last executing test programs: 2.308219261s ago: executing program 1 (id=336): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r1, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newlink={0x60, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, r1, 0x42024, 0x8d05}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_REMOTE={0x14, 0x7, @mcast2}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x0) 2.06895561s ago: executing program 1 (id=340): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, 0x0, 0x24000000) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, r3, 0x401, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}]}, 0x1c}}, 0x0) write$nci(r1, &(0x7f0000001600)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x2, @b={0x4, 0x6, 0x1, 0xf7, {0x13, "082d52050454ebf59bcace8b9660dd778608e7"}, 0x1}}, 0x1c) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) 2.000185535s ago: executing program 0 (id=341): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010000304000000000400000000007400", @ANYRES32=0x0, @ANYBLOB="0000000003120100280012800b00010062726964676500001800028005002c"], 0x48}, 0x1, 0x0, 0x0, 0x20040884}, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b28, 0x0) openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd60"], 0x0) socket$kcm(0x11, 0x200000000000002, 0x300) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c000000020603000000000000000000000000001400078008001240000000000500150002000000050001000600000005000500020000000500040000000000090002"], 0x4c}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x95) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000c40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0) 1.784828631s ago: executing program 3 (id=344): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x8}, 0xe) socket$nl_route(0x10, 0x3, 0x0) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0xc884) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x3, 0x3ff, 0x0, 0xfc8, 0xc8, 0xbee8, 0x6, 0x6e980000, r1}, 0x20) 1.752901064s ago: executing program 3 (id=345): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x6, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x3, 0x2}}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @func={0x6}]}, {0x0, [0x61, 0x0, 0x0, 0x61]}}, 0x0, 0x4e}, 0x28) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, 0x0, 0x8040) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x40c0080) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x10) 1.576818478s ago: executing program 0 (id=347): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000001f80)=ANY=[@ANYBLOB='iocharset=cp850,fmask=00000000000000000000236,errors=remount-ro,iocharset=iso8859-7,fmask=00000000000000000000005,dmask=00000000000000000000000,gid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000001,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB=',hash,obj_role=,subj_role=iso8859-7,fowner=', @ANYRESDEC=0x0, @ANYBLOB="2c6673636f6e746578743d73797374656d5f752c00d6ff5c67f927e2994d04ce2d7fbbbf344b156bcd7abb5fd31af34cddf3c183668b1f0bb5722d38948008a63b157fdaccf14e"], 0xfd, 0x153c, &(0x7f0000000440)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k0uiyTJJUkuSZIkSW4JSZMcSUgMuSUNSUguQ3IZQnKZmDTu9/slIUmaJAnJLVn/z5T5q1Pnf875nX7H/5x5vp/P+7GeWftZ+9me97L3npdvug6r1aR29UZEBP8S/OWPRACIBYBBAHANAAQAUD6ufFzmfE6Jif/aTtif66GUK10Bu5K4/9kb9z974/5nb9z/7I37n71x/7M37n/2xv1nLDvbMqPgtfzIvg++/5+d8ef/f5GM0uO+WFf6+m4AMf9oCvf/Px/+C7nc//9awT+yEfc/e+P+/7dY909uH/u/VAf7T8Kv/+wgx9+c4f5nb9x/xrKzX98LjoUrfz/63/2ASPb+HciVfv4xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMsezvrLFABkja90XYwxxhhjjDHGGPvz+BxXugLGGGOMMcYYY4z970MQIEFBADGQA2IhJ+QCARCTNX8txMF1kBeuh3yQHwpAQYiHQlAYNBiwQBBCESgKUbgBisGNUBxKQEkoBQ5KQxm4CcrCzVAOboHycCtUgNugIlSCylAFboeqcAdUgzuhOtwFNaAm1ILacDfUgXugLtwL9eA+qA/3QwN4ABrCg9AIHoLG8DA0gUegKTwKzaA5tICW0Op/lP8C9IQXoRf0hkToA33hJegH/WEADIRB8DIMhldgCLwKSTAUhsFrMBxehxHwBoyEUTAa3oQx8BaMhXEwHiZAMkyESfA2TIZ3YApMhWkwHVJgBsyEd2EWzIY58B7MhfdhHsyHBbAQUuEDWASLIQ0+hCXwEaTDUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2AbbYQfshF3wMeyGT2AP7IV98Cnsh8/+yfwzf5XfDQEBBQpUqDAGYzAWYzEX5sLcmBvzYB6MYATjMA7zYl7Mh/mwABbAeIzHwlgYDRokJCyCRTCKUSyGxbA4FseSWBIdOiyDZbAs3ozlsByWx/JYAStgRayElbAKVsGqWBWrYTWsjtWxBtbAWlgL78a7sQ/WxbpYD+thfayfdXsKG2EjbIyNsQk2wabYFJthM2yBLbAVtsLW2BrbYBtsh+2wPbbHDtgBEzABO2JH7ISdsDN2xi7YBbtiV+yG3bF7xgs5AF/EF7E31hB9sC/2xX6YlGMADsSB+DIOxlfwFXwVk3AoDsPX8DV8HUfgaRyJo3A0jsaq4i0ci+OQxARMxmSchJNwMk7GKTgVp+J0TMEZOBNn4iycjbPxPZyL7+P7OB/n40JMxVRchIsxDdNwCZ7BdFyKy3A5rsCVuAJX4xpcjetwPa7DjbgRN+Nm3IpbcTtux524Ez9GBYCf4F7ci0m4H/fjATyAB/EgHsJDmIEZeBgP4xE8gkfxKB7DY3gcT+BJPIGn8BSexjN4Fs/ieTyPF/C5+K8af1xibRKITEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEXpFX5BP5RAFRQMSLeFFYFBZGGEEizHynEFERFcVEMVFcFBclRUnhhBNlRBlRVpQV5UQ5UV7cKiqI20RFUUm0dVVEFVFVtHPVxJ2iuqguaoiaopaoLWqLOqKOqCvqinqinqgv6osG4gHRUPTBAfiQyOxMEzEUm4ph2Ew0F/LSO1RrMQLbiLainXhCjMKR2EG0dgniadFRjMVO4i9iHD4ruogJ2FU8L7qJ7qKHeEH0FG1cL9FbTME+oq+Yjv1EfzFADBSzsKZ4D+fmrCVeFUliqBgmXhML8XUxQrwhRopRYrR4U4wRb4mxYpwYLyaIZDFRTBJvi8niHTFFTBXTxHSRImaImeJdMUvMFnPEe2KueF/ME/PFArFQpIoPxCKxWKSJD8US8ZFIF0vFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQO8Uu8bHYLT4Re8ResU98KvaLz8QB8bk4KL4Qh8SXIkN8JQ6Lr8UR8Y04Kr4Vx8R34rg4IU6K78Up8YM4Lc6Is+KcOC9+FBfET+Ki8AIkSiGlVDKQMTKHjJU5ZS55lcwtg6z3fxknr5N55fUyn8wvC8iCMl4WkoWllkZaSTKURWRRGZU3yGLyRllclpAlZSnpZGlZRt4ky8qbZTl5iywvb5UV5G2yoqwkK8sq8nZZVd4hIfLLPmrImrKWrC3vlolwj6wr75X15H2yvrxfNpAPyIbyQdlIPiQby4dlE/mIbCoflc1kc9lCtpSt5GOytXxctpFtZTv5hGwvn5Qd5FMyQT4tO0p/6SnyrOwin5Nd5fOym+wue8if5EXpZS/ZW0IfkH3lS7Kf7C8HyIFykHxZDpavyCHyVZkkh8ph8jU5XL4uR8g35Eg5So6Wb8ox8i05Vo6T4+UEmSwnyknybTlZviOnyKlympwuU+QMOeDSSnOk/Lv5b/9B/pCf975ZbpFb5Ta5Xe6QO+Uu+bHcLXfLPXKP3Cf3yf1yvzwgD8iD8qA8JA/JDJkhD8vD8og8Io/Ko/KYPCaPyxPynPxenpI/yNPyjDwjz8nz8ry8cOnvABQqoaRSKlAxKoeKVTlVLnWVyq2uVnnUNSqirlVx6jqVV12v8qn8qoAqqOJVIVVYaWWUVaRCVUQVVVF1A156wqiSqpRyqrQqo276Z/JVMXWjKq5K/CY/q77Ev1FfK9VKtVatVRvVRrVT7VR71V51UB1UgkpQHVVH1Ul1Up1VZ9VFdVFdVVfVTXVTPVQP1VP1VL1UL5WoElVf9ZLqp/qrAWqgGqReFpnHMEQNUUkqSQ1Tw9RwNVyNUCPUSDVSjVaj1Rg1Ro1VY9V4NV4lq2Q1SU1Sk9VkNUVNUdPUNJWiUtRMNVPNUrPUHDVHzVVz1Tw1Ty1QC1SqSlWL1CKVptLUErVEpaulaqlarparlWqlWq1Wq7VqrVqv1quNaqNKV1vUFrVNbVM71A61S+1Su9VutUftUfvUPrVf7VcH1AF1UB1Uh9QhlaEy1GF1WB1RR9RRdVQdU8fUcXVcnVQn1Sl1Sp1Wp9VZdVadV+fVBXVBXVQXM0/7AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhCXmh4NbgiKBTcGxYMSQcmgVOCC0kGZ4KagbHBzUC64JSgf3BpUCG4LKgaVgspBleD2oGpwR1AtuDOoHtwV1AhqBrWC2sHdQZ3gnqBucG9QL7gvqB/cHzQIHggaBg8GjYKHgsbBw0GT4JGgafBo0CxoHrQIWgat/tT1vT+d/3HXS/fWibqP7qtf0v10fz1AD9SD9Mt6sH5FD9Gv6iQ9VA/Tr+nh+nU9Qr+hR+pRerR+U4/Rb+mxepweryfoZD1RT9Jv68n6HT1FT9XT9HSdomfomfpdPUvP1nP0e3qufl/P0/P1Ar1Qp+oP9CK9WKfpD/US/ZFO10v1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9Xe/QO/Uu/bHerT/Re/RevU9/qvfrz/QB/bk+qL/Qh/SXOkN/pQ/rr/UR/Y0+qr/Vx/R3+rg+oU/q7/Up/YM+rc/os/qcPq9/1Bf0T/qi9pkn95kf70YZZWJMjIk1sSaXyWVym9wmj8ljIiZi4kycyWvymnwmnylgCph4E28Km8ImExkyRUwREzVRU8wUM8VNcVPSlDTOOFPGlDFlTVlTzpQz5U15U8FUMBVNRVPZVDa3m9vNHeYOc6e509xl7jI1TU1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTDPTwrQwrUwr09q0Nm1MG9POtDPtTXvTwXQwCSbBdDQdTSfTyXQ2nU0X08V0NV1NN9PN9DA9TE/T0/QyvUyiSTR9TV/Tz/QzA8wAM8gMMoPNYDPEDDFJJskMM8PMcDPcjDAjzEgzyozOPFE1b5mxZpwZbyaYZJNsJplJZrKZbKaYKWaamWZSTIqZaWaaWWaWmWPmmLlmrpln5pkFZoFJNalmkVlk0kyaWWKWmHSTbpaZZWaFWWFWmVVmjVlj1pl1ZgNsMJvMJrPFbDHbzDazw+wwu8wus9vsNnvMHrPP7DP7zX5zwBwwB81Bc8gcMhkmwxw2h80Rc8QcNUfNsdjMWo+bk+akOWVOmdPmtDlrzprzJv+lz0tvYm1Om8teZXPbq20ee43967iALWjjbSFb2Gqbz+b/TWystcVtCVvSlrLOlrZl7E2/iyvaSrayrWJvt1XtHbba7+I69h5b195r69n7bG1792/i+vZ+28A+YhsiAtjmtrFtaZvYR2xT+6htZpvbFralbW+ftB3sUzbBPm072md+Fy+yi+0au9aus+vtHrvXnrXn7BH7jT1vf7S9bG87yL5sB9tX7BD7qk2yQ38Xj7Zv2jH2LTvWjrPj7YTfxdPsdJtiZ9iZ9l0LMPs38Sw726baD+xcm2bn2fl2gV34c5xZU5r90C6xH9l0G8Ayu9yusCvtKrv6/9a63G60m+xmu9t+YrfZ7XaH3Wl3ZZ0I2712n/3U7ref2cP2a3vQfmEP2aM2w371c5x5fEftt/aY/c4etyfsSfu9PWV/UFnZmcf+vf3JXrTeAiEBSVIUUAzloFjKSbnoKspNV1MeuoYidC3F0XWUl66nfJSfClBBiqdCVJg0GbJEFFIRKkpRuoGyyitJpchRaSpDN1FZupnK0S1Unm6lCnQbVaRKVJmq0O1Ule6ganQnVae7qAbVpFpUm+6mOnQP1aV7qR7dR/XpfmpAD1BDepAa0UPUmB6mJvQINaVHqRk1pxbUklrRY9SaHqc21Jba0RPUnp6kDvQUJdDT1JGeoU70F+pMz1IXeo660vPUjbpTD3qBetKL1It6UyL1ob70EvWj/jSABtIgepkG0ys0hF6lJBpKw+g1Gk6v0wh6g0bSKBpNb9IYeovG0jgaTxMomSbSJHqbJtM7NIWm0jSaTik0g2bSuzSLZtMceo/m0vs0j+bTAlpIqfQBLaLFlEYf0hL6iNJpKS2j5bSCVtIqWk1raC2to/W0gTbSJtpMW2grbaPttIN20i76mHbTJ7SH9tI++pT202d0gD6ng/QFHaIvKYO+osP0NR2hb+gofet703d0nE7QSfqeTtEPdJrO0Fk6R+fpR7pAP9FF8gQhhiKUoQqDMCbMEcaGOcNc4VVh7vDqME94TRgJrw3jwuvCvOH1Yb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hMXCG8PiYYmwZFgqdGHpsEx4U1g2vDksF94Slg9vDSuEt4UVw0rhI/dVCW8Pq4Z3hNXCO8Pq4V1hjbBmWCusHd4d1gnvCeuG94b1wvvCcuH9YYPwgbBh+GDYKHwobBw+HDYJHwmbho+GzcLmYYuwZdgqfCxsHT4etgnbhu3Cq8L24ZNhh/CpMCF8OuwYPvPz/P2Ls+af+N18Ytgn7Bu+FL4Uen+vXBBdGE2NfhBdFF0cTYt+GF0S/SiaHl0aXRZdHl0RXRldFV0dXRNdG10XXR/dEN0Y3RTdHPW+dg5w6ISTTrnAxbgcLtbldLncVS63u9rlcde4iLvWxbnrXF53vcvn8rsCrqCLd4VcYaedcdaRC10RV9RF3Q2umLvRFXclXElXyjlX2pVxLV0r18q1do+7Nq6ta+eecE+4J92T7in3lHvadXTPuE7uL66ze9Z1cc+559zzrpvr7nq4F1xPNzHPL6/JRNfX9XX9XD83wA1wg9wgN9gNdkPcEJfkktwwN8wNd8PdCDfCjXQj3Wg32o1xY9xYN9aNd+Ndskt2k9wkN9lNdlPcFDfNTXMpLsXNdDPdLDfLVZ39y17muXlugVvgUl2qW+QyzxnT3BK3xKW7dLfMLXMr3Aq3yq1ya9wat86tcxvcBrfJbXJb3Ba3zW1zO9wOt8vtcrvdbrfHX/PLom6/O+AOuIPuoDvkvnQZ7it32H3tjrhv3FH3rTvmvnPH3Ql30n3vTrkf3Gl3xp1159x596O74H5yF513yZGJkUmRtyOTI+9EpkSmRqZFpkdSIjMiMyPvRmZFZkfmRN6LzI28H5kXmR9ZEFkYSY18EFkUWRxJi3wYWRL5KJIeWRpZFlkeWRFZGfG+0LbQF/FFfdTf4Iv5G31xX8KX9KW886V9GX+TL+tv9uX8Lb68v9VX8Lf5ir6Sr+wf9c18c9/Ct/St/GO+tX/ct/FtfTv/hG/vn/Qd/FM+wT/tO/pnfCf/F9/ZP+u7+Od8V/+87+a7+x7+Bd/Tv+h7+d4+0ffxff1Lvp/v7wf4gX6Qf9kP9q/4If5Vn+SH+mH+NT/cv+5H+Df8SD/Kj45504/JukSGCT7ZT/ST/Nt+sn/HT/FT/TQ/3af4GX6mf9fP8rP9HP+en+vf9/P8fL/AL/Sp/gO/yC/2af5Dv8R/5NP90qybxn6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+J1+l//Y7/af+D1+r9/nP/X7/Wf+gP/cH/Rf+EP+S5/hv/KH/df+iP/GH/Xf+mP+O3/cn/Anfaw/5X/wp/0Zf9af8+f9j/6C/8lf5H+zxhhjjDH2D5l4eSh+O/PL7fw+f5AjfrVxXwC4envBjF/PZ55Rbsj3y7i/iG8fAYCne3d9KOtRo0ZiYuKlbdMlBEXnA2T9JijTz189uBQvhXbwJCRAWyj7h/X3F93P0x+tj5fXj94KkOtXObFwOb68/ucAmPgH6z/2xOhFFcKzcX+7/uh8gOJFL+fkhMvxUmj38/2VtlDub9Sfv/Uf1n95/ZxfJAO0+VVObrgcX66/DDwOz0DCb7ZkjDHGGGOMMcZ+0V9U7px1/Zn1jc8/uj6PV5dzcsDl+O9dnzPGGGOMMcYYY+zKe7Z7j6ceS0ho2/mfH1T7eRAL/8P0vzdoCn/ygjz4fw+8B8j6iQKAf3FBgMyB/HcexdZ/y76SLr10/npqxTkfwP8frfwzBlf4jYkxxhhjjDH2p7t80v/bn6srVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/Tv+O7ErfYyMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYlfZ/AgAA//+JpPwy") r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r0, 0x0, 0x0) 1.438577179s ago: executing program 0 (id=348): socket$inet_tcp(0x2, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d8005", @ANYRES8=0x0, @ANYRES32=r0], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0) 