last executing test programs: 16.572611953s ago: executing program 3 (id=728): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x81c0, 0x8103) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0xa409, 0x0, 0x2, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1f, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="660a000000000000611158000000000085000000020000009500000000000000f80473712ea108ac1f3a907dce9e5817112b1d3dd99bfb6bba9e1772171fc8f6ae1f348765af76bb65e81d1f18514789fcdcc680fe645d1626c3e7cb152895cdc26ac522231190cd4547d921c30cb83904a74c7e535c6373181e00c9dc6c6ab47e33c0d2c129f45c00a7d34e52751a574d5d5700"/160], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000700)='net/softnet_stat\x00') ftruncate(r3, 0x7fffffff) 11.122177281s ago: executing program 3 (id=747): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000000c0), 0x67, 0x52b, &(0x7f0000000a00)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) 9.795894999s ago: executing program 0 (id=753): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) read$rfkill(r2, &(0x7f0000000040), 0x8) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) 8.837819314s ago: executing program 0 (id=754): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x28, 0x0, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) 8.700776123s ago: executing program 1 (id=756): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) symlinkat(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="20003300d0000000080211000001080211000000505050505050000008"], 0x3c}}, 0xd0) 8.378668771s ago: executing program 1 (id=757): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00') prlimit64(0x0, 0xe, &(0x7f0000000400)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) ptrace$setsig(0x4203, r1, 0xa, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_open_procfs(0x0, 0x0) socket(0x10, 0x3, 0x0) write$sndseq(0xffffffffffffffff, 0x0, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) read$hiddev(r0, &(0x7f0000000100)=""/100, 0x64) 7.468608064s ago: executing program 1 (id=759): r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3) write$binfmt_elf64(r2, 0x0, 0x78) sendfile(r1, r2, &(0x7f00000001c0), 0x8) fcntl$addseals(r2, 0x409, 0x8) fallocate(r2, 0x3, 0x2009140, 0x20000) close_range(r0, 0xffffffffffffffff, 0x0) 5.613185662s ago: executing program 3 (id=762): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x6, @mcast2, 0x6}, 0x1c) sendto$inet6(r1, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) readv(r0, &(0x7f0000000b80)=[{&(0x7f00000002c0)=""/111, 0x5a8}, {&(0x7f0000001600)=""/4096, 0x1000}], 0x2) 5.416990894s ago: executing program 0 (id=764): ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x400, 0x3, 0x31237648, 0x1, 0x4, 0x4}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000140)={0x28729f328c68897}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) pwritev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)='E', 0x1}], 0x1, 0x0, 0x8) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000000)={0x2f}) 5.347532918s ago: executing program 3 (id=765): r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket(0x2, 0x80805, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000240)={0x0, 0x6, 0xec, 0x1000}, &(0x7f0000000280)=0x10) bind$alg(r0, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$sock_int(r5, 0x1, 0x2b, &(0x7f0000000100)=0xe, 0x4) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000"], 0x64}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="580000000005010400000000000000000200040800034000000003080002400000000a240008000100e000000108d69f90a00000010c000280050001000000000004001640000000000000"], 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000040)={0x10, 0x1f, 0x1}, 0x10}], 0x1, 0x0, 0x0, 0x20000080}, 0x0) sendmsg$NFT_BATCH(r6, 0x0, 0x40050) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xabc58ca7eb7d5283}, {0x9, 0xf}, {0x4}}}, 0x24}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r8, 0x2000000, 0xfe7f, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) accept4(r9, &(0x7f0000000180)=@can, &(0x7f0000000200)=0x80, 0x40800) 5.346731258s ago: executing program 4 (id=766): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0}, 0x90) r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000001d40)=[{{0x0, 0x0, 0x0}, 0x40}], 0x1, 0x0, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) pipe(0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r2, &(0x7f0000000500)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='p'], 0x70}}], 0x1, 0x2000c044) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x7151, 0x0) 5.182045838s ago: executing program 3 (id=767): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) read$rfkill(r1, &(0x7f0000000040), 0x8) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) 4.328485168s ago: executing program 4 (id=768): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000), 0x8) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x2000}, 0x4) r2 = socket(0x10, 0x803, 0x8) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000300)={0x1, 0x3, 0x6, 0x3, 0x3, 0x0, [{0x3, 0x4, 0x8001, '\x00', 0x1001}, {0x27, 0x0, 0x0, '\x00', 0x200}, {0x68e9f25c, 0x6, 0x7fffffffffffffff, '\x00', 0x2104}]}) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r4, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r5, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x40000) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="3c0000001000030500000000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r5], 0x5c}}, 0x40) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94) syz_emit_ethernet(0x4e, &(0x7f00000006c0)=ANY=[], 0x0) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90) socket$igmp6(0xa, 0x3, 0x3a) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x50) r8 = accept$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) getsockname$packet(r8, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000110f00000000ffdbdf2500000000", @ANYBLOB="04010000000000002400008009000100766c616e000000001400028006000100000000000600050088a8000008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9, @ANYBLOB], 0x54}}, 0x0) 4.28468934s ago: executing program 3 (id=769): ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000019080)='net/softnet_stat\x00') io_submit(0x0, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000780)="e1e62499f5bbff0fb5d14fa14c243abec59f1a9a0b9313fdedf99b4435ae823fa5615d6b415fe526edfc9c9ef73ea0846607fdebd5a5069ac96154b23956715f68fea647c446d7324a677c22695d365075ce06792cb79473a2bf1a0c293ec21130b20d0d68aafc337b74a96cd4b23c34e8bd294962205dde627f7a9fe0508a5b2c06025e123b11167fc697449fa6339d4a29558b318b8daddf44131cf69394d57a1faecc38ba86377d26afbf63eb2bdabdbbcd0795423cb14cf163d3acf0c704d44c356813466bd96be3e8c4149e771c96d3790961cd5ddaf4f249b7417f56cb7d344b37e2659e4eb60f20a621c9901b5ce6af2f5c6d8775c16e4f1eba1313d4cb32af436c2a6d947525a9695be06e4660ae288e0ff2280848b70c5f480931c7dce160d9b4d5921dd067b4003ec80932be2cdb24624e8f460ff5224cc1344dd76763e22f4a6750aa03e3ce23fc2f6a69fdae9be4f4a8c973a195575ee1b1f34fdfda17820bbbef734dff833a6b4c5460071deace35b2a03edb22eac10eb0c3f262b23bfa1ecbe2bd51b418d8167ef8f1a6b8f463b0557b6670357d66251b19e367c66c1f150c95d15db0c23563d99b02504cf0070133792fed28e2d63b95d091224396b17d4314d603bc24de0a28f2d146765d4260225fdcf486db8e6ce16cdaae1a1f06b228e858c7bdf1d71a15c07e23a42b1d43c9c2599c62945d980444e9b70b8a8405e8b61e9df9514860bc8cafe70d8deb32d39ac07b8e6d43efa28b330a8f4f988407f1b3185713a6dac5320aba4b0a142c5b5f00b83d0f455d316f40a6a35df6e93965cd9d26649aaf7b80e9875e10136e7c0d7a18ca946133046e4b4f224890a0f4b77e45f036a3831c70b9eff97523151eb9dc6ce844b8e9ee8bfac165892b2e1bd88d3b77c1e200af342af9609d10a02466ab1fa667512f88dd61f04c00b9a98887c6cdec58e6c45c6c8eb16e3f99d6a980389078bdec7426eacbb45e5958b1fd66f4a49795b68977c9b84f4b8cf8d1db2277557d5c042e94841ed848d4707e7138dea28ccb7b349f7fb70403a650913fd6c89ddadae76baeeb3b9dd27063d7c900407f4b22f749c4df02a4851320c74199030f01ccfd3827c061fc1c75a0329dad06a4645381e266be21078398b165e1e1e5a5610f55263190b03f0582ec79caa91510d9e3300fed4ccb2756d2b96471af273cec441fadc3504b1c36a17d3edc11839fc134ef42a14acefa77b05782c8fcff36514f7fadb4e44c9a50d329f9a73c894421e98280f3214a269c89eb79be62e7825dc383164e869c8ddc8fe877f0cf698feeca638099f1db108b31f46173fb285b254b3998b7ab4b68c9f04a54c61dce3714b22838c886f2e99f2c8f0b523b41178f58a3674c692b6a8a46abc4b498742c6d56738227862bd6cdac85c5f9d8a91420f2f0974e82e77d7023bb5d2611337960103dc006b03c878ed9719651f9ed6862225d8c195501453a369063dc179dbf34dfd7262bf907d8595fd5c29179a28c7ff2c0634f416d3c26894ad94e3aa9a39638296be7b0b4546a23c6b53c234678a5377c3554d604d7b1dad7a21a904c208d35a5db3a723759a921d450d99d8d120c052391cdd5555d4a10355f747c15574af72a44e0be9e97a564ff8559a8f5c6536646b4ef34c7ed84937324df8bff0ee7f872ff96380dfb9ef0fe65856ae734234ffd68eee540fd581cd2e818f2401992c8ce5608709a45dded05690da38ab77ccc9c16c4c2475772ca5aaae4df77b8d97159539c76638b089be6cf2a5fb81a93bf86fb60887678d786550d4cc0a5956c07b64c03dc3455bd0afa65dd5fa2ab364c8463abd1659ae1e78b6ffd459e85fd19acd555d2a54dd233086c86536d1b1c380e6cab49d24faccadd47fb701c2e57fa275fe3064571e2761a8ab016d7837d7ea4d757224e86c5cefb90b67ca3929b9c804014567a89ead2a1193c1da04dec8b6ecc9b9c6e54ce495471fedf41f1658ee78950efdcd8f5fb751740592176679f1e5cd590fda31a91dec92f6eb9cfaa84753301bb5b1dbf3df7e4d407c7ec5207a53650e254449d1b2edb760909a96813929fb3bde0b8adb09e9ae5182892691276833a540bea1807e6ada697e8aba0fe4d8f380ee9e4e05d44190ccc62d57c5c87a7d93804401bf013d79f94efa6e4f7401fec3b9802a9cce8c909751ccbe1a69f6ef84e45fe46085ec182ac96b65e5f844ce99dbb04c770f2ddaa3f5d2ddea180f83f813c30937df7bc05fa7fdb728fbb35f2d7209ffc318fd71fa4843d20489175e2ca84b6949ed4419be38f3794bb3eaa8893aadd6037654c8aa4e405b5f9299996169cb5c07b357e31d9ddd42cc4b299c6a274c8b3a40ce5eba06bc0e325f237cbbe2c026140d5c451eafcb8af900b050d8ae568c7e1471aed75e75e0626bac90a05920df896e0127520275521f7e2e0a8883bfe66716c0778041b16ae8ba56074081a2ac8e30f1316fb70728994565642d8ecb04f178d3f569b5d3c12e7b33dc3fffb6d78548224a40cda4acdee5c1ee0e733a3301955994186c812f6e25f2e052d38f11e7bb501bb4a8eae93affca8df939423eb4c726c640c631283fa75480f31f42dcf221ad7bd22f8369f37f41c6fa20d44cb7a4d211cbd15139bf88a1bbe694ff726513fdc97c539f144d6959552172042c08f03b2a03e8fc583181ee97cee2d8bc4eba662922829e21e61ce7f6b3b636fe8c8e7bcd19ff5fa0d3b305ee298f2219391eb075508cec3bb0b85d53d102f0f797cca85db286d7a36536862275c10aa36c272fd96900782fb8666cf20858f7ddf9ab01c30156e14e190c47e7c17dc0948bae26ae7baf580a59615f64f50e00f263efa506c3871d712a7f02ce6407c07422de1bcae106a07c1881ab4f81e1dbbab7039562b6cf92c517324ac00352bd0be5ff4cca24b2f3026888213ebe5e5e6a2bd169b1ae3dcf7c0093336fcea7eac2bd2f918034db80311d18aad56f916d58b133b27a320f7749327dfce5574e32935de51edb50b64fa0adb187757576bf9c40f1b4851b3901b97e4458de49816664a1f50865e37f4ed240765088737f2f5fbb7c851a1ef5607849f590e01a86bf7ede085ecb6517b678ac87022350338ee5222690babda46ee0c4c80689fc2c7c4ad4dbe66696a60013575fdf1f5d23971e19b0ffca27b96bc7c2520fce5bd3a50f81518e1f60eea9bd893298b21f1e090ad54a0ce0a537ad9a697cde0b47c52424ffb024b3a69f021681dacfeb7cca843e88a48ce31966e702d7b5125b98b2c15528b83ae7752c21b243454cd343b3392412b676dd0bd62debbcbe8f61b060faecab1d02d968a56668b175f750fe99bcdc4b81250b36189caeac40e4dad52668e2a0e37e0347d6ac563ef45bfb5881714428a7893747d1e5bdc6a0a1da4904889757910d693e06224cb948c242078bb02b2bd8cb592c14a78e89a50753a7c65c217168e86739a26f53e78bcc9b10fed36723b02a1aacb65166015e42f8b84fb5e4092ff01d0e5cb8ac5a1e1d37fbf048853b1ff5fa4f830e31a545f7ae0235dfe5c87fea124cb5eb51d4aa48b37492c2319e0d1ea80eb08f8d609f20c2414127322995bf5d7d81736e42b6c0bf1e48cccbf1a81dd74a8e42774d17fd45bc776df065a88de5e38196af6944a72aa49090baf02a7b3c4e567a4abe8b2d1e411457b4c24954f27c63e0774d0c23847fc1635ecc4023c660862680d7c4446b58bf0defaa574c1601d684a520579076cca0d11ff6364624c2daabb39889b46f4e158d57437561adfa4ae44e35e7df6038a77ea468b142aba6fd8232dfeca890f9f24e6d4acd590024bc45c497248a76e5052f0d5523e31a66b0eb91d1e47113d94382215c328b7ad0fc570f1798c3c86f67dbf6d5cdb51b46100636e0b2ec56b95264fa7a4375d9799e555eb7f5de6b1d31859b525d9a0917bd2e2547758a634a24119039ecd873bfb5392c0472b270f5c0365958ba507d01dc7238365930cceb8a93a197d81ea48d4aa1a9c72c375a69439587a15562a5af5f5958f1690302fe4990220c8e39ec2af804038d574d4c2c4a1f3d0ecf3a0a2a29fe49e42b176b5993e6631ef103da65729ca86ba7bfb135ecfd8684273a657cf8e96c6a42a329398e05f9d8211dcb50f48ceef8d55cf8128749a00dba427d841826910cc5599fc1338419c16b9abb511d6633a8d74d972aa6ce89fe7fd89f18c16af2158bff6fad4df7cfe0d3272ae103172a863defc9954a97bac8d579c35cb6aa2dafc9731cccf80f2397e326e311785cbf7fb2f4f3e2698d80c3359ca1ee212cef03cf597621795307043ab4c3ab771115a11400ab521d9b35405407852a012b4a7a576b7ab0bbb44f7958c75ec9ba88dc4643913cbd240fdeb18dd25e379b8c46ffceda399049295e078b77bf5b8aa12df34a2c77a5c08b2e2f1b26489caa757492ae198e9d437c38c2be2ca78b9d884100b4ea25b4165fd80b3cd84e68a7e9e9b058fd6c3893dd532f121d2df7039852a1117d57c9ca390624535d6c21db3f4b7a25e3ae0c6a4c0be962acbed1749f73ad2049c95124925059f5320b31779e4e07fd429656289678e14a85da75ad668b49a602cc107e6dedf63707fa058cc6bfa43a9d3def22a1db203a83640e30f4e0158f29abb43b9c67e4ea9edde093ab3cac1843eee620d6c85e2c35b15e33e5c4039e363e8b4086a83ae7551b849708e30a1227e9eee43ef777dbded881810042d34e1fcae29ca29a0d3e641d6edff1698f32aa4a8f222e8a1227675bfc9cfa344cce39f76b25e48bab91848f7c89afe8a38dad66abc750b51b078ed60dd5d689e7551f1f4ec3acd4f3133b2e840dc5beaa3171c5b047b7f7b019e155990a51b115e7b366bfce2b8eb891b7cc7d405c89cbb4146b9169ec35845e3f785435debc92b7721ff82b974adb136cd6d8dfce739eb49ba36d3787b1515ddf977dce1ff9e5b7ae788343af2aa01ba002c35f09d0ddfcdf4c4a1678460f140268fe927bcf84f132afb528d2bf9572b8177c34d201a56f1eeadf48456dd38f95efeb46d75403e9bf6e95b4bac54826bb5e72b925fb50030dd38c7310678b5202362e9bb18f10e9ebcd34769f07dce19f3b8f3baeb00c465adcc2e1c03a7d34118585cb9f612c74369cb40cb2f1cfaed9457d297c0df396446b60be2ce8b660653ff68daf50fcb4290f8446fca109129cb8e7291050d142cfdfcb0303263dba7204e90cda1c023b6e3ee9c0267975927818f11551418fe02143afe91c331a205113471e7e5fc3f83bca3c1c981b50aaa6dc22d9aa715abc360f6374646a0907caf8