last executing test programs: 2m48.191428776s ago: executing program 0 (id=53): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000002d4cd000181100e65ec10000000000000000764c46105cead71318b5eeb69e56ceb19290b9438cbf476b3866320f5ec86ae4db7643674692ddac424f00ba0e70e8d66873463de70766c070b482fc7bb16fd8f47c4cdfe615ded1559b779ea4cc40a29206c1d0de616d9e5c9ed0199d148a5613141dd011a20b4519137cabc8a5465d36d33ff27dce4cf6d1c0cc84ab896f22c8a87151994ad617458c6c96467cd8767ad64d95ad3db0036767893b8cb38e0b49ad90083e3d427c8795244b34e367b7294a97d475d0bd59d9f1f250916473cf053c11e0e4b100d36c028a1b1bbcf855dc5492422b97ef0a0f1aed669d1790d8cfb114e4752a38f28fb3a9fb1fdf09d6aba49aad03e1952ce50dffc33ac464883519803dfb8ae7ee7d01180985921e87d416a16f75c00735360e94a15573f2e7b7dca6b08f0339cbfb01a2674dc25cdcf44c5a40a7b84cea1920ad5218473532664abb538cfbd7f03bcc40f86a55c107d88e801366c0444df4498106a42001a02638be467fe6d31b169f246060a63d568caa7149b163dbc6e425a4eb85867a46b0540000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008400000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r4 = openat$cgroup_devices(r3, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000200)={r6}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x1, r5, 0x6}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2m21.81295034s ago: executing program 0 (id=53): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000002d4cd000181100e65ec10000000000000000764c46105cead71318b5eeb69e56ceb19290b9438cbf476b3866320f5ec86ae4db7643674692ddac424f00ba0e70e8d66873463de70766c070b482fc7bb16fd8f47c4cdfe615ded1559b779ea4cc40a29206c1d0de616d9e5c9ed0199d148a5613141dd011a20b4519137cabc8a5465d36d33ff27dce4cf6d1c0cc84ab896f22c8a87151994ad617458c6c96467cd8767ad64d95ad3db0036767893b8cb38e0b49ad90083e3d427c8795244b34e367b7294a97d475d0bd59d9f1f250916473cf053c11e0e4b100d36c028a1b1bbcf855dc5492422b97ef0a0f1aed669d1790d8cfb114e4752a38f28fb3a9fb1fdf09d6aba49aad03e1952ce50dffc33ac464883519803dfb8ae7ee7d01180985921e87d416a16f75c00735360e94a15573f2e7b7dca6b08f0339cbfb01a2674dc25cdcf44c5a40a7b84cea1920ad5218473532664abb538cfbd7f03bcc40f86a55c107d88e801366c0444df4498106a42001a02638be467fe6d31b169f246060a63d568caa7149b163dbc6e425a4eb85867a46b0540000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008400000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r4 = openat$cgroup_devices(r3, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000200)={r6}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x1, r5, 0x6}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1m45.869003471s ago: executing program 0 (id=53): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000002d4cd000181100e65ec10000000000000000764c46105cead71318b5eeb69e56ceb19290b9438cbf476b3866320f5ec86ae4db7643674692ddac424f00ba0e70e8d66873463de70766c070b482fc7bb16fd8f47c4cdfe615ded1559b779ea4cc40a29206c1d0de616d9e5c9ed0199d148a5613141dd011a20b4519137cabc8a5465d36d33ff27dce4cf6d1c0cc84ab896f22c8a87151994ad617458c6c96467cd8767ad64d95ad3db0036767893b8cb38e0b49ad90083e3d427c8795244b34e367b7294a97d475d0bd59d9f1f250916473cf053c11e0e4b100d36c028a1b1bbcf855dc5492422b97ef0a0f1aed669d1790d8cfb114e4752a38f28fb3a9fb1fdf09d6aba49aad03e1952ce50dffc33ac464883519803dfb8ae7ee7d01180985921e87d416a16f75c00735360e94a15573f2e7b7dca6b08f0339cbfb01a2674dc25cdcf44c5a40a7b84cea1920ad5218473532664abb538cfbd7f03bcc40f86a55c107d88e801366c0444df4498106a42001a02638be467fe6d31b169f246060a63d568caa7149b163dbc6e425a4eb85867a46b0540000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008400000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r4 = openat$cgroup_devices(r3, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000200)={r6}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x1, r5, 0x6}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1m19.98178199s ago: executing program 0 (id=53): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000002d4cd000181100e65ec10000000000000000764c46105cead71318b5eeb69e56ceb19290b9438cbf476b3866320f5ec86ae4db7643674692ddac424f00ba0e70e8d66873463de70766c070b482fc7bb16fd8f47c4cdfe615ded1559b779ea4cc40a29206c1d0de616d9e5c9ed0199d148a5613141dd011a20b4519137cabc8a5465d36d33ff27dce4cf6d1c0cc84ab896f22c8a87151994ad617458c6c96467cd8767ad64d95ad3db0036767893b8cb38e0b49ad90083e3d427c8795244b34e367b7294a97d475d0bd59d9f1f250916473cf053c11e0e4b100d36c028a1b1bbcf855dc5492422b97ef0a0f1aed669d1790d8cfb114e4752a38f28fb3a9fb1fdf09d6aba49aad03e1952ce50dffc33ac464883519803dfb8ae7ee7d01180985921e87d416a16f75c00735360e94a15573f2e7b7dca6b08f0339cbfb01a2674dc25cdcf44c5a40a7b84cea1920ad5218473532664abb538cfbd7f03bcc40f86a55c107d88e801366c0444df4498106a42001a02638be467fe6d31b169f246060a63d568caa7149b163dbc6e425a4eb85867a46b0540000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008400000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r4 = openat$cgroup_devices(r3, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000200)={r6}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x1, r5, 0x6}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 54.822516804s ago: executing program 0 (id=53): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000002d4cd000181100e65ec10000000000000000764c46105cead71318b5eeb69e56ceb19290b9438cbf476b3866320f5ec86ae4db7643674692ddac424f00ba0e70e8d66873463de70766c070b482fc7bb16fd8f47c4cdfe615ded1559b779ea4cc40a29206c1d0de616d9e5c9ed0199d148a5613141dd011a20b4519137cabc8a5465d36d33ff27dce4cf6d1c0cc84ab896f22c8a87151994ad617458c6c96467cd8767ad64d95ad3db0036767893b8cb38e0b49ad90083e3d427c8795244b34e367b7294a97d475d0bd59d9f1f250916473cf053c11e0e4b100d36c028a1b1bbcf855dc5492422b97ef0a0f1aed669d1790d8cfb114e4752a38f28fb3a9fb1fdf09d6aba49aad03e1952ce50dffc33ac464883519803dfb8ae7ee7d01180985921e87d416a16f75c00735360e94a15573f2e7b7dca6b08f0339cbfb01a2674dc25cdcf44c5a40a7b84cea1920ad5218473532664abb538cfbd7f03bcc40f86a55c107d88e801366c0444df4498106a42001a02638be467fe6d31b169f246060a63d568caa7149b163dbc6e425a4eb85867a46b0540000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008400000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r4 = openat$cgroup_devices(r3, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000200)={r6}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x1, r5, 0x6}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 28.363869371s ago: executing program 4 (id=912): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x6, &(0x7f0000000140)={0x7d, {{0x29, 0x0, 0x2000000, @rand_addr=' \x01\x00', 0x5}}}, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) mount$fuse(0x0, 0x0, 0x0, 0x2040, &(0x7f0000000700)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000000000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',default_perM\f\x00\x00\x00default_pejmissions,\x00']) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="040e047f2d20"], 0x7) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="020000000100000000000000040000000000000010000000000000002000000000000000a02178011692ce08942330399b414d7f4e459613428dd60214d486a018b5b33b35044a9fc56d8649900b0e41e63b51596e32cc22a2809da526b54d733073474c856c3e52fc3b49e5023e2f4bbdd1ee11e1e0c35d167c0e6bcfb61d9d8cc2d3b41db4aec327a7bd65c72fcd9eb0dbe1c18bf91dddf9a5f0466b98383517224d1eeeb98df1c08358c17146640fc79b9d0aa55aefbc91e101fc06279a6c9aea2fdb91f7564970d7dda9f3d58966cc5f57e5056a4d6aa929f0b5a96c77d7cb1443855190926ab41b3f42df6de46068b5b5b812c97024e0023b08ede66dfe72f5f8e0ba527f17b082c422f9c441433f3064d9e302ce47ac487aae2e724f6898a7c9e21c6943e0d647bdbb5d0f23deb9c338ad01ecf87bf1429018454972187564e4783f67a4906a529e46b98cf7a4b6ab90c143a6f0935dadb4896a7ddecbc1a586eb87bada66d2b6717d140848aa4dde14b804f791b681bb0d7ad3e78f1675daebd2b3efe243985b3d65303ba650d1bb3bed0cf93c3d662a"], 0x24, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', 0x0, 0x2) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000240)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r8, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r5, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r7, 0x0, 0xffffffffffffffff, 0x1}) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "a5b39a", 0x2}}}, 0xd) ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r7, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000680)={0x48, 0x7, r9, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x749bc}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYRESOCT=0x0, @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r4, @ANYBLOB="18005a8014000180050001", @ANYRES16=r1], 0x34}}, 0x2200c020) r10 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r10, 0x80045017, 0x0) 27.924009315s ago: executing program 4 (id=917): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x4b, [0x0, 0x0, 0x0, 0x2b0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8fca], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0, 0x0, 0xa90d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x40000000015, 0x5, 0x0) syz_io_uring_setup(0x360b, &(0x7f0000001040), &(0x7f0000000340), 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) socket$nl_generic(0x10, 0x3, 0x10) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window, @mss={0x2, 0xfff}, @window, @window], 0x20000000000000e4) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0xc7) setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0xb15, 0x0, 0x0, 0x0, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) 26.713048241s ago: executing program 0 (id=53): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000002d4cd000181100e65ec10000000000000000764c46105cead71318b5eeb69e56ceb19290b9438cbf476b3866320f5ec86ae4db7643674692ddac424f00ba0e70e8d66873463de70766c070b482fc7bb16fd8f47c4cdfe615ded1559b779ea4cc40a29206c1d0de616d9e5c9ed0199d148a5613141dd011a20b4519137cabc8a5465d36d33ff27dce4cf6d1c0cc84ab896f22c8a87151994ad617458c6c96467cd8767ad64d95ad3db0036767893b8cb38e0b49ad90083e3d427c8795244b34e367b7294a97d475d0bd59d9f1f250916473cf053c11e0e4b100d36c028a1b1bbcf855dc5492422b97ef0a0f1aed669d1790d8cfb114e4752a38f28fb3a9fb1fdf09d6aba49aad03e1952ce50dffc33ac464883519803dfb8ae7ee7d01180985921e87d416a16f75c00735360e94a15573f2e7b7dca6b08f0339cbfb01a2674dc25cdcf44c5a40a7b84cea1920ad5218473532664abb538cfbd7f03bcc40f86a55c107d88e801366c0444df4498106a42001a02638be467fe6d31b169f246060a63d568caa7149b163dbc6e425a4eb85867a46b0540000", @ANYRES32, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008400000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r4 = openat$cgroup_devices(r3, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000200)={r6}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x1, r5, 0x6}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 24.938274523s ago: executing program 4 (id=928): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x6, &(0x7f0000000140)={0x7d, {{0x29, 0x0, 0x2000000, @rand_addr=' \x01\x00', 0x5}}}, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) mount$fuse(0x0, 0x0, 0x0, 0x2040, &(0x7f0000000700)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000000000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',default_perM\f\x00\x00\x00default_pejmissions,\x00']) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="040e047f2d20"], 0x7) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') setxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="020000000100000000000000040000000000000010000000000000002000000000000000a02178011692ce08942330399b414d7f4e459613428dd60214d486a018b5b33b35044a9fc56d8649900b0e41e63b51596e32cc22a2809da526b54d733073474c856c3e52fc3b49e5023e2f4bbdd1ee11e1e0c35d167c0e6bcfb61d9d8cc2d3b41db4aec327a7bd65c72fcd9eb0dbe1c18bf91dddf9a5f0466b98383517224d1eeeb98df1c08358c17146640fc79b9d0aa55aefbc91e101fc06279a6c9aea2fdb91f7564970d7dda9f3d58966cc5f57e5056a4d6aa929f0b5a96c77d7cb1443855190926ab41b3f42df6de46068b5b5b812c97024e0023b08ede66dfe72f5f8e0ba527f17b082c422f9c441433f3064d9e302ce47ac487aae2e724f6898a7c9e21c6943e0d647bdbb5d0f23deb9c338ad01ecf87bf1429018454972187564e4783f67a4906a529e46b98cf7a4b6ab90c143a6f0935dadb4896a7ddecbc1a586eb87bada66d2b6717d140848aa4dde14b804f791b681bb0d7ad3e78f1675daebd2b3efe243985b3d65303ba650d1bb3bed0cf93c3d662a"], 0x24, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', 0x0, 0x2) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000240)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r8, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r5, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r7, 0x0, 0xffffffffffffffff, 0x1}) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "a5b39a", 0x2}}}, 0xd) ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r7, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000680)={0x48, 0x7, r9, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x749bc}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYRESOCT=0x0, @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r4, @ANYBLOB="18005a8014000180050001", @ANYRES16=r1], 0x34}}, 0x2200c020) r10 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r10, 0x80045017, 0x0) 24.461749313s ago: executing program 4 (id=930): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000440), 0x41, 0x0) write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0xff2e) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r2 = syz_open_pts(r1, 0x0) r3 = dup3(r2, r1, 0x0) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x12) 5.886246888s ago: executing program 1 (id=985): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x158, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in6=@dev}, {@in=@private, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x80}, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x96}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x20, 0x17, {0x1, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0]}}]}, 0x158}}, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f0000000240)={{'\x00', 0x3}, {0x8000}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0, &(0x7f0000000440)={0x2, 0x176, {0x1, 0xc, 0xbc, "63370999509484a39cc8f35c6d1d46bfe7bf61aa24211caf3154f9ae2b7110d695428592221ed1f7f963010994c22713e85785936582d032ca968e9cb891a49103f5e1488d4ac392168286e8c8c3b0523afef30d82434121ebcb393862547341fa0b7abdbca8171575f7792f3fb97f8de8789b5c32cb2e211c1d25de52aa577c82defa2c1145ebbb96c5640e81718720c874a54fc0f427577ae18e6cb834dd3900584be75dc07341a2ca74e4ae28f5b6a83807cd97227c934eaa5c0d", 0xad, "934026ed3b82c71a4fb7f8d25d7a4f654a1e6a17a7ebd8d89bdd2357e579baab7fccb3095ac1c5a87d298f21afcd92f4a241d655752d351f25c282f68bf87451885a4828a8be9d492454b003f3f92006a0664c23bf1184874ef197ffe6ce3443d7495b273a105896c854361d27b4116b96231de5c63393a1a4092169a7068f1e4206174c0e668ed4b11e3021eebaf6f326f089755b837830e211dbdb34a0eb9bb11736ad828a653b29ce544d6c"}, 0xd, "8b5de1a0d386182658e63d845d"}, 0x18f}) r1 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r1, &(0x7f00000000c0)='./file0\x00') mkdirat(r1, &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa864c30d0588779e) r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) renameat2(r2, &(0x7f0000000140)='./file0/file0/file0\x00', r1, &(0x7f0000000380)='./file1\x00', 0x2) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000080)=@v1={0x0, @adiantum, 0x0, @desc2}) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00') 5.706751571s ago: executing program 1 (id=986): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) lgetxattr(0x0, 0x0, 0x0, 0x0) r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xdc, 0x3f, 0x6e, 0x40, 0x813, 0x1, 0x3a08, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9d, 0x26, 0x9b}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000521b705078ffe8d80f2e0938ecae91ea69f4ced8a1e96b1c8bdbcde01f138f760f41c8c911c92061b82ca3c403feec47fdb8c4256f4576299e0a30809bbe0816e776953cfad4f830838f8e80c539f71e5d88b2c5edd5f2ac724f78f09c229de0849d2396a8dda1c723a628e2f1211ba984d7c84e9c4e84d9da9e272f2170be619d061c11e537fdc5269874e3938a908eb0c9d36069571a40882780a9bafa0da42aa9d26a12d7ec8054d51b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYRESHEX=r0], 0x44}}, 0x4000011) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x13, r4, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="76d7964100e4ffffff0d0000b705000008319e0ca9f55ec98add6d2f42000000850000000200000095000000"], &(0x7f0000000300)='GPL\x00', 0x8, 0xff7, &(0x7f0000001e00)=""/4087}, 0x90) r5 = socket$pppl2tp(0x18, 0x1, 0x1) r6 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r5, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @multicast2}, 0x82}}, 0x2e) connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r7, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'syzkaller1\x00'}]}, 0x28}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0xffffffffa0018000, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x60}}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000640)={0x24, &(0x7f0000000340)={0x80, 0x24, 0xec, {0xec, 0x22, "88e1f2593d6f1e6f39261f97c27ee6fdbcec9339e22e6948c94b44d7b98ebc49c42f31b4863bd3363bfbbc501f0e8c12f5f746ed6708315156990af869380c36f5a4bc589fddfb67c8fc70c924d5b8fddf73717a12c26dab3205ca776e97504c4b18292b692a5bfaa5d26a46b3897c48355d1597e4bc3e4a2443532b80126e233e4816e0ec59049a72b52aa7c546f635b382222e070bf3642a73a4056a5b912f3d69e7f03fd2d349e8d56ff8a3a2ac04d41a3551b9d3b102bdc864526a5dceedcd02b84c38d589e08b0aedc36f36ab31d7b2633cd9f4d951759cf5d279ad4446ab89614aed72f5c9e5cb"}}, &(0x7f0000000440)={0x0, 0x3, 0xc3, @string={0xc3, 0x3, "7502e822dd8801dc6c76f203b7868bc1a6570564041dc7bbe23def5b3e75bbfe4a92318cbcea0661b5631becba29ec209904250e4d812d7e80ce0a72a242b6fe51e298a748e9295cd7acac58c3fd57058a7a39832867f068f242a8b57baa14b26a0e04d3c6909ac84adb5b0c42bec5be24196a4e3e5a31d6fd22c2d6709985e1569c8d82a26ca43a9cc26fe434661442a8ecfa6013842cbaf70e4ab398a1a9b17854bfe3d4e803417a30aeafffa0f6945b847c485b2626687b17f0607af716cde0"}}, &(0x7f0000000540), &(0x7f00000005c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x3, 0x1f, 0x1, {0x22, 0x19}}}}, &(0x7f00000009c0)={0xfffffffffffffe95, &(0x7f0000000680)={0x20, 0xc, 