1.077038346s ago: executing program 0 (id=349): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x7}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) 1.0248518s ago: executing program 2 (id=350): syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x1, 0xf0, 0x4}, 0xfe}, 0x18) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f00000003c0)=[{0x1, 0x0, {0x0, 0xf0, 0x4}, {0x2, 0xf0, 0x3}, 0xfe}, {0x0, 0x3, {0x0, 0xff, 0x1}, {0x3, 0xff}, 0x1, 0xff}, {0x2, 0x1, {0x0, 0xf0, 0x3}, {0x2, 0x1, 0x4}, 0xfe, 0x1}], 0x60) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x74, r2, {0xfff3, 0x10}, {0xfff1, 0x9}, {0x2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x20000050) 1.02456956s ago: executing program 1 (id=351): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1) getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x50483}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x9005}, 0x0) sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000580)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880) 1.02444902s ago: executing program 3 (id=352): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SCHED_SCAN_MATCH={0x4}, @NL80211_ATTR_SCAN_SUPP_RATES={0xc, 0x7d, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_60GHZ={0x4}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004904}, 0xc0) 889.401791ms ago: executing program 3 (id=353): socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) listen(0xffffffffffffffff, 0x0) close(0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00') socket$inet_udp(0x2, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000280"], 0x48) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) syz_emit_ethernet(0x4e, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$F2FS_IOC_DEFRAGMENT(0xffffffffffffffff, 0xc010f508, &(0x7f0000000000)={0x1, 0x6}) 875.820642ms ago: executing program 1 (id=354): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0x8, 0xfffffffc, 0x8}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) close(r4) socket$unix(0x1, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r5 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r3, 0xc}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf", 0x22}, {&(0x7f0000000c00)="4307ed2e", 0x4}], 0x2}, 0x4) 656.860589ms ago: executing program 2 (id=355): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) syz_emit_ethernet(0x2dc2d, &(0x7f0000000300)=ANY=[], 0x0) 656.722019ms ago: executing program 0 (id=356): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) sendmsg$nl_route(r2, 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e00)=ANY=[@ANYBLOB="44000000100001042abd70000000000000000000", @ANYRES32=r1, @ANYBLOB="0028000000000000140012800c0001006d6163766c616e00", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0) 567.574656ms ago: executing program 2 (id=357): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="4801000042000100fffffffffddbdf250200000004003880100001800c00c8000200000000000000200104801c"], 0x148}, 0x1, 0x0, 0x0, 0x8800}, 0x4040) 471.426384ms ago: executing program 2 (id=358): syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010102, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x1d, 0x12, "ac3272000000006f00"}]}}}}}}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000046000701fcffffff02000000017c000008"], 0x1c}, 0x1, 0x0, 0x0, 0x488c4}, 0xc000) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) close(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r1, {0x0, 0xd}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4008000) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r4, &(0x7f0000000240)="800000800000210ee7decd7a000060008100", 0x5ea, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0xd8, 0x6, @broadcast}, 0x14) 364.898032ms ago: executing program 3 (id=359): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000130a0102"], 0x14}}, 0x0) 350.610733ms ago: executing program 1 (id=360): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x8}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0xc884) sendmsg$inet(r0, &(0x7f00000007c0)={&(0x7f0000000300)={0x2, 0x4e20, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000005c0)}, 0x20000880) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={r1, 0x7}, &(0x7f0000000140)=0x8) 287.979567ms ago: executing program 0 (id=361): socket(0x1d, 0x2, 0x0) r0 = epoll_create1(0x80000) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x1a000201d}) 152.832148ms ago: executing program 3 (id=362): syz_emit_ethernet(0x0, 0x0, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40010120, 0x0) r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0) write$nci(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="01010101"], 0x4) 152.725238ms ago: executing program 1 (id=363): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}, 0x2000000b}, 0x1c) shutdown(r0, 0x0) 26.810067ms ago: executing program 2 (id=364): sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x40}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4621}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80) 0s ago: executing program 2 (id=365): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_SKBQUEUE={0x6, 0x1d, 0x1, 0x0, 0x6f}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x805}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.5' (ED25519) to the list of known hosts. [ 56.063748][ T5750] cgroup: Unknown subsys name 'net' [ 56.219624][ T5750] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 57.657669][ T5750] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 59.683064][ T5765] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 59.692549][ T5765] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 59.714008][ T5765] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 59.733785][ T5765] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 59.736510][ T5770] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.745712][ T5775] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 59.756794][ T5775] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 59.764201][ T5765] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.765662][ T5776] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 59.772069][ T5775] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 59.779932][ T5765] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.785980][ T5775] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 59.792672][ T5776] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 59.801822][ T5775] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.808090][ T5776] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 59.814529][ T5775] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 59.820993][ T5776] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 59.828429][ T5770] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 59.834909][ T5776] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.841939][ T5770] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 59.848410][ T5776] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 59.861949][ T5775] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 59.863524][ T5776] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 59.877950][ T5776] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 60.228891][ T5763] chnl_net:caif_netlink_parms(): no params data found [ 60.324379][ T5762] chnl_net:caif_netlink_parms(): no params data found [ 60.450882][ T5760] chnl_net:caif_netlink_parms(): no params data found [ 60.495394][ T5763] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.502566][ T5763] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.510625][ T5763] bridge_slave_0: entered allmulticast mode [ 60.517872][ T5763] bridge_slave_0: entered promiscuous mode [ 60.532736][ T5763] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.539913][ T5763] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.547582][ T5763] bridge_slave_1: entered allmulticast mode [ 60.554850][ T5763] bridge_slave_1: entered promiscuous mode [ 60.565598][ T5762] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.572727][ T5762] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.580133][ T5762] bridge_slave_0: entered allmulticast mode [ 60.586943][ T5762] bridge_slave_0: entered promiscuous mode [ 60.594791][ T5762] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.601894][ T5762] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.609114][ T5762] bridge_slave_1: entered allmulticast mode [ 60.616128][ T5762] bridge_slave_1: entered promiscuous mode [ 60.641012][ T5761] chnl_net:caif_netlink_parms(): no params data found [ 60.680752][ T5763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.706671][ T5763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.743145][ T5762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.770296][ T5763] team0: Port device team_slave_0 added [ 60.779231][ T5762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.814078][ T5763] team0: Port device team_slave_1 added [ 60.855445][ T5762] team0: Port device team_slave_0 added [ 60.870979][ T5760] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.878894][ T5760] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.886299][ T5760] bridge_slave_0: entered allmulticast mode [ 60.892918][ T5760] bridge_slave_0: entered promiscuous mode [ 60.912955][ T5763] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.919940][ T5763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.946133][ T5763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.960694][ T5762] team0: Port device team_slave_1 added [ 60.986606][ T5760] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.994078][ T5760] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.001212][ T5760] bridge_slave_1: entered allmulticast mode [ 61.008676][ T5760] bridge_slave_1: entered promiscuous mode [ 61.026914][ T5763] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.034273][ T5763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.060471][ T5763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.083215][ T5761] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.090420][ T5761] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.097691][ T5761] bridge_slave_0: entered allmulticast mode [ 61.104970][ T5761] bridge_slave_0: entered promiscuous mode [ 61.129106][ T5760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.141651][ T5760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.151558][ T5762] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.159369][ T5762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.185604][ T5762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.196793][ T5761] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.204227][ T5761] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.211410][ T5761] bridge_slave_1: entered allmulticast mode [ 61.218210][ T5761] bridge_slave_1: entered promiscuous mode [ 61.242754][ T5762] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.249794][ T5762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.276325][ T5762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.316512][ T5760] team0: Port device team_slave_0 added [ 61.325148][ T5760] team0: Port device team_slave_1 added [ 61.344583][ T5761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.389613][ T5761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.433867][ T5763] hsr_slave_0: entered promiscuous mode [ 61.440193][ T5763] hsr_slave_1: entered promiscuous mode [ 61.465583][ T5762] hsr_slave_0: entered promiscuous mode [ 61.471869][ T5762] hsr_slave_1: entered promiscuous mode [ 61.478077][ T5762] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.486589][ T5762] Cannot create hsr debugfs directory [ 61.492789][ T5760] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.499795][ T5760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.526149][ T5760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.551008][ T5761] team0: Port device team_slave_0 added [ 61.560316][ T5761] team0: Port device team_slave_1 added [ 61.577958][ T5760] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.585092][ T5760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.611482][ T5760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.665044][ T5761] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.672013][ T5761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.698354][ T5761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.736696][ T5761] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.743739][ T5761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.770204][ T5761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.833226][ T5760] hsr_slave_0: entered promiscuous mode [ 61.840208][ T5760] hsr_slave_1: entered promiscuous mode [ 61.846960][ T5760] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.854673][ T5760] Cannot create hsr debugfs directory [ 61.914305][ T51] Bluetooth: hci3: command tx timeout [ 61.914316][ T5776] Bluetooth: hci2: command tx timeout [ 61.914548][ T5776] Bluetooth: hci1: command tx timeout [ 61.919943][ T51] Bluetooth: hci0: command tx timeout [ 61.942380][ T5761] hsr_slave_0: entered promiscuous mode [ 61.948871][ T5761] hsr_slave_1: entered promiscuous mode [ 61.955449][ T5761] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.963012][ T5761] Cannot create hsr debugfs directory [ 62.170957][ T5762] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 62.181786][ T5762] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 62.211938][ T5762] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 62.233532][ T5762] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 62.287030][ T5763] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 62.302227][ T5763] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 62.313969][ T5763] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 62.322978][ T5763] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 62.386632][ T5760] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 62.410032][ T5760] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 62.424886][ T5760] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 62.435076][ T5760] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 62.519395][ T5761] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.531241][ T5761] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.542077][ T5761] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.552075][ T5761] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.668718][ T5762] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.697838][ T5760] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.714531][ T5763] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.732332][ T5762] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.759865][ T5760] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.775161][ T2938] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.782413][ T2938] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.792073][ T2938] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.799200][ T2938] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.828604][ T2938] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.835973][ T2938] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.848191][ T5763] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.876681][ T2890] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.883807][ T2890] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.911309][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.918448][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.936119][ T5761] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.969473][ T2938] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.976590][ T2938] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.015730][ T5761] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.042263][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.049423][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.091014][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.098206][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.148875][ T5763] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.166518][ T5763] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.422684][ T5762] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.506389][ T5760] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.599482][ T5762] veth0_vlan: entered promiscuous mode [ 63.640660][ T5760] veth0_vlan: entered promiscuous mode [ 63.654725][ T5762] veth1_vlan: entered promiscuous mode [ 63.669358][ T5763] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.680734][ T5761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.694349][ T5760] veth1_vlan: entered promiscuous mode [ 63.753103][ T5762] veth0_macvtap: entered promiscuous mode [ 63.778195][ T5762] veth1_macvtap: entered promiscuous mode [ 63.795661][ T5761] veth0_vlan: entered promiscuous mode [ 63.825337][ T5760] veth0_macvtap: entered promiscuous mode [ 63.834980][ T5763] veth0_vlan: entered promiscuous mode [ 63.852892][ T5762] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.864576][ T5761] veth1_vlan: entered promiscuous mode [ 63.873229][ T5762] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.890554][ T5760] veth1_macvtap: entered promiscuous mode [ 63.901689][ T5762] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.912045][ T5762] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.922051][ T5762] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.932131][ T5762] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.943823][ T5763] veth1_vlan: entered promiscuous mode [ 63.965966][ T5760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.978593][ T5760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.990741][ T5760] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.998673][ T51] Bluetooth: hci0: command tx timeout [ 64.004083][ T51] Bluetooth: hci1: command tx timeout [ 64.005260][ T5773] Bluetooth: hci3: command tx timeout [ 64.010468][ T5776] Bluetooth: hci2: command tx timeout [ 64.033734][ T5761] veth0_macvtap: entered promiscuous mode [ 64.052890][ T5760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.065186][ T5760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.077296][ T5760] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.095123][ T5761] veth1_macvtap: entered promiscuous mode [ 64.110131][ T5760] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.119046][ T5760] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.128371][ T5760] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.137361][ T5760] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.176670][ T5761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.187490][ T5761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.198172][ T5761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.208637][ T5761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.219851][ T5761] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.244601][ T5761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.256178][ T5761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.266302][ T5761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.278012][ T5761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.289541][ T5761] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.337099][ T5763] veth0_macvtap: entered promiscuous mode [ 64.345824][ T5761] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.356002][ T5761] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.365380][ T5761] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.374497][ T5761] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.407787][ T5763] veth1_macvtap: entered promiscuous mode [ 64.444382][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.452399][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.484505][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.496435][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.506457][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.518906][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.529513][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.540077][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.551643][ T5763] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.564137][ T2890] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.572129][ T2890] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.610247][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.621271][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.632028][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.647534][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.657464][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.667929][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.679210][ T5763] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.711429][ T5763] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.720493][ T5763] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.730214][ T5763] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.739128][ T5763] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.751218][ T1131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.765684][ T1131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.779724][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.791843][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.856500][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.881580][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.993942][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.001814][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.093874][ T2890] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.101740][ T2890] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.219809][ T2938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.248762][ T2938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.677148][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 65.685684][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 65.753911][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 66.086301][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 66.086440][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 66.390332][ T5855] syz.1.2[5855]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 66.393594][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 66.422045][ T5855] loop1: detected capacity change from 0 to 128 [ 66.447487][ T5855] ADFS-fs (loop1): unrecognised mount option "u" or missing value [ 66.495918][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 66.495959][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 67.092301][ T5776] Bluetooth: hci2: command tx timeout [ 67.097802][ T5776] Bluetooth: hci1: command tx timeout [ 67.101991][ T51] Bluetooth: hci0: command tx timeout [ 67.103200][ T5773] Bluetooth: hci3: command tx timeout [ 67.224278][ T5771] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 69.931425][ T5773] Bluetooth: hci0: command tx timeout [ 69.936985][ T5773] Bluetooth: hci2: command tx timeout [ 69.942473][ T5773] Bluetooth: hci3: command tx timeout [ 69.948362][ T5773] Bluetooth: hci1: command tx timeout [ 70.270371][ T5860] loop3: detected capacity change from 0 to 32768 [ 70.391584][ T5860] workqueue: Failed to create a rescuer kthread for wq "xfs-reclaim/loop3": -EINTR [ 70.488590][ T5886] fuse: Unknown parameter 'fd0000000000000000000000000000000000000000' [ 71.828640][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.837202][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.859603][ T5901] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.928021][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 72.333051][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 72.713787][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 72.714964][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 73.568399][ T51] Bluetooth: hci4: command 0x1003 tx timeout [ 73.573582][ T5773] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 74.411720][ T5923] mkiss: ax0: crc mode is auto. [ 74.731918][ T5920] loop3: detected capacity change from 0 to 40427 [ 74.769499][ T5920] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 74.781126][ T5929] loop2: detected capacity change from 0 to 2048 [ 74.813604][ T5920] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 74.835350][ T5929] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 74.911895][ T5920] F2FS-fs (loop3): invalid crc value [ 74.945738][ T5929] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 74.979251][ T5920] F2FS-fs (loop3): Found nat_bits in checkpoint [ 75.131105][ T5938] fuse: Unknown parameter 'fd0000000000000000000000000000000000000000' [ 75.793536][ T5920] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 75.800836][ T5920] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 76.412725][ T5950] loop2: detected capacity change from 0 to 1024 [ 76.517501][ T5950] tmpfs: Unknown parameter 'grpquotaTL^KID[Y*vOχ"b9"oq ri]\.' [ 79.761359][ T5970] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.538886][ T5977] loop0: detected capacity change from 0 to 1024 [ 80.623142][ T5977] hfsplus: invalid length 32517 has been corrected to 255 [ 80.660142][ T27] audit: type=1800 audit(1765675803.057:2): pid=5977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.31" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 80.687645][ T5981] mkiss: ax0: crc mode is auto. [ 81.739485][ T5974] loop3: detected capacity change from 0 to 40427 [ 81.763224][ T1188] cfg80211: failed to load regulatory.db [ 81.771357][ T5974] F2FS-fs (loop3): Image doesn't support compression [ 81.780180][ T5974] F2FS-fs (loop3): heap/no_heap options were deprecated [ 81.936608][ T5974] F2FS-fs (loop3): invalid crc value [ 81.957555][ T5974] F2FS-fs (loop3): Found nat_bits in checkpoint [ 82.723657][ T5974] F2FS-fs (loop3): Start checkpoint disabled! [ 82.808224][ T5974] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 83.010201][ T5994] loop0: detected capacity change from 0 to 40427 [ 83.044251][ T5994] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 83.054059][ T5994] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 83.147362][ T5994] F2FS-fs (loop0): invalid crc value [ 83.268562][ T5994] F2FS-fs (loop0): Found nat_bits in checkpoint [ 83.984491][ T5994] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 84.007857][ T5994] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 84.042954][ T5853] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 84.257778][ T5853] usb 2-1: Using ep0 maxpacket: 8 [ 84.267459][ T5853] usb 2-1: config 0 has an invalid interface number: 3 but max is 0 [ 84.303687][ T5853] usb 2-1: config 0 has no interface number 0 [ 84.312827][ T5853] usb 2-1: config 0 interface 3 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 84.356317][ T5853] usb 2-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 7.55 [ 84.382314][ T5853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.397917][ T5853] usb 2-1: Product: syz [ 84.412273][ T5853] usb 2-1: Manufacturer: syz [ 84.423755][ T5853] usb 2-1: SerialNumber: syz [ 84.444078][ T5853] usb 2-1: config 0 descriptor?? [ 84.485185][ T5853] usb 2-1: Quirk or no altest; falling back to MIDI 1.0 [ 84.552434][ T5853] snd-usb-audio: probe of 2-1:0.3 failed with error -2 [ 84.580509][ T6016] loop2: detected capacity change from 0 to 32768 [ 84.626285][ T6016] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.40 (6016) [ 85.397413][ T5853] usb 2-1: USB disconnect, device number 2 [ 85.480533][ T5771] udevd[5771]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.3/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 85.786010][ T6016] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 85.852853][ T6016] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 85.859178][ T6027] loop0: detected capacity change from 0 to 8192 [ 85.869134][ T6027] ======================================================= [ 85.869134][ T6027] WARNING: The mand mount option has been deprecated and [ 85.869134][ T6027] and is ignored by this kernel. Remove the mand [ 85.869134][ T6027] option from the mount to silence this warning. [ 85.869134][ T6027] ======================================================= [ 85.904010][ C1] vkms_vblank_simulate: vblank timer overrun [ 85.911541][ T6016] BTRFS info (device loop2): setting nodatacow, compression disabled [ 85.920545][ T6016] BTRFS info (device loop2): enabling auto defrag [ 85.930228][ T6016] BTRFS info (device loop2): turning on flush-on-commit [ 85.939966][ T6016] BTRFS info (device loop2): force clearing of disk cache [ 85.947653][ T6016] BTRFS info (device loop2): enabling ssd optimizations [ 85.955813][ T6016] BTRFS info (device loop2): using spread ssd allocation scheme [ 85.964318][ T6016] BTRFS info (device loop2): max_inline at 0 [ 85.970523][ T6016] BTRFS info (device loop2): turning off barriers [ 85.977409][ T6016] BTRFS info (device loop2): disabling free space tree [ 85.984619][ T6016] BTRFS info (device loop2): disabling tree log [ 86.009230][ T6016] BTRFS info (device loop2): not using ssd optimizations [ 86.066316][ T6016] BTRFS info (device loop2): not using spread ssd allocation scheme [ 86.212253][ T6034] loop1: detected capacity change from 0 to 4096 [ 86.245857][ T6034] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 86.380113][ T6048] hfs: can't find a HFS filesystem on dev nullb0 [ 86.844298][ T6016] BTRFS info (device loop2): auto enabling async discard [ 86.916120][ T6034] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 86.954160][ T6016] BTRFS info (device loop2): rebuilding free space tree [ 88.407051][ T12] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 88.456507][ T6034] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 88.478963][ T6034] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 88.490234][ T6055] loop3: detected capacity change from 0 to 64 [ 88.528296][ T6016] BTRFS info (device loop2): disabling free space tree [ 88.533523][ T6034] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 88.536612][ T6056] ntfs3: loop1: ino=5, "/" directory corrupted [ 88.564159][ T6016] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 88.583605][ T6016] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 88.599026][ T1131] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 88.675484][ T6016] BTRFS info (device loop2): checking UUID tree [ 88.699626][ T6016] BTRFS warning (device loop2): failed to start uuid_rescan task [ 88.752759][ T6016] BTRFS warning (device loop2): failed to check the UUID tree: -4 [ 89.178167][ T27] audit: type=1107 audit(1765675811.557:3): pid=6060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='je/Țhj?CA >u[' [ 90.445731][ T6016] BTRFS error (device loop2): open_ctree failed: -4 [ 90.783277][ T6076] netlink: 12 bytes leftover after parsing attributes in process `syz.3.53'. [ 91.895259][ T6076] IPVS: length: 149 != 17667290688 [ 92.698421][ T6085] loop2: detected capacity change from 0 to 2048 [ 93.164225][ T6085] NILFS (loop2): invalid segment: Checksum error in segment payload [ 93.172366][ T6085] NILFS (loop2): trying rollback from an earlier position [ 93.179802][ T6085] NILFS (loop2): invalid segment: Checksum error in segment payload [ 93.187798][ T6085] NILFS (loop2): error -22 while searching super root [ 94.090445][ T6097] loop1: detected capacity change from 0 to 16 [ 94.139280][ T6097] erofs: (device loop1): mounted with root inode @ nid 36. [ 96.193309][ T6112] UBIFS error (pid: 6112): cannot open "(null)", error -22 [ 96.514820][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 96.842173][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 96.965583][ T5853] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 