645120cf3888ea4fc9cd1f92ee29ac384f57b7d052e323e71c6096de3ccd4997166ba1bae24b449906831c9c996c7024342ddde5e578af4f1a0134bc224221898c0ba87f21ff28601f61a8af63058ac7578984ef51568005972c2d9c1fddf120fbe9447f9152cf1e51fa5106ae835c17c2e55b55c9be17daffe641cf326045ad7c841bb44f25e20f186f59b5150c02022930f83b8960632cbd8ad5011e0560278952ed8f9c39d4cfbbe76657c01b7bf9c6ff70a973249e17f3b34e748ce7fb1e49f76be3aef11da26c7dad1054a1c7e0d4da76694ebc85fd51185a38a0dcee74a5eb49ae1fb9d78c799464c7c49eafcdacf70711ed716ed7819cd1a312ef80a4a2095381c679db84c30049578d34364ef63a1fdaf0aa4eaa9771b4dfbcdf8f4542a118ddc81649d3a537ef5f7ff489c6e772e57d6ef6b6e5f2f2c8a0fad8e4d46a12ea70ad5798977ab14c1fdf8f190a694a8f4733cda285a7a712fa0d32acf89567837aa6ffcf03493656cdb7bfd0c47005ba126c70af1924ca30601ab0fc4aaa4ea4d0570c5ddd03c2a5e731fa77c1d24e85c1235e10c1575dcd2d34bafbed490094fc2538df08d178502d27c953d2e0af5e3d829a0d5132cc5ee1b9d2519a95787e91836ef1d29e92bb1b662c138a49f8a77829f9dde0943ca82a4466275dac744b92dd75493a0a040a19e77a225b9e21e94d445415483aa67d2b2839de965b4c4803c61680e32e7e4deac5afa877ddc26a34d486499697d6268701ff391f4bd04612066ed9386abdfb3a6234f8705aa3e298bde969f9bcc16af97fc107d0e565d2b9659ab0e3029b1e195ba1a517ae0484352ce366fc0bdf1b5517aa878d6b8a09b7c01e0d6c52c74a0113a97afc505d47d65dcae6db63e014838af156e72021b09c6db109a59c4166c9cc8ad5207878348a58f65b77de388ec8296373f3dd8acdb7c04bce3032fffd3032cf724376ddefe642a54e6624ff147ffb28fa4fcc351eef9051a86f4b93c30d7515ea247fe0ce484f9b39e1b8e051fd7babc9800e55bce6ae1c08e64fede1cd264678509e94bfc4f3409206c4ef05181f47a1abae8ba185772913c13fa0fe4d36a4239595cbe5cb38643e74966cf2cac2c0cde26f49a60925f238b60434f67b28d9e01df9c23984ce8c6c3a40b4f69c1750a99e6ba451f2429565d38e21993f982f9eb4c7ec77b03ac472327fd43e30f8ec565710f1964aaef8683a0c5526a8994de98db77b550a620ec894ee07a706d092eebd9d692b0feca7ae8c13434f947814c84e5a159f2f9314970ca864f261a2a16f3f3352f8d1e1f19dc6292a586e57326ded4e5cc1f17562d175e755e9fa62dfc817bafa4896e611b897ac7bcccc2fcbfd7a5576478b503f7add397c03ddbe6150846324b12544ad783da46ec793e7f37dabde9426d044cedd50440d1b26782233b1612390d4fdd249737f250c3ce1731a825b0cb9341f847a568d8e82b81f883eb90e146d792a2a46cd07518858e6d64b07db16c1d002f3d2cce2bc5f3ae150379c923555170a07c6663e4adede0649ac47c044f1a65657eda07a0b5cb16966b5e9f11ff04dd6bba7a0b0bdcf03e0a15424198b267ac0f89ef01022ec38a7d26d355e0d8d6b794b472352d932093bc91349618ff1e8f956916b5d8e4cbf658fe5ada42cdef4ca5407a997b67e4e1347b90d43c78825b558eda995447f6008eebfc9775814921f72cf243d3156fda3dddc1874f2c0a651ccfd1c77b10f57cd86b32d9c1612b53c69e5172e9045c0689391c90c97bf1a1b902546763336e0f76be74b269c4bf72c030f1040413d4de5fa65ba9f4109e37a3c387e729394f765dbc2e6b769fc5995c7e3c5fa509c07cdf9acbe99dc5cad14640bffad695f0404b066496d87fd6ffc0bea12bad489858169a0c63141fa5857ac1e8b454362fe15a7e55ac371da68cf6a291d41784883658d0c5bb5e6db28b205204e0db38881c4ae83b37dcf945c6d09aea33506ae051287e066f787925bf7d57587e849655969e5677eedc372448e6f2a2f8ce6bdd4def434bd9a2bed09c93c96877dd5e7773a699ed9feda02372e2d82ea0ecbed08ade26c7744dc5276a0e817bd3bd4383790929b79719002bd4df059006fb755877c85d51d433b35b5d9c3769d7c1101e871c7d2d51bf579a10bb9664e60ce918e23655935a7f89db15a0d88e6663a3ba02dae1210a4d7d7eff522c3d4fa3f5fc4c36346185d0ef55c8910a52d41fe3e4a792e8e1fe35af1a15a8c91b06e64fd36f7725c34dd8468422ed96c2e2fc5faf1a7c51b01e9c216f82aa11f8da041804461303a40578cb5f9fd49c0b6abd420581ba4461a6013500552f8d2379f960c6f680fa66eca3faf97504fc6916f84319f554a24829c4cae9c63be3bb3d2c7176b93063d37c3df69c8ac6c0fa43ad9a8274b94ee35dd8a69c3b560dd57353ce9c8188e9db8652544d32fbd2d931ceb0484eb1b27ba74c237dbc1e81b6a867ded6400b3dc0cf973790c03ef6bb69ebc76bb175233793a123ff009d16d1e43fa6f15303ad5169ca42b3ef9f9630b92e03e9a6cd32ec08dbc8abd342931b617bd37ef8e09b68713757e39bcf24f4b95f9972d5b7680e22e7fc421b67e27d3cd97cea6ee1ae78ab792751d317fc317e39545e4a2eebd72c1298b84452de9bc6f6d13d0ec0d7faa52e3b59134531f82214548e6202416f1aa43d65bc1e10fbb1737ebfe51c862dfe6bcc064695ef87f90eeaa011fce5903f6c7af9ba34a627165e909c2f9060055c496a506487249810745b53d137860f0a9ae482932c579511c736d0db447e0941cb8b32bc8e5aeeb0abdcebe66ac420b77f981b1dcde605299caf0171cdb722f42072e3fa1376ff3b3ebc747597822c9c07bb7f76b3e1ef89d4c8155af4c1fcd95272bf93ca058eae43b71997edf14d3f09edb495c7ce361c78ff8dc8cc95a639ce0332b955bd66d9a4ff4c882297338172622cc3a05f2bf02eb8103b32083c42d64259df53d0ba3e4cf80307eb0e00380213370d6a7ce33e685237949fc14657b6eead581de144fe6ab1d318efe2e14823ad3bac3f83819c1810a0c49664c7400af906f6c670e41b94582551cefd8462ae86e1ae10b1f56e48e2591737c0336985f09ce751f68924760daa1881417ea27db9ecfa7580ff9c2879a267d5db8b88d6f984563038c25254cdb88a1fa5240b76cbe0614ab1d4e81072d26ce1d0b1c4b1780e201937fcfd6db6a4561315e1e6be0a381fdecfb42cacb575a5d86aff6a92a4454637ad249d24573ccea9d71ed580eeae16a09f79e27ddf38a281c8779f945720b067a10005cdc04d3f7b483df35d4bc0503a0c66cdb87b3f58c6e367cbb902236ab95cc817b79969865e6a9cde65d543f6f624b5f9e53e4b07b43d77ca7bb503d7a39a35114152f804c78bc9211f61c2f0eb3842c0d1e9a9b3b4585318a007490ad0343ce1368ae5582da587af3c4c156ed943acbd977ec6060047a8fd89005af9ab41302ec3a72c88030fec45013d35efc5ecbd7ff5b41c6bef7ce7adddd7cc322c6ea213f1b7dba5a844f630c63bb5a3662be935d013b3d4104da390d87c127651d1abe3d2b183cf51720f1d3eab3342c6414d5b8d09e635b618712b510e6fbf4376df28870087ad2be875994e1538729dccbeebd3f532814db319e961b3ab3c718f5025bf68c6a366a180f638b074ee966ccb9db4cf321af69d3c5e654146d3c73a47a48a2df1d6dbf27f6e863978d64ba8e59ddfcdf45e485b44ef5025690dfc85d3f8b0fed638f8017d81b82f4bcaa6dab7ad10ce1ac59a6ec59725521b17ae5212e7bf1e71cc4be8d9c57bcccaea6afc256b9947c618616ae75df1952b683e9382f9b69a86b214007fab11c10dc4758e809880fa3ccc4a4966a333af9652d10aeb2830c9cc0c4dd1c50b5b19830cb5ad0bba23927c72097084002acc317c134b467e8ef66481d295af5216ba2b2227463ff4c52cc8ba8f84dc940edb9384394f66c3683821677635baefe43d09e53f421307a22a675c89b7704b93d26b68aa601f12b98c80522672be8fb44114f5ee4577609792d4a8731765316f46d08e25936a38535925462fd884fb699e6024a27c66f45a00d2c941da5c1213cc7fb08470450af51c9b9e366630c4deff3b0aad756750d8e9a0570170a111d8d9dfb26ca6df846e5e0e960dd76223e3e5a356241420cb63fe7638afb2b393c89f3784463313dd0502ce2582fe494c33358b228df38d673801a13aef8ccbfb601499b05eab9fc1ea79ff0457136b8505f5a0828b14cabc11da7d8064a1ea6512a5235440f18e424509eaa917901fc04d403a0ac0c009ddfd54fc64c87b93395271b3d6645775029bf2b5ccc97ccaded244ca5970f6cf5c7885a411e45de398c6b06f3553e25604bf7dcf10a080e836864875d2949496f0256c60919fca02970cc6b866c799284a111b61251a8335a4dda28997cf73eef8423a8edc5ea103d50ad85da49a82a5eef5e1adfeb2b674ab274b3e1d7c425b19ff279de9514f4f9178893bad99fd9b27b99e8d07f98166d9c24cc7761f37449354a07904334a36c86429b96b906bb9aaf854d5512a2f2139cc4076832d2cd1f3aafa601680c6ed9a729c4388a760ec3e660e3a9a3b6c0e842aacdf3f8a1558b090053f99721dab91d8200d4fd49efb89db83a7c8683e666632dd8f8e50665d27890b214c14feee115579a9799d42babf78830611654826a4fb5f352964e4f0f6fcd8beff16301ffd8e69979c635b1e00254492f1e2a9683eb14abd24e25f9c7a973befd88024811203b8c5891edb1224e68aed33264f1c195137e9dfac078dee77dad6f1aaf618447f7126c2e63637573163a104111991e81213bd9de6ae8a47185c3d37b52202077e93b4e97d9b5514a58