0xb4, "0a9a7390fc9def24c0345d43a6ba45eecc68a5a324d6054decb9356cc655445b57919d9e9c50de1f9e8caf8090e92ac4a764b7e95e4e031bf87d42268ee6bd2ef7964b8b543899f220d286405592c1dc574c960dff8c50dd992784b8b0aaf4c4c9a0b66acd3f73282383886e629f81c95d5cbfaff8f91fd1638aaa1f6187771657dcd8f26eb79989c1848a3b4c015e1035af090271fbf2cec0a5c37a10aca4306dc37aa048669a8fff56cea585cd4208dd40da76"}, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x20}, &(0x7f0000000840)={0x20, 0x1, 0x63, "9019421cd0aedfa61d111783b2e46a0977a078d4d458f473cef6f65a1e94d19a80e167cf12476219f8d15a6f34e919fd43d7c431d615b4fcb0424ff012abad7dcd1e37e5c5456776b42bdd10810f35e5452744b56ab66a10c6c8e94df9bfccd016c9db"}, &(0x7f0000000980)={0x20, 0x3, 0x1, 0x1}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r9 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r9, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bind$tipc(r9, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NODES(r10, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r11, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0) 3.60779072s ago: executing program 1 (id=994): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, &(0x7f0000000080)='l', 0x1) write$char_usb(r1, &(0x7f0000000140)="1b", 0x1) syz_usb_disconnect(r0) 2.179483711s ago: executing program 2 (id=996): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f00000000c0)) 1.989198571s ago: executing program 2 (id=997): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETPERSIST(r0, 0x400454da, 0x0) 1.843592029s ago: executing program 3 (id=999): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f00000001c0)=[{&(0x7f000001a040)=""/102385, 0x18ff1}, {&(0x7f0000000400)=""/209, 0xd1}], 0x2, 0x0, 0x0) r2 = syz_io_uring_setup(0x117, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, r1}, &(0x7f00000002c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4) r5 = socket$tipc(0x1e, 0x2, 0x0) r6 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000000)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000200)={0x0, 0x0, 0x3}, 0x10) syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x21, 0x0, @fd_index=0x7, 0x0, &(0x7f0000000300)=""/215, 0xd7, 0xc}) io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 1.435700411s ago: executing program 2 (id=1000): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) readv(r1, &(0x7f0000000280)=[{&(0x7f0000000000)=""/41, 0xfffffdd6}, {&(0x7f0000000080)=""/56, 0x41}, {&(0x7f00000000c0)=""/167, 0xa7}, {&(0x7f0000000180)=""/213, 0xec}], 0x4) 1.414585992s ago: executing program 1 (id=1001): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b1c00000000000000000affffff20000180140002006261746164765f736c6176655f31000008000100", @ANYRES32=r2], 0x34}}, 0x0) 1.37311298s ago: executing program 3 (id=1002): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x202, 0x0) writev(r0, &(0x7f0000000700)=[{&(0x7f0000000640)="e7ba44d160479f5a5e64722ddc8d9ce3cc6d96c09414d5031ebae0501b1fa469c24a1bc9b57543c247e2eae88c5432453e72a443b8fe26dc4c6163fead70645d42f4ea60231536daa82d726830c46b5401b6e04bb116d82515f86b6b21f83359814c2aa460971f0fc6796d4a45a998df3832151aa5504b01489f0d41e126b45ce69615206b7bedf99aec1a3c469a40c19cefc8941f3f90296247763738e2e9f4083463c0227a", 0xa6}], 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000055ef74a94e90352900e50000850000007d0000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000200)={&(0x7f0000000180), 0xc, &(0x7f00000001c0)={&(0x7f0000000a40)={0x194, 0x0, 0x1, 0x101, 0x0, 0x0, {0xa}, [@CTA_STATUS={0x8}, @CTA_TUPLE_ORIG={0xe8, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_ZONE, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x1e, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @loopback}}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv4={{0x0, 0x1, @private}, {0x0, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv4={{0x0, 0x1, @broadcast}, {0x0, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_MASTER={0x0, 0xe, 0x0, 0x1, [@CTA_TUPLE_ZONE, @CTA_TUPLE_ZONE, @CTA_TUPLE_IP={0x0, 0x1, 0x0, 0x1, @ipv4={{}, {0x0, 0x2, @remote}}}, @CTA_TUPLE_IP={0x0, 0x1, 0x0, 0x1, @ipv4={{0x0, 0x1, @empty}, {0x0, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO]}, @CTA_PROTOINFO={0x8, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x0, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_STATE, @CTA_PROTOINFO_SCTP_STATE, @CTA_PROTOINFO_SCTP_VTAG_ORIGINAL, @CTA_PROTOINFO_SCTP_STATE, @CTA_PROTOINFO_SCTP_STATE, @CTA_PROTOINFO_SCTP_VTAG_ORIGINAL, @CTA_PROTOINFO_SCTP_STATE]}}, @CTA_TIMEOUT={0x8}, @CTA_FILTER={0x0, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS, @CTA_FILTER_REPLY_FLAGS, @CTA_FILTER_ORIG_FLAGS, @CTA_FILTER_ORIG_FLAGS]}, @CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}, @CTA_LABELS_MASK={0x20, 0x17, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @CTA_MARK={0x8}]}, 0x194}}, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000280)={0x3, 'vlan0\x00', {0x10000}, 0x9}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000180)={&(0x7f0000000300)="4a9b6f41bd4141fcce65619f8b58032930879a406b0dd93a5eeaa5519311ebee0ad76ed4207e4884a3fd6133d17f76f5290eab08c4e4b0dcd2e34f06b3cd2190e15ed8927cd9376650fa954fe86b240a84", &(0x7f0000000380)=""/136, &(0x7f0000000440)="19f9c7a062efda7a9a74cf9785002fb9786ce09bc3b0a498e6905d1f83d68847e79071a198ef731ce5f362417e7b3edde1b20f92d6ed609163b5053eeb5414b304969e3ec82f82f10adf39a94490c701d196e459456d40df5e136938b20fef3478367480629553c0b24770838b37588ad164a205a5ebcd94bfa7d62ecd074bc8ea6a132c7ed44fd988d7be4a4f4d1a507ea1857ebecfef79c52b735aaed3233ed6fe55a7e85d5ab83fd7ac02b281", &(0x7f0000000500)="e9ba2fab3ad54234a44a9a13cdb3138ab37e4aaa332aa70e9c518b03a0236fb7db1ee3dc474b46c9797d48e2844e24a025bab60fc0b259b2365baaf5d062f21211707fd3739c98fd796d85d1f544908d061d7f569b68b402e554e17fc8c2f9820e9547c02643f4124a89a4880a673ef873d87179b4b21e8ca27bde09ede2507478aeb7b58289fa8332df13ec5fc588cf12a6a1291c406ba2", 0x2}, 0x38) r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) r6 = fsmount(r5, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r4, r6, 0x0, 0x0, @val=@uprobe_multi={0x0, 0x0}}, 0x40) read$char_usb(r6, &(0x7f0000000140)=""/57, 0x39) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000100)=@v1={0x1000000, [{0x5, 0x400}]}, 0x20, 0x3) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r7, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050000015"], 0x3c}}, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000005c0), 0x100, 0x0) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="020200000c0000000000000000000000030006000000000002000000ac1e0001000000000000000002000100000000000000000000000000030005000000000002000000000000000000000000000000020013"], 0x60}}, 0x0) 1.240318745s ago: executing program 2 (id=1003): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x20) 1.12465908s ago: executing program 1 (id=1004): r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) write$sndseq(r0, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x5}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time}], 0x70) 1.056622012s ago: executing program 3 (id=1005): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x158, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in6=@dev}, {@in=@private, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x80}, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x96}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x20, 0x17, {0x1, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0]}}]}, 0x158}}, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f0000000240)={{'\x00', 0x3}, {0x8000}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0, &(0x7f0000000440)={0x2, 0x176, {0x1, 0xc, 0xbc, "63370999509484a39cc8f35c6d1d46bfe7bf61aa24211caf3154f9ae2b7110d695428592221ed1f7f963010994c22713e85785936582d032ca968e9cb891a49103f5e1488d4ac392168286e8c8c3b0523afef30d82434121ebcb393862547341fa0b7abdbca8171575f7792f3fb97f8de8789b5c32cb2e211c1d25de52aa577c82defa2c1145ebbb96c5640e81718720c874a54fc0f427577ae18e6cb834dd3900584be75dc07341a2ca74e4ae28f5b6a83807cd97227c934eaa5c0d", 0xad, "934026ed3b82c71a4fb7f8d25d7a4f654a1e6a17a7ebd8d89bdd2357e579baab7fccb3095ac1c5a87d298f21afcd92f4a241d655752d351f25c282f68bf87451885a4828a8be9d492454b003f3f92006a0664c23bf1184874ef197ffe6ce3443d7495b273a105896c854361d27b4116b96231de5c63393a1a4092169a7068f1e4206174c0e668ed4b11e3021eebaf6f326f089755b837830e211dbdb34a0eb9bb11736ad828a653b29ce544d6c"}, 0xd, "8b5de1a0d386182658e63d845d"}, 0x18f}) r1 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r1, &(0x7f00000000c0)='./file0\x00') mkdirat(r1, &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa864c30d0588779e) r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) renameat2(r2, &(0x7f0000000140)='./file0/file0/file0\x00', r1, &(0x7f0000000380)='./file1\x00', 0x2) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000080)=@v1={0x0, @adiantum, 0x0, @desc2}) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00') 1.056098105s ago: executing program 2 (id=1006): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@ipv4_newnexthop={0x20, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_FDB={0x4}]}, 0x20}}, 0x0) 935.177455ms ago: executing program 1 (id=1007): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00'}) epoll_create1(0x0) socket(0x1, 0x4, 0x0) sendmsg$NFNL_MSG_ACCT_DEL(0xffffffffffffffff, 0x0, 0x80) syz_io_uring_setup(0x849, 0x0, 0x0, &(0x7f00000001c0)) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = getpgid(0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080), 0x4) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x80000001, 0xff) r3 = socket$packet(0x11, 0x3, 0x300) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c) openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x111440, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'pim6reg\x00', 0x1}) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00') fchmod(r4, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.numa_stat\x00', 0x7a05, 0x1700) 865.224364ms ago: executing program 3 (id=1008): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) openat$vimc2(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, r1) keyctl$read(0x1d, r1, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, r1, 0xfffffffffffffffe, r1, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000084000000141400000000005a996ea2569baeb2e8e0901a1a9fbde65013fd8e85372bf9816846b2fc6d9e5e8f07eeb2b7770c5017ff7d4172bd1b4345c9646b96f94b3a41fbda1fcfdc1dc9b4c67a03fc3f5bd1c273da8648cac46af59ec0ab4ae2c5b1f8abda62cfe5a002773bed3ccdc7dbf1de59e7c1601912123503529f9a40843fb54e0a6e4726e1700e615b6f93a44f5c3b05d55bbc512503fb28b1d93d4c53d1686b609f30bd4f4c12434d116ccabfd0"], 0x18}], 0x1, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) r2 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @loopback}, 0x10, 0x0}, 0x34004000) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x894b, 0x0) 853.419346ms ago: executing program 4 (id=934): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xd1, 0x0, &(0x7f0000000a80)="3b1c2fac82e71ea0f1bbe02f0ad1b1596b940795b65167892b6288f1232d882d6867f0498018bfe4b82f85768644038e5ceece9c99c9035aed496dd5121ef3ffa33e5aa053a4f3311d1800970743a60e97d402ca798fa7629f0ab7f4feddc43587bfee674941b874533cf13b89cdb1f987430b31643e4c25ab9d7577dcf16a3b1cde1388c1d59328ab96582ee95defd2aaa4ea480a61361efcc16210d96ee011b5c8ad75a6f9b9d64f61251e9789e5048a9f140c03714a59819b1e12d6059a68bdc7a6852139791f74a49fdda7c37a9a15", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000001a000f01"], 0x1c}}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 765.217057ms ago: executing program 2 (id=1009): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) mmap(&(0x7f0000941000/0x4000)=nil, 0x4000, 0x3000002, 0x13, 0xffffffffffffffff, 0xca8a4000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x4) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x31) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x2, 0x300) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080), 0x0) r4 = accept$alg(r3, 0x0, 0x0) sendmsg$alg(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_buf(r5, 0x29, 0x6, &(0x7f0000000180)="1000000000000000290000003b000000", 0x10) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f3, &(0x7f0000000280)={'ip_vti0\x00', &(0x7f0000000200)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x4, 0x0, @multicast2, @empty, {[@noop, @timestamp_prespec={0x44, 0x1c, 0x0, 0x3, 0x0, [{@dev}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @noop, @lsrr={0x83, 0xfffffffffffffd3a, 0x0, [@dev, @loopback, @local, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @noop]}}}}}) socket$inet6_sctp(0xa, 0x1, 0x84) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000900), 0x0) 337.572352ms ago: executing program 3 (id=1010): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETPERSIST(r0, 0x400454da, 0x0) 241.112448ms ago: executing program 4 (id=1011): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x40) syz_emit_ethernet(0xe80, &(0x7f0000000100)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x4, 0x5}}}}}}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}}, 0x0) 0s ago: executing program 3 (id=1012): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) readv(r1, &(0x7f0000000280)=[{&(0x7f0000000000)=""/41, 0xfffffdd6}, {&(0x7f0000000080)=""/56, 0x41}, {&(0x7f00000000c0)=""/167, 0xa7}, {&(0x7f0000000180)=""/213, 0xec}], 0x4) kernel console output (not intermixed with test programs): batadv_slave_1 [ 91.875572][ T5321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.896717][ T5321] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.956579][ T5321] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.970958][ T5691] netlink: 16 bytes leftover after parsing attributes in process `syz.1.153'. [ 92.013687][ T5321] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.032736][ T5321] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.069242][ T5321] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.225573][ T29] audit: type=1326 audit(1721768783.842:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5693 comm="syz.2.154" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb12b175f19 code=0x0 [ 92.348058][ T5710] netlink: 8 bytes leftover after parsing attributes in process `syz.2.154'. [ 92.708904][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.722172][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.829761][ T1051] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.875829][ T1051] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.323963][ T5744] xt_NFQUEUE: number of total queues is 0 [ 93.331866][ T5745] netlink: 16 bytes leftover after parsing attributes in process `syz.2.167'. [ 93.386342][ T4488] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 93.395984][ T4488] Bluetooth: hci0: Injecting HCI hardware error event [ 93.404559][ T4488] Bluetooth: hci0: hardware error 0x00 [ 93.675977][ T5754] syz.1.169 uses obsolete (PF_INET,SOCK_PACKET) [ 93.820652][ T5761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.172'. [ 94.034406][ T5752] netlink: 4 bytes leftover after parsing attributes in process `syz.3.171'. [ 94.357224][ T25] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 94.514533][ T5792] xt_NFQUEUE: number of total queues is 0 [ 94.547383][ T5794] netlink: 12 bytes leftover after parsing attributes in process `syz.1.179'. [ 94.583604][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 94.596842][ T25] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 94.629250][ T5794] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 94.633723][ T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 94.638386][ T5794] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 94.638466][ T5794] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 94.638496][ T5794] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 94.672559][ T5794] vxlan0: entered promiscuous mode [ 94.800085][ T25] usb 4-1: config 0 has no interface number 0 [ 94.821896][ T25] usb 4-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 94.839412][ T2836] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.875156][ T25] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 94.900113][ T25] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 94.926265][ T25] usb 4-1: Product: syz [ 94.940794][ T25] usb 4-1: SerialNumber: syz [ 94.960208][ T25] usb 4-1: config 0 descriptor?? [ 94.995069][ T25] usbhid 4-1:0.8: couldn't find an input interrupt endpoint [ 95.703932][ T4488] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 96.295641][ T5103] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 96.322420][ T5103] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 96.334945][ T5103] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 96.350732][ T5103] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 96.365045][ T5103] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 96.372631][ T5103] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 96.426214][ T25] usb 4-1: USB disconnect, device number 2 [ 96.525644][ T2836] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.546154][ T5830] netlink: 8 bytes leftover after parsing attributes in process `syz.1.186'. [ 96.602881][ T5830] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'. [ 96.797387][ T2836] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.901241][ T5849] x_tables: duplicate entry at hook 2 [ 96.941479][ T2836] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.464788][ T5103] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 97.475995][ T5103] Bluetooth: hci2: Injecting HCI hardware error event [ 97.488558][ T5103] Bluetooth: hci2: hardware error 0x00 [ 97.832333][ T5210] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 97.879661][ T5210] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 98.388492][ T5210] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz1 [ 98.424284][ T5096] Bluetooth: hci1: command tx timeout [ 98.695168][ T2836] bridge_slave_1: left allmulticast mode [ 98.700877][ T2836] bridge_slave_1: left promiscuous mode [ 98.750611][ T2836] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.772829][ T5883] fuse: Unknown parameter '00000000000000000000' [ 98.830001][ T2836] bridge_slave_0: left allmulticast mode [ 