97.050271][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.148736][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 97.183510][ T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 97.212344][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.234234][ T9] usb 2-1: config 0 descriptor?? [ 97.325602][ T5853] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.344302][ T5853] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.364060][ T5853] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 97.387719][ T5853] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 97.407485][ T5853] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.433944][ T787] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 97.482231][ T5853] usb 3-1: config 0 descriptor?? [ 97.828538][ T6127] loop0: detected capacity change from 0 to 40427 [ 97.847651][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 97.871045][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 97.897259][ T6127] F2FS-fs (loop0): invalid crc value [ 97.915704][ T6127] F2FS-fs (loop0): Found nat_bits in checkpoint [ 97.947278][ T6127] F2FS-fs (loop0): Start checkpoint disabled! [ 97.964695][ T6127] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 97.983029][ T9] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 98.010517][ T787] usb 4-1: config index 0 descriptor too short (expected 28277, got 36) [ 98.018964][ T787] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 98.447498][ T5853] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 98.456652][ T787] usb 4-1: config 0 has no interfaces? [ 98.462167][ T787] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 98.476148][ T9] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 98.490867][ T5853] plantronics 0003:047F:FFFF.0002: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 98.503354][ T787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.593138][ T787] usb 4-1: config 0 descriptor?? [ 98.640043][ T9] usb 2-1: USB disconnect, device number 3 [ 98.804548][ T2910] kworker/u4:8: attempt to access beyond end of device [ 98.804548][ T2910] loop0: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 98.868434][ T6133] fido_id[6133]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 98.896436][ T2910] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 98.921392][ T2910] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 98.928767][ T2910] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 99.433772][ T6137] loop1: detected capacity change from 0 to 32768 [ 99.448942][ T6137] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.68 (6137) [ 99.476221][ T6137] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 99.486517][ T6137] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 99.495286][ T6137] BTRFS info (device loop1): using free space tree [ 99.626077][ T6137] BTRFS info (device loop1): enabling ssd optimizations [ 99.633097][ T6137] BTRFS info (device loop1): auto enabling async discard [ 99.718959][ T27] audit: type=1800 audit(1765675822.117:4): pid=6137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.68" name="file1" dev="loop1" ino=263 res=0 errno=0 [ 99.794990][ T5880] usb 3-1: USB disconnect, device number 2 [ 99.922179][ T5762] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 101.374662][ T6172] Illegal XDP return value 4294967294 on prog (id 19) dev syz_tun, expect packet loss! [ 101.407657][ T23] usb 4-1: USB disconnect, device number 2 [ 101.423186][ T6174] loop1: detected capacity change from 0 to 512 [ 101.592827][ T6174] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.72: inode has both inline data and extents flags [ 101.665667][ T6174] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.72: couldn't read orphan inode 15 (err -117) [ 101.698341][ T6174] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.105722][ T5762] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.749551][ T6197] loop1: detected capacity change from 0 to 32768 [ 106.857229][ T6197] ERROR: (device loop1): diAllocAG: ipimap->i_size is wrong [ 106.857229][ T6197] [ 106.906198][ T6197] ERROR: (device loop1): remounting filesystem as read-only [ 106.968189][ T6197] ialloc: diAlloc returned -5! [ 108.661910][ T6215] syz.1.84[6215] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 108.817160][ T6215] syz.1.84[6215] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 111.035652][ T6223] sched: RT throttling activated [ 112.149850][ T6238] loop2: detected capacity change from 0 to 64 [ 112.691964][ T6230] loop1: detected capacity change from 0 to 40427 [ 112.710362][ T6230] F2FS-fs (loop1): LFS is not compatible with checkpoint=disable [ 112.756187][ T5771] I/O error, dev loop1, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 113.153707][ T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 113.373520][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 113.392421][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.704350][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 113.729281][ T9] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 113.931473][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.971164][ T9] usb 3-1: config 0 descriptor?? [ 114.020929][ T9] hub 3-1:0.0: USB hub found [ 114.266850][ T9] hub 3-1:0.0: config failed, can't read hub descriptor (err -90) [ 114.773691][ T9] hid-generic 0003:046D:C31C.0003: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.2-1/input0 [ 115.043641][ T9] usb 3-1: USB disconnect, device number 3 [ 115.273752][ T51] Bluetooth: hci2: command tx timeout [ 115.293561][ T5752] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 115.523632][ T5752] usb 4-1: Using ep0 maxpacket: 8 [ 115.622399][ T5752] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 115.663240][ T5752] usb 4-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 115.683338][ T5752] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.707792][ T5752] usb 4-1: config 0 descriptor?? [ 117.673708][ T787] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 117.914081][ T787] usb 3-1: Using ep0 maxpacket: 8 [ 117.924805][ T787] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 117.937574][ T787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.955691][ T787] usb 3-1: Product: syz [ 117.987959][ T787] usb 3-1: Manufacturer: syz [ 118.014679][ T787] usb 3-1: SerialNumber: syz [ 118.036436][ T787] usb 3-1: config 0 descriptor?? [ 118.258570][ T787] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 118.434450][ T6303] netlink: 16 bytes leftover after parsing attributes in process `syz.1.111'. [ 119.004704][ T5752] usb 4-1: USB disconnect, device number 3 [ 119.539227][ T6311] netlink: 60 bytes leftover after parsing attributes in process `syz.3.113'. [ 120.371703][ T787] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71 [ 120.384687][ T787] usb 3-1: USB disconnect, device number 4 [ 120.692241][ T6319] Zero length message leads to an empty skb [ 123.253594][ T6330] tty tty2: ldisc open failed (-12), clearing slot 1 [ 124.830295][ T6333] loop0: detected capacity change from 0 to 40427 [ 124.879374][ T6333] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 124.894534][ T6333] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 124.919218][ T6333] F2FS-fs (loop0): invalid crc value [ 125.006678][ T6333] F2FS-fs (loop0): Found nat_bits in checkpoint [ 125.791203][ T6337] loop1: detected capacity change from 0 to 32768 [ 125.806481][ T6333] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 125.823586][ T6333] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 125.832555][ T6337] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.122 (6337) [ 125.954200][ T6337] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 125.978537][ T6337] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 126.041568][ T6337] BTRFS info (device loop1): using free space tree [ 126.769863][ T6360] loop2: detected capacity change from 0 to 16 [ 126.780801][ T6337] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 126.809881][ T6360] erofs: (device loop2): mounted with root inode @ nid 36. [ 126.915428][ T51] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 0] out[9000] [ 126.933086][ T6371] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 126.946517][ T6371] x_tables: duplicate underflow at hook 1 [ 126.954917][ T27] audit: type=1800 audit(1765675849.347:5): pid=6371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.118" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 126.974216][ C1] vkms_vblank_simulate: vblank timer overrun [ 127.154766][ T6337] BTRFS error (device loop1): open_ctree failed: -12 [ 127.559344][ T6026] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by udevd (6026) [ 128.926496][ T6394] ieee802154 phy0 wpan0: encryption failed: -22 [ 129.143537][ T23] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 129.333598][ T23] usb 4-1: Using ep0 maxpacket: 8 [ 129.417544][ T6381] loop2: detected capacity change from 0 to 32768 [ 129.424748][ T23] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 130.066944][ T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.078190][ T6381] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.129 (6381) [ 130.139372][ T23] pvrusb2: Hardware description: Terratec Grabster AV400 [ 130.205235][ T6381] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 130.230921][ T23] pvrusb2: ********** [ 130.233542][ T6381] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 130.253552][ T23] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 130.268475][ T6381] BTRFS info (device loop2): using free space tree [ 130.285848][ T23] pvrusb2: Important functionality might not be entirely working. [ 130.303471][ T23] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 130.338393][ T23] pvrusb2: ********** [ 130.338982][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR [ 130.360514][ T2315] pvrusb2: Invalid write control endpoint [ 130.368333][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 130.432360][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 130.479351][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 130.540938][ T2315] pvrusb2: Invalid write control endpoint [ 130.577791][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 130.578388][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 130.580703][ T2315] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 130.721075][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 130.722987][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 130.759562][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 