079c45b10de04d38d7f2af2115e33b98d46011e5fb3d52092daed0a8a6f98ec79e6a9ddb7469f66c44d5ce7f76013aacb1e162c874134064bf0faf37236c6104598967cb18bcb99aea6f0fe0fb1c42706663b0adc7ee75d0a5f4be66a9ac60f9e9b4d71d4408e777b763163f5695f8852bb567b1cd12e056a61d5c16443622a5730a34a5d4b2146e19b366d2aaaf2c11abdf69e304387b9951093d404a5da6ffcdc161282b625f32eec22b02e1830daa3c5f692cd0e7be3d59efe1671a1e28381e506699fe5cf533ec2854a27b91079e3efb6aeb9886f8a040e4d37210929e02ca7a06d74d4ea884aca97b9b592afdcd5758662f4b258988248117f3db349c5e76cdeb89e598950f465497d138b7b810611198e5ea7ebcb8bf347c41b5c704e1ab3618454039177a929aa60f882b1d27a55454ae08c5077c468e8de8de555f558c9d0cda133698044686d3d4f8c36edae2ee9e6cc430355d45b40ee99366a63b50d5fbd71b6403324807e822afdee6788a3ce97a79da4b730e6079d1d9f62b35ea4e6859c569e6f7ced8e029358ed5c8b6db16a37f7bdbe8969429759681001fbb5f963acb46d3398d59ba92cb435e0ae954f33be138e45007dc1c1acb8f4b3816b2e35f93341587364ef6473992aeda5cef90557b13a48fcb760c704e732937ff455fed55e84cfbf2d7232271706029e2bbdd08d7262541fe62df2d8b6b8f36ec6582fcb3364a256a72b701cb74a85b4c0ed0339b05c41157d8324903772066e393868aa77f923b46b9f4e5109d34a250c5e579c9882029e6c10e19750b315747f665fdcc89f6335614f9668d4fdb233907ff2d0a9b1fc342ee609926431b667728afac5d01690d4fe4d514ccceff7a9b62cbe7046d6d20e128a09f2c2ea684e318086dd470369058dcefefe314a2dd275d06dc7d05ce96076e10139596833f522e962f503906b647a6852481d90176737c0d5e193127792e3bb0543f3c3d37bfc0724744d8b0abc32e1b62a0b40466ed8e74a072838abba492654a7d6c4821e4918575079f71ce332258b72f7a84c51769386415c1719df530277d7028703deb53e3f86b266914042965c0b08905bb96559253e46173a4054bd9d12fe3bcc6abb2a8de808039b039bc8abdea0b055f525e8f1f11a02fd3102a3c1587beafff1c57ad32c8721cccc3525c673472d898bfae25b12346121ac46e18c4ab29ae51e11481d4c59f9a5627dacf9940ee538c88100e8a2b09ca2831cc269adbc1b0aab0b3a80c101be80fcb972838ba49465bd947c60122ebfc7d1ed6c5ce35426a3f7", 0x2000, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x800, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c0000001a00010028bd7000fddbdf2502202000ff00fd070000000008000300", @ANYRES32=r4, @ANYBLOB="0ad5575becc88aafb4539c965dff036b9c25c11271e9d4cc8453973cf9dfe3b370635db470185a5dfcce9dc2580019122abcb1acd7daa22d044b9ad9abe146cf1bf58cafb3f5316085bac895545653dc1bc1a1230104f6ad1e0516ed759ec8dfda75153d60a273614b2d0a8a500994a9ae90f031ee4a9a420a097e1b06619b903d1a5ad8"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0xea5bc50b6199d77e) 4.28311983s ago: executing program 1 (id=770): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) socket(0x10, 0x3, 0x0) process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, 0x0, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) bind$unix(r4, &(0x7f0000000500)=@file={0x1, './file0\x00'}, 0x6e) r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x284182, 0x0) sendmmsg$unix(r4, &(0x7f0000002e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@rights={{0x18, 0x1, 0x1, [r5, r4]}}], 0x18, 0x48000}}], 0x1, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 4.210827665s ago: executing program 0 (id=771): r0 = memfd_create(&(0x7f0000000380)='\x1aj~\x97\xc1\x00\x00\x00\xff\x00\x00\x00\x7f\xef_\xd3\xdc=f.z=\x80=8\x1f\x14\xa2&\xbam\v\xa9\f\xf5\x17t\xc9\x80\xf4\xa1\xeb\x907L\x7f \xe3\x19\xcb\xbf\xfc\x00\x00\x00\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00h}\x00\x135V\xd9\xe0\xb0\x17\x01g\xff?\xc8\xfb3\x93\xbc\xcf\xf2\x95\xbeYd,\xb3\x17\xb0L\xe841(\"\xc2K\x11\x81\xef.m\xf7@\xb1\xf9\xee\xce\\\xd9\x03\nHNzF``\xa0\xc4}P\xb3\b\x91\'\x9b~\xcd\xfd\xaa\n\xea\x8dC\x9aQ\n\xce\"\x9cN\xed0\xf0\xc2x\x93h\xe8\\\x18\xd26\xe7\x8d4\x06\xf0\xe3M\xe5\x91\x0f\x85\x97bla\x06\xe1\xba\x1a\x1d \n\fr\xae\x12M\xcb6\xe0\x15\xd5d\x16\xc3\xdf\xa2\x04wB\xd0\x18\xa4\x17|\vH\xf5\xb0\xb5\xc7\x9f`Fz\xa3x\x99\xe17\xd2vAW\xe5\x18)9\xba\xa68A\xf8y\xe6\xac\xda\xc7u\xa9\x00{:\x01\xee,\a:\x06\xad{\x80\xfd\xc7\"\x95\x0f\xe3\x86\x19\xc3\xd2\xf7\x18\xf8\xed\x8b\"\xd8\x8f\xde`\xb0D\xfd\x84\xa3\xd7\xf3R\x8d\x88\xdaJ\xb0\xf8^\xd4>\xc7e\xab\x8f+\xda\x9b\xae\xf2\xca\xb9\xde\xb5\x8f\xdb\xba}\x7f\xf8\xe5i,m\b\xf0\xc7\xe9R\x9cY$\xcb\x00/!Z\xeb\x9bE\xf2\xb9\xcc\xf0\x9c\x02\xfc\x9c\x91q\xba|\x80n\x1f\xffG\xc3\x13\xe7v\xa7\x95md\x0f\xa5\x06\v^n\x84d5o\x02\xb3.\x8dc\x18\xe0\xc2\x9b\xe1D\x0fB] \xdfJGr\xdbc,\xef82%\x97\xe4;u\xa9\xe5\xef*n\xf613\x17\x80[\x90]\xef\xc1\x8e\rD\xd2\xe0\x8c\xf2\x00\x00\x00\x00\x00\x00\x00Gs\xab\x1e\xa13\x93\x8d\x04U\xf5\xb8Th9s3\xc9\xbf\xe5My$\x99.\xf0\xd5\xc8\xb1\xfc4\xe7\x83z\x11a\xb7\xebY\x1d\xcd\x81N\xed\xbd\xa5\xce\xa0f\xe5q2\xbc#w\xe4_\x8a-\xad\xc2/_\xe6\nE\xeb\x9c\x96\xf4`\xa2\x06\xe0\x00\xfb\x99\xbb}\xfb\x052_\x83*B\xf1\xf0\x95\xd2K\xd6\xe5\xb1\x1a\x02,\xbe\xf5\xd0\xd4\xa1A\xf3!\n\xc6b\xeb\x92\xea\xd8\xe1$\xbbUO\x1fS\x02\x9e\xa7|i:\xb1\xf60\xf6M\xe6,\x81=F\xa1\xca\x06\x0e\x14\x89/\xa7\"\x17-h9\x176\x9d\x04\x1el\xdcp\x89\x1b \x93f\x9a\x10\xd9\xa2Y\b\xfalA\xe1\x1bI\xb9\xf8\xa0\xb0\xc2\x04\xedO\n\vj&\xb5\x04\xc3{Yt\xf4rS^\x0e$\xe9\x05\xcd\x9b\x84\x14`\xed\x9e\xbbh\x81h\xf2\xe7\xe2DO\x1a\xe9\xc1\x1cu\xa5\xbd\x90\xbb\x03\xd5\x00\xf2\x83T\xe4\x0eF\x7f\x85\xb5\xe9CJ0xffffffffffffffff}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10) 3.93942519s ago: executing program 0 (id=772): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x81c0, 0x8103) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0xa409, 0x0, 0x2, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0) r3 = socket$tipc(0x1e, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1f, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x58}, [@call={0x85, 0x0, 0x0, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) eventfd2(0x0, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000700)='net/softnet_stat\x00') ftruncate(r4, 0x7fffffff) execve(0x0, 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') link(&(0x7f0000000940)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 2.797450747s ago: executing program 0 (id=774): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000000c0), 0x67, 0x52b, &(0x7f0000000a00)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) 2.728678711s ago: executing program 4 (id=775): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x28, 0x0, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) 2.697594903s ago: executing program 2 (id=776): prlimit64(0x0, 0xe, 0x0, 0x0) mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1) prctl$PR_MCE_KILL(0x21, 0x1, 0x1) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x100, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1a, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x10001, 0x401, 0x80000000, 0x2401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0x0, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0xfffffffe, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0x0, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4b, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x40, 0xa, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0xf1a, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x0, 