mode [ 73.618833][ T5092] veth0_vlan: entered promiscuous mode [ 73.631938][ T5097] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.680466][ T5096] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.688350][ T5092] veth1_vlan: entered promiscuous mode [ 73.754837][ T5091] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.802066][ T5090] veth0_macvtap: entered promiscuous mode [ 73.843132][ T5090] veth1_macvtap: entered promiscuous mode [ 73.919594][ T54] Bluetooth: hci1: command tx timeout [ 73.919641][ T4489] Bluetooth: hci4: command tx timeout [ 73.925039][ T54] Bluetooth: hci3: command tx timeout [ 73.930458][ T4489] Bluetooth: hci2: command tx timeout [ 73.935882][ T5109] Bluetooth: hci0: command tx timeout [ 73.989190][ T5092] veth0_macvtap: entered promiscuous mode [ 74.027535][ T5097] veth0_vlan: entered promiscuous mode [ 74.040401][ T5092] veth1_macvtap: entered promiscuous mode [ 74.055070][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.095534][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.106082][ T5091] veth0_vlan: entered promiscuous mode [ 74.121605][ T5097] veth1_vlan: entered promiscuous mode [ 74.145927][ T5090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.156981][ T5090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.166079][ T5090] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.176982][ T5090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.201441][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.212719][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.228558][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.261233][ T5091] veth1_vlan: entered promiscuous mode [ 74.272404][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.283669][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.295355][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.324365][ T5092] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.333478][ T5092] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.342455][ T5092] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.352073][ T5092] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.504461][ T5097] veth0_macvtap: entered promiscuous mode [ 74.526832][ T1047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.529864][ T5096] veth0_vlan: entered promiscuous mode [ 74.542252][ T1047] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.577388][ T5097] veth1_macvtap: entered promiscuous mode [ 74.618834][ T5091] veth0_macvtap: entered promiscuous mode [ 74.628882][ T5096] veth1_vlan: entered promiscuous mode [ 74.657178][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.675937][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.687479][ T5091] veth1_macvtap: entered promiscuous mode [ 74.768956][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.780979][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.791248][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.803647][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.815156][ T5097] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.831971][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.841609][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.888309][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.903723][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.914067][ T5097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.925121][ T5097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.938874][ T5097] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.949076][ T5179] fscrypt (sda1, inode 1949): Sub-block data units not yet supported with IV_INO_LBLK_32 [ 74.969859][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.980691][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.998314][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.010860][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.027124][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.037752][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.053964][ T5091] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.086119][ T5097] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.095793][ T5097] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.106266][ T5097] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.127926][ T5097] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.192296][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.221958][ T5185] sock: sock_timestamping_bind_phc: sock not bind to device [ 75.223740][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.248767][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.273597][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.284744][ T5091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.296070][ T5091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.309795][ T5091] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.317442][ T29] audit: type=1800 audit(1719387624.188:2): pid=5187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9" name="file0" dev="sda1" ino=1949 res=0 errno=0 [ 75.337918][ T29] audit: type=1804 audit(1719387624.198:3): pid=5187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.9" name="/root/syzkaller.JD8nUz/4/file0" dev="sda1" ino=1949 res=1 errno=0 [ 75.399709][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.415323][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.434700][ T5096] veth0_macvtap: entered promiscuous mode [ 75.460438][ T5091] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.477991][ T5091] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.486821][ T5091] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.497424][ T5091] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.513361][ T5096] veth1_macvtap: entered promiscuous mode [ 75.694007][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.716844][ T5193] loop3: detected capacity change from 0 to 512 [ 75.719269][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.752580][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.764099][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.775959][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.791087][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.802751][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.814040][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.828918][ T5096] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.877528][ T5146] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 75.920853][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.932929][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.943618][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.955106][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.967675][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.985779][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.998382][ T5096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.009815][ T54] Bluetooth: hci3: command tx timeout [ 76.015380][ T54] Bluetooth: hci0: command tx timeout [ 76.017043][ T5109] Bluetooth: hci2: command tx timeout [ 76.021522][ T54] Bluetooth: hci4: command tx timeout [ 76.026286][ T5098] Bluetooth: hci1: command tx timeout [ 76.033908][ T5096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.049931][ T5096] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.120859][ T5096] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.146947][ T5096] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.187289][ T5096] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.203101][ T29] audit: type=1800 audit(1719387625.068:4): pid=5195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.11" name="/" dev="9p" ino=2 res=0 errno=0 [ 76.203113][ T5096] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.258715][ T2408] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.300332][ T2408] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.340783][ T5198] fscrypt (sda1, inode 1954): Sub-block data units not yet supported with IV_INO_LBLK_32 [ 76.483137][ T2408] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.516020][ T2408] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.590492][ T2408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.607372][ T2408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.638512][ T5206] sock: sock_timestamping_bind_phc: sock not bind to device [ 76.654478][ T29] audit: type=1800 audit(1719387625.508:5): pid=5207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.17" name="file0" dev="sda1" ino=1954 res=0 errno=0 [ 76.690331][ T29] audit: type=1804 audit(1719387625.518:6): pid=5207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.17" name="/root/syzkaller.nxBWyC/4/file0" dev="sda1" ino=1954 res=1 errno=0 [ 76.787466][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.808434][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.917800][ T5212] loop0: detected capacity change from 0 to 512 [ 76.986695][ T5214] loop1: detected capacity change from 0 to 16 [ 76.998642][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.004461][ T5142] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 77.011233][ T5214] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 77.052702][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.060153][ T5148] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 77.228495][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.250708][ T5148] usb 4-1: Using ep0 maxpacket: 32 [ 77.258216][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.292498][ T5148] usb 4-1: New USB device found, idVendor=0416, idProduct=a91a, bcdDevice=13.6d [ 77.329362][ T5148] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.337804][ T5148] usb 4-1: Product: syz [ 77.367014][ T5148] usb 4-1: Manufacturer: syz [ 77.390573][ T5148] usb 4-1: SerialNumber: syz [ 77.422573][ T5148] usb 4-1: config 0 descriptor?? [ 77.491400][ T29] audit: type=1800 audit(1719387626.348:7): pid=5219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.20" name="/" dev="9p" ino=2 res=0 errno=0 [ 77.567376][ T5224] loop4: detected capacity change from 0 to 1024 [ 77.755610][ T5148] usb 4-1: USB disconnect, device number 2 [ 77.828626][ T5230] syz.4.5 uses obsolete (PF_INET,SOCK_PACKET) [ 78.210918][ T1034] hfsplus: b-tree write err: -5, ino 4 [ 78.234683][ T5239] sock: sock_timestamping_bind_phc: sock not bind to device [ 78.437193][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 80.706282][ T5222] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.226391][ T29] audit: type=1800 audit(1719387630.098:8): pid=5248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.27" name="file0" dev="sda1" ino=1960 res=0 errno=0 [ 81.316990][ T29] audit: type=1804 audit(1719387630.158:9): pid=5248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.27" name="/root/syzkaller.z4PKUi/1/file0" dev="sda1" ino=1960 res=1 errno=0 [ 81.436883][ T5255] loop3: detected capacity change from 0 to 256 [ 81.543097][ T5255] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 81.648807][ T29] audit: type=1800 audit(1719387630.518:10): pid=5262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.33" name="/" dev="9p" ino=2 res=0 errno=0 [ 81.831157][ T5267] loop4: detected capacity change from 0 to 128 [ 81.866795][ T5272] sock: sock_timestamping_bind_phc: sock not bind to device [ 82.007941][ T5267] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 82.059924][ T5267] FAT-fs (loop4): Filesystem has been set read-only [ 82.139516][ T5277] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.139645][ T5267] syz.4.36: attempt to access beyond end of device [ 82.139645][ T5267] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 82.278099][ T5267] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 82.289693][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.298379][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.307078][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.320600][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 82.330354][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 82.339793][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 82.429777][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 82.487423][ T5267] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 84.219860][ T5145] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 84.277837][ T5267] syz.4.36: attempt to access beyond end of device [ 84.277837][ T5267] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 84.291838][ T29] audit: type=1800 audit(1719387633.168:11): pid=5267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.36" name="file2" dev="loop4" ino=1048596 res=0 errno=0 [ 84.422422][ T5267] syz.4.36 (5267) used greatest stack depth: 18064 bytes left [ 84.459416][ T5145] usb 3-1: Using ep0 maxpacket: 32 [ 84.476670][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 84.546717][ T5145] usb 3-1: New USB device found, idVendor=0416, idProduct=a91a, bcdDevice=13.6d [ 84.589366][ T5145] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.610192][ T5145] usb 3-1: Product: syz [ 84.619868][ T5145] usb 3-1: Manufacturer: syz [ 84.624544][ T5145] usb 3-1: SerialNumber: syz [ 84.667518][ T5284] loop1: detected capacity change from 0 to 512 [ 84.683761][ T5145] usb 3-1: config 0 descriptor?? [ 84.814368][ T5147] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 85.139419][ T5147] usb 4-1: Using ep0 maxpacket: 32 [ 85.192177][ T5147] usb 4-1: New USB device found, idVendor=057c, idProduct=8403, bcdDevice=72.02 [ 85.360640][ T5147] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.519159][ T5147] usb 4-1: config 0 descriptor?? [ 85.566829][ T5147] usb 4-1: ath9k_htc: Device endpoint numbers are not the expected ones [ 85.577518][ T5284] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.590407][ T5284] ext4 filesystem being mounted at /root/syzkaller.6IQimM/6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.671947][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 85.703643][ T5277] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz.1.41: corrupted inode contents [ 85.724278][ T29] audit: type=1800 audit(1719387634.598:12): pid=5303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.47" name="file0" dev="sda1" ino=1954 res=0 errno=0 [ 85.798991][ T927] usb 3-1: USB disconnect, device number 2 [ 85.805096][ T5277] EXT4-fs error (device loop1): ext4_dirty_inode:5935: inode #2: comm syz.1.41: mark_inode_dirty error [ 85.865116][ T29] audit: type=1804 audit(1719387634.628:13): pid=5303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.47" name="/root/syzkaller.8vofcW/6/file0" dev="sda1" ino=1954 res=1 errno=0 [ 85.906961][ T5147] usb 4-1: USB disconnect, device number 3 [ 85.940874][ T5277] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz.1.41: corrupted inode contents [ 85.975693][ T5277] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.41: mark_inode_dirty error [ 86.534214][ T5097] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.769955][ T5323] sock: sock_timestamping_bind_phc: sock not bind to device [ 87.151423][ T1794] cfg80211: failed to load regulatory.db [ 87.198075][ T29] audit: type=1800 audit(1719387636.068:14): pid=5337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.60" name="file0" dev="sda1" ino=1969 res=0 errno=0 [ 87.373528][ T29] audit: type=1804 audit(1719387636.248:15): pid=5337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.60" name="/root/syzkaller.6IQimM/9/file0" dev="sda1" ino=1969 res=1 errno=0 [ 88.000652][ T5341] loop4: detected capacity change from 0 to 1024 [ 88.409296][ T5349] loop1: detected capacity change from 0 to 256 [ 88.506197][ T5349] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 88.657769][ T52] hfsplus: b-tree write err: -5, ino 4 [ 88.798130][ T5358] loop0: detected capacity change from 0 to 512 [ 88.849860][ T5148] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 88.852029][ T5358] EXT4-fs (loop0): unable to read superblock [ 89.090347][ T5148] usb 4-1: Using ep0 maxpacket: 32 [ 89.132433][ T5148] usb 4-1: New USB device found, idVendor=057c, idProduct=8403, bcdDevice=72.02 [ 89.153205][ T5148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.183690][ T5148] usb 4-1: config 0 descriptor?? [ 89.212306][ T5148] usb 4-1: ath9k_htc: Device endpoint numbers are not the expected ones [ 89.980995][ T5147] usb 4-1: USB disconnect, device number 4 [ 90.330166][ T5384] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 90.418000][ T5387] loop4: detected capacity change from 0 to 1024 [ 90.774335][ T5393] loop1: detected capacity change from 0 to 256 [ 90.856101][ T5393] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 90.966114][ T1047] hfsplus: b-tree write err: -5, ino 4 [ 91.034505][ T5395] loop3: detected capacity change from 0 to 512 [ 91.053236][ T5395] EXT4-fs: Ignoring removed mblk_io_submit option [ 91.412168][ T5395] EXT4-fs: Ignoring removed bh option [ 91.443882][ T5395] journal_path: Lookup failure for './file0aaaaaaaaaaaaaaaaaaaaaa' [ 91.489796][ T5395] EXT4-fs: error: could not find journal device path [ 91.896417][ T5418] loop3: detected capacity change from 0 to 512 [ 91.967364][ T5418] EXT4-fs (loop3): unable to read superblock [ 92.800842][ T5109] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 92.813034][ T5109] Bluetooth: hci0: Injecting HCI hardware error event [ 92.821922][ T5109] Bluetooth: hci0: hardware error 0x00 [ 92.918011][ T5431] loop2: detected capacity change from 0 to 1024 [ 92.950801][ T5436] loop3: detected capacity change from 0 to 256 [ 93.031425][ T5436] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 93.247244][ T5445] loop1: detected capacity change from 0 to 512 [ 93.255937][ T5445] EXT4-fs: Ignoring removed mblk_io_submit option [ 93.263486][ T5445] EXT4-fs: Ignoring removed bh option [ 93.269791][ T5445] journal_path: Lookup failure for './file0aaaaaaaaaaaaaaaaaaaaaa' [ 93.277817][ T5445] EXT4-fs: error: could not find journal device path [ 93.632474][ T1034] hfsplus: b-tree write err: -5, ino 4 [ 93.916103][ T5470] loop1: detected capacity change from 0 to 512 [ 93.964522][ T5470] EXT4-fs (loop1): unable to read superblock [ 94.938422][ T5489] loop0: detected capacity change from 0 to 256 [ 94.968345][ T5109] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 95.022298][ T5496] loop2: detected capacity change from 0 to 256 [ 95.084001][ T5489] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 95.275588][ T5502] Bluetooth: MGMT ver 1.23 [ 95.395870][ T5146] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 95.708844][ T5521] loop1: detected capacity change from 0 to 128 [ 96.007274][ T5109] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 96.016197][ T5109] Bluetooth: hci2: Injecting HCI hardware error event [ 96.075361][ T5526] loop2: detected capacity change from 0 to 128 [ 96.099055][ T5109] Bluetooth: hci2: hardware error 0x00 [ 96.820168][ T5530] loop4: detected capacity change from 0 to 512 [ 96.852318][ T5530] EXT4-fs (loop4): unable to read superblock [ 97.372224][ T5548] loop1: detected capacity change from 0 to 256 [ 97.422551][ T5556] loop3: detected capacity change from 0 to 256 [ 97.508584][ T5556] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 97.919759][ T5098] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 97.931832][ T5098] Bluetooth: hci4: Injecting HCI hardware error event [ 97.941473][ T5098] Bluetooth: hci4: hardware error 0x00 [ 98.399427][ T5109] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 98.651663][ T5581] loop1: detected capacity change from 0 to 128 [ 99.418527][ T5584] loop3: detected capacity change from 0 to 512 [ 99.465675][ T5584] EXT4-fs (loop3): unable to read superblock [ 99.500859][ T5538] loop0: detected capacity change from 0 to 32768 [ 99.542280][ T5538] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.126 (5538) [ 99.563868][ T5586] loop4: detected capacity change from 0 to 256 [ 99.686201][ T5538] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 99.715472][ T5538] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 99.749428][ T5538] BTRFS info (device loop0): using free-space-tree [ 99.999558][ T5098] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 100.093484][ T5616] loop1: detected capacity change from 0 to 256 [ 100.179472][ T5616] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 100.246717][ T5538] BTRFS error (device loop0): open_ctree failed [ 100.615980][ T5632] loop2: detected capacity change from 0 to 128 [ 100.799457][ T5098] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 100.808402][ T5098] Bluetooth: hci3: Injecting HCI hardware error event [ 100.817230][ T5109] Bluetooth: hci3: hardware error 0x00 [ 101.569668][ T5659] loop4: detected capacity change from 0 to 256 [ 101.599071][ T5633] loop0: detected capacity change from 0 to 128 [ 101.636648][ T5659] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 101.867037][ T29] audit: type=1326 audit(1719387650.738:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 101.948740][ T29] audit: type=1326 audit(1719387650.778:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 102.001517][ T5669] loop3: detected capacity change from 0 to 8 [ 102.039283][ T29] audit: type=1326 audit(1719387650.778:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 102.139556][ T29] audit: type=1326 audit(1719387650.788:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 102.208402][ T29] audit: type=1326 audit(1719387650.788:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 102.460974][ T29] audit: type=1326 audit(1719387650.788:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 103.141603][ T5109] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 103.592705][ T5687] loop2: detected capacity change from 0 to 128 [ 104.373320][ T5687] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 104.386400][ T5687] ext4 filesystem being mounted at /root/syzkaller.8vofcW/34/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 104.430104][ T29] audit: type=1326 audit(1719387650.788:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6629d6cb67 code=0x7ffc0000 [ 104.480626][ T29] audit: type=1326 audit(1719387650.788:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6629d11539 code=0x7ffc0000 [ 104.504285][ T29] audit: type=1326 audit(1719387650.788:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6629d6cb67 code=0x7ffc0000 [ 104.667520][ T29] audit: type=1326 audit(1719387650.788:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5665 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6629d11539 code=0x7ffc0000 [ 104.674780][ T5091] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 104.719865][ T8] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 104.941243][ T8] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 104.962604][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.012377][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 105.040554][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 105.075351][ T8] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 105.089301][ T8] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 105.129398][ T8] usb 4-1: Manufacturer: syz [ 105.151967][ T8] usb 4-1: config 0 descriptor?? [ 105.506275][ T5710] loop2: detected capacity change from 0 to 8 [ 105.593062][ T8] appleir 0003:05AC:8243.0001: No inputs registered, leaving [ 105.666341][ T8] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 106.382529][ T5741] capability: warning: `syz.1.197' uses 32-bit capabilities (legacy support in use) [ 106.408016][ T5741] program syz.1.197 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 106.440372][ T5746] loop4: detected capacity change from 0 to 128 [ 106.461778][ T5746] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 106.479493][ T5746] ext4 filesystem being mounted at /root/syzkaller.z4PKUi/40/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 106.902220][ T5754] loop2: detected capacity change from 0 to 128 [ 107.512260][ T5756] loop1: detected capacity change from 0 to 8 [ 107.576240][ T5096] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 107.609898][ T8] usb 4-1: reset high-speed USB device number 5 using dummy_hcd [ 107.934768][ T5762] netlink: 10 bytes leftover after parsing attributes in process `syz.4.202'. [ 108.275679][ T5776] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 108.326020][ T5778] loop4: detected capacity change from 0 to 256 [ 108.399483][ T5778] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 108.497457][ T927] usb 4-1: USB disconnect, device number 5 [ 108.545616][ T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 108.620341][ T5145] usb 1-1: new low-speed USB device number 2 using dummy_hcd [ 108.751279][ T25] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 108.786487][ T25] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 108.807751][ T25] usb 3-1: config 1 has no interface number 0 [ 108.816446][ T25] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 108.862944][ T25] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 108.884805][ T5145] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 108.902423][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.929328][ T25] usb 3-1: Product: syz [ 108.933834][ T5145] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 108.947026][ T25] usb 3-1: Manufacturer: syz [ 108.969863][ T5145] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 108.974917][ T5783] loop1: detected capacity change from 0 to 4096 [ 108.986405][ T25] usb 3-1: SerialNumber: syz [ 109.008876][ T25] usb 3-1: selecting invalid altsetting 1 [ 109.023315][ T5145] usb 1-1: string descriptor 0 read error: -22 [ 109.031826][ T5783] EXT4-fs: Ignoring removed nomblk_io_submit option [ 109.056705][ T5145] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 109.071348][ T5145] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.076720][ T5783] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.087017][ T5776] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 109.105634][ T5145] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 109.235766][ T5097] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.239382][ T1794] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 109.413369][ T25] cdc_ncm 3-1:1.1: failed GET_NTB_PARAMETERS [ 109.430764][ T25] cdc_ncm 3-1:1.1: bind() failure [ 109.460973][ T25] usb 3-1: USB disconnect, device number 3 [ 109.471534][ T1794] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 109.494301][ T1794] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.506073][ T1794] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.525711][ T1794] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 109.555825][ T1794] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 109.579368][ T1794] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 109.614036][ T1794] usb 5-1: Manufacturer: syz [ 109.636845][ T1794] usb 5-1: config 0 descriptor?? [ 109.676808][ T5773] loop3: detected capacity change from 0 to 40427 [ 109.751582][ T5773] F2FS-fs (loop3): Found nat_bits in checkpoint [ 109.915605][ T5773] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 110.090599][ T5800] netlink: 10 bytes leftover after parsing attributes in process `syz.1.218'. [ 110.101290][ T1794] appleir 0003:05AC:8243.0002: No inputs registered, leaving [ 110.126629][ T1794] appleir 0003:05AC:8243.0002: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 110.635053][ T5092] syz-executor: attempt to access beyond end of device [ 110.635053][ T5092] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 110.643275][ T29] kauditd_printk_skb: 65 callbacks suppressed [ 110.643296][ T29] audit: type=1326 audit(1719387659.508:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478ab75ae9 code=0x7ffc0000 [ 110.662651][ T5092] F2FS-fs (loop3): Remounting filesystem read-only [ 110.706081][ T5092] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 110.759533][ T29] audit: type=1326 audit(1719387659.558:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478ab75ae9 code=0x7ffc0000 [ 110.881798][ T29] audit: type=1326 audit(1719387659.558:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f478ab75ae9 code=0x7ffc0000 [ 110.908032][ T29] audit: type=1326 audit(1719387659.558:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478ab75ae9 code=0x7ffc0000 [ 110.937140][ T29] audit: type=1326 audit(1719387659.558:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478ab75ae9 code=0x7ffc0000 [ 110.988473][ T29] audit: type=1326 audit(1719387659.558:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f478ab75ae9 code=0x7ffc0000 [ 111.080428][ T29] audit: type=1326 audit(1719387659.558:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f478ab75ae9 code=0x7ffc0000 [ 111.132353][ T5823] netlink: 10 bytes leftover after parsing attributes in process `syz.2.230'. [ 111.141804][ T29] audit: type=1326 audit(1719387659.558:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f478ab6cb67 code=0x7ffc0000 [ 111.155374][ T5824] program syz.1.229 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 111.183342][ T29] audit: type=1326 audit(1719387659.568:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f478ab11539 code=0x7ffc0000 [ 111.253988][ T29] audit: type=1326 audit(1719387659.578:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5814 comm="syz.1.