130.789016][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 130.821692][ T2315] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 130.853865][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 130.856620][ T6381] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 130.877161][ T6381] BTRFS error (device loop2): open_ctree failed: -12 [ 130.899598][ T2315] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 130.924890][ T2315] pvrusb2: Device being rendered inoperable [ 130.938210][ T6416] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 130.944964][ T6416] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 130.962393][ T6393] pvrusb2: Attempted to execute control transfer when device not ok [ 130.978771][ T2315] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 130.982709][ T6125] usb 4-1: USB disconnect, device number 4 [ 130.987457][ T2315] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 131.007261][ T6416] vhci_hcd vhci_hcd.0: Device attached [ 131.019038][ T2315] pvrusb2: Attached sub-driver cx25840 [ 131.039027][ T2315] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 131.054784][ T2315] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 131.145477][ T6419] vhci_hcd: cannot find a urb of seqnum 8 max seqnum 0 [ 132.053853][ T9] usb 34-1: SetAddress Request (2) to port 0 [ 132.279650][ T1131] vhci_hcd: stop threads [ 132.328335][ T9] usb 34-1: new SuperSpeed USB device number 2 using vhci_hcd [ 132.344579][ T1131] vhci_hcd: release socket [ 132.393861][ T1131] vhci_hcd: disconnect device [ 132.446957][ T9] usb 34-1: enqueue for inactive port 0 [ 132.571196][ T5771] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by udevd (5771) [ 132.937998][ T9] usb usb34-port1: attempt power cycle [ 133.068414][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.075257][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.517022][ T6440] syz.0.140 uses obsolete (PF_INET,SOCK_PACKET) [ 133.994596][ T9] usb usb34-port1: unable to enumerate USB device [ 136.386090][ T6453] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 136.423833][ T6450] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 137.186773][ T6459] loop0: detected capacity change from 0 to 8192 [ 137.330038][ T6462] capability: warning: `syz.1.148' uses deprecated v2 capabilities in a way that may be insecure [ 138.042860][ T6470] loop1: detected capacity change from 0 to 64 [ 140.080656][ T6474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.151'. [ 140.183616][ T6474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.151'. [ 140.209949][ T6474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.151'. [ 140.219000][ T6474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.151'. [ 141.022146][ T6479] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 142.803639][ T27] audit: type=1326 audit(1765675865.197:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6488 comm="syz.0.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f1cd8f749 code=0x7ffc0000 [ 142.904762][ T27] audit: type=1326 audit(1765675865.197:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6488 comm="syz.0.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f1cd8f749 code=0x7ffc0000 [ 142.980945][ T27] audit: type=1326 audit(1765675865.227:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6488 comm="syz.0.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f1cd8f749 code=0x7ffc0000 [ 142.987811][ T6493] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 143.010518][ T6493] IPv6: NLM_F_CREATE should be set when creating new route [ 143.065682][ T27] audit: type=1326 audit(1765675865.227:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6488 comm="syz.0.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6f1cd8f749 code=0x7ffc0000 [ 143.134688][ T27] audit: type=1326 audit(1765675865.227:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6488 comm="syz.0.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f6f1cd8f749 code=0x7ffc0000 [ 144.177755][ T6507] loop3: detected capacity change from 0 to 16 [ 144.196997][ T5880] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 144.260934][ T6507] erofs: (device loop3): mounted with root inode @ nid 36. [ 144.286620][ T6507] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 144.303497][ T6507] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 144.322623][ T6507] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 144.333671][ T6507] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 144.741018][ T6497] loop2: detected capacity change from 0 to 32768 [ 145.288040][ T5880] usb 2-1: Using ep0 maxpacket: 8 [ 145.689751][ T5880] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 145.705689][ T5880] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 145.715947][ T5880] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 145.726411][ T5880] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 145.740397][ T5880] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 145.786971][ T6512] loop0: detected capacity change from 0 to 512 [ 145.890741][ T6512] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.165: inode has both inline data and extents flags [ 145.935340][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.962409][ T6512] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.165: couldn't read orphan inode 15 (err -117) [ 145.994762][ T6512] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.485527][ T5880] usb 2-1: GET_CAPABILITIES returned 0 [ 146.686221][ T5880] usbtmc 2-1:16.0: can't read capabilities [ 146.702684][ T5880] usb 2-1: USB disconnect, device number 4 [ 147.546443][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.701162][ T6527] process 'syz.0.169' launched '/dev/fd/4' with NULL argv: empty string added [ 148.466455][ T6535] loop3: detected capacity change from 0 to 128 [ 150.677920][ T6541] loop0: detected capacity change from 0 to 128 [ 150.900561][ T6543] loop3: detected capacity change from 0 to 32768 [ 150.966259][ T6543] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 151.001954][ T6543] XFS (loop3): Ending clean mount [ 151.014622][ T6543] XFS (loop3): Quotacheck needed: Please wait. [ 151.035903][ T6549] syz.0.174: attempt to access beyond end of device [ 151.035903][ T6549] loop0: rw=2049, sector=145, nr_sectors = 392 limit=128 [ 151.104375][ T6125] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 151.127165][ T6541] syz.0.174: attempt to access beyond end of device [ 151.127165][ T6541] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128 [ 151.144324][ T6541] syz.0.174: attempt to access beyond end of device [ 151.144324][ T6541] loop0: rw=0, sector=145, nr_sectors = 8 limit=128 [ 151.159204][ T6543] XFS (loop3): Quotacheck: Done. [ 151.173884][ T6541] syz.0.174: attempt to access beyond end of device [ 151.173884][ T6541] loop0: rw=0, sector=145, nr_sectors = 8 limit=128 [ 151.187821][ T6541] syz.0.174: attempt to access beyond end of device [ 151.187821][ T6541] loop0: rw=0, sector=145, nr_sectors = 8 limit=128 [ 151.201560][ T6541] syz.0.174: attempt to access beyond end of device [ 151.201560][ T6541] loop0: rw=0, sector=145, nr_sectors = 8 limit=128 [ 151.261301][ T6541] syz.0.174: attempt to access beyond end of device [ 151.261301][ T6541] loop0: rw=0, sector=145, nr_sectors = 8 limit=128 [ 151.303807][ T6541] syz.0.174: attempt to access beyond end of device [ 151.303807][ T6541] loop0: rw=0, sector=145, nr_sectors = 8 limit=128 [ 151.345509][ T6125] usb 2-1: Using ep0 maxpacket: 16 [ 151.366498][ T6125] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.410859][ T6541] syz.0.174: attempt to access beyond end of device [ 151.410859][ T6541] loop0: rw=0, sector=145, nr_sectors = 8 limit=128 [ 151.430634][ T6125] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 151.577814][ T6125] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 151.659648][ T6541] syz.0.174: attempt to access beyond end of device [ 151.659648][ T6541] loop0: rw=0, sector=145, nr_sectors = 8 limit=128 [ 151.743529][ T6125] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.835831][ T6125] usb 2-1: config 0 descriptor?? [ 152.066930][ T5760] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 152.086651][ T6125] usbhid 2-1:0.0: can't add hid device: -71 [ 152.092684][ T6125] usbhid: probe of 2-1:0.0 failed with error -71 [ 152.159399][ T6125] usb 2-1: USB disconnect, device number 5 [ 153.133887][ T6562] loop0: detected capacity change from 0 to 128 [ 153.199554][ T6562] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 153.244933][ T6562] hpfs: filesystem error: improperly stopped [ 153.250986][ T6562] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 153.283532][ T6562] hpfs: You really don't want any checks? You are crazy... [ 153.292514][ T6562] hpfs: hpfs_map_sector(): read error [ 153.299033][ T6562] hpfs: code page support is disabled [ 153.306921][ T6562] hpfs: hpfs_map_4sectors(): unaligned read [ 153.316661][ T6562] hpfs: hpfs_map_4sectors(): unaligned read [ 153.322632][ T6562] hpfs: filesystem error: unable to find root dir [ 153.567234][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.183'. [ 153.681930][ T6570] loop1: detected capacity change from 0 to 32768 [ 153.697888][ T6573] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.700257][ T6570] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 153.706421][ T6573] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.733330][ T6570] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 153.748863][ T6570] BTRFS info (device loop1): using free space tree [ 153.781266][ T6570] BTRFS info (device loop1): enabling ssd optimizations [ 153.803037][ T6570] BTRFS info (device loop1): auto enabling async discard [ 153.840922][ T27] audit: type=1800 audit(1765675876.237:11): pid=6570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.181" name="file1" dev="loop1" ino=260 res=0 errno=0 [ 154.006093][ T27] audit: type=1800 audit(1765675876.387:12): pid=6571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.177" name="/" dev="fuse" ino=9 res=0 errno=0 [ 154.067089][ T5762] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 155.446380][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 155.505067][ T6605] random: crng reseeded on system resumption [ 155.545077][ T6573] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 155.971282][ T6573] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.981628][ T6573] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.991054][ T6573] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.008705][ T6573] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.083515][ T787] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 156.155262][ T5773] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 156.164576][ T5773] Bluetooth: hci2: Injecting HCI hardware error event [ 156.173206][ T5773] Bluetooth: hci2: hardware error 0x00 [ 156.273996][ T787] usb 2-1: Using ep0 maxpacket: 32 [ 156.285549][ T787] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 156.303458][ T787] usb 2-1: config 0 has no interface number 0 [ 156.309610][ T787] usb 2-1: config 0 interface 12 has no altsetting 0 [ 156.318965][ T787] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 156.328321][ T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.343595][ T787] usb 2-1: Product: syz [ 156.347916][ T787] usb 2-1: Manufacturer: syz [ 156.357186][ T787] usb 2-1: SerialNumber: syz [ 156.367047][ T787] usb 2-1: config 0 descriptor?? [ 157.000572][ T6614] loop3: detected capacity change from 0 to 40427 [ 157.111173][ T6614] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 157.152895][ T6614] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 157.371107][ T6614] F2FS-fs (loop3): Found nat_bits in checkpoint [ 157.386153][ T787] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 157.393867][ T787] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71 [ 157.401154][ T787] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 157.480269][ T787] f81534: probe of 2-1:0.12 failed with error -71 [ 157.520996][ T6614] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 157.535260][ T787] usb 2-1: USB disconnect, device number 6 [ 157.551530][ T6614] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 157.793095][ T1188] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 157.998482][ T1188] usb 1-1: Using ep0 maxpacket: 32 [ 158.080191][ T1188] usb 1-1: config 0 has an invalid interface number: 12 but max is 0 [ 158.201456][ T1188] usb 1-1: config 0 has no interface number 0 [ 158.314720][ T1188] usb 1-1: config 0 interface 12 has no altsetting 0 [ 158.403572][ T5773] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 158.456042][ T1188] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 158.470185][ T1188] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.478633][ T1188] usb 1-1: Product: syz [ 158.482810][ T1188] usb 1-1: Manufacturer: syz [ 158.487869][ T1188] usb 1-1: SerialNumber: syz [ 158.520801][ T1188] usb 1-1: config 0 descriptor?? [ 159.673637][ T5803] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 159.775584][ T6642] loop3: detected capacity change from 0 to 40427 [ 159.791055][ T6642] F2FS-fs (loop3): LFS is not compatible with checkpoint=disable [ 159.853910][ T5803] usb 3-1: Using ep0 maxpacket: 8 [ 159.875212][ T5803] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 159.893851][ T5803] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 159.908469][ T5803] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 159.918881][ T5803] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 159.930620][ T5803] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 159.944244][ T5803] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 159.956083][ T5803] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.024029][ T5880] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 160.272988][ T5803] usb 3-1: usb_control_msg returned -32 [ 160.279881][ T5803] usbtmc 3-1:16.0: can't read capabilities [ 160.306070][ T5880] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 160.316722][ T5880] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 160.329738][ T5880] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 160.338930][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.367130][ T5880] usb 2-1: config 0 descriptor?? [ 160.416535][ T5880] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 160.884052][ T6656] usbtmc 3-1:16.0: INITIATE_ABORT_BULK_IN returned 0 [ 161.083104][ T6658] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 161.090407][ T6658] IPv6: NLM_F_CREATE should be set when creating new route [ 161.097771][ T787] usb 3-1: USB disconnect, device number 5 [ 161.361836][ T6661] warning: `syz.3.204' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 161.912396][ T1188] f81534 1-1:0.12: f81534_set_register: reg: 1001 data: f1 failed: -71 [ 161.953531][ T1188] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71 [ 161.960874][ T1188] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 161.997895][ T1188] f81534: probe of 1-1:0.12 failed with error -71 [ 162.019816][ T6665] loop2: detected capacity change from 0 to 128 [ 162.039207][ T1188] usb 1-1: USB disconnect, device number 2 [ 162.091242][ T6026] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 163.112277][ T8] usb 2-1: USB disconnect, device number 7 [ 164.577187][ T6681] loop1: detected capacity change from 0 to 512 [ 164.759156][ T6684] loop2: detected capacity change from 0 to 128 [ 164.828082][ T6684] FAT-fs (loop2): bogus number of reserved sectors [ 164.834976][ T6684] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 164.844273][ T6684] FAT-fs (loop2): Can't find a valid FAT filesystem [ 164.883724][ T6681] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.210: inode has both inline data and extents flags [ 164.918625][ T6681] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.210: couldn't read orphan inode 15 (err -117) [ 164.983050][ T6681] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.981959][ T5803] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 167.189025][ T5762] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.233601][ T5803] usb 3-1: Using ep0 maxpacket: 8 [ 167.242991][ T5803] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 168.529169][ T5803] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 168.661916][ T5803] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.954226][ T6710] loop1: detected capacity change from 0 to 32768 [ 169.055963][ T5803] usb 3-1: config 0 descriptor?? [ 169.584711][ T5803] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 169.646182][ T6710] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 169.776153][ T6710] XFS (loop1): Ending clean mount [ 169.787496][ T6710] XFS (loop1): Quotacheck needed: Please wait. [ 169.907995][ T6710] XFS (loop1): Quotacheck: Done. [ 170.341260][ T8] usb 3-1: USB disconnect, device number 6 [ 171.253484][ T5773] Bluetooth: hci0: command 0x0406 tx timeout [ 172.044539][ T6737] loop2: detected capacity change from 0 to 16 [ 172.750046][ T6737] erofs: (device loop2): mounted with root inode @ nid 36. [ 172.765762][ T6736] syz.2.220: attempt to access beyond end of device [ 172.765762][ T6736] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 172.786398][ T6736] syz.2.220: attempt to access beyond end of device [ 172.786398][ T6736] loop2: rw=524288, sector=16, nr_sectors = 40 limit=16 [ 172.801433][ T6736] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 172.812641][ T27] audit: type=1800 audit(1765675895.207:13): pid=6736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.220" name="file3" dev="loop2" ino=89 res=0 errno=0 [ 172.941947][ T5762] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 175.647679][ T6743] syz.0.222 (6743): drop_caches: 2 [ 176.159752][ T6751] loop3: detected capacity change from 0 to 256 [ 176.278422][ T6751] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7c19779b, utbl_chksum : 0xe619d30d) [ 184.423440][ T6777] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 186.603577][ T787] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 186.647507][ T5773] Bluetooth: hci3: command 0x0406 tx timeout [ 186.653723][ T5775] Bluetooth: hci1: command 0x0406 tx timeout [ 186.877818][ T787] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 186.887226][ T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.903436][ T787] usb 1-1: Product: syz [ 186.907740][ T787] usb 1-1: Manufacturer: syz [ 186.912344][ T787] usb 1-1: SerialNumber: syz [ 187.009857][ T6792] loop1: detected capacity change from 0 to 32768 [ 187.036731][ T6792] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.235 (6792) [ 187.096968][ T6792] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 187.124217][ T6792] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 187.142276][ T6792] BTRFS info (device loop1): using free space tree [ 187.250821][ T6792] BTRFS info (device loop1): enabling ssd optimizations [ 187.259196][ T6792] BTRFS info (device loop1): auto enabling async discard [ 187.393106][ T787] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 187.683842][ T6824] hub 6-0:1.0: USB hub found [ 187.691436][ T6824] hub 6-0:1.0: 1 port detected [ 188.444502][ T5762] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 189.245193][ T787] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x0000011c. ret = -71 [ 189.472085][ T6837] loop0: detected capacity change from 0 to 512 [ 189.487964][ T6837] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 189.531635][ T6837] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 189.558912][ T6837] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 189.578413][ T6837] EXT4-fs (loop0): 1 truncate cleaned up [ 189.586389][ T6837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.777725][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.071171][ T6825] loop3: detected capacity change from 0 to 262144 [ 190.089269][ T787] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 190.100018][ T787] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 190.124899][ T787] lan78xx: probe of 1-1:1.0 failed with error -71 [ 190.141497][ T787] usb 1-1: USB disconnect, device number 3 [ 190.148880][ T6825] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by syz.3.240 (6825) [ 190.173692][ T6825] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 190.184672][ T6825] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 190.193960][ T6825] BTRFS info (device loop3): using free space tree [ 191.394106][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR [ 191.394813][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 191.405800][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 191.417302][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 191.428463][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 191.437947][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 191.447378][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 191.456798][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 191.466661][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 191.475930][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 191.486255][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 