0x9, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x8, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x64, 0x4, 0x7fff, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x7, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0x6688, 0x45e3, 0x5, 0x7, 0x1, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37d, 0x10001, 0xc, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0xfffffffa, 0x2, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0xe, 0x89, 0x2, 0x8, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x2, 0x80000004, 0x29, 0x9, 0x0, 0x4, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x7, 0x8000, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x1, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xc, 0x6, 0x7, 0xfffffeff, 0x4, 0x2, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x6, 0x1, 0xa9c, 0x9, 0x9, 0x1, 0x2, 0x5, 0x1000, 0x5, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xffff0000, 0xf, 0x1, 0xffffa5ba, 0xffffa9b4, 0x1, 0x4, 0x5, 0x7, 0x4b5f, 0x6, 0xa, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x0, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0xfff, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x7f, 0x4, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb6, 0x101, 0x401, 0x2, 0xb, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0x9, 0x3, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000001, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0xa, 0x1, 0x9, 0x1, 0xd, 0x9, 0x7619, 0xfffffe01, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x9, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x0, 0x2, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x9, 0x3, 0xffffffff, 0x9, 0x7f, 0x6, 0x8, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x9, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0xe, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x8001, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x4000, 0x1, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000000, 0x9, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x8000002, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0xfb4, 0xbf8, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x4, 0x3, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x7fffffff, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0x8, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x1, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x5, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x5, 0x6330, 0x0, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0xffffffff, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x3ff, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x8, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x30a6, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x8, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x7, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]}) syz_open_dev$evdev(0x0, 0x2, 0x862b01) socket$inet_tcp(0x2, 0x1, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r3, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 2.670807824s ago: executing program 4 (id=777): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) process_madvise(0xffffffffffffffff, 0x0, 0x0, 0xc, 0x25) 2.516593893s ago: executing program 4 (id=778): syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, 0x0, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_REG(r3, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x14, 0x0, 0xf09, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x8084) syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00') close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) setrlimit(0x2, &(0x7f00000000c0)={0x0, 0x2400000}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) 1.964749306s ago: executing program 2 (id=779): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0}, 0x90) r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000001d40)=[{{0x0, 0x0, 0x0}, 0x40}], 0x1, 0x0, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) pipe(0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r2, &(0x7f0000000500)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='p'], 0x70}}], 0x1, 0x2000c044) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x7151, 0x0) 1.162401462s ago: executing program 1 (id=780): r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3) write$binfmt_elf64(r2, &(0x7f0000000080)=ANY=[], 0x78) sendfile(r1, r2, 0x0, 0x8) fcntl$addseals(r2, 0x409, 0x8) fallocate(r2, 0x3, 0x2009140, 0x20000) close_range(r0, 0xffffffffffffffff, 0x0) 1.071704477s ago: executing program 2 (id=781): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) read$rfkill(r1, &(0x7f0000000040), 0x8) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) 827.705542ms ago: executing program 2 (id=782): r0 = memfd_create(&(0x7f0000000380)='\x1aj~\x97\xc1\x00\x00\x00\xff\x00\x00\x00\x7f\xef_\xd3\xdc=f.z=\x80=8\x1f\x14\xa2&\xbam\v\xa9\f\xf5\x17t\xc9\x80\xf4\xa1\xeb\x907L\x7f \xe3\x19\xcb\xbf\xfc\x00\x00\x00\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00h}\x00\x135V\xd9\xe0\xb0\x17\x01g\xff?\xc8\xfb3\x93\xbc\xcf\xf2\x95\xbeYd,\xb3\x17\xb0L\xe841(\"\xc2K\x11\x81\xef.m\xf7@\xb1\xf9\xee\xce\\\xd9\x03\nHNzF``\xa0\xc4}P\xb3\b\x91\'\x9b~\xcd\xfd\xaa\n\xea\x8dC\x9aQ\n\xce\"\x9cN\xed0\xf0\xc2x\x93h\xe8\\\x18\xd26\xe7\x8d4\x06\xf0\xe3M\xe5\x91\x0f\x85\x97bla\x06\xe1\xba\x1a\x1d \n\fr\xae\x12M\xcb6\xe0\x15\xd5d\x16\xc3\xdf\xa2\x04wB\xd0\x18\xa4\x17|\vH\xf5\xb0\xb5\xc7\x9f`Fz\xa3x\x99\xe17\xd2vAW\xe5\x18)9\xba\xa68A\xf8y\xe6\xac\xda\xc7u\xa9\x00{:\x01\xee,\a:\x06\xad{\x80\xfd\xc7\"\x95\x0f\xe3\x86\x19\xc3\xd2\xf7\x18\xf8\xed\x8b\"\xd8\x8f\xde`\xb0D\xfd\x84\xa3\xd7\xf3R\x8d\x88\xdaJ\xb0\xf8^\xd4>\xc7e\xab\x8f+\xda\x9b\xae\xf2\xca\xb9\xde\xb5\x8f\xdb\xba}\x7f\xf8\xe5i,m\b\xf0\xc7\xe9R\x9cY$\xcb\x00/!Z\xeb\x9bE\xf2\xb9\xcc\xf0\x9c\x02\xfc\x9c\x91q\xba|\x80n\x1f\xffG\xc3\x13\xe7v\xa7\x95md\x0f\xa5\x06\v^n\x84d5o\x02\xb3.\x8dc\x18\xe0\xc2\x9b\xe1D\x0fB] \xdfJGr\xdbc,\xef82%\x97\xe4;u\xa9\xe5\xef*n\xf613\x17\x80[\x90]\xef\xc1\x8e\rD\xd2\xe0\x8c\xf2\x00\x00\x00\x00\x00\x00\x00Gs\xab\x1e\xa13\x93\x8d\x04U\xf5\xb8Th9s3\xc9\xbf\xe5My$\x99.\xf0\xd5\xc8\xb1\xfc4\xe7\x83z\x11a\xb7\xebY\x1d\xcd\x81N\xed\xbd\xa5\xce\xa0f\xe5q2\xbc#w\xe4_\x8a-\xad\xc2/_\xe6\nE\xeb\x9c\x96\xf4`\xa2\x06\xe0\x00\xfb\x99\xbb}\xfb\x052_\x83*B\xf1\xf0\x95\xd2K\xd6\xe5\xb1\x1a\x02,\xbe\xf5\xd0\xd4\xa1A\xf3!