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f478ab75ae9 code=0x7ffc0000 [ 111.591893][ T8] usb 1-1: USB disconnect, device number 2 [ 111.810665][ T5834] loop2: detected capacity change from 0 to 128 [ 112.433781][ T8] usb 5-1: USB disconnect, device number 2 [ 114.344156][ T5860] netlink: 10 bytes leftover after parsing attributes in process `syz.1.241'. [ 114.512820][ T5862] loop4: detected capacity change from 0 to 8 [ 115.070452][ T5875] loop1: detected capacity change from 0 to 128 [ 115.799489][ T5147] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 116.025038][ T5147] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 116.093862][ T5147] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 116.104747][ T5879] evm: overlay not supported [ 116.111330][ T5147] usb 1-1: config 1 has no interface number 0 [ 116.132681][ T5147] usb 1-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 116.176727][ T5147] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 116.192818][ T5147] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.205893][ T5147] usb 1-1: Product: syz [ 116.215800][ T5881] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.233575][ T5147] usb 1-1: Manufacturer: syz [ 116.249672][ T5879] overlayfs: failed to get inode (-116) [ 116.256030][ T5879] overlayfs: failed to get inode (-116) [ 116.258902][ T5147] usb 1-1: SerialNumber: syz [ 116.294967][ T5879] overlayfs: failed to get inode (-116) [ 116.305438][ T5879] overlayfs: failed to get inode (-116) [ 116.346391][ T5147] usb 1-1: selecting invalid altsetting 1 [ 116.734945][ T5147] cdc_ncm 1-1:1.1: failed GET_NTB_PARAMETERS [ 116.789573][ T5147] cdc_ncm 1-1:1.1: bind() failure [ 116.820381][ T5147] usb 1-1: USB disconnect, device number 3 [ 117.204857][ T5902] loop1: detected capacity change from 0 to 164 [ 117.278389][ T5902] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 117.613768][ T5909] overlayfs: failed to get inode (-116) [ 117.619700][ T5909] overlayfs: failed to get inode (-116) [ 117.625696][ T5909] overlayfs: failed to get inode (-116) [ 117.631598][ T5909] overlayfs: failed to get inode (-116) [ 118.325645][ T5935] loop0: detected capacity change from 0 to 164 [ 118.398150][ T5935] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 118.415804][ T5897] loop4: detected capacity change from 0 to 32768 [ 118.464462][ T5897] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.258 (5897) [ 118.504716][ T5897] BTRFS info (device loop4): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 118.557493][ T5897] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 118.607947][ T5897] BTRFS info (device loop4): using free-space-tree [ 118.759499][ T5149] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 119.071663][ T5149] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 119.157721][ T5149] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 119.170260][ T5149] usb 2-1: config 1 has no interface number 0 [ 119.177240][ T5149] usb 2-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 119.208817][ T5149] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 119.218367][ T5149] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.253567][ T5149] usb 2-1: Product: syz [ 119.257900][ T5149] usb 2-1: Manufacturer: syz [ 119.329297][ T5149] usb 2-1: SerialNumber: syz [ 119.359789][ T5957] overlayfs: failed to get inode (-116) [ 119.374395][ T5149] usb 2-1: selecting invalid altsetting 1 [ 119.421563][ T5957] overlayfs: failed to get inode (-116) [ 119.722552][ T5096] BTRFS info (device loop4): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 119.822916][ T5149] cdc_ncm 2-1:1.1: failed GET_NTB_PARAMETERS [ 119.834655][ T5149] cdc_ncm 2-1:1.1: bind() failure [ 119.885818][ T5149] usb 2-1: USB disconnect, device number 2 [ 120.431065][ T5979] netlink: 'syz.3.288': attribute type 3 has an invalid length. [ 120.455842][ T5979] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.288'. [ 121.524146][ T5988] loop2: detected capacity change from 0 to 4096 [ 121.621532][ T5988] EXT4-fs: Ignoring removed nomblk_io_submit option [ 121.665613][ T5999] loop4: detected capacity change from 0 to 512 [ 121.682349][ T5999] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 121.695802][ T5999] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 121.725736][ T5988] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.728532][ T5999] EXT4-fs (loop4): 1 truncate cleaned up [ 121.773621][ T5999] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.805720][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 121.805740][ T29] audit: type=1800 audit(1719387670.678:114): pid=5999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.293" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 121.883246][ T5999] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.293: corrupted in-inode xattr: overlapping e_value [ 121.923370][ T5999] EXT4-fs (loop4): Remounting filesystem read-only [ 121.930655][ T5999] EXT4-fs warning (device loop4): ext4_xattr_set_entry:1766: inode #15: comm syz.4.293: unable to update i_inline_off [ 121.944741][ T5999] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 121.976407][ T5091] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.008595][ T5096] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.225037][ T6013] netlink: 'syz.0.301': attribute type 3 has an invalid length. [ 122.249882][ T6013] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.301'. [ 122.325565][ T6017] loop4: detected capacity change from 0 to 164 [ 122.362578][ T6017] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 122.587582][ T6025] loop2: detected capacity change from 0 to 2048 [ 122.608104][ T6021] ovl_get_inode: 2 callbacks suppressed [ 122.608127][ T6021] overlayfs: failed to get inode (-116) [ 122.635251][ T6021] overlayfs: failed to get inode (-116) [ 122.644535][ T6026] loop1: detected capacity change from 0 to 2048 [ 122.652734][ T6025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.681649][ T6021] overlayfs: failed to get inode (-116) [ 122.688749][ T6021] overlayfs: failed to get inode (-116) [ 122.706794][ T6026] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.710192][ T6025] EXT4-fs error (device loop2): ext4_find_extent:936: inode #2: comm syz.2.304: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 122.759585][ T5993] loop3: detected capacity change from 0 to 32768 [ 122.779730][ T6025] EXT4-fs (loop2): Remounting filesystem read-only [ 122.801216][ T5993] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.292 (5993) [ 122.905703][ T5091] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.101252][ T5993] BTRFS info (device loop3): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 123.124468][ T5993] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 123.134847][ T5993] BTRFS info (device loop3): using free-space-tree [ 123.525521][ T6036] can: request_module (can-proto-4) failed. [ 123.862393][ T5097] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.186396][ T5092] BTRFS info (device loop3): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 124.316864][ T6069] loop1: detected capacity change from 0 to 8 [ 124.667373][ T6076] loop0: detected capacity change from 0 to 164 [ 124.758795][ T6076] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 124.887261][ T6078] overlayfs: failed to get inode (-116) [ 124.941099][ T6078] overlayfs: failed to get inode (-116) [ 124.946921][ T6078] overlayfs: failed to get inode (-116) [ 124.948235][ T6084] netlink: 'syz.3.313': attribute type 3 has an invalid length. [ 124.967164][ T6084] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.313'. [ 124.971219][ T6078] overlayfs: failed to get inode (-116) [ 125.109536][ T1794] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 125.162490][ T6088] loop3: detected capacity change from 0 to 2048 [ 125.179055][ T6061] loop4: detected capacity change from 0 to 40427 [ 125.265458][ T6061] F2FS-fs (loop4): Found nat_bits in checkpoint [ 125.289065][ T6088] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.563693][ T1794] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 125.579049][ T1794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.590819][ T1794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 125.591287][ T6061] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 125.600697][ T1794] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 125.608697][ T1794] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 125.631015][ T1794] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 125.639276][ T1794] usb 3-1: Manufacturer: syz [ 125.660278][ T1794] usb 3-1: config 0 descriptor?? [ 126.134142][ T6104] can: request_module (can-proto-4) failed. [ 126.388384][ T5092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.434470][ T1794] appleir 0003:05AC:8243.0003: No inputs registered, leaving [ 126.483518][ T1794] appleir 0003:05AC:8243.0003: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 126.523390][ T5096] syz-executor: attempt to access beyond end of device [ 126.523390][ T5096] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 126.579517][ T5096] F2FS-fs (loop4): Remounting