98.830547][ T2836] bridge_slave_0: left promiscuous mode [ 98.830747][ T2836] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.163046][ T5906] loop7: detected capacity change from 0 to 16384 [ 100.350939][ T5906] blk_print_req_error: 9 callbacks suppressed [ 100.350956][ T5906] I/O error, dev loop7, sector 2176 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0 [ 100.376689][ T5910] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 100.386136][ T5910] buffer_io_error: 8 callbacks suppressed [ 100.386152][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 100.401073][ T5906] I/O error, dev loop7, sector 2176 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 100.425867][ T5103] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 100.444130][ T5910] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 100.488231][ T5906] Buffer I/O error on dev loop7, logical block 272, async page read [ 100.503605][ T5103] Bluetooth: hci1: command tx timeout [ 100.585655][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 100.699781][ T5910] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 100.793626][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 100.873854][ T5910] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 100.883332][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 100.987346][ T1475] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 101.032893][ T1475] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 101.045977][ T1475] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz1 [ 101.047126][ T5910] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 101.080456][ T5940] x_tables: duplicate entry at hook 2 [ 101.093938][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 101.156509][ T5910] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 101.182533][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 101.211368][ T5910] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 101.245392][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 101.282628][ T5910] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 101.307314][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 101.332799][ T5910] ldm_validate_partition_table(): Disk read failed. [ 101.360289][ T5910] Buffer I/O error on dev loop7, logical block 0, async page read [ 101.390539][ T5910] Dev loop7: unable to read RDB block 0 [ 101.408958][ T5910] loop7: unable to read partition table [ 101.437260][ T5910] loop_reread_partitions: partition scan of loop7 (K‹>¤i)ßí /480• #Ð …$qÝZ”©þ•I‘ŠçýÎ[†u±@3bÏàôüÏûj!5MMñ]z) failed (rc=-5) [ 101.510200][ T2836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 101.568177][ T2836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 101.634710][ T2836] bond0 (unregistering): Released all slaves [ 101.677731][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 101.755314][ T5956] sp0: Synchronizing with TNC [ 102.584698][ T5103] Bluetooth: hci1: command tx timeout [ 102.926000][ T5972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.214'. [ 102.977523][ T5977] netlink: 'syz.4.215': attribute type 1 has an invalid length. [ 102.994550][ T5977] netlink: 224 bytes leftover after parsing attributes in process `syz.4.215'. [ 103.039066][ T5977] netlink: 8 bytes leftover after parsing attributes in process `syz.4.215'. [ 103.142479][ T5977] netlink: 4 bytes leftover after parsing attributes in process `syz.4.215'. [ 103.361999][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.377793][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.386697][ T5825] bridge_slave_0: entered allmulticast mode [ 103.394713][ T5825] bridge_slave_0: entered promiscuous mode [ 103.417582][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.439737][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.466524][ T5825] bridge_slave_1: entered allmulticast mode [ 103.475935][ T5825] bridge_slave_1: entered promiscuous mode [ 103.803618][ T2836] hsr_slave_0: left promiscuous mode [ 103.814148][ T6003] x_tables: duplicate entry at hook 2 [ 103.824977][ T6001] netlink: 'syz.4.223': attribute type 11 has an invalid length. [ 103.841206][ T2836] hsr_slave_1: left promiscuous mode [ 103.866336][ T2836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.890287][ T2836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.914788][ T2836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.942568][ T2836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.004281][ T2836] veth1_macvtap: left promiscuous mode [ 104.015525][ T2836] veth0_macvtap: left promiscuous mode [ 104.026730][ T2836] veth1_vlan: left promiscuous mode [ 104.039364][ T2836] veth0_vlan: left promiscuous mode [ 104.664481][ T5103] Bluetooth: hci1: command tx timeout [ 104.916723][ T2836] team0 (unregistering): Port device team_slave_1 removed [ 104.957187][ T2836] team0 (unregistering): Port device team_slave_0 removed [ 105.066920][ T5146] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 105.287403][ T5146] usb 2-1: Using ep0 maxpacket: 16 [ 105.296421][ T5146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 105.310643][ T5146] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 105.320251][ T5146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.340018][ T5146] usb 2-1: config 0 descriptor?? [ 105.406161][ T29] audit: type=1326 audit(1721768797.022:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6035 comm="syz.2.232" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb12b175f19 code=0x0 [ 105.506809][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.867054][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.618335][ T5825] team0: Port device team_slave_0 added [ 106.833053][ T5825] team0: Port device team_slave_1 added [ 106.833472][ T6053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 106.840342][ T6047] netlink: 'syz.3.234': attribute type 1 has an invalid length. [ 106.874679][ T6047] netlink: 224 bytes leftover after parsing attributes in process `syz.3.234'. [ 106.885423][ T6053] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.893369][ T6047] netlink: 8 bytes leftover after parsing attributes in process `syz.3.234'. [ 106.920287][ T6053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 106.931580][ T6053] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.946581][ T5146] hid (null): invalid report_size 234881024 [ 106.967896][ T5146] hid (null): report_id 0 is invalid [ 106.980899][ T5146] hid (null): invalid report_size 1074798868 [ 107.001089][ T5146] hid (null): report_id 2838798905 is invalid [ 107.017853][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.018874][ T5146] hid (null): unknown global tag 0xc [ 107.033694][ T5210] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 107.042504][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.052116][ T5146] hid (null): unknown global tag 0xa5 [ 107.091496][ T6044] netlink: 4 bytes leftover after parsing attributes in process `syz.3.234'. [ 107.094806][ T5146] hid (null): unknown global tag 0xd [ 107.123117][ T5146] hid (null): unknown global tag 0xc [ 107.124639][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.129255][ T5146] hid (null): global environment stack underflow [ 107.170397][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.194947][ T5146] hid-generic 0003:0158:0100.0003: unknown main item tag 0x1 [ 107.195291][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.213873][ T5146] hid-generic 0003:0158:0100.0003: unknown main item tag 0x0 [ 107.233735][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.262010][ T5146] hid-generic 0003:0158:0100.0003: unknown main item tag 0x0 [ 107.271026][ T5146] hid-generic 0003:0158:0100.0003: unknown main item tag 0x0 [ 107.279151][ T5146] hid-generic 0003:0158:0100.0003: unknown main item tag 0x0 [ 107.287475][ T5210] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 107.300884][ T5210] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 107.323386][ T5146] hid-generic 0003:0158:0100.0003: unknown main item tag 0x0 [ 107.350748][ T5210] usb 3-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 107.364295][ T6061] netlink: 'syz.3.237': attribute type 27 has an invalid length. [ 107.372296][ T5146] hid-generic 0003:0158:0100.0003: invalid report_size 234881024 [ 107.382984][ T5210] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.391798][ T5146] hid-generic 0003:0158:0100.0003: item 0 4 1 7 parsing failed [ 107.410461][ T5210] usb 3-1: config 0 descriptor?? [ 107.419415][ T5146] hid-generic 0003:0158:0100.0003: probe with driver hid-generic failed with error -22 [ 107.466635][ T5825] hsr_slave_0: entered promiscuous mode [ 107.471762][ T5146] usb 2-1: USB disconnect, device number 3 [ 107.511041][ T5825] hsr_slave_1: entered promiscuous mode [ 107.536059][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 107.559121][ T5825] Cannot create hsr debugfs directory [ 107.911503][ T5210] usbhid 3-1:0.0: can't add hid device: -71 [ 107.924291][ T5210] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 107.983989][ T5210] usb 3-1: USB disconnect, device number 3 [ 108.045459][ T6077] support for the xor transformation has been removed. [ 108.106232][ T6077] netlink: 16 bytes leftover after parsing attributes in process `syz.3.240'. [ 110.468625][ T6115] capability: warning: `syz.2.248' uses 32-bit capabilities (legacy support in use) [ 110.543490][ C1] sd 0:0:1:0: [sda] tag#3747 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 110.555221][ C1] sd 0:0:1:0: [sda] tag#3747 CDB: Write(6) 0a 00 00 00 00 00 00 00 00 00 00 00 [ 110.769648][ T5144] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 110.783768][ T5144] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 110.811362][ T5144] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz1 [ 111.083727][ T66] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 111.231225][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 111.264328][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 111.319183][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 111.366153][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 111.471373][ T66] usb 3-1: Using ep0 maxpacket: 16 [ 112.227478][ T6151] netlink: 4 bytes leftover after parsing attributes in process `syz.3.255'. [ 112.284042][ T66] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 112.297352][ T66] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 112.317135][ T66] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.349201][ T66] usb 3-1: config 0 descriptor?? [ 112.499274][ T6156] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 112.516564][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.594885][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.630184][ T6159] netlink: 64 bytes leftover after parsing attributes in process `syz.4.258'. [ 112.682766][ T5210] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.689973][ T5210] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.726288][ T5210] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.726422][ T5210] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.806604][ C1] sd 0:0:1:0: [sda] tag#3752 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 112.806699][ C1] sd 0:0:1:0: [sda] tag#3752 CDB: Write(6) 0a 00 00 00 00 00 00 00 00 00 00 00 [ 112.823797][ T1475] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 112.878517][ T5825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 113.006129][ T1475] usb 4-1: Using ep0 maxpacket: 16 [ 113.009461][ T1475] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 113.009491][ T1475] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 113.009511][ T1475] usb 4-1: config 0 has no interface number 0 [ 113.009570][ T1475] usb 4-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 113.011542][ T1475] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 113.011574][ T1475] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 113.011617][ T1475] usb 4-1: Product: syz [ 113.011633][ T1475] usb 4-1: SerialNumber: syz [ 113.020155][ T1475] usb 4-1: config 0 descriptor?? [ 113.026560][ T1475] usbhid 4-1:0.8: couldn't find an input interrupt endpoint [ 113.095354][ T6162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.268076][ T6162] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 113.333364][ T6162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.338609][ T6162] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 113.355518][ T66] hid (null): invalid report_size 234881024 [ 113.355577][ T66] hid (null): report_id 0 is invalid [ 113.356837][ T66] hid (null): invalid report_size 1074798868 [ 113.367329][ T66] hid (null): report_id 2838798905 is invalid [ 113.367371][ T66] hid (null): unknown global tag 0xc [ 113.367415][ T66] hid (null): unknown global tag 0xa5 [ 113.367444][ T66] hid (null): unknown global tag 0xd [ 113.367554][ T66] hid (null): unknown global tag 0xc [ 113.367588][ T66] hid (null): global environment stack underflow [ 113.380111][ T66] hid-generic 0003:0158:0100.0005: unknown main item tag 0x1 [ 113.380156][ T66] hid-generic 0003:0158:0100.0005: unknown main item tag 0x0 [ 113.380183][ T66] hid-generic 0003:0158:0100.0005: unknown main item tag 0x0 [ 113.380211][ T66] hid-generic 0003:0158:0100.0005: unknown main item tag 0x0 [ 113.380239][ T66] hid-generic 0003:0158:0100.0005: unknown main item tag 0x0 [ 113.380267][ T66] hid-generic 0003:0158:0100.0005: unknown main item tag 0x0 [ 113.380295][ T66] hid-generic 0003:0158:0100.0005: invalid report_size 234881024 [ 113.380313][ T66] hid-generic 0003:0158:0100.0005: item 0 4 1 7 parsing failed [ 113.387076][ T66] hid-generic 0003:0158:0100.0005: probe with driver hid-generic failed with error -22 [ 113.608789][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.760367][ T5825] veth0_vlan: entered promiscuous mode [ 113.786921][ T5825] veth1_vlan: entered promiscuous mode [ 113.910985][ T5825] veth0_macvtap: entered promiscuous mode [ 113.926317][ T5825] veth1_macvtap: entered promiscuous mode [ 113.984121][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.984198][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.984210][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.984223][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.984233][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.984246][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.984256][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.984268][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.995298][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.007687][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.007713][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.007724][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.007737][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.007748][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.007761][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.007772][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.007783][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.016513][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.031591][ T5825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.031629][ T5825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.031656][ T5825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.031683][ T5825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.278533][ T5210] usb 3-1: USB disconnect, device number 4 [ 114.383323][ T1051] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.383345][ T1051] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.455998][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.456023][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.954742][ T66] usb 4-1: USB disconnect, device number 3 [ 115.342564][ T5096] Bluetooth: hci1: sending frame failed (-49) [ 115.358299][ T5103] Bluetooth: hci1: Opcode 0x1003 failed: -49 [ 116.671475][ T6251] netlink: 'syz.2.271': attribute type 1 has an invalid length. [ 116.701655][ T6251] netlink: 224 bytes leftover after parsing attributes in process `syz.2.271'. [ 116.718250][ T6251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.271'. [ 116.753910][ T1475] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 116.771202][ T6240] netlink: 4 bytes leftover after parsing attributes in process `syz.2.271'. [ 116.963691][ T1475] usb 5-1: Using ep0 maxpacket: 32 [ 116.975840][ T1475] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.990331][ T1475] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.025914][ T1475] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 117.040729][ T1475] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.049238][ T1475] usb 5-1: Product: syz [ 117.053626][ T1475] usb 5-1: Manufacturer: syz [ 117.058238][ T1475] usb 5-1: SerialNumber: syz [ 117.861210][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.589123][ T6274] netlink: 8 bytes leftover after parsing attributes in process `syz.4.274'. [ 118.617858][ T1475] cdc_ncm 5-1:1.0: SET_CRC_MODE failed [ 118.663205][ T1475] cdc_ncm 5-1:1.0: bind() failure [ 118.697090][ T1475] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 118.715738][ T1475] cdc_ncm 5-1:1.1: bind() failure [ 118.753049][ T1475] usb 5-1: USB disconnect, device number 2 [ 118.789247][ T5096] Bluetooth: hci1: sending frame failed (-49) [ 118.800077][ T5103] Bluetooth: hci1: Opcode 0x1003 failed: -49 [ 119.160312][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 120.245815][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 120.292850][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 120.598475][ T5096] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 120.606425][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 120.623963][ T5096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 122.220556][ T6290] chnl_net:caif_netlink_parms(): no params data found [ 122.344739][ T29] audit: type=1326 audit(1721768813.932:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6310 comm="syz.1.292" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f592c975f19 code=0x0 [ 122.746194][ T5103] Bluetooth: hci1: command tx timeout [ 123.084438][ T6330] netlink: 210568 bytes leftover after parsing attributes in process `syz.2.298'. [ 123.096229][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.104032][ T6330] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16) [ 123.131257][ T6330] openvswitch: netlink: Message has 4 unknown bytes. [ 123.294432][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.314823][ T6335] fuse: Unknown parameter 'f®KÁçy.'