\n\xc6b\xeb\x92\xea\xd8\xe1$\xbbUO\x1fS\x02\x9e\xa7|i:\xb1\xf60\xf6M\xe6,\x81=F\xa1\xca\x06\x0e\x14\x89/\xa7\"\x17-h9\x176\x9d\x04\x1el\xdcp\x89\x1b \x93f\x9a\x10\xd9\xa2Y\b\xfalA\xe1\x1bI\xb9\xf8\xa0\xb0\xc2\x04\xedO\n\vj&\xb5\x04\xc3{Yt\xf4rS^\x0e$\xe9\x05\xcd\x9b\x84\x14`\xed\x9e\xbbh\x81h\xf2\xe7\xe2DO\x1a\xe9\xc1\x1cu\xa5\xbd\x90\xbb\x03\xd5\x00\xf2\x83T\xe4\x0eF\x7f\x85\xb5\xe9CJ0xffffffffffffffff}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f000002eff0)={0x85c, &(0x7f0000000000)=[{}]}, 0x10) 724.524698ms ago: executing program 1 (id=783): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x81c0, 0x8103) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0xa409, 0x0, 0x2, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1f, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="660a000000000000611158000000000085000000020000009500000000000000f80473712ea108ac1f3a907dce9e5817112b1d3dd99bfb6bba9e1772171fc8f6ae1f348765af76bb65e81d1f18514789fcdcc680fe645d1626c3e7cb152895cdc26ac522231190cd4547d921c30cb83904a74c7e535c6373181e00c9dc6c6ab47e33c0d2c129f45c00a7d34e52751a574d5d5700"/160], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x25, &(0x7f0000000000)=0x8, 0x4) r4 = syz_open_procfs(0x0, &(0x7f0000000700)='net/softnet_stat\x00') ftruncate(r4, 0x7fffffff) execve(0x0, 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') 543.138499ms ago: executing program 2 (id=784): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x40) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000}) syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 228.803987ms ago: executing program 2 (id=785): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000), 0x8) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x2000}, 0x4) r2 = socket(0x10, 0x803, 0x8) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f0000000300)={0x1, 0x3, 0x6, 0x3, 0x3, 0x0, [{0x3, 0x4, 0x8001, '\x00', 0x1001}, {0x27, 0x0, 0x0, '\x00', 0x200}, {0x68e9f25c, 0x6, 0x7fffffffffffffff, '\x00', 0x2104}]}) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r4, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r5, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x40000) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="3c0000001000030500000000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r5], 0x5c}}, 0x40) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94) syz_emit_ethernet(0x4e, &(0x7f00000006c0)=ANY=[], 0x0) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90) socket$igmp6(0xa, 0x3, 0x3a) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x50) r8 = accept$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) getsockname$packet(r8, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000110f00000000ffdbdf2500000000", @ANYBLOB="04010000000000002400008009000100766c616e000000001400028006000100000000000600050088a8000008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9, @ANYBLOB], 0x54}}, 0x0) 0s ago: executing program 4 (id=786): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x81c0, 0x8103) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0xa409, 0x0, 0x2, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0) r3 = socket$tipc(0x1e, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1f, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x58}, [@call={0x85, 0x0, 0x0, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) eventfd2(0x0, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000700)='net/softnet_stat\x00') ftruncate(r4, 0x7fffffff) execve(0x0, 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') link(&(0x7f0000000940)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') kernel console output (not intermixed with test programs): vsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.382517][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.404781][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.416306][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.443317][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.484022][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.496904][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.510127][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.531639][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.562386][ T4196] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.611052][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 66.619314][ T4307] loop1: detected capacity change from 0 to 512 [ 66.626416][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 66.652162][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.666452][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.678236][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.689723][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.699870][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.716122][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.717348][ T4307] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 66.729072][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.747554][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.759922][ T4196] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.772992][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 66.785196][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 66.800742][ T4196] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.809797][ T4196] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.818887][ T4196] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.828015][ T4196] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.981599][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.993213][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.096952][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.124877][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.133212][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.146734][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.156586][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.176127][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 67.211442][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 67.228737][ T4317] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 67.254887][ T1454] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.273553][ T1454] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.313553][ T1454] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 67.997679][ T4339] x_tables: ip6_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 68.455603][ T4327] sched: RT throttling activated [ 69.516948][ T4352] loop3: detected capacity change from 0 to 512 [ 70.380349][ T4355] netlink: 'syz.2.13': attribute type 13 has an invalid length. [ 70.448859][ T4231] Bluetooth: hci0: command 0x0419 tx timeout [ 70.961729][ T4352] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 70.996310][ T4352] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 71.149102][ T4352] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01d, mo2=0102] [ 71.231118][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.237636][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.417611][ T4352] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80) [ 71.420517][ T4231] Bluetooth: hci2: command 0x0419 tx timeout [ 71.446711][ T4231] Bluetooth: hci1: command 0x0419 tx timeout [ 71.478554][ T4231] Bluetooth: hci3: command 0x0419 tx timeout [ 71.484828][ T4231] Bluetooth: hci4: command 0x0419 tx timeout [ 71.656381][ T4352] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features [ 71.844585][ T4366] loop4: detected capacity change from 0 to 256 [ 72.451558][ T4352] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,abort,nomblk_io_submit,noblock_validity,nolazytime,jqfmt=vfsold,jqfmt=vfsv0,barrier=0x000000000000d95a,debug,,errors=continue. Quota mode: none. [ 72.576302][ T26] audit: type=1326 audit(1769090755.776:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 72.863236][ T26] audit: type=1326 audit(1769090755.806:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 72.925849][ T4366] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d) [ 72.981610][ T26] audit: type=1326 audit(1769090755.806:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 73.118900][ T26] audit: type=1326 audit(1769090755.806:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 73.148904][ T26] audit: type=1326 audit(1769090755.806:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 73.210284][ T26] audit: type=1326 audit(1769090755.806:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 73.279972][ T4371] loop2: detected capacity change from 0 to 512 [ 73.344941][ T26] audit: type=1326 audit(1769090755.806:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 73.368918][ T26] audit: type=1326 audit(1769090755.806:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 73.453826][ T4374] loop4: detected capacity change from 0 to 1024 [ 73.466869][ T4371] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.20: inode has both inline data and extents flags [ 73.480929][ T26] audit: type=1326 audit(1769090755.806:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 73.504529][ T26] audit: type=1326 audit(1769090755.806:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4362 comm="syz.0.17" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 73.550136][ T4371] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.20: couldn't read orphan inode 15 (err -117) [ 73.582752][ T4374] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 73.629930][ T4371] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: writeback. [ 73.712786][ T4374] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3887: comm syz.4.22: Allocating blocks 497-513 which overlap fs metadata [ 73.715074][ T4388] Zero length message leads to an empty skb [ 73.737365][ T4374] EXT4-fs (loop4): pa ffff888024a227e0: logic 256, phys. 385, len 8 [ 73.745699][ T4374] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4904: group 0, free 0, pa_free 1 [ 74.120140][ T4395] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2930740056 (2930740056 ns) > initial count (2187300511 ns). Using initial count to start timer. [ 74.251491][ T3522] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 75.778102][ T4407] loop4: detected capacity change from 0 to 256 [ 76.470255][ T4407] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 76.588417][ T4407] FAT-fs (loop4): Directory bread(block 64) failed [ 76.595200][ T4407] FAT-fs (loop4): Directory bread(block 65) failed [ 76.602159][ T4407] FAT-fs (loop4): Directory bread(block 66) failed [ 76.608847][ T4407] FAT-fs (loop4): Directory bread(block 67) failed [ 76.615746][ T4407] FAT-fs (loop4): Directory bread(block 68) failed [ 76.622436][ T4407] FAT-fs (loop4): Directory bread(block 69) failed [ 76.629534][ T4407] FAT-fs (loop4): Directory bread(block 70) failed [ 76.636223][ T4407] FAT-fs (loop4): Directory bread(block 71) failed [ 76.643240][ T4407] FAT-fs (loop4): Directory bread(block 72) failed [ 76.649883][ T4407] FAT-fs (loop4): Directory bread(block 73) failed [ 77.095532][ T4407] overlayfs: filesystem on './file0' not supported [ 77.535751][ T4418] loop1: detected capacity change from 0 to 1024 [ 77.594456][ T26] kauditd_printk_skb: 72 callbacks suppressed [ 77.594470][ T26] audit: type=1326 audit(1769090760.796:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 78.720594][ T26] audit: type=1326 audit(1769090760.836:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 78.781758][ T26] audit: type=1326 audit(1769090760.836:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 78.804621][ T26] audit: type=1326 audit(1769090760.836:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 78.833297][ T4418] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 78.851657][ T26] audit: type=1326 audit(1769090760.836:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 78.884964][ T3522] usb 3-1: device not accepting address 2, error -71 [ 78.938068][ T4418] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,nobarrier,norecovery,errors=remount-ro,resgid=0x0000000000000000,. Quota mode: writeback. [ 78.960233][ T26] audit: type=1326 audit(1769090760.836:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 78.996251][ T26] audit: type=1326 audit(1769090760.836:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 79.326897][ T26] audit: type=1326 audit(1769090760.836:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 79.821585][ T26] audit: type=1326 audit(1769090760.836:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 80.385057][ T26] audit: type=1326 audit(1769090760.836:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4416 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 81.020262][ T1107] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 81.347428][ T4455] netlink: 8 bytes leftover after parsing attributes in process `syz.0.44'. [ 81.360418][ T1107] usb 4-1: Using ep0 maxpacket: 8 [ 81.453895][ T21] cfg80211: failed to load regulatory.db [ 81.481752][ T1107] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.644063][ T1107] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.880375][ T1107] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 81.925498][ T1107] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.071290][ T1107] usb 4-1: config 0 descriptor?? [ 82.247410][ T1107] usb 4-1: can't set config #0, error -71 [ 82.271528][ T1107] usb 4-1: USB disconnect, device number 2 [ 83.130240][ T26] kauditd_printk_skb: 27 callbacks suppressed [ 83.130255][ T26] audit: type=1326 audit(1769090765.436:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4457 comm="syz.1.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 83.290405][ T26] audit: type=1326 audit(1769090765.446:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4457 comm="syz.1.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 83.326347][ T4472] Illegal XDP return value 4294967294, expect packet loss! [ 83.344023][ T4467] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 83.380249][ T26] audit: type=1326 audit(1769090765.446:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4457 comm="syz.1.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 83.460262][ T26] audit: type=1326 audit(1769090765.446:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4457 comm="syz.1.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 83.580354][ T26] audit: type=1326 audit(1769090765.446:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4457 comm="syz.1.