filesystem read-only [ 126.586140][ T5096] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 126.784997][ T6111] loop1: detected capacity change from 0 to 8 [ 127.026673][ T6101] loop0: detected capacity change from 0 to 32768 [ 127.076967][ T6101] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.323 (6101) [ 127.155440][ T6121] netlink: 'syz.3.330': attribute type 3 has an invalid length. [ 127.172362][ T6101] BTRFS info (device loop0): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 127.184220][ T6101] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 127.188951][ T6121] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.330'. [ 127.194078][ T6101] BTRFS info (device loop0): using free-space-tree [ 127.667149][ T5090] BTRFS info (device loop0): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 127.884006][ T1794] usb 3-1: USB disconnect, device number 4 [ 128.215745][ T6156] loop0: detected capacity change from 0 to 64 [ 129.792855][ T6168] loop0: detected capacity change from 0 to 512 [ 129.821685][ T6168] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 129.860037][ T5149] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 129.884119][ T6168] EXT4-fs (loop0): 1 truncate cleaned up [ 129.894742][ T6168] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.915059][ T6169] loop2: detected capacity change from 0 to 8 [ 129.935616][ T6173] netlink: 'syz.4.342': attribute type 3 has an invalid length. [ 129.946646][ T6173] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.342'. [ 129.951764][ T29] audit: type=1800 audit(1719387678.818:115): pid=6168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.341" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 130.050387][ T6168] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #15: comm syz.0.341: corrupted in-inode xattr: overlapping e_value [ 130.096268][ T5149] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 130.131172][ T6168] EXT4-fs (loop0): Remounting filesystem read-only [ 130.143928][ T5149] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 130.153258][ T6168] EXT4-fs warning (device loop0): ext4_xattr_set_entry:1766: inode #15: comm syz.0.341: unable to update i_inline_off [ 130.175457][ T5149] usb 4-1: config 1 has no interface number 0 [ 130.198701][ T5149] usb 4-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 130.261362][ T5090] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.266906][ T5149] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 130.291639][ T5149] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.330892][ T5149] usb 4-1: Product: syz [ 130.346030][ T5149] usb 4-1: Manufacturer: syz [ 130.359163][ T5149] usb 4-1: SerialNumber: syz [ 130.394780][ T5149] usb 4-1: selecting invalid altsetting 1 [ 130.464897][ T6180] loop2: detected capacity change from 0 to 1024 [ 130.684731][ T6180] hfsplus: bad catalog entry type [ 130.792419][ T4418] hfsplus: b-tree write err: -5, ino 4 [ 130.815882][ T5149] cdc_ncm 4-1:1.1: failed GET_NTB_PARAMETERS [ 130.835938][ T5149] cdc_ncm 4-1:1.1: bind() failure [ 130.898365][ T5149] usb 4-1: USB disconnect, device number 6 [ 131.386109][ T6199] loop2: detected capacity change from 0 to 128 [ 131.419702][ T6199] qnx4: no qnx4 filesystem (no root dir). [ 131.450883][ T6183] loop0: detected capacity change from 0 to 32768 [ 131.468537][ T6183] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.346 (6183) [ 131.531225][ T6183] BTRFS info (device loop0): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 131.569882][ T6183] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 131.611735][ T6183] BTRFS info (device loop0): using free-space-tree [ 131.781320][ T6214] loop3: detected capacity change from 0 to 512 [ 131.888998][ T6214] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 131.934185][ T6214] EXT4-fs (loop3): 1 truncate cleaned up [ 131.948245][ T6214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.014273][ T6231] loop1: detected capacity change from 0 to 256 [ 132.062562][ T29] audit: type=1800 audit(1719387680.938:116): pid=6214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.356" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 132.093190][ T6214] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #15: comm syz.3.356: corrupted in-inode xattr: overlapping e_value [ 132.134093][ T5090] BTRFS info (device loop0): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 132.162681][ T6214] EXT4-fs (loop3): Remounting filesystem read-only [ 132.177454][ T6214] EXT4-fs warning (device loop3): ext4_xattr_set_entry:1766: inode #15: comm syz.3.356: unable to update i_inline_off [ 132.310310][ T5098] Bluetooth: hci5: sending frame failed (-49) [ 132.322356][ T5109] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 132.366715][ T5092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.465415][ T6230] mmap: syz.1.360 (6230): VmData 28078080 exceed data ulimit 214. Update limits or use boot option ignore_rlimit_data. [ 132.636944][ T6236] input: syz0 as /devices/virtual/input/input5 [ 133.205245][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.215546][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.561756][ T6260] netlink: 4 bytes leftover after parsing attributes in process `syz.4.369'. [ 133.726134][ T6271] loop0: detected capacity change from 0 to 128 [ 133.756645][ T6271] qnx4: no qnx4 filesystem (no root dir). [ 133.804565][ T6273] loop2: detected capacity change from 0 to 8 [ 133.893720][ T6277] loop3: detected capacity change from 0 to 256 [ 133.979330][ T5149] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 134.183388][ T5232] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 134.203490][ T5149] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 134.221376][ T5149] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.967503][ T6287] input: syz0 as /devices/virtual/input/input6 [ 135.134399][ T5149] usb 2-1: config 0 descriptor?? [ 135.400755][ T5149] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 135.419732][ T5149] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 135.505204][ T5149] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 135.538162][ T5149] [drm] Initialized udl on minor 2 [ 135.598321][ T6306] netlink: 4 bytes leftover after parsing attributes in process `syz.0.386'. [ 135.642472][ T5149] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 135.692240][ T5149] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 135.721566][ T5149] usb 2-1: USB disconnect, device number 3 [ 135.728178][ T5147] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 135.756196][ T5147] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 135.770622][ T6315] loop3: detected capacity change from 0 to 256 [ 135.840858][ T6310] loop4: detected capacity change from 0 to 2048 [ 135.864372][ T6310] udf: Bad value for 'anchor' [ 136.306255][ T6312] debugfs: Bad value for 'mode' [ 136.461939][ T6327] input: syz0 as /devices/virtual/input/input7 [ 136.797760][ T6334] loop2: detected capacity change from 0 to 512 [ 136.843394][ T6334] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 136.908080][ T6334] EXT4-fs (loop2): 1 truncate cleaned up [ 136.923419][ T6334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.047572][ T5147] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 137.068598][ T6334] EXT4-fs warning (device loop2): __ext4fs_dirhash:270: inode #2: comm syz.2.397: Siphash requires key [ 137.111754][ T6345] EXT4-fs warning (device loop2): dx_probe:844: inode #2: comm syz.2.397: Hash code is SIPHASH, but hash not in dirent [ 137.163026][ T6349] input: syz1 as /devices/virtual/input/input8 [ 137.170664][ T6345] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.397: Corrupt directory, running e2fsck is recommended [ 137.185178][ T6348] netlink: 4 bytes leftover after parsing attributes in process `syz.0.402'. [ 137.262330][ T5147] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 137.270321][ T5091] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.305889][ T5147] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.345433][ T5147] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.374877][ T5147] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 137.437610][ T5147] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 137.457041][ T6356] loop3: detected capacity change from 0 to 256 [ 137.695531][ T6353] loop1: detected capacity change from 0 to 2048 [ 137.713223][ T5147] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 137.721562][ T5147] usb 5-1: Manufacturer: syz [ 137.730224][ T5147] usb 5-1: config 0 descriptor?? [ 137.745169][ T6353] udf: Bad value for 'anchor' [ 137.759821][ T1794] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 137.835448][ T5146] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 138.190527][ T6353] debugfs: Bad value for 'mode' [ 138.203502][ T5147] appleir 0003:05AC:8243.0004: No inputs registered, leaving [ 138.223529][ T6365] syz.2.408 uses old SIOCAX25GETINFO [ 138.267304][ T5147] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 138.286816][ T6365] netlink: 328 bytes leftover after parsing attributes in process `syz.2.408'. [ 138.435508][ T1794] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 138.448013][ T1794] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.459417][ T1794] usb 1-1: config 0 descriptor?? [ 138.685996][ T1794] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 138.706684][ T1794] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 138.949306][ T1794] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 138.960033][ T1794] [drm] Initialized udl on minor 2 [ 