191.496687][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 191.506981][ T6825] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 191.519308][ T6825] BTRFS error (device loop3): open_ctree failed: -12 [ 191.725909][ T6830] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by udevd (6830) [ 192.166225][ T6865] pim6reg: entered allmulticast mode [ 192.385837][ T5880] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 192.437012][ T5880] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 192.467974][ T6869] loop0: detected capacity change from 0 to 2048 [ 192.621808][ T6872] fido_id[6872]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 194.143174][ T6888] loop2: detected capacity change from 0 to 128 [ 194.156268][ T6888] ADFS-fs (loop2): unrecognised mount option "u" or missing value [ 194.653859][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.660371][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.888222][ T6781] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 198.202638][ T6915] loop1: detected capacity change from 0 to 2048 [ 198.268706][ T6915] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 198.513695][ T6919] binder: 6918:6919 ioctl c0306201 0 returned -14 [ 198.534262][ T6919] binder: 6918:6919 ioctl c0306201 0 returned -14 [ 200.469718][ T6921] loop0: detected capacity change from 0 to 32768 [ 200.519495][ T6921] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.265 (6921) [ 200.580475][ T6921] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 200.679492][ T6921] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 200.800163][ T6921] BTRFS info (device loop0): enabling ssd optimizations [ 200.907170][ T6921] BTRFS info (device loop0): using spread ssd allocation scheme [ 201.018405][ T6921] BTRFS info (device loop0): turning off barriers [ 201.125257][ T6921] BTRFS info (device loop0): turning on sync discard [ 201.202501][ T6921] BTRFS error (device loop0): unrecognized commit_interval value 0x0000000080000000 [ 202.019128][ T6943] nvme_fabrics: missing parameter 'transport=%s' [ 202.097347][ T6921] BTRFS error (device loop0): open_ctree failed: -22 [ 202.104992][ T6943] nvme_fabrics: missing parameter 'nqn=%s' [ 202.294322][ T6959] netlink: 4 bytes leftover after parsing attributes in process `syz.2.276'. [ 202.339240][ T6961] netlink: 'syz.3.277': attribute type 12 has an invalid length. [ 202.347302][ T6961] netlink: 'syz.3.277': attribute type 29 has an invalid length. [ 202.355581][ T6961] netlink: 148 bytes leftover after parsing attributes in process `syz.3.277'. [ 202.365042][ T6961] netlink: 'syz.3.277': attribute type 1 has an invalid length. [ 202.372813][ T6961] netlink: 'syz.3.277': attribute type 2 has an invalid length. [ 202.404383][ T6961] netlink: 31 bytes leftover after parsing attributes in process `syz.3.277'. [ 202.745775][ T6976] netlink: 4 bytes leftover after parsing attributes in process `syz.3.284'. [ 202.777778][ T6976] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.787083][ T6976] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.796445][ T6976] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.805613][ T6976] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.826551][ T6976] netlink: 4 bytes leftover after parsing attributes in process `syz.3.284'. [ 202.878069][ T6983] loop2: detected capacity change from 0 to 256 [ 202.902322][ T6981] tipc: Started in network mode [ 202.921191][ T6981] tipc: Node identity 163421ee4234, cluster identity 4711 [ 202.926827][ T6983] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7c19779b, utbl_chksum : 0xe619d30d) [ 202.945287][ T6981] tipc: Enabled bearer , priority 0 [ 202.966198][ T6981] syzkaller0: entered promiscuous mode [ 202.980864][ T6981] syzkaller0: entered allmulticast mode [ 203.113319][ T6981] tipc: Resetting bearer [ 203.152443][ T6980] tipc: Resetting bearer [ 203.186093][ T6980] tipc: Disabling bearer [ 203.530121][ T7009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.297'. [ 203.551407][ T7009] netlink: 'syz.0.297': attribute type 10 has an invalid length. [ 203.582718][ T7013] loop3: detected capacity change from 0 to 256 [ 203.609509][ T7013] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7c19779b, utbl_chksum : 0xe619d30d) [ 203.636072][ T7009] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 203.678834][ T7008] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 203.848892][ T7021] netlink: 24 bytes leftover after parsing attributes in process `syz.3.302'. [ 203.972419][ T7027] netlink: 8 bytes leftover after parsing attributes in process `syz.1.304'. [ 204.208469][ T7035] loop2: detected capacity change from 0 to 256 [ 204.250452][ T7035] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7c19779b, utbl_chksum : 0xe619d30d) [ 204.475369][ T7045] syzkaller0: entered promiscuous mode [ 204.480906][ T7045] syzkaller0: entered allmulticast mode [ 204.569948][ T7047] netlink: 'syz.3.313': attribute type 10 has an invalid length. [ 204.588101][ T7047] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 204.713173][ T7051] syzkaller0: entered promiscuous mode [ 204.731388][ T7051] syzkaller0: entered allmulticast mode [ 204.929128][ T7063] loop1: detected capacity change from 0 to 256 [ 205.002739][ T7063] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x7c19779b, utbl_chksum : 0xe619d30d) [ 205.205963][ T7074] netlink: 16 bytes leftover after parsing attributes in process `syz.2.325'. [ 205.715068][ T7091] loop0: detected capacity change from 0 to 256 [ 205.761167][ T7093] netlink: 4 bytes leftover after parsing attributes in process `syz.3.333'. [ 205.805216][ T7091] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7c19779b, utbl_chksum : 0xe619d30d) [ 206.349790][ T2910] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 206.589601][ T7132] loop0: detected capacity change from 0 to 256 [ 206.649674][ T7132] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7c19779b, utbl_chksum : 0xe619d30d) [ 207.377975][ T7152] syzkaller0: entered promiscuous mode [ 207.383895][ T7152] syzkaller0: entered allmulticast mode [ 207.628843][ T7161] netlink: 'syz.2.357': attribute type 1 has an invalid length. [ 207.640143][ T7161] netlink: 'syz.2.357': attribute type 4 has an invalid length. [ 207.707098][ T7158] __nla_validate_parse: 2 callbacks suppressed [ 207.707113][ T7158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.356'. [ 207.750744][ T7158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.356'. [ 207.823600][ T7165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.359'. [ 208.041802][ T7172] can: request_module (can-proto-0) failed. [ 208.122614][ T7181] divide error: 0000 [#1] PREEMPT SMP KASAN [ 208.128577][ T7181] CPU: 1 PID: 7181 Comm: syz.1.363 Not tainted syzkaller #0 [ 208.135873][ T7181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 208.145952][ T7181] RIP: 0010:__tcp_select_window+0x7a3/0x1270 [ 208.151967][ T7181] Code: ff ff ff 44 89 e1 d3 e0 89 c1 f7 d1 41 01 ce 41 21 c6 e9 c5 00 00 00 e8 ab 9e 97 f8 e9 b8 00 00 00 e8 a1 9e 97 f8 44 89 f0 99 7c 24 2c 41 29 d6 48 bb 00 00 00 00 00 fc ff df e9 9c 00 00 00 [ 208.171590][ T7181] RSP: 0018:ffffc900193e7b00 EFLAGS: 00010283 [ 208.177674][ T7181] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000080000 [ 208.185662][ T7181] RDX: 0000000000000000 RSI: 00000000000002de RDI: 00000000000002df [ 208.193652][ T7181] RBP: ffffc900193e7bf0 R08: ffff888055942793 R09: 1ffff1100ab284f2 [ 208.201644][ T7181] R10: dffffc0000000000 R11: ffffed100ab284f3 R12: 0000000000000000 [ 208.209695][ T7181] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88807cd6e4e8 [ 208.217684][ T7181] FS: 00007f68ed03a6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 208.226622][ T7181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.233196][ T7181] CR2: 00007f48269750e0 CR3: 0000000025b6d000 CR4: 00000000003506e0 [ 208.241155][ T7181] Call Trace: [ 208.244421][ T7181] [ 208.247344][ T7181] ? tcp_push_one+0x100/0x100 [ 208.252016][ T7181] __tcp_transmit_skb+0xb40/0x32a0 [ 208.257125][ T7181] ? __tcp_send_ack+0x5a0/0x5a0 [ 208.261973][ T7181] ? read_tsc+0x9/0x20 [ 208.266028][ T7181] ? ktime_get+0x24b/0x280 [ 208.270446][ T7181] tcp_send_active_reset+0x35e/0x6c0 [ 208.275724][ T7181] mptcp_do_fastclose+0x23a/0x310 [ 208.280767][ T7181] mptcp_disconnect+0x1fc/0x520 [ 208.285607][ T7181] inet_shutdown+0x1be/0x370 [ 208.290192][ T7181] __x64_sys_shutdown+0x174/0x1d0 [ 208.295208][ T7181] do_syscall_64+0x55/0xb0 [ 208.299606][ T7181] ? clear_bhb_loop+0x40/0x90 [ 208.304269][ T7181] ? clear_bhb_loop+0x40/0x90 [ 208.308936][ T7181] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 208.314814][ T7181] RIP: 0033:0x7f68ec18f749 [ 208.319226][ T7181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.338835][ T7181] RSP: 002b:00007f68ed03a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000030 [ 208.347253][ T7181] RAX: ffffffffffffffda RBX: 00007f68ec3e5fa0 RCX: 00007f68ec18f749 [ 208.355220][ T7181] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 208.363197][ T7181] RBP: 00007f68ec213f91 R08: 0000000000000000 R09: 0000000000000000 [ 208.371165][ T7181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.379130][ T7181] R13: 00007f68ec3e6038 R14: 00007f68ec3e5fa0 R15: 00007fff5e1eb1f8 [ 208.387103][ T7181] [ 208.390123][ T7181] Modules linked in: [ 208.401022][ T7181] ---[ end trace 0000000000000000 ]--- [ 208.412460][ T7181] RIP: 0010:__tcp_select_window+0x7a3/0x1270 [ 208.418704][ T7181] Code: ff ff ff 44 89 e1 d3 e0 89 c1 f7 d1 41 01 ce 41 21 c6 e9 c5 00 00 00 e8 ab 9e 97 f8 e9 b8 00 00 00 e8 a1 9e 97 f8 44 89 f0 99 7c 24 2c 41 29 d6 48 bb 00 00 00 00 00 fc ff df e9 9c 00 00 00 [ 208.438624][ T7181] RSP: 0018:ffffc900193e7b00 EFLAGS: 00010283 [ 208.444727][ T7181] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000080000 [ 208.452691][ T7181] RDX: 0000000000000000 RSI: 00000000000002de RDI: 00000000000002df [ 208.460761][ T7181] RBP: ffffc900193e7bf0 R08: ffff888055942793 R09: 1ffff1100ab284f2 [ 208.468800][ T7181] R10: dffffc0000000000 R11: ffffed100ab284f3 R12: 0000000000000000 [ 208.477301][ T7181] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88807cd6e4e8 [ 208.485332][ T7181] FS: 00007f68ed03a6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 208.494400][ T7181] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.500974][ T7181] CR2: 00007f4824bd4f98 CR3: 0000000025b6d000 CR4: 00000000003506f0 [ 208.509144][ T7181] Kernel panic - not syncing: Fatal exception [ 208.515566][ T7181] Kernel Offset: disabled [ 208.519877][ T7181] Rebooting in 86400 seconds..