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 83.640371][ T4231] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 83.958510][ T4491] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 83.983100][ T4491] netlink: 16 bytes leftover after parsing attributes in process `syz.4.58'. [ 84.466549][ T1107] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 84.520990][ T4231] usb 1-1: Using ep0 maxpacket: 8 [ 85.170394][ T4231] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 85.179537][ T4231] usb 1-1: config 179 has no interface number 0 [ 85.192119][ T4231] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 85.206621][ T4231] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 85.223933][ T4231] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 85.236613][ T1107] usb 3-1: Using ep0 maxpacket: 32 [ 85.246331][ T4231] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 85.259501][ T4231] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 85.279063][ T4231] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 85.289069][ T4231] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.331322][ T4470] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 85.380539][ T1107] usb 3-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 85.401448][ T1107] usb 3-1: config 0 interface 0 has no altsetting 0 [ 85.446724][ T1107] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 85.475393][ T1107] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.529176][ T1107] usb 3-1: config 0 descriptor?? [ 85.779392][ T4231] usb 1-1: USB disconnect, device number 2 [ 85.790257][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 85.798826][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 86.045105][ T1107] magicmouse 0003:05AC:0265.0001: unknown main item tag 0x0 [ 86.072135][ T4501] loop1: detected capacity change from 0 to 128 [ 86.096180][ T1107] magicmouse 0003:05AC:0265.0001: unknown main item tag 0x0 [ 86.108243][ T1107] magicmouse 0003:05AC:0265.0001: unknown main item tag 0x0 [ 86.193310][ T1107] magicmouse 0003:05AC:0265.0001: unknown main item tag 0x0 [ 86.223123][ T1107] magicmouse 0003:05AC:0265.0001: hidraw0: USB HID v0.07 Device [HID 05ac:0265] on usb-dummy_hcd.2-1/input0 [ 86.267307][ T4501] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 86.314269][ T1107] usb 3-1: USB disconnect, device number 4 [ 86.331907][ T4501] ext4 filesystem being mounted at /14/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 86.531337][ T4508] device syzkaller0 entered promiscuous mode [ 86.609422][ T4506] fido_id[4506]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 86.745798][ T4516] loop3: detected capacity change from 0 to 128 [ 86.809600][ T4516] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 86.857987][ T4516] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.947825][ T4525] loop4: detected capacity change from 0 to 256 [ 87.101604][ T4525] FAT-fs (loop4): Directory bread(block 64) failed [ 87.157538][ T4530] loop2: detected capacity change from 0 to 256 [ 87.223869][ T4525] FAT-fs (loop4): Directory bread(block 65) failed [ 87.301284][ T4530] FAT-fs (loop2): bogus number of FAT sectors [ 87.307447][ T4530] FAT-fs (loop2): Can't find a valid FAT filesystem [ 87.549149][ T4525] FAT-fs (loop4): Directory bread(block 66) failed [ 87.753616][ T4525] FAT-fs (loop4): Directory bread(block 67) failed [ 87.931371][ T3522] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 87.950658][ T4525] FAT-fs (loop4): Directory bread(block 68) failed [ 87.960657][ T4525] FAT-fs (loop4): Directory bread(block 69) failed [ 87.967315][ T4525] FAT-fs (loop4): Directory bread(block 70) failed [ 88.000555][ T4525] FAT-fs (loop4): Directory bread(block 71) failed [ 88.007292][ T4525] FAT-fs (loop4): Directory bread(block 72) failed [ 88.053286][ T4525] FAT-fs (loop4): Directory bread(block 73) failed [ 88.060947][ T4538] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 88.216160][ T4520] ODEBUG: Out of memory. ODEBUG disabled [ 88.260227][ T3522] usb 4-1: Using ep0 maxpacket: 8 [ 89.183398][ T3522] usb 4-1: config 0 has an invalid interface number: 31 but max is 0 [ 89.191738][ T3522] usb 4-1: config 0 has no interface number 0 [ 89.376829][ T3522] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 89.392137][ T3522] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.440728][ T3522] usb 4-1: Product: syz [ 89.460690][ T3522] usb 4-1: Manufacturer: syz [ 89.470355][ T3522] usb 4-1: SerialNumber: syz [ 89.493895][ T3522] usb 4-1: config 0 descriptor?? [ 91.134658][ T4581] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2930740056 (2930740056 ns) > initial count (2187300511 ns). Using initial count to start timer. [ 91.223066][ T4581] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2511464707 (20091717656 ns) > initial count (4978712120 ns). Using initial count to start timer. [ 91.440464][ T3522] usb 4-1: Found UVC 0.04 device syz (046d:08c3) [ 91.447081][ T3522] usb 4-1: No valid video chain found. [ 91.539607][ T3522] usb 4-1: USB disconnect, device number 3 [ 91.879623][ T4599] loop0: detected capacity change from 0 to 512 [ 92.098369][ T4599] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 92.132925][ T4606] loop4: detected capacity change from 0 to 1024 [ 92.146190][ T4599] ext4 filesystem being mounted at /26/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.263673][ T4606] EXT4-fs error (device loop4): ext4_map_blocks:739: inode #3: block 1: comm syz.4.95: lblock 1 mapped to illegal pblock 1 (length 1) [ 92.411291][ T4606] Quota error (device loop4): write_blk: dquota write failed [ 92.448004][ T4606] Quota error (device loop4): find_free_dqentry: Can't write quota data block 1 [ 92.477757][ T4606] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 92.564142][ T4610] tipc: Started in network mode [ 92.569305][ T4610] tipc: Node identity 48, cluster identity 4711 [ 92.575704][ T4610] tipc: Node number set to 72 [ 92.839574][ T26] audit: type=1800 audit(1769090775.816:126): pid=4610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.93" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 92.865751][ T4606] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.95: Failed to acquire dquot type 0 [ 93.050670][ T4606] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 1: comm syz.4.95: lblock 1 mapped to illegal pblock 1 (length 1) [ 93.139513][ T4606] Quota error (device loop4): do_insert_tree: Can't read tree quota block 1 [ 93.199527][ T4606] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 93.255681][ T4606] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.95: Failed to acquire dquot type 0 [ 93.311938][ T4606] EXT4-fs error (device loop4): ext4_free_blocks:6234: comm syz.4.95: Freeing blocks not in datazone - block = 0, count = 4096 [ 93.626305][ T4606] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 1: comm syz.4.95: lblock 1 mapped to illegal pblock 1 (length 1) [ 93