139.499470][ T1794] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 139.654980][ T1794] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 139.685168][ T25] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 139.751483][ T25] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 139.769327][ T1794] usb 1-1: USB disconnect, device number 4 [ 139.852219][ T25] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 139.907985][ T6389] loop2: detected capacity change from 0 to 512 [ 139.960717][ T6389] EXT4-fs: Ignoring removed nobh option [ 140.064920][ T6389] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.077877][ T5149] usb 5-1: reset high-speed USB device number 3 using dummy_hcd [ 140.121751][ T6389] ext4 filesystem being mounted at /root/syzkaller.8vofcW/81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.202723][ T6389] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz.2.416: path /root/syzkaller.8vofcW/81/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0 [ 140.257103][ T29] audit: type=1800 audit(1719387689.128:117): pid=6398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.417" name="bus" dev="sda1" ino=1957 res=0 errno=0 [ 140.322804][ T6389] EXT4-fs (loop2): Remounting filesystem read-only [ 140.355066][ T5091] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 140.764459][ T6406] ip6tnl1: entered promiscuous mode [ 140.789470][ T6406] ip6tnl1: entered allmulticast mode [ 140.860110][ T6407] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 140.931841][ T5147] usb 5-1: USB disconnect, device number 3 [ 140.938483][ T61] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 141.037203][ T6387] loop3: detected capacity change from 0 to 32768 [ 141.074653][ T6387] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.415 (6387) [ 141.247035][ T6387] BTRFS info (device loop3): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 141.277948][ T6387] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 141.327470][ T6387] BTRFS info (device loop3): using free-space-tree [ 141.702235][ T6404] loop2: detected capacity change from 0 to 32768 [ 141.740723][ T6404] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.419 (6404) [ 141.847294][ T5092] BTRFS info (device loop3): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 141.857724][ T6404] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 141.857829][ T6404] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 141.878978][ T6439] raw_sendmsg: syz.1.427 forgot to set AF_INET. Fix it! [ 141.959311][ T6404] BTRFS info (device loop2): using free-space-tree [ 142.143771][ T6462] loop1: detected capacity change from 0 to 128 [ 142.155183][ T6462] qnx4: no qnx4 filesystem (no root dir). [ 142.175555][ T6459] loop0: detected capacity change from 0 to 2048 [ 142.315254][ T6459] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.557389][ T6472] loop4: detected capacity change from 0 to 256 [ 142.638382][ T6472] ======================================================= [ 142.638382][ T6472] WARNING: The mand mount option has been deprecated and [ 142.638382][ T6472] and is ignored by this kernel. Remove the mand [ 142.638382][ T6472] option from the mount to silence this warning. [ 142.638382][ T6472] ======================================================= [ 143.138779][ T6478] can: request_module (can-proto-4) failed. [ 143.244153][ T5091] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 143.516673][ T5090] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.657838][ T6486] loop4: detected capacity change from 0 to 1024 [ 143.901991][ T12] hfsplus: b-tree write err: -5, ino 4 [ 144.639429][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 145.148162][ T29] audit: type=1326 audit(1719387693.288:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.200199][ T6517] loop1: detected capacity change from 0 to 256 [ 145.235112][ T6517] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x16b5df41, utbl_chksum : 0xe619d30d) [ 145.279987][ T29] audit: type=1326 audit(1719387693.288:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.356325][ T29] audit: type=1326 audit(1719387693.288:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.432616][ T29] audit: type=1326 audit(1719387693.288:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.536963][ T29] audit: type=1326 audit(1719387693.288:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.632357][ T29] audit: type=1326 audit(1719387693.288:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.668785][ T29] audit: type=1326 audit(1719387693.288:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.734091][ T29] audit: type=1326 audit(1719387693.288:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.819299][ T29] audit: type=1326 audit(1719387693.288:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 145.931568][ T29] audit: type=1326 audit(1719387693.288:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 146.035144][ T29] audit: type=1326 audit(1719387693.288:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6508 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f405ed75ae9 code=0x7ffc0000 [ 146.047868][ T6539] ip6tnl1: entered promiscuous mode [ 146.111554][ T6546] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 146.113075][ T6539] ip6tnl1: entered allmulticast mode [ 146.170001][ T4418] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 146.218049][ T6548] loop3: detected capacity change from 0 to 512 [ 146.274234][ T6548] EXT4-fs: Ignoring removed nobh option [ 146.377556][ T6548] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.477077][ T6548] ext4 filesystem being mounted at /root/syzkaller.nxBWyC/84/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.512781][ T6548] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz.3.463: path /root/syzkaller.nxBWyC/84/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0 [ 146.517826][ T6551] loop0: detected capacity change from 0 to 256 [ 146.588886][ T6548] EXT4-fs (loop3): Remounting filesystem read-only [ 146.721071][ T5092] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 146.915280][ T6570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.470'. [ 147.178495][ T6578] loop1: detected capacity change from 0 to 512 [ 147.219123][ T6578] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent [ 147.439927][ T6582] netlink: 44 bytes leftover after parsing attributes in process `syz.2.465'. [ 147.598863][ T6582] netlink: 43 bytes leftover after parsing attributes in process `syz.2.465'. [ 147.608953][ T6582] netlink: 'syz.2.465': attribute type 5 has an invalid length. [ 147.629281][ T6582] netlink: 43 bytes leftover after parsing attributes in process `syz.2.465'. [ 148.685502][ T6595] libceph: resolve '400' (ret=-3): failed [ 148.826160][ T6599] loop3: detected capacity change from 0 to 512 [ 148.880909][ T6599] EXT4-fs: Ignoring removed nobh option [ 148.907655][ T6599] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.934067][ T6599] ext4 filesystem being mounted at /root/syzkaller.nxBWyC/89/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 149.003295][ T6599] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz.3.480: path /root/syzkaller.nxBWyC/89/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0 [ 149.052341][ T6592] debugfs: Directory '!U' with parent 'ieee80211' already present! [ 149.106757][ T6599] EXT4-fs (loop3): Remounting filesystem read-only [ 149.152033][ T5092] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 149.186512][ T6604] ip6tnl1: entered promiscuous mode [ 149.195686][ T6604] ip6tnl1: entered allmulticast mode [ 149.335907][ T6611] loop3: detected capacity change from 0 to 1024 [ 149.380077][ T52] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 149.559957][ T12] hfsplus: b-tree write err: -5, ino 4 [ 150.159814][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 150.775940][ T6613] loop4: detected capacity change from 0 to 32768 [ 150.809663][ T6641] libceph: resolve '400' (ret=-3): failed [ 150.839388][ T6613] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.482 (6613) [ 150.923072][ T6613] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 150.969320][ T6613] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 150.982771][ T6613] BTRFS info (device loop4): using free-space-tree [ 151.025506][ T6649] loop0: detected capacity change from 0 to 256 [ 151.104850][ T29] kauditd_printk_skb: 55 callbacks suppressed [ 151.116347][ T29] audit: type=1326 audit(1719387699.953:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm="syz.2.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 151.900083][ T29] audit: type=1326 audit(1719387699.953:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm="syz.2.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 151.945946][ T6649] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x16b5df41, utbl_chksum : 0xe619d30d) [ 152.016632][ T29] audit: type=1326 audit(1719387699.953:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm="syz.2.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 152.249371][ T29] audit: type=1326 audit(1719387699.953:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 152.369376][ T29] audit: type=1326 audit(1719387699.953:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 152.393524][ T29] audit: type=1326 audit(1719387699.953:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 152.417615][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 152.439999][ T5096] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 152.514730][ T29] audit: type=1326 audit(1719387699.953:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 152.682545][ T29] audit: type=1326 audit(1719387699.953:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 152.864454][ T29] audit: type=1326 audit(1719387699.953:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 153.021532][ T29] audit: type=1326 audit(1719387699.953:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6643 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6629d75ae9 code=0x7ffc0000 [ 153.369415][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 153.380600][ T6683] mmap: syz.0.504 (6683) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 155.071758][ T6704] input: syz1 as /devices/virtual/input/input9 [ 155.668366][ T6709] loop4: detected capacity change from 0 to 512 [ 155.732111][ T6709] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent [ 155.873341][ T6694] loop0: detected capacity change from 0 to 32768 [ 156.010389][ T6694] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 156.023365][ T6696] sched: RT throttling activated [ 156.415242][ T6694] XFS (loop0): Ending clean mount [ 156.919378][ T25] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 156.990911][ T5090] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 157.021237][ T29] kauditd_printk_skb: 57 callbacks suppressed [ 157.021258][ T29] audit: type=1800 audit(1719387705.893:251): pid=6730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.519" name="file1" dev="sda1" ino=1962 res=0 errno=0 [ 157.179666][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 157.209542][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 157.246402][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 157.276076][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 157.323968][ T6735] loop2: detected capacity change from 0 to 2048 [ 157.328218][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.402372][ T25] usb 2-1: config 0 descriptor?? [ 157.421608][ T25] usb 2-1: can't set config #0, error -71 [ 157.446223][ T6735] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.452035][ T25] usb 2-1: USB disconnect, device number 4 [ 157.517990][ T6741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.524'. [ 158.159406][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 158.301022][ T6746] can: request_module (can-proto-4) failed. [ 158.463122][ T6753] loop4: detected capacity change from 0 to 128 [ 158.643999][ T5091] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.648795][ T29] audit: type=1800 audit(1719387709.443:252): pid=6755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.526" name="bus" dev="sda1" ino=1972 res=0 errno=0 [ 161.213929][ T29] audit: type=1800 audit(1719387710.073:253): pid=6770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.532" name="file1" dev="sda1" ino=1960 res=0 errno=0 [ 161.359448][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 161.675558][ T6781] debugfs: Directory '!U' with parent 'ieee80211' already present! [ 163.017692][ T6792] netlink: 'syz.0.537': attribute type 1 has an invalid length. [ 164.747237][ T6807] loop4: detected capacity change from 0 to 1024 [ 164.763619][ T29] audit: type=1800 audit(1719387713.633:254): pid=6809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.545" name="file1" dev="sda1" ino=1954 res=0 errno=0 [ 164.844674][ T6807] hfsplus: filesystem is marked journaled, leaving read-only. [ 164.852461][ T6813] netlink: 'syz.1.547': attribute type 29 has an invalid length. [ 164.889697][ T6813] netlink: 'syz.1.547': attribute type 29 has an invalid length. [ 164.939706][ T6815] netlink: 'syz.1.547': attribute type 29 has an invalid length. [ 166.412787][ T6831] loop0: detected capacity change from 0 to 128 [ 166.878487][ T6841] sysfs: cannot create duplicate filename '/class/ieee80211/!U' [ 166.888416][ T6841] CPU: 1 UID: 0 PID: 6841 Comm: syz.0.556 Not tainted 6.10.0-rc5-next-20240624-syzkaller #0 [ 166.898661][ T6841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 166.908857][ T6841] Call Trace: [ 166.912157][ T6841] [ 166.915376][ T6841] dump_stack_lvl+0x241/0x360 [ 166.920287][ T6841] ? __pfx_dump_stack_lvl+0x10/0x10 [ 166.925736][ T6841] ? __pfx__printk+0x10/0x10 [ 166.930462][ T6841] ? sysfs_warn_dup+0x51/0xa0 [ 166.935194][ T6841] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 166.940781][ T6841] sysfs_warn_dup+0x8e/0xa0 [ 166.945429][ T6841] sysfs_do_create_link_sd+0xbe/0x110 [ 166.951545][ T6841] device_add_class_symlinks+0x1c5/0x250 [ 166.957307][ T6841] device_add+0x553/0xbf0 [ 166.961665][ T6841] ? rtnl_lock+0xe7/0x130 [ 166.966019][ T6841] wiphy_register+0x1d3f/0x2b30 [ 166.971049][ T6841] ? __pfx_wiphy_register+0x10/0x10 [ 166.976369][ T6841] ? minstrel_ht_alloc+0x72b/0x860 [ 166.981562][ T6841] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 166.988205][ T6841] ieee80211_register_hw+0x3098/0x3d80 [ 166.993822][ T6841] ? ieee80211_register_hw+0x10d1/0x3d80 [ 166.999484][ T6841] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 167.005313][ T6841] ? debug_init+0x9f/0x230 [ 167.009805][ T6841] ? __asan_memset+0x23/0x50 [ 167.014554][ T6841] ? __hrtimer_init+0x170/0x250 [ 167.019458][ T6841] mac80211_hwsim_new_radio+0x2597/0x44d0 [ 167.025310][ T6841] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 167.031410][ T6841] ? kmalloc_node_track_caller_noprof+0x242/0x440 [ 167.037948][ T6841] ? kstrndup+0x5c/0xb0 [ 167.042142][ T6841] ? __asan_memcpy+0x40/0x70 [ 167.046849][ T6841] hwsim_new_radio_nl+0xe4c/0x21d0 [ 167.052009][ T6841] ? __pfx___nla_validate_parse+0x10/0x10 [ 167.057857][ T6841] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 167.063565][ T6841] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 167.070181][ T6841] genl_rcv_msg+0xb14/0xec0 [ 167.075513][ T6841] ? mark_lock+0x9a/0x360 [ 167.079963][ T6841] ? __pfx_genl_rcv_msg+0x10/0x10 [ 167.085173][ T6841] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 167.091116][ T6841] ? __pfx_lock_acquire+0x10/0x10 [ 167.096531][ T6841] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 167.102271][ T6841] ? __pfx___might_resched+0x10/0x10 [ 167.107813][ T6841] netlink_rcv_skb+0x1e3/0x430 [ 167.112625][ T6841] ? __pfx_genl_rcv_msg+0x10/0x10 [ 167.119010][ T6841] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 167.124349][ T6841] ? __netlink_deliver_tap+0x77e/0x7c0 [ 167.130086][ T6841] genl_rcv+0x28/0x40 [ 167.134266][ T6841] netlink_unicast+0x7f0/0x990 [ 167.139072][ T6841] ? __pfx_netlink_unicast+0x10/0x10 [ 167.144362][ T6841] ? __virt_addr_valid+0x183/0x520 [ 167.149609][ T6841] ? __check_object_size+0x49c/0x900 [ 167.154916][ T6841] ? bpf_lsm_netlink_send+0x9/0x10 [ 167.160151][ T6841] netlink_sendmsg+0x8e4/0xcb0 [ 167.165245][ T6841] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.170597][ T6841] ? __import_iovec+0x536/0x820 [ 167.175781][ T6841] ? aa_sock_msg_perm+0x91/0x160 [ 167.180838][ T6841] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 167.186241][ T6841] ? security_socket_sendmsg+0x87/0xb0 [ 167.191864][ T6841] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.197268][ T6841] __sock_sendmsg+0x221/0x270 [ 167.202107][ T6841] ____sys_sendmsg+0x525/0x7d0 [ 167.209433][ T6841] ? __pfx_____sys_sendmsg+0x10/0x10 [ 167.214803][ T6841] __sys_sendmsg+0x2b0/0x3a0 [ 167.220431][ T6841] ? __pfx___sys_sendmsg+0x10/0x10 [ 167.229051][ T6841] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 167.236208][ T6841] ? do_syscall_64+0x100/0x230 [ 167.241006][ T6841] ? do_syscall_64+0xb6/0x230 [ 167.245778][ T6841] do_syscall_64+0xf3/0x230 [ 167.250797][ T6841] ? clear_bhb_loop+0x35/0x90 [ 167.255616][ T6841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.261673][ T6841] RIP: 0033:0x7faab4975ae9 [ 167.266334][ T6841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.286790][ T6841] RSP: 002b:00007faab5769048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 167.295326][ T6841] RAX: ffffffffffffffda RBX: 00007faab4b04070 RCX: 00007faab4975ae9 [ 167.303466][ T6841] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006 [ 167.311745][ T6841] RBP: 00007faab49f6746 R08: 0000000000000000 R09: 0000000000000000 [ 167.319854][ T6841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.327969][ T6841] R13: 000000000000006e R14: 00007faab4b04070 R15: 00007ffd872282d8 [ 167.336084][ T6841] [ 167.340546][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 167.429689][ T5149] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 167.711017][ T5149] usb 3-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 167.737122][ T5149] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.817575][ T5149] usb 3-1: config 0 descriptor?? [ 167.987267][ T6850] loop3: detected capacity change from 0 to 1024 [ 168.159797][ T6860] capability: warning: `syz.0.561' uses deprecated v2 capabilities in a way that may be insecure [ 168.201090][ T29] audit: type=1326 audit(1719387717.073:255): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.561" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faab4975ae9 code=0x0 [ 168.296294][ T6850] hfsplus: filesystem is marked journaled, leaving read-only. [ 168.385446][ T5149] gs_usb 3-1:0.0: Configuring for 1 interfaces [ 168.461003][ T6863] loop4: detected capacity change from 0 to 2048 [ 168.521189][ T6863] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.411914][ T5149] gs_usb 3-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 171.200974][ T5149] gs_usb 3-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 171.226439][ T6858] can: request_module (can-proto-5) failed. [ 171.490470][ T6869] can: request_module (can-proto-4) failed. [ 171.730373][ T5149] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -22 [ 171.766958][ T5096] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.830683][ T5149] usb 3-1: USB disconnect, device number 5 [ 172.338847][ T6891] debugfs: Directory '!U' with parent 'ieee80211' already present! [ 172.383011][ T5145] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 172.611694][ T5145] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 172.693669][ T5145] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.742426][ T5145] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 172.780830][ T5145] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 172.856385][ T6893] netlink: 44 bytes leftover after parsing attributes in process `syz.2.571'. [ 172.887667][ T5145] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 172.937868][ T5145] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 172.968584][ T6893] netlink: 43 bytes leftover after parsing attributes in process `syz.2.571'. [ 172.989351][ T5145] usb 1-1: Manufacturer: syz [ 173.026557][ T5145] usb 1-1: config 0 descriptor?? [ 173.116059][ T6893] netlink: 'syz.2.571': attribute type 5 has an invalid length. [ 173.201889][ T6908] loop1: detected capacity change from 0 to 764 [ 173.209848][ T6893] netlink: 43 bytes leftover after parsing attributes in process `syz.2.571'. [ 173.232543][ T6908] iso9660: Unknown parameter '017777777777777777777770xffffffffffffffff' [ 173.330394][ T6890] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 173.339479][ T25] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 173.519421][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 173.657038][ T5145] appleir 0003:05AC:8243.0005: No inputs registered, leaving [ 173.681792][ T5145] appleir 0003:05AC:8243.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 173.758169][ T25] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 173.822779][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.355097][ T25] usb 4-1: config 0 descriptor?? [ 174.499700][ T29] audit: type=1326 audit(1719387723.353:256): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=6912 comm="syz.1.579" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f478ab75ae9 code=0x0 [ 174.642324][ T6920] netlink: 20 bytes leftover after parsing attributes in process `syz.4.580'. [ 174.669800][ T6920] netlink: 20 bytes leftover after parsing attributes in process `syz.4.580'. [ 174.823291][ T25] gs_usb 4-1:0.0: Configuring for 1 interfaces [ 174.976147][ T6930] netlink: 'syz.2.584': attribute type 29 has an invalid length. [ 175.015703][ T6930] netlink: 'syz.2.584': attribute type 29 has an invalid length. [ 175.039402][ T6931] netlink: 'syz.2.584': attribute type 29 has an invalid length. [ 175.157934][ T6916] can: request_module (can-proto-5) failed. [ 175.233132][ T25] gs_usb 4-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 175.250163][ T25] gs_usb 4-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 175.289591][ T25] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -22 [ 175.376345][ T25] usb 4-1: USB disconnect, device number 7 [ 175.475510][ T5147] usb 1-1: USB disconnect, device number 5 [ 176.079435][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 196.559371][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 202.959476][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 204.886807][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 261.199352][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 266.319356][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 280.569150][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 280.569171][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P6940/1:b..l [ 280.569212][ C1] rcu: (detected by 1, t=10502 jiffies, g=19473, q=395 ncpus=2) [ 280.569230][ C1] task:modprobe state:R running task stack:24624 pid:6940 tgid:6940 ppid:61 flags:0x00000002 [ 280.569263][ C1] Call Trace: [ 280.569269][ C1] [ 280.569280][ C1] __schedule+0x17e8/0x4a20 [ 280.569306][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 280.569343][ C1] ? __pfx___schedule+0x10/0x10 [ 280.569366][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 280.569394][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 280.569417][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 280.569437][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 280.569468][ C1] irqentry_exit+0x5e/0x90 [ 280.569482][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 280.569507][ C1] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x35/0x90 [ 280.569533][ C1] Code: 14 25 c0 d5 03 00 65 8b 05 b0 5e 70 7e a9 00 01 ff 00 74 10 a9 00 01 00 00 74 5b 83 ba 1c 16 00 00 00 74 52 8b 82 f8 15 00 00 <83> f8 03 75 47 48 8b 8a 00 16 00 00 44 8b 8a fc 15 00 00 49 c1 e1 [ 280.569546][ C1] RSP: 0018:ffffc900044c76f8 EFLAGS: 00000246 [ 280.569560][ C1] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffff888025b59e00 [ 280.569570][ C1] RDX: ffff888025b59e00 RSI: 0000000000000000 RDI: 0000000000000000 [ 280.569580][ C1] RBP: ffffc900044c78b0 R08: ffffffff84712e5f R09: 1ffffffff25fc8e8 [ 280.569591][ C1] R10: dffffc0000000000 R11: fffffbfff25fc8e9 R12: ffffffff8e9e5920 [ 280.569601][ C1] R13: 0000000000000003 R14: 0000000000000002 R15: 0000000000000004 [ 280.569616][ C1] ? ima_match_policy+0x4ff/0x22f0 [ 280.569641][ C1] ima_match_policy+0x4ff/0x22f0 [ 280.569676][ C1] ? ima_match_policy+0x115/0x22f0 [ 280.569693][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 280.569713][ C1] ? __pfx_ima_match_policy+0x10/0x10 [ 280.569731][ C1] ? up_write+0x1a9/0x590 [ 280.569750][ C1] ima_get_action+0x75/0xb0 [ 280.569773][ C1] process_measurement+0x365/0x1fb0 [ 280.569807][ C1] ? __pfx_process_measurement+0x10/0x10 [ 280.569823][ C1] ? aa_file_perm+0x137/0xf60 [ 280.569839][ C1] ? mmap_region+0x1a61/0x2090 [ 280.569860][ C1] ? __pfx_lock_release+0x10/0x10 [ 280.569904][ C1] ? __pfx_aa_file_perm+0x10/0x10 [ 280.569927][ C1] ? __lock_acquire+0x1359/0x2000 [ 280.569949][ C1] ? apparmor_current_getsecid_subj+0xde/0x1b0 [ 280.569963][ C1] ? end_current_label_crit_section+0x14e/0x180 [ 280.569982][ C1] ima_file_mmap+0x1f4/0x2b0 [ 280.570001][ C1] ? __pfx_ima_file_mmap+0x10/0x10 [ 280.570018][ C1] ? common_file_perm+0x1a6/0x210 [ 280.570035][ C1] ? __pfx_ima_file_mmap+0x10/0x10 [ 280.570050][ C1] security_mmap_file+0x145/0x1a0 [ 280.570079][ C1] vm_mmap_pgoff+0x141/0x3d0 [ 280.570107][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 280.570129][ C1] ? __fget_files+0x29/0x470 [ 280.570149][ C1] ? __fget_files+0x3f6/0x470 [ 280.570176][ C1] ksys_mmap_pgoff+0x4f1/0x720 [ 280.570198][ C1] ? __x64_sys_mmap+0x7f/0x140 [ 280.570224][ C1] do_syscall_64+0xf3/0x230 [ 280.570241][ C1] ? clear_bhb_loop+0x35/0x90 [ 280.570261][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.570279][ C1] RIP: 0033:0x7f8d20cabb74 [ 280.570298][ C1] RSP: 002b:00007ffe76138c38 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 280.570311][ C1] RAX: ffffffffffffffda RBX: 00007ffe76138c78 RCX: 00007f8d20cabb74 [ 280.570322][ C1] RDX: 0000000000000005 RSI: 0000000000123000 RDI: 00007f8d20a3c000 [ 280.570332][ C1] RBP: 00007ffe761393d0 R08: 0000000000000000 R09: 0000000000028000 [ 280.570341][ C1] R10: 0000000000000812 R11: 0000000000000246 R12: 00007f8d20c885c0 [ 280.570350][ C1] R13: 00007ffe76139458 R14: 0000000000027f38 R15: 0000000000000000 [ 280.570372][ C1] [ 280.938117][ C1] rcu: rcu_preempt kthread starved for 10535 jiffies! g19473 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 280.938137][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 280.938144][ C1] rcu: RCU grace-period kthread stack dump: [ 280.938149][ C1] task:rcu_preempt state:R running task stack:24464 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 280.938179][ C1] Call Trace: [ 280.938185][ C1] [ 280.938195][ C1] __schedule+0x17e8/0x4a20 [ 280.938236][ C1] ? __pfx___schedule+0x10/0x10 [ 280.938258][ C1] ? __pfx_lock_release+0x10/0x10 [ 280.938277][ C1] ? __asan_memset+0x23/0x50 [ 280.938305][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 280.938325][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 280.938346][ C1] ? schedule+0x90/0x320 [ 280.938364][ C1] schedule+0x14b/0x320 [ 280.938385][ C1] schedule_timeout+0x1be/0x310 [ 280.938402][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 280.938420][ C1] ? __pfx_process_timeout+0x10/0x10 [ 280.938447][ C1] ? prepare_to_swait_event+0x32e/0x350 [ 280.938470][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 280.938490][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 280.938516][ C1] ? rcu_gp_init+0x1256/0x1630 [ 280.938539][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 280.938558][ C1] ? __pfx_dyntick_save_progress_counter+0x10/0x10 [ 280.938579][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 280.938598][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 280.938622][ C1] ? finish_swait+0xd4/0x1e0 [ 280.938642][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 280.938663][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 280.938681][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 280.938703][ C1] ? __kthread_parkme+0x169/0x1d0 [ 280.938726][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 280.938746][ C1] kthread+0x2f0/0x390 [ 280.938766][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 280.938785][ C1] ? __pfx_kthread+0x10/0x10 [ 280.938806][ C1] ret_from_fork+0x4b/0x80 [ 280.938826][ C1] ? __pfx_kthread+0x10/0x10 [ 280.938847][ C1] ret_from_fork_asm+0x1a/0x30 [ 280.938897][ C1] [ 280.938903][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 280.938923][ C1] Sending NMI from CPU 1 to CPUs 0: [ 280.938967][ C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30