׫trB³N' [ 123.325323][ T29] audit: type=1326 audit(1721768814.942:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6334 comm="syz.2.299" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb12b175f19 code=0x0 [ 123.540753][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.402035][ T6351] netlink: 8 bytes leftover after parsing attributes in process `syz.2.305'. [ 124.443342][ T6351] netlink: 8 bytes leftover after parsing attributes in process `syz.2.305'. [ 124.880833][ T5103] Bluetooth: hci1: command tx timeout [ 125.620678][ T6290] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.657880][ T6290] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.671425][ T6290] bridge_slave_0: entered allmulticast mode [ 125.679413][ T6290] bridge_slave_0: entered promiscuous mode [ 125.705332][ T6290] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.712675][ T6290] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.728808][ T6290] bridge_slave_1: entered allmulticast mode [ 125.745811][ T6290] bridge_slave_1: entered promiscuous mode [ 126.005593][ T6373] gfs2: gfs2 mount does not exist [ 126.022350][ T6290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 126.038525][ T6365] kvm: emulating exchange as write [ 126.900179][ T6290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 126.909939][ T5103] Bluetooth: hci1: command tx timeout [ 128.760451][ T35] bridge_slave_1: left allmulticast mode [ 128.799732][ T35] bridge_slave_1: left promiscuous mode [ 128.833775][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.907396][ T35] bridge_slave_0: left allmulticast mode [ 128.933390][ T35] bridge_slave_0: left promiscuous mode [ 128.963801][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.983759][ T5103] Bluetooth: hci1: command tx timeout [ 129.594232][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 129.616193][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 129.637263][ T35] bond0 (unregistering): Released all slaves [ 129.667447][ T6384] netlink: 8 bytes leftover after parsing attributes in process `syz.4.313'. [ 129.942868][ T6290] team0: Port device team_slave_0 added [ 130.225215][ T6290] team0: Port device team_slave_1 added [ 131.357452][ T6290] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 131.390535][ T6290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.484393][ T6290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 131.545176][ T6290] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 131.555302][ T6434] netlink: 191416 bytes leftover after parsing attributes in process `syz.2.327'. [ 131.586010][ T6290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.609758][ T6434] netlink: zone id is out of range [ 131.633026][ T6439] netlink: 4 bytes leftover after parsing attributes in process `syz.2.327'. [ 131.633626][ T6434] netlink: zone id is out of range [ 131.657580][ T6290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 131.693596][ T6434] netlink: zone id is out of range [ 131.719136][ T6434] netlink: zone id is out of range [ 131.733771][ T6434] netlink: zone id is out of range [ 131.740671][ T6434] netlink: zone id is out of range [ 131.746497][ T6434] netlink: zone id is out of range [ 131.757782][ T6434] netlink: zone id is out of range [ 131.817973][ T6434] netlink: zone id is out of range [ 131.830186][ T6434] netlink: zone id is out of range [ 132.250109][ T35] hsr_slave_0: left promiscuous mode [ 132.283662][ T35] hsr_slave_1: left promiscuous mode [ 132.296973][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.303695][ T1475] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 132.310520][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 132.320751][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.331856][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 132.376841][ T35] veth1_macvtap: left promiscuous mode [ 132.391009][ T35] veth0_macvtap: left promiscuous mode [ 132.397583][ T35] veth1_vlan: left promiscuous mode [ 132.403030][ T35] veth0_vlan: left promiscuous mode [ 132.486658][ T1475] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 132.507331][ T1475] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 132.520895][ T1475] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 132.532483][ T1475] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 132.545737][ T1475] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 132.557015][ T1475] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.570042][ T1475] usb 3-1: config 0 descriptor?? [ 132.576369][ T6456] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 132.973921][ T35] team0 (unregistering): Port device team_slave_1 removed [ 133.017985][ T1475] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd [ 133.027191][ T35] team0 (unregistering): Port device team_slave_0 removed [ 133.029746][ T1475] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 133.076502][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.082844][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.118474][ T1475] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 133.308068][ T1475] usb 3-1: USB disconnect, device number 5 [ 135.591856][ T6290] hsr_slave_0: entered promiscuous mode [ 135.648527][ T6290] hsr_slave_1: entered promiscuous mode [ 135.691611][ T6290] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 135.708360][ T6290] Cannot create hsr debugfs directory [ 135.755674][ T6474] bridge1: entered promiscuous mode [ 135.763067][ T6474] bridge1: entered allmulticast mode [ 136.003960][ T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 136.203673][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 136.219570][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.270639][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.356553][ T8] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 137.005521][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.015533][ T8] usb 5-1: Product: syz [ 137.019730][ T8] usb 5-1: Manufacturer: syz [ 137.024932][ T8] usb 5-1: SerialNumber: syz [ 137.447838][ T6518] netlink: 20 bytes leftover after parsing attributes in process `syz.2.348'. [ 137.674025][ T25] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 137.886127][ T25] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 137.929799][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 137.944414][ T6533] netlink: 8 bytes leftover after parsing attributes in process `syz.4.339'. [ 137.971433][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 138.000554][ T6290] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 138.034900][ T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 138.035786][ T6290] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 138.092736][ T25] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 138.098400][ T6290] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 138.135986][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.150778][ T6290] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 138.171359][ T25] usb 2-1: config 0 descriptor?? [ 138.202374][ T6515] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 138.213630][ T8] cdc_ncm 5-1:1.0: SET_CRC_MODE failed [ 138.274494][ T8] cdc_ncm 5-1:1.0: bind() failure [ 138.307630][ T8] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 138.332826][ T8] cdc_ncm 5-1:1.1: bind() failure [ 138.382689][ T8] usb 5-1: USB disconnect, device number 3 [ 138.549895][ T6290] 8021q: adding VLAN 0 to HW filter on device bond0 [ 138.618383][ T6290] 8021q: adding VLAN 0 to HW filter on device team0 [ 138.637129][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.644483][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.716459][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.723690][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.727332][ T25] plantronics 0003:047F:FFFF.0007: unknown main item tag 0xd [ 138.775739][ T25] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 138.836273][ T25] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 139.632791][ T25] usb 2-1: USB disconnect, device number 4 [ 141.272087][ T6290] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.544667][ T6290] veth0_vlan: entered promiscuous mode [ 141.575666][ T6290] veth1_vlan: entered promiscuous mode [ 141.697531][ T6290] veth0_macvtap: entered promiscuous mode [ 141.770545][ T6290] veth1_macvtap: entered promiscuous mode [ 141.874446][ T6290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.904563][ T6290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.925193][ T6290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.969006][ T6290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.005997][ T6290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.020148][ T6290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.031853][ T6290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.045507][ T6290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.059251][ T6290] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 142.121892][ T6290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.167168][ T6290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.223888][ T6290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.255733][ T6290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.301373][ T6290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.318438][ T6290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.330445][ T6290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.342100][ T6290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.368084][ T6290] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 142.460908][ T6290] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.513684][ T6290] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.543204][ T6290] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.557436][ T6290] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.924568][ T25] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 143.029284][ T2868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.060717][ T2868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.149112][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.175979][ T2868] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.189137][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 143.199953][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 143.201944][ T2868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.213889][ T25] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 143.272168][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.298885][ T25] usb 4-1: config 0 descriptor?? [ 143.722067][ T25] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0 [ 143.732384][ T25] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving [ 143.750842][ T25] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 144.083158][ T5103] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 144.192170][ T6150] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.016751][ T6150] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.742864][ T6721] netlink: 20 bytes leftover after parsing attributes in process `syz.4.396'. [ 146.866998][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 146.877879][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 146.888874][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 146.897643][ T5096] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 146.918124][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 146.927380][ T5096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 146.936980][ T6150] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.219123][ T6150] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.235822][ T6734] syz.3.402[6734] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 147.235988][ T6734] syz.3.402[6734] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 147.934690][ T5096] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 148.261223][ T25] usb 4-1: USB disconnect, device number 4 [ 148.317412][ T6150] bridge_slave_1: left allmulticast mode [ 148.338103][ T6150] bridge_slave_1: left promiscuous mode [ 148.359506][ T6150] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.381362][ T6150] bridge_slave_0: left allmulticast mode [ 148.389517][ T6150] bridge_slave_0: left promiscuous mode [ 148.398112][ T6150] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.983662][ T5096] Bluetooth: hci1: command tx timeout [ 149.578674][ T6150] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 149.722138][ T6150] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 149.738754][ T6777] process 'syz.2.414' launched '/dev/fd/3' with NULL argv: empty string added [ 149.878252][ T6150] bond0 (unregistering): Released all slaves [ 150.237741][ C1] net_ratelimit: 116 callbacks suppressed [ 150.237763][ C1] eth0: bad gso: type: 1, size: 1408 [ 150.346124][ T6781] syz.2.415 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 150.749037][ T6800] Zero length message leads to an empty skb [ 151.074836][ T5096] Bluetooth: hci1: command tx timeout [ 151.399024][ T5096] Bluetooth: hci3: command tx timeout [ 151.562600][ T6723] chnl_net:caif_netlink_parms(): no params data found [ 151.696805][ T6811] netlink: 'syz.4.421': attribute type 11 has an invalid length. [ 151.760135][ T6150] hsr_slave_0: left promiscuous mode [ 151.786117][ T6150] hsr_slave_1: left promiscuous mode [ 151.809918][ T6150] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 151.853620][ T6150] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 151.906624][ T6150] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 151.921061][ T29] audit: type=1326 audit(1721768843.512:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6820 comm="syz.1.425" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f592c975f19 code=0x0 [ 151.924729][ T6150] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 152.140532][ T6150] veth1_macvtap: left promiscuous mode [ 152.332584][ T6150] veth0_macvtap: left promiscuous mode [ 152.859673][ T6150] veth1_vlan: left promiscuous mode [ 152.896495][ T6150] veth0_vlan: left promiscuous mode [ 152.902098][ C1] eth0: bad gso: type: 1, size: 1408 [ 153.143774][ T5096] Bluetooth: hci1: command tx timeout [ 153.199786][ T6839] delete_channel: no stack [ 153.265843][ T6839] sock: sock_timestamping_bind_phc: sock not bind to device [ 153.668384][ T6150] team0 (unregistering): Port device team_slave_1 removed [ 153.708598][ T6150] team0 (unregistering): Port device team_slave_0 removed [ 154.160109][ T6846] IPv6: Can't replace route, no match found [ 154.319577][ T29] audit: type=1326 audit(1721768845.922:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6855 comm="syz.4.437" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0eefb75f19 code=0x0 [ 155.969829][ T5096] Bluetooth: hci1: command tx timeout [ 156.009484][ T6863] netlink: 'syz.3.435': attribute type 21 has an invalid length. [ 156.019142][ T6863] netlink: 128 bytes leftover after parsing attributes in process `syz.3.435'. [ 156.028254][ T6863] netlink: 'syz.3.435': attribute type 4 has an invalid length. [ 156.035953][ T6863] netlink: 3 bytes leftover after parsing attributes in process `syz.3.435'. [ 156.147108][ C1] eth0: bad gso: type: 1, size: 1408 [ 156.248419][ T6723] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.285863][ T6723] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.464252][ T6723] bridge_slave_0: entered allmulticast mode [ 156.471598][ T6723] bridge_slave_0: entered promiscuous mode [ 159.943820][ T6723] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.081616][ T6723] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.151859][ T6723] bridge_slave_1: entered allmulticast mode [ 160.180404][ T6723] bridge_slave_1: entered promiscuous mode [ 160.355447][ T6723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.443462][ T6723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.535046][ T29] audit: type=1326 audit(1721768852.152:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6906 comm="syz.2.451" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb12b175f19 code=0x0 [ 160.779994][ T6723] team0: Port device team_slave_0 added [ 161.192870][ T6723] team0: Port device team_slave_1 added [ 161.794122][ T5146] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 162.077639][ T5146] usb 2-1: Using ep0 maxpacket: 16 [ 162.091600][ T5146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 162.108017][ T25] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 162.119851][ T5146] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 162.129188][ T5146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.160878][ T5146] usb 2-1: config 0 descriptor?? [ 162.358015][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 162.381096][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 162.391358][ T25] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 162.403069][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.422991][ T25] usb 3-1: config 0 descriptor?? [ 162.600561][ T6915] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 162.625642][ T6915] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 162.659198][ T5146] hid-generic 0003:0158:0100.0009: unknown main item tag 0x1 [ 162.668537][ T5146] hid-generic 0003:0158:0100.0009: unexpected long global item [ 162.696287][ T5146] hid-generic 0003:0158:0100.0009: probe with driver hid-generic failed with error -22 [ 162.868100][ T5146] usb 2-1: USB disconnect, device number 5 [ 163.028327][ T25] logitech-djreceiver 0003:046D:C71B.000A: hidraw0: USB HID v0.00 Device [HID 046d:c71b] on usb-dummy_hcd.2-1/input0 [ 163.469860][ T6945] netlink: 296 bytes leftover after parsing attributes in process `syz.1.462'. [ 163.491289][ T6945] unsupported nlmsg_type 40 [ 164.261774][ T6723] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 164.269652][ T6723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.296180][ T25] usb 3-1: reset high-speed USB device number 6 using dummy_hcd [ 164.309912][ T6723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 164.351870][ T6723] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 164.359443][ T6723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.386171][ T6723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 164.799493][ T6723] hsr_slave_0: entered promiscuous mode [ 165.228108][ T6723] hsr_slave_1: entered promiscuous mode [ 165.535501][ T5092] usb 3-1: USB disconnect, device number 6 [ 165.560454][ T6723] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 165.630368][ T6723] Cannot create hsr debugfs directory [ 165.672325][ T29] audit: type=1326 audit(1721768857.282:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6958 comm="syz.4.468" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0eefb75f19 code=0x0 [ 165.743929][ T6964] fuse: Unknown parameter '0x0000000000000008' [ 166.958643][ T6992] xt_l2tp: wrong L2TP version: 0 [ 167.034434][ T6996] mmap: syz.4.478 (6996) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 167.534720][ T5146] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 168.371860][ T5146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.420568][ T5146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.450170][ T5146] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 168.473063][ T5146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.521988][ T5146] usb 2-1: config 0 descriptor?? [ 168.639587][ T7030] xt_l2tp: wrong L2TP version: 0 [ 168.755145][ T7026] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 169.075016][ T5146] logitech-djreceiver 0003:046D:C71B.000B: hidraw0: USB HID v0.00 Device [HID 046d:c71b] on usb-dummy_hcd.1-1/input0 [ 170.340069][ T7058] xt_l2tp: wrong L2TP version: 0 [ 170.376927][ T8] usb 2-1: reset high-speed USB device number 6 using dummy_hcd [ 170.454164][ T5146] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 170.645841][ T5146] usb 5-1: Using ep0 maxpacket: 32 [ 170.659141][ T5146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.670242][ T5146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.685195][ T5146] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 170.698774][ T5146] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.719325][ T5146] usb 5-1: config 0 descriptor?? [ 170.738764][ T5146] hub 5-1:0.0: USB hub found [ 170.867999][ T7060] netlink: 'syz.3.502': attribute type 2 has an invalid length. [ 170.935108][ C1] eth0: bad gso: type: 1, size: 1408 [ 170.972510][ T5146] hub 5-1:0.0: 1 port detected [ 171.179822][ T5146] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 171.198607][ T5146] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 171.212168][ T5146] usbhid 5-1:0.0: can't add hid device: -71 [ 171.218603][ T5146] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 171.322509][ T5146] usb 5-1: USB disconnect, device number 4 [ 171.344112][ T5092] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 171.614200][ T5092] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 171.728056][ T5092] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.147590][ T5092] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 172.342045][ T57] usb 2-1: USB disconnect, device number 6 [ 172.409142][ T5092] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 172.468798][ T5092] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 172.508555][ T5092] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 172.547478][ T5092] usb 3-1: Manufacturer: syz [ 172.598633][ T5092] usb 3-1: config 0 descriptor?? [ 172.617443][ T6723] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 172.647997][ T7093] netlink: 8 bytes leftover after parsing attributes in process `syz.4.512'. [ 172.695257][ T6723] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 172.748082][ T6723] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 172.812405][ T6723] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 173.079503][ T5092] appleir 0003:05AC:8243.000C: No inputs registered, leaving [ 173.876237][ T5092] appleir 0003:05AC:8243.000C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 174.044012][ T7111] netlink: 'syz.4.516': attribute type 2 has an invalid length. [ 174.066687][ T6723] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.141540][ T6723] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.213527][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.220693][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.271900][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.279125][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.346794][ T7122] netlink: 16 bytes leftover after parsing attributes in process `syz.3.520'. [ 174.362965][ T8] usb 3-1: USB disconnect, device number 7 [ 174.672553][ T7138] dccp_invalid_packet: P.Data Offset(19) too large [ 174.788240][ T7133] syz.1.522 (7133) used greatest stack depth: 18496 bytes left [ 175.059368][ T6723] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 176.078169][ T6723] veth0_vlan: entered promiscuous mode [ 176.304504][ T6723] veth1_vlan: entered promiscuous mode [ 176.422224][ T7175] netlink: 16 bytes leftover after parsing attributes in process `syz.1.533'. [ 176.543383][ T6723] veth0_macvtap: entered promiscuous mode [ 176.602782][ T6723] veth1_macvtap: entered promiscuous mode [ 176.669757][ T6723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.702437][ T6723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.723290][ T6723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.753045][ T6723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.773446][ T6723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.812416][ T6723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.838853][ T6723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.859792][ T6723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.901067][ T6723] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 176.908456][ T7184] syz.1.535 (7184) used greatest stack depth: 17664 bytes left [ 176.950506][ T7192] dccp_invalid_packet: P.Data Offset(19) too large [ 176.977068][ T6723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.000269][ T6723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.020372][ T6723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.053825][ T6723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.075471][ T6723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.093632][ T6723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.123713][ T6723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.135566][ T6723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.149155][ T6723] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 177.179459][ T6723] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.198236][ T6723] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.241941][ T6723] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.261000][ T6723] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.271767][ C1] eth0: bad gso: type: 1, size: 1408 [ 177.515220][ T2836] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 177.523086][ T2836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.616761][ T2836] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 177.646009][ T2836] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 179.710799][ C1] eth0: bad gso: type: 1, size: 1408 [ 179.889725][ T7281] tmpfs: Bad value for 'mpol' [ 180.133558][ T29] audit: type=1326 audit(1721768871.722:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7263 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x7fc00000 [ 180.295477][ T1051] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.450520][ T1051] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.536375][ T1051] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.616988][ T1051] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.795673][ T1051] bridge_slave_1: left allmulticast mode [ 180.802362][ T1051] bridge_slave_1: left promiscuous mode [ 180.809941][ T1051] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.831280][ T1051] bridge_slave_0: left allmulticast mode [ 180.842706][ T1051] bridge_slave_0: left promiscuous mode [ 180.850860][ T1051] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.914452][ T7321] netlink: 16 bytes leftover after parsing attributes in process `syz.3.563'. [ 181.588102][ T5103] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 181.599635][ T5103] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 181.618010][ T5103] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 181.794268][ T5103] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 181.809171][ T5103] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 181.819701][ T5103] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 183.676232][ T7358] tmpfs: Bad value for 'mpol' [ 183.813972][ T1051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 183.832172][ T1051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 183.856443][ T1051] bond0 (unregistering): Released all slaves [ 183.951266][ T5103] Bluetooth: hci1: command tx timeout [ 184.378921][ T7372] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22) [ 184.767928][ T7398] netlink: 12 bytes leftover after parsing attributes in process `syz.1.581'. [ 184.829803][ C1] eth0: bad gso: type: 1, size: 1408 [ 184.922469][ T1051] hsr_slave_0: left promiscuous mode [ 184.947255][ T1051] hsr_slave_1: left promiscuous mode [ 184.959517][ T1051] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.977523][ T1051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.990333][ T1051] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.999302][ T1051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 185.026902][ T1051] veth1_macvtap: left promiscuous mode [ 185.034492][ T1051] veth0_macvtap: left promiscuous mode [ 185.043552][ T1051] veth1_vlan: left promiscuous mode [ 185.055638][ T1051] veth0_vlan: left promiscuous mode [ 186.075437][ T5109] Bluetooth: hci1: command tx timeout [ 186.354491][ T5109] Bluetooth: hci3: command 0x0406 tx timeout [ 186.355367][ T5100] Bluetooth: hci4: command 0x0406 tx timeout [ 186.627713][ T29] audit: type=1326 audit(1721768878.242:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7422 comm="syz.4.588" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0eefb75f19 code=0x0 [ 186.778361][ T1051] team0 (unregistering): Port device team_slave_1 removed [ 186.822726][ T1051] team0 (unregistering): Port device team_slave_0 removed [ 187.626934][ T7342] chnl_net:caif_netlink_parms(): no params data found [ 188.113676][ T5096] Bluetooth: hci1: command tx timeout [ 188.830010][ T7342] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.879328][ T7342] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.897511][ T7342] bridge_slave_0: entered allmulticast mode [ 188.925580][ T7342] bridge_slave_0: entered promiscuous mode [ 188.944899][ T7342] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.952799][ T7342] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.062189][ T7342] bridge_slave_1: entered allmulticast mode [ 189.425862][ T7342] bridge_slave_1: entered promiscuous mode [ 189.778967][ T7490] netlink: 40 bytes leftover after parsing attributes in process `syz.3.604'. [ 190.274849][ T5103] Bluetooth: hci1: command tx timeout [ 190.411418][ T7503] vhci_hcd: invalid port number 32 [ 190.420785][ T7503] vhci_hcd: default hub control req: 6000 v0080 i0020 l0 [ 190.428534][ T7342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.467983][ T7342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.108653][ T7509] netlink: 16 bytes leftover after parsing attributes in process `syz.1.610'. [ 191.150766][ T7342] team0: Port device team_slave_0 added [ 191.564553][ T7342] team0: Port device team_slave_1 added [ 191.748947][ T7342] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.764795][ C1] eth0: bad gso: type: 1, size: 1408 [ 191.779320][ T7342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.892713][ T7342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.921895][ T7342] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.933126][ T7342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.964131][ T7533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.616'. [ 192.029815][ T7342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.266953][ T7542] netlink: 40 bytes leftover after parsing attributes in process `syz.3.618'. [ 192.428542][ T7342] hsr_slave_0: entered promiscuous mode [ 192.447634][ T7342] hsr_slave_1: entered promiscuous mode [ 193.243669][ T7342] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 193.406681][ T7342] Cannot create hsr debugfs directory [ 193.505410][ T7559] netlink: 277 bytes leftover after parsing attributes in process `syz.3.621'. [ 193.718429][ T7561] netlink: 8 bytes leftover after parsing attributes in process `syz.4.624'. [ 193.814279][ T8] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 194.024175][ T8] usb 4-1: device descriptor read/64, error -71 [ 194.735964][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.744352][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.865953][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 196.074081][ T8] usb 4-1: device descriptor read/64, error -71 [ 196.193986][ T8] usb usb4-port1: attempt power cycle [ 196.705402][ T7591] netlink: 40 bytes leftover after parsing attributes in process `syz.3.631'. [ 196.829743][ T5092] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 197.036992][ T5092] usb 5-1: config 0 interface 0 has no altsetting 0 [ 197.062503][ T5092] usb 5-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 197.107278][ T5092] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.194721][ T5092] usb 5-1: config 0 descriptor?? [ 197.370362][ T7342] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 197.396579][ T7342] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 197.433337][ T7342] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 197.483656][ T7342] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 197.698819][ T7342] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.716480][ T7623] netlink: 104 bytes leftover after parsing attributes in process `syz.4.630'. [ 197.772282][ T5092] video4linux radio32: keene_cmd_main failed (-71) [ 197.785412][ T7342] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.806990][ T5092] radio-keene 5-1:0.0: V4L2 device registered as radio32 [ 197.834005][ T5092] usb 5-1: USB disconnect, device number 5 [ 197.937669][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.944913][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.997384][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.004730][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.171750][ T7342] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 198.250528][ T7638] netlink: 8 bytes leftover after parsing attributes in process `syz.3.642'. [ 198.407859][ T7647] MTD: Couldn't look up 'mountinfo': -2 [ 199.117752][ T7342] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.366935][ T7342] veth0_vlan: entered promiscuous mode [ 199.378304][ T7342] veth1_vlan: entered promiscuous mode [ 200.223732][ T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 200.335179][ T7679] warning: `syz.3.651' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 200.483564][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 200.521643][ T7342] veth0_macvtap: entered promiscuous mode [ 200.540888][ T8] usb 2-1: config 0 interface 0 has no altsetting 0 [ 200.563673][ T8] usb 2-1: New USB device found, idVendor=07ca, idProduct=a868, bcdDevice=c4.d4 [ 200.578282][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.604909][ T8] usb 2-1: config 0 descriptor?? [ 200.644662][ T8] dvb-usb: found a 'AVerMedia AVerTVHD Volar (A868R)' in warm state. [ 200.646047][ T7342] veth1_macvtap: entered promiscuous mode [ 200.675278][ T8] usb 2-1: selecting invalid altsetting 0 [ 200.712465][ T8] cxusb: set interface failed [ 200.719441][ T8] dvb-usb: bulk message failed: -22 (1/0) [ 200.751380][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.759023][ T8] dvb-usb: AVerMedia AVerTVHD Volar (A868R) error while loading driver (-22) [ 200.790224][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.804885][ T8] dvb_usb_cxusb 2-1:0.0: probe with driver dvb_usb_cxusb failed with error -22 [ 200.842033][ T8] usb 2-1: USB disconnect, device number 7 [ 200.863656][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.864037][ T57] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 200.914198][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.985684][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 201.008359][ C1] eth0: bad gso: type: 1, size: 1408 [ 201.026805][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.073552][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 201.103681][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.123650][ T57] usb 3-1: Using ep0 maxpacket: 16 [ 201.125305][ T7342] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.156681][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.187847][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.188030][ T57] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 201.220199][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.271994][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.303262][ T57] usb 3-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=8b.57 [ 201.308333][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.333155][ T57] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.363627][ T57] usb 3-1: Product: syz [ 201.379950][ T57] usb 3-1: Manufacturer: syz [ 201.390079][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.405429][ T57] usb 3-1: SerialNumber: syz [ 201.422274][ T57] usb 3-1: config 0 descriptor?? [ 201.427417][ T7342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.427439][ T7342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.428901][ T7342] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.448934][ T7681] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 201.473233][ T57] port100 3-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint [ 201.521516][ T7711] netlink: 'syz.1.660': attribute type 3 has an invalid length. [ 201.529470][ T7711] netlink: 48 bytes leftover after parsing attributes in process `syz.1.660'. [ 201.552385][ T7711] netlink: 'syz.1.660': attribute type 3 has an invalid length. [ 201.560425][ T7706] netlink: 12 bytes leftover after parsing attributes in process `syz.3.658'. [ 201.596559][ T7711] netlink: 48 bytes leftover after parsing attributes in process `syz.1.660'. [ 201.671664][ T7711] netlink: 16 bytes leftover after parsing attributes in process `syz.1.660'. [ 201.696758][ T7342] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.759121][ T7342] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.759340][ T1475] usb 3-1: USB disconnect, device number 8 [ 201.773769][ T7342] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.773806][ T7342] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.779262][ T7711] netlink: 16 bytes leftover after parsing attributes in process `syz.1.660'. [ 201.831128][ T7711] netlink: 8 bytes leftover after parsing attributes in process `syz.1.660'. [ 202.702243][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.741866][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.800469][ T6150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.822556][ T6150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.965526][ T8] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 203.089800][ T7753] netlink: 209840 bytes leftover after parsing attributes in process `syz.3.672'. [ 203.195655][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 203.207451][ T8] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 203.224563][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.257236][ T8] usb 5-1: config 0 descriptor?? [ 203.270753][ T8] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 204.390494][ T8] gspca_vc032x: reg_r err -110 [ 204.395504][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.400820][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.408265][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.414228][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.419544][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.426593][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.431903][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.437701][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.443247][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.450174][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.470148][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.510480][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.544723][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.562360][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.570403][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.587007][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.592403][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.605665][ T8] gspca_vc032x: I2c Bus Busy Wait 00 [ 204.796414][ T8] gspca_vc032x: Unknown sensor... [ 204.801925][ T8] vc032x 5-1:0.0: probe with driver vc032x failed with error -22 [ 204.847134][ T7783] ======================================================= [ 204.847134][ T7783] WARNING: The mand mount option has been deprecated and [ 204.847134][ T7783] and is ignored by this kernel. Remove the mand [ 204.847134][ T7783] option from the mount to silence this warning. [ 204.847134][ T7783] ======================================================= [ 204.900874][ T7784] tipc: Started in network mode [ 204.906034][ T7784] tipc: Node identity , cluster identity 4711 [ 204.912114][ T7784] tipc: Failed to set node id, please configure manually [ 204.919230][ T7784] tipc: Enabling of bearer rejected, failed to enable media [ 205.387472][ T29] audit: type=1326 audit(1721768896.542:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7778 comm="syz.3.680" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x0 [ 205.754371][ T8] usb 5-1: USB disconnect, device number 6 [ 209.302031][ T2450] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.452631][ T7809] netlink: 209840 bytes leftover after parsing attributes in process `syz.2.684'. [ 209.503364][ T2450] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.735735][ T2450] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.934533][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 209.964009][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 209.974222][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 209.983544][ T5096] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 209.992945][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 210.000630][ T5096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 210.499345][ T2450] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.025556][ T2450] bridge_slave_1: left allmulticast mode [ 211.157328][ T2450] bridge_slave_1: left promiscuous mode [ 211.226012][ T7854] MTD: Couldn't look up 'mountinfo': -2 [ 211.264806][ T2450] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.555452][ T2450] bridge_slave_0: left allmulticast mode [ 211.588633][ T2450] bridge_slave_0: left promiscuous mode [ 211.620636][ T2450] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.145224][ T5103] Bluetooth: hci1: command tx timeout [ 212.436101][ T5103] Bluetooth: hci4: command 0x0406 tx timeout [ 214.188686][ T5103] Bluetooth: hci1: command tx timeout [ 214.648842][ T2450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 214.684648][ T2450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 214.726404][ T2450] bond0 (unregistering): Released all slaves [ 214.875891][ T7891] MTD: Couldn't look up 'mountinfo': -2 [ 215.720182][ T7899] input: syz0 as /devices/virtual/input/input11 [ 216.338746][ T5103] Bluetooth: hci1: command tx timeout [ 216.541789][ T7899] IPv6: NLM_F_CREATE should be specified when creating new route [ 216.932449][ T7827] chnl_net:caif_netlink_parms(): no params data found [ 217.265700][ T29] audit: type=1326 audit(1721768908.882:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7921 comm="syz.2.721" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb12b175f19 code=0x0 [ 217.655318][ T7936] tipc: Started in network mode [ 217.660258][ T7936] tipc: Node identity , cluster identity 4711 [ 217.666596][ T7936] tipc: Failed to set node id, please configure manually [ 217.673731][ T7936] tipc: Enabling of bearer rejected, failed to enable media [ 217.867655][ T2450] hsr_slave_0: left promiscuous mode [ 217.910095][ T2450] hsr_slave_1: left promiscuous mode [ 217.944388][ T2450] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 217.972065][ T2450] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 218.016603][ T2450] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 218.046730][ T2450] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 218.140848][ T2450] veth1_macvtap: left promiscuous mode [ 218.151142][ T2450] veth0_macvtap: left promiscuous mode [ 218.160134][ T2450] veth1_vlan: left promiscuous mode [ 218.171225][ T2450] veth0_vlan: left promiscuous mode [ 218.423774][ T5103] Bluetooth: hci1: command tx timeout [ 220.262934][ T2450] team0 (unregistering): Port device team_slave_1 removed [ 220.309652][ T2450] team0 (unregistering): Port device team_slave_0 removed [ 220.393732][ T66] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 220.626708][ T66] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 220.639376][ T66] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 220.650084][ T66] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 220.673710][ T66] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 220.682828][ T66] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.692011][ T66] usb 4-1: Product: syz [ 220.698736][ T66] usb 4-1: Manufacturer: syz [ 220.703807][ T66] usb 4-1: SerialNumber: syz [ 220.731985][ T66] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found [ 220.739498][ T66] cdc_ncm 4-1:1.0: bind() failure [ 221.069630][ T7827] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.108973][ T7827] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.147432][ T7827] bridge_slave_0: entered allmulticast mode [ 221.176204][ T7827] bridge_slave_0: entered promiscuous mode [ 221.212685][ T7827] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.222088][ T7827] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.245774][ T7827] bridge_slave_1: entered allmulticast mode [ 221.282562][ T7827] bridge_slave_1: entered promiscuous mode [ 221.370708][ T7827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 221.468280][ T7827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.560198][ T7827] team0: Port device team_slave_0 added [ 221.635735][ T7827] team0: Port device team_slave_1 added [ 221.756996][ T29] audit: type=1326 audit(1721768913.372:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7995 comm="syz.1.743" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f592c975f19 code=0x0 [ 221.861427][ T7827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 221.879096][ T7827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.930320][ T7827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 221.968258][ T8005] nftables ruleset with unbound chain [ 221.975671][ T7827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.993205][ T7827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.075205][ T7827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 222.130701][ T8013] syz.2.747: attempt to access beyond end of device [ 222.130701][ T8013] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 222.173628][ T8013] exFAT-fs (nbd2): unable to read boot sector [ 222.199697][ T8013] exFAT-fs (nbd2): failed to read boot sector [ 222.214955][ T8013] exFAT-fs (nbd2): failed to recognize exfat type [ 222.216842][ T7827] hsr_slave_0: entered promiscuous mode [ 222.232717][ T7827] hsr_slave_1: entered promiscuous mode [ 222.241854][ T7827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 222.257866][ T7827] Cannot create hsr debugfs directory [ 222.326073][ T5173] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 222.531489][ T5173] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 222.549398][ T5173] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.574326][ T5173] usb 5-1: Product: syz [ 222.578540][ T5173] usb 5-1: Manufacturer: syz [ 222.603337][ T5173] usb 5-1: SerialNumber: syz [ 222.629363][ T5173] usb 5-1: config 0 descriptor?? [ 222.676769][ T5173] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 007 [ 223.056302][ T5173] (null): failure setting delay to 10us [ 223.087856][ T5173] i2c-tiny-usb 5-1:0.0: probe with driver i2c-tiny-usb failed with error -5 [ 223.131688][ T5173] usb 5-1: USB disconnect, device number 7 [ 223.276408][ T7827] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 223.305614][ T7827] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 223.326701][ T7827] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 223.340531][ T7827] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 223.480661][ T7827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.555065][ T7827] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.606823][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.614104][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.702621][ T5173] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.709883][ T5173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.872209][ T7827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.928369][ T25] usb 4-1: USB disconnect, device number 8 [ 224.763984][ T7827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.100133][ T8094] netlink: 'syz.4.763': attribute type 10 has an invalid length. [ 225.153972][ T8094] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.162906][ T8094] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.222264][ T8094] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.229539][ T8094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.238304][ T8094] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.245526][ T8094] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.281599][ T8094] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 225.382431][ T7827] veth0_vlan: entered promiscuous mode [ 225.571931][ T7827] veth1_vlan: entered promiscuous mode [ 226.024428][ T7827] veth0_macvtap: entered promiscuous mode [ 226.041857][ T7827] veth1_macvtap: entered promiscuous mode [ 226.076171][ T7827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.090995][ T7827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.120557][ T7827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.141507][ T7827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.175051][ T7827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.195782][ T7827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.212248][ T7827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.253627][ T7827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.275799][ T7827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.346475][ T7827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.401180][ T7827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.443981][ T7827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.470140][ T7827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.499811][ T7827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.552999][ T7827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.593677][ T7827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.629198][ T7827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.651252][ T7827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.716719][ T7827] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.743714][ T7827] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.780906][ T7827] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.810622][ T7827] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.619352][ T2836] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.905370][ T2836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.050323][ T1051] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.070836][ T1051] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.097255][ T8159] netlink: 'syz.1.777': attribute type 10 has an invalid length. [ 228.116282][ T8159] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.123985][ T8159] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.192728][ T8159] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.200034][ T8159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.207564][ T8159] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.214801][ T8159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.310089][ T8159] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 228.438412][ T8172] overlayfs: unescaped trailing colons in lowerdir mount option. [ 228.726289][ T8183] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.781'. [ 228.765464][ T8183] openvswitch: netlink: Geneve option length err (len 3060, max 255). [ 229.723996][ T57] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 230.009374][ T57] usb 3-1: Using ep0 maxpacket: 32 [ 230.041818][ T57] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=99.d3 [ 230.072942][ T57] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.201867][ T8215] MTD: Couldn't look up 'mountinfo': -2 [ 230.274220][ T57] usb 3-1: Product: syz [ 230.319937][ T57] usb 3-1: Manufacturer: syz [ 230.370470][ T57] usb 3-1: SerialNumber: syz [ 230.472416][ T57] usb 3-1: config 0 descriptor?? [ 230.502615][ T57] radio-si470x 3-1:0.0: could not find interrupt in endpoint [ 230.510439][ T57] radio-si470x 3-1:0.0: probe with driver radio-si470x failed with error -5 [ 231.170677][ T57] radio-raremono 3-1:0.0: this is not Thanko's Raremono. [ 231.178420][ T57] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 231.203641][ T57] usb 3-1: USB disconnect, device number 9 [ 231.429671][ T2836] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.612821][ T2836] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.613781][ T66] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 231.735884][ T2836] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.874033][ T66] usb 4-1: Using ep0 maxpacket: 32 [ 231.881529][ T66] usb 4-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=e7.87 [ 231.923641][ T66] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.962023][ T66] usb 4-1: probing VID:PID(2201:012C) [ 231.986537][ T8165] syz.4.778 (8165): drop_caches: 2 [ 231.996834][ T66] usb 4-1: Could not find two sets of bulk-in/out endpoint pairs [ 231.999311][ T2836] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.036720][ T66] vub300 4-1:32.0: probe with driver vub300 failed with error -22 [ 232.240640][ T5139] usb 4-1: USB disconnect, device number 9 [ 232.258737][ T2836] bridge_slave_1: left allmulticast mode [ 232.278578][ T2836] bridge_slave_1: left promiscuous mode [ 232.294122][ T2836] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.322982][ T2836] bridge_slave_0: left allmulticast mode [ 232.352605][ T2836] bridge_slave_0: left promiscuous mode [ 232.383185][ T2836] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.389286][ T8168] syz.4.778 (8168): drop_caches: 2 [ 232.881492][ C1] eth0: bad gso: type: 1, size: 1408 [ 233.099968][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 233.111533][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 233.126140][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 233.134654][ T5096] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 233.142220][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 233.151906][ T5096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 233.546744][ T8277] Invalid ELF header type: 0 != 1 [ 233.755745][ T2836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 233.777093][ T2836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 233.789205][ T2836] bond0 (unregistering): Released all slaves [ 234.273222][ T8] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 234.643712][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 234.900745][ T8] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 150, changing to 11 [ 234.917085][ T8] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 234.929485][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.141854][ T8] hub 3-1:4.0: USB hub found [ 235.304796][ T5103] Bluetooth: hci1: command tx timeout [ 235.362578][ T8] hub 3-1:4.0: 2 ports detected [ 235.484500][ T8305] binder: BINDER_SET_CONTEXT_MGR already set [ 235.523214][ T8305] binder: 8302:8305 ioctl 4018620d 20000100 returned -16 [ 235.562456][ T8] hub 3-1:4.0: hub_hub_status failed (err = -71) [ 235.587309][ T8305] binder: 8302:8305 ioctl c018620c 20000000 returned -1 [ 235.603557][ T8] hub 3-1:4.0: config failed, can't get hub status (err -71) [ 235.665268][ T8] usb 3-1: USB disconnect, device number 10 [ 235.844370][ T8320] sd 0:0:1:0: device reset [ 235.934463][ T8328] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 25 (only 8 groups) [ 235.957058][ T2836] hsr_slave_0: left promiscuous mode [ 235.989496][ T2836] hsr_slave_1: left promiscuous mode [ 236.023231][ T2836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 236.034692][ T2836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 236.043189][ T2836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 236.051554][ T2836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 236.085355][ T2836] veth1_macvtap: left promiscuous mode [ 236.090951][ T2836] veth0_macvtap: left promiscuous mode [ 236.097078][ T2836] veth1_vlan: left promiscuous mode [ 236.102468][ T2836] veth0_vlan: left promiscuous mode [ 236.458794][ T8345] kAFS: No cell specified [ 236.846492][ T5103] Bluetooth: hci3: hardware error 0x00 [ 236.978797][ T8360] sock: sock_set_timeout: `syz.2.825' (pid 8360) tries to set negative timeout [ 237.113142][ T2836] team0 (unregistering): Port device team_slave_1 removed [ 237.160840][ T2836] team0 (unregistering): Port device team_slave_0 removed [ 237.383776][ T5096] Bluetooth: hci1: command tx timeout [ 237.667198][ T8264] chnl_net:caif_netlink_parms(): no params data found [ 237.887837][ T8369] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 25 (only 8 groups) [ 238.125477][ T8264] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.132639][ T8264] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.200190][ T8264] bridge_slave_0: entered allmulticast mode [ 238.233107][ T8264] bridge_slave_0: entered promiscuous mode [ 238.262933][ T8264] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.286557][ T8264] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.312252][ T8264] bridge_slave_1: entered allmulticast mode [ 238.359496][ T8264] bridge_slave_1: entered promiscuous mode [ 238.482045][ T8397] kAFS: No cell specified [ 238.490184][ T8392] 8021q: adding VLAN 0 to HW filter on device bond0 [ 238.540477][ T8392] bond0: (slave rose0): Enslaving as an active interface with an up link [ 238.653332][ T8264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.699402][ T8264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.904186][ T5103] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 238.994525][ T8264] team0: Port device team_slave_0 added [ 239.016727][ T8264] team0: Port device team_slave_1 added [ 239.169169][ T8264] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 239.179268][ T8422] Smack: duplicate mount options [ 239.180758][ T8264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.210334][ C0] vkms_vblank_simulate: vblank timer overrun [ 239.285141][ T8425] devtmpfs: Unknown parameter 'posixacl' [ 239.479764][ T8264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 239.505018][ T5103] Bluetooth: hci1: command tx timeout [ 239.706806][ T8423] netlink: 4 bytes leftover after parsing attributes in process `syz.2.841'. [ 240.090312][ T8264] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 240.097547][ T8264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 240.123591][ C0] vkms_vblank_simulate: vblank timer overrun [ 240.131363][ T8264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 240.168660][ T8427] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 240.317805][ T8264] hsr_slave_0: entered promiscuous mode [ 240.340960][ T8264] hsr_slave_1: entered promiscuous mode [ 240.347630][ T8264] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 240.362706][ T8264] Cannot create hsr debugfs directory [ 240.370325][ T29] audit: type=1326 audit(1721768931.982:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 240.397826][ T8431] netlink: 8 bytes leftover after parsing attributes in process `syz.3.847'. [ 240.449469][ T8431] veth2: entered promiscuous mode [ 240.459287][ T29] audit: type=1326 audit(1721768931.982:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 240.474608][ T8442] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 240.474608][ T8442] The task syz.3.847 (8442) triggered the difference, watch for misbehavior. [ 240.537952][ T29] audit: type=1326 audit(1721768932.002:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 240.549232][ T8431] veth2: entered allmulticast mode [ 240.624790][ T29] audit: type=1326 audit(1721768932.012:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 240.715341][ T29] audit: type=1326 audit(1721768932.012:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 240.779217][ T29] audit: type=1326 audit(1721768932.022:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 240.807965][ T29] audit: type=1326 audit(1721768932.022:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 240.863155][ T8457] SET target dimension over the limit! [ 240.871767][ T29] audit: type=1326 audit(1721768932.022:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 241.026525][ T29] audit: type=1326 audit(1721768932.022:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 241.055477][ T8453] Bluetooth: MGMT ver 1.23 [ 241.056967][ T29] audit: type=1326 audit(1721768932.022:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8430 comm="syz.3.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x7ffc0000 [ 241.564388][ T5103] Bluetooth: hci1: command tx timeout [ 242.251029][ T2836] tipc: Subscription rejected, illegal request [ 244.017338][ T8494] IPv6: ÿÿÿÿÿÿÿÿ,: Disabled Multicast RS [ 244.100661][ T8507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.866'. [ 244.141676][ T8507] veth2: entered promiscuous mode [ 244.215051][ T8507] veth2: entered allmulticast mode [ 244.996836][ T8264] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 245.052883][ T8264] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 245.119315][ T8264] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 245.129714][ T2868] tipc: Subscription rejected, illegal request [ 245.247033][ T8264] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 245.616203][ T8264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 245.698114][ T8264] 8021q: adding VLAN 0 to HW filter on device team0 [ 245.742021][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.749265][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.770706][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.777868][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.876511][ T8565] netlink: 'syz.4.880': attribute type 27 has an invalid length. [ 246.390877][ T2868] tipc: Subscription rejected, illegal request [ 246.528884][ T8565] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.536179][ T8565] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.702519][ T8565] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 247.727589][ T8565] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 247.749486][ T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 247.944093][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 247.956630][ T25] usb 2-1: New USB device found, idVendor=04b4, idProduct=861f, bcdDevice=f9.d6 [ 247.966010][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.977585][ T25] usb 2-1: config 0 descriptor?? [ 247.990091][ T25] usb 2-1: dvb_usb_v2: found a 'Anysee' in warm state [ 247.997637][ T25] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 248.006821][ T25] dvb_usb_anysee 2-1:0.0: probe with driver dvb_usb_anysee failed with error -22 [ 248.088579][ T8565] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.098136][ T8565] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.107557][ T8565] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.117215][ T8565] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.883805][ T5173] usb 2-1: USB disconnect, device number 8 [ 250.532074][ T8264] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.714859][ T11] tipc: Subscription rejected, illegal request [ 250.880257][ T8264] veth0_vlan: entered promiscuous mode [ 251.152722][ T8264] veth1_vlan: entered promiscuous mode [ 251.634160][ T8264] veth0_macvtap: entered promiscuous mode [ 251.717740][ T8264] veth1_macvtap: entered promiscuous mode [ 251.793667][ T8654] netlink: 'syz.1.901': attribute type 27 has an invalid length. [ 252.946607][ T1475] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 253.201909][ T8654] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.209421][ T8654] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.217053][ T1475] usb 5-1: Using ep0 maxpacket: 32 [ 253.227513][ T1475] usb 5-1: New USB device found, idVendor=04b4, idProduct=861f, bcdDevice=f9.d6 [ 253.241597][ T1475] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.282223][ T1475] usb 5-1: config 0 descriptor?? [ 253.308411][ T1475] usb 5-1: dvb_usb_v2: found a 'Anysee' in warm state [ 253.325594][ T1475] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 253.360956][ T1475] dvb_usb_anysee 5-1:0.0: probe with driver dvb_usb_anysee failed with error -22 [ 253.753957][ T8654] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 253.778858][ T8654] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 254.089418][ T8654] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.103836][ T8654] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.112736][ T8654] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.129469][ T8654] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.233326][ T8654] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.242693][ T8654] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.252256][ T8654] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.261554][ T8654] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.277595][ T8654] vxlan0: left promiscuous mode [ 254.401152][ T8264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 254.421982][ T8264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.444393][ T8264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 254.462549][ T8264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.475518][ T8264] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 254.515359][ T8264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 254.534902][ T8264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.554003][ T8264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 254.568679][ T8264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.585493][ T8264] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 254.627497][ T8264] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.653552][ T8264] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.665286][ T8264] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.676430][ T8264] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.182281][ T8718] netlink: 20 bytes leftover after parsing attributes in process `syz.2.910'. [ 255.191777][ T8718] netlink: 'syz.2.910': attribute type 1 has an invalid length. [ 255.718596][ T5144] usb 5-1: USB disconnect, device number 8 [ 256.548590][ T1244] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.557175][ T1244] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.649815][ T8772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.682067][ T8772] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.820710][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.854194][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 259.191211][ T8811] netlink: 16 bytes leftover after parsing attributes in process `syz.2.921'. [ 259.453196][ T8821] zonefs (nullb0) ERROR: Not a zoned block device [ 259.471151][ T67] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 259.753137][ T8811] mkiss: ax0: crc mode is auto. [ 259.901089][ T67] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.080613][ T67] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.278166][ T67] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.534212][ T67] bridge_slave_1: left allmulticast mode [ 260.539904][ T67] bridge_slave_1: left promiscuous mode [ 260.547641][ T67] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.557743][ T67] bridge_slave_0: left allmulticast mode [ 260.563424][ T67] bridge_slave_0: left promiscuous mode [ 260.570173][ T67] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.779017][ T8839] fuse: Unknown parameter '0x0000000000000004' [ 260.896369][ T8839] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 261.272843][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 261.284176][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 261.294356][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 261.303206][ T5096] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 261.312573][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 261.320707][ T5096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 263.404189][ T5103] Bluetooth: hci1: command tx timeout [ 263.698151][ T67] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 264.010836][ T67] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 264.065567][ T67] bond0 (unregistering): Released all slaves [ 264.104601][ T8845] netlink: 8 bytes leftover after parsing attributes in process `syz.1.927'. [ 264.150206][ T5096] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 264.168044][ T5096] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 264.177825][ T5096] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 264.191826][ T5096] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 264.206751][ T5096] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 264.215392][ T5096] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 264.230509][ T8879] netlink: 16 bytes leftover after parsing attributes in process `syz.3.935'. [ 264.559202][ T8879] mkiss: ax0: crc mode is auto. [ 264.725085][ T8886] netlink: 20 bytes leftover after parsing attributes in process `syz.1.936'. [ 264.734112][ T8886] netlink: 'syz.1.936': attribute type 1 has an invalid length. [ 265.474053][ T5096] Bluetooth: hci1: command tx timeout [ 266.375438][ T5096] Bluetooth: hci0: command tx timeout [ 266.961075][ T67] hsr_slave_0: left promiscuous mode [ 266.980712][ T67] hsr_slave_1: left promiscuous mode [ 267.035073][ T67] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 267.042947][ T67] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 267.063165][ T67] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 267.089610][ T67] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 267.227723][ T67] veth1_macvtap: left promiscuous mode [ 267.233326][ T67] veth0_macvtap: left promiscuous mode [ 267.251419][ T67] veth1_vlan: left promiscuous mode [ 267.257207][ T67] veth0_vlan: left promiscuous mode [ 267.543618][ T5096] Bluetooth: hci1: command tx timeout [ 268.278481][ T67] team0 (unregistering): Port device team_slave_1 removed [ 268.328238][ T67] team0 (unregistering): Port device team_slave_0 removed [ 268.423820][ T5096] Bluetooth: hci0: command tx timeout [ 269.173534][ T29] kauditd_printk_skb: 42 callbacks suppressed [ 269.173553][ T29] audit: type=1326 audit(1721768960.772:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8981 comm="syz.1.947" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f592c975f19 code=0x0 [ 269.623682][ T5096] Bluetooth: hci1: command tx timeout [ 269.880652][ T8850] chnl_net:caif_netlink_parms(): no params data found [ 270.678912][ T5096] Bluetooth: hci0: command tx timeout [ 270.804517][ T8877] chnl_net:caif_netlink_parms(): no params data found [ 272.479029][ T8850] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.513255][ T8850] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.521853][ T8850] bridge_slave_0: entered allmulticast mode [ 272.530376][ T8850] bridge_slave_0: entered promiscuous mode [ 272.753508][ T5096] Bluetooth: hci0: command tx timeout [ 272.755803][ T8850] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.770998][ T8850] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.788669][ T8850] bridge_slave_1: entered allmulticast mode [ 274.053409][ T9052] trusted_key: syz.2.958 sent an empty control message without MSG_MORE. [ 274.531230][ T8850] bridge_slave_1: entered promiscuous mode [ 274.644085][ T8877] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.651188][ T8877] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.682298][ T8877] bridge_slave_0: entered allmulticast mode [ 274.717106][ T8877] bridge_slave_0: entered promiscuous mode [ 274.729880][ T8877] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.755086][ T8877] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.779027][ T8877] bridge_slave_1: entered allmulticast mode [ 274.805049][ T8877] bridge_slave_1: entered promiscuous mode [ 274.989623][ T8850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.042956][ T8877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.063118][ T8877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.091026][ T8850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 276.338279][ T8850] team0: Port device team_slave_0 added [ 276.352408][ T8850] team0: Port device team_slave_1 added [ 276.447952][ T8877] team0: Port device team_slave_0 added [ 276.451203][ T29] audit: type=1326 audit(1721768968.062:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9089 comm="syz.3.969" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2030575f19 code=0x0 [ 276.463797][ T8877] team0: Port device team_slave_1 added [ 276.517214][ T9083] batadv_slave_0: mtu less than device minimum [ 276.648921][ T8877] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.671394][ T8877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.697607][ C1] vkms_vblank_simulate: vblank timer overrun [ 276.727187][ T8877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.748258][ T8850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.760899][ T8850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.795914][ T8850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.914381][ T8877] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 276.933603][ T8877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.959524][ C1] vkms_vblank_simulate: vblank timer overrun [ 276.973849][ T8877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 277.913034][ T8850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 277.925947][ T8850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 278.023611][ T8850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 278.077210][ T8877] hsr_slave_0: entered promiscuous mode [ 278.097544][ T8877] hsr_slave_1: entered promiscuous mode [ 278.133747][ T8877] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 278.146133][ T8877] Cannot create hsr debugfs directory [ 278.361326][ T9127] openvswitch: netlink: Missing key (keys=20040, expected=80) [ 278.381213][ T8850] hsr_slave_0: entered promiscuous mode [ 278.401669][ T8850] hsr_slave_1: entered promiscuous mode [ 278.414926][ T8850] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 278.432808][ T8850] Cannot create hsr debugfs directory [ 278.773584][ T8582] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 278.981415][ T8582] usb 3-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config [ 279.005443][ T8582] usb 3-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0 [ 279.037725][ T8582] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.070253][ T8582] usb 3-1: Product: syz [ 279.099812][ T8582] usb 3-1: Manufacturer: syz [ 279.117040][ T8582] usb 3-1: SerialNumber: syz [ 279.177023][ T29] audit: type=1326 audit(1721768970.792:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9147 comm="syz.1.982" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f592c975f19 code=0x0 [ 279.370385][ T8582] qmi_wwan 3-1:1.0: skipping garbage [ 279.391374][ T8582] qmi_wwan 3-1:1.0: probe with driver qmi_wwan failed with error -22 [ 279.430712][ T8582] usb 3-1: USB disconnect, device number 11 [ 279.652123][ T8877] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 279.668740][ T8877] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 279.875042][ T8877] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 279.917680][ T8877] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 280.494104][ T5143] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 280.542309][ T8877] 8021q: adding VLAN 0 to HW filter on device bond0 [ 280.706957][ T5143] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 280.714121][ T8877] 8021q: adding VLAN 0 to HW filter on device team0 [ 280.740126][ T5143] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.748871][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.756059][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 280.808377][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.815494][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 280.827424][ T5143] usb 2-1: config 0 descriptor?? [ 280.862407][ T8850] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 280.866173][ T5143] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 280.969263][ T8850] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 281.067824][ T8850] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 281.143241][ T8850] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 281.295087][ T5143] cpia1 2-1:0.0: unexpected state after lo power cmd: 00 [ 281.479096][ T8850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 281.597150][ T5143] gspca_cpia1: usb_control_msg 01, error -71 [ 281.611354][ T5143] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0) [ 281.634435][ T8877] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 281.658415][ T5143] usb 2-1: USB disconnect, device number 9 [ 281.691193][ T8850] 8021q: adding VLAN 0 to HW filter on device team0 [ 281.714126][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.721243][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 281.819689][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.826847][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 282.303630][ T5143] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 282.448282][ T8850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 282.496758][ T8877] veth0_vlan: entered promiscuous mode [ 282.537578][ T5143] usb 3-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config [ 282.560172][ T5143] usb 3-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0 [ 282.578400][ T5143] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.601620][ T8877] veth1_vlan: entered promiscuous mode [ 282.607495][ T5143] usb 3-1: Product: syz [ 282.615552][ T5143] usb 3-1: Manufacturer: syz [ 282.620222][ T5143] usb 3-1: SerialNumber: syz [ 282.624852][ T5144] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 282.811748][ T8850] veth0_vlan: entered promiscuous mode [ 282.817453][ T5144] usb 2-1: Using ep0 maxpacket: 32 [ 282.834327][ T5144] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 282.855978][ T5144] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 282.878468][ T8877] veth0_macvtap: entered promiscuous mode [ 282.887053][ T5143] qmi_wwan 3-1:1.0: skipping garbage [ 282.895682][ T5143] qmi_wwan 3-1:1.0: probe with driver qmi_wwan failed with error -22 [ 282.921417][ T5144] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 282.924369][ T5143] usb 3-1: USB disconnect, device number 12 [ 282.945615][ T8850] veth1_vlan: entered promiscuous mode [ 283.020193][ T5144] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 283.067516][ T8877] veth1_macvtap: entered promiscuous mode [ 283.101900][ T5144] usb 2-1: config 0 interface 0 has no altsetting 0 [ 283.132678][ T5144] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 283.142936][ T5144] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 283.171357][ T5144] usb 2-1: Product: syz [ 283.190544][ T5144] usb 2-1: Manufacturer: syz [ 283.213659][ T5144] usb 2-1: SerialNumber: syz [ 283.214657][ T8877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.253300][ T8877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.265442][ T5144] usb 2-1: config 0 descriptor?? [ 283.276598][ T5144] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 283.301050][ T8877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.323571][ T8877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.330976][ T5144] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 283.355411][ T8877] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 283.390554][ T8850] veth0_macvtap: entered promiscuous mode [ 283.448430][ T8877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.461583][ T8877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.500678][ T8877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.530284][ T8877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.586756][ T8877] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 283.607879][ T8850] veth1_macvtap: entered promiscuous mode [ 283.654659][ T8693] usb 2-1: USB disconnect, device number 10 [ 283.660583][ C0] ldusb 2-1:0.0: usb_submit_urb failed (-19) [ 283.668371][ T9223] ldusb 2-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 283.690960][ T8877] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.706954][ T8877] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.709045][ T8693] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 283.716073][ T9242] ldusb: No device or device unplugged -19 [ 283.751145][ T8877] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.773294][ T8877] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.908209][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.950621][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.976229][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.993614][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.009337][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.021526][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.070609][ T8850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 284.130491][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.170714][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.196236][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.233526][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.248491][ T8850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.263700][ T8850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.279585][ T8850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 284.310075][ T8850] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.339522][ T8850] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.363597][ T8850] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.382839][ T8850] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.510615][ T8752] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.552201][ T8752] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.591541][ T9271] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1002'. [ 284.624110][ T9271] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1002'. [ 284.729095][ T8750] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.768827][ T8750] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.894148][ T8752] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.902006][ T8752] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.001138][ T8752] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.040740][ T8752] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.347942][ T5103] Bluetooth: hci5: sending frame failed (-49) [ 285.355526][ T5096] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 285.421679][ T9307] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 285.946052][ C1] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI [ 285.958647][ C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 285.967068][ C1] CPU: 1 UID: 0 PID: 9319 Comm: syz.4.1011 Not tainted 6.10.0-syzkaller-12084-g28bbe4ea686a #0 [ 285.977449][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 285.987516][ C1] RIP: 0010:bq_flush_to_queue+0x44/0x610 [ 285.993201][ C1] Code: df e8 40 d8 d6 ff 49 8d 5e 50 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 f6 e8 3a 00 48 8b 2b 48 89 e8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 1d 05 00 00 44 8b 65 00 4d 8d 6e 58 4c [ 286.012836][ C1] RSP: 0018:ffffc90000a18a80 EFLAGS: 00010246 [ 286.018941][ C1] RAX: 0000000000000000 RBX: ffff8880789a4290 RCX: ffff88801ab78000 [ 286.026933][ C1] RDX: 0000000000000100 RSI: 0000000000000010 RDI: ffff8880789a4240 [ 286.034924][ C1] RBP: 0000000000000000 R08: ffffffff896117da R09: 1ffffffff1f5cf4d [ 286.042927][ C1] R10: dffffc0000000000 R11: fffffbfff1f5cf4e R12: 0000000000000001 [ 286.050914][ C1] R13: ffffc9000d1af820 R14: ffff8880789a4240 R15: dffffc0000000000 [ 286.058986][ C1] FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 286.067928][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.074517][ C1] CR2: 00007f20312356b8 CR3: 0000000079b12000 CR4: 00000000003506f0 [ 286.082508][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.090489][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.098473][ C1] Call Trace: [ 286.101758][ C1] [ 286.104609][ C1] ? __die_body+0x88/0xe0 [ 286.108963][ C1] ? die_addr+0x108/0x140 [ 286.113312][ C1] ? exc_general_protection+0x3dd/0x5d0 [ 286.118885][ C1] ? validate_chain+0x11e/0x5900 [ 286.123845][ C1] ? asm_exc_general_protection+0x26/0x30 [ 286.129589][ C1] ? xdp_do_check_flushed+0x10a/0x240 [ 286.134979][ C1] ? bq_flush_to_queue+0x44/0x610 [ 286.140024][ C1] ? mark_lock+0x9a/0x350 [ 286.144379][ C1] __cpu_map_flush+0x5d/0xd0 [ 286.148986][ C1] xdp_do_check_flushed+0x136/0x240 [ 286.154197][ C1] __napi_poll+0xe4/0x490 [ 286.158545][ C1] net_rx_action+0x89b/0x1240 [ 286.163246][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 286.168368][ C1] ? sched_clock+0x4a/0x70 [ 286.172810][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.179158][ C1] handle_softirqs+0x2c4/0x970 [ 286.183938][ C1] ? __irq_exit_rcu+0xf4/0x1c0 [ 286.188715][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 286.194024][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 286.199250][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 286.203860][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 286.209077][ C1] irq_exit_rcu+0x9/0x30 [ 286.213338][ C1] common_interrupt+0xaa/0xd0 [ 286.218043][ C1] [ 286.220983][ C1] [ 286.223927][ C1] asm_common_interrupt+0x26/0x40 [ 286.228984][ C1] RIP: 0010:__rcu_read_lock+0x30/0xb0 [ 286.234381][ C1] Code: 57 41 56 53 49 be 00 00 00 00 00 fc ff df 65 4c 8b 3c 25 00 d7 03 00 49 81 c7 44 04 00 00 4c 89 fb 48 c1 eb 03 42 0f b6 04 33 <84> c0 75 35 41 8b 2f ff c5 42 0f b6 04 33 84 c0 75 3e 41 89 2f 42 [ 286.254006][ C1] RSP: 0018:ffffc9000d1af6b0 EFLAGS: 00000a07 [ 286.260091][ C1] RAX: 0000000000000000 RBX: 1ffff1100356f088 RCX: ffffffff81701eba [ 286.268072][ C1] RDX: dffffc0000000000 RSI: ffffffff8bcad5a0 RDI: ffff88801f942780 [ 286.276050][ C1] RBP: ffff88813fffa000 R08: ffffffff92fcd837 R09: 1ffffffff25f9b06 [ 286.284013][ C1] R10: dffffc0000000000 R11: fffffbfff25f9b07 R12: 1ffff11002bddf93 [ 286.291991][ C1] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff88801ab78444 [ 286.299954][ C1] ? mark_lock+0x9a/0x350 [ 286.304278][ C1] percpu_ref_put+0x12/0x180 [ 286.308849][ C1] __memcg_slab_free_hook+0xa7/0x310 [ 286.314118][ C1] ? __vm_area_free+0xe0/0x110 [ 286.318889][ C1] kmem_cache_free+0x1cf/0x350 [ 286.323660][ C1] __vm_area_free+0xe0/0x110 [ 286.328227][ C1] exit_mmap+0x645/0xc80 [ 286.332450][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 286.337281][ C1] ? __asan_memset+0x23/0x50 [ 286.341855][ C1] ? uprobe_clear_state+0x277/0x290 [ 286.347034][ C1] ? mm_update_next_owner+0xa2/0x8a0 [ 286.352298][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 286.357512][ C1] __mmput+0x115/0x380 [ 286.361578][ C1] exit_mm+0x220/0x310 [ 286.365639][ C1] ? __pfx_exit_mm+0x10/0x10 [ 286.370214][ C1] ? taskstats_exit+0x326/0xa60 [ 286.375052][ C1] do_exit+0x9b2/0x27f0 [ 286.379188][ C1] ? __pfx_do_exit+0x10/0x10 [ 286.383765][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.389726][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 286.396033][ C1] ? cgroup_freezing+0x2a8/0x350 [ 286.400956][ C1] do_group_exit+0x207/0x2c0 [ 286.405531][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.410718][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 286.415899][ C1] get_signal+0x1695/0x1730 [ 286.420405][ C1] ? __pfx_get_signal+0x10/0x10 [ 286.425252][ C1] arch_do_signal_or_restart+0x96/0x860 [ 286.430785][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 286.436925][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 286.442904][ C1] ? syscall_exit_to_user_mode+0xa3/0x370 [ 286.448612][ C1] syscall_exit_to_user_mode+0xc9/0x370 [ 286.454141][ C1] do_syscall_64+0x100/0x230 [ 286.458712][ C1] ? clear_bhb_loop+0x35/0x90 [ 286.463368][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.469245][ C1] RIP: 0033:0x7fd3c9775f19 [ 286.473646][ C1] Code: Unable to access opcode bytes at 0x7fd3c9775eef. [ 286.480642][ C1] RSP: 002b:00007fd3ca6110f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 286.489046][ C1] RAX: fffffffffffffe00 RBX: 00007fd3c9905f68 RCX: 00007fd3c9775f19 [ 286.497005][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd3c9905f68 [ 286.504973][ C1] RBP: 00007fd3c9905f60 R08: 00007fd3ca6116c0 R09: 00007fd3ca6116c0 [ 286.512948][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd3c9905f6c [ 286.520907][ C1] R13: 000000000000000b R14: 00007ffc73d12a30 R15: 00007ffc73d12b18 [ 286.528866][ C1] [ 286.531865][ C1] Modules linked in: [ 286.535871][ C1] ---[ end trace 0000000000000000 ]--- [ 286.541310][ C1] RIP: 0010:bq_flush_to_queue+0x44/0x610 [ 286.546950][ C1] Code: df e8 40 d8 d6 ff 49 8d 5e 50 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 f6 e8 3a 00 48 8b 2b 48 89 e8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 1d 05 00 00 44 8b 65 00 4d 8d 6e 58 4c [ 286.566557][ C1] RSP: 0018:ffffc90000a18a80 EFLAGS: 00010246 [ 286.572603][ C1] RAX: 0000000000000000 RBX: ffff8880789a4290 RCX: ffff88801ab78000 [ 286.580567][ C1] RDX: 0000000000000100 RSI: 0000000000000010 RDI: ffff8880789a4240 [ 286.588541][ C1] RBP: 0000000000000000 R08: ffffffff896117da R09: 1ffffffff1f5cf4d [ 286.596505][ C1] R10: dffffc0000000000 R11: fffffbfff1f5cf4e R12: 0000000000000001 [ 286.604473][ C1] R13: ffffc9000d1af820 R14: ffff8880789a4240 R15: dffffc0000000000 [ 286.612433][ C1] FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 286.621360][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 286.627937][ C1] CR2: 00007f20312356b8 CR3: 0000000079b12000 CR4: 00000000003506f0 [ 286.635904][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 286.643866][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 286.651816][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 286.659216][ C1] Kernel Offset: disabled [ 286.663536][ C1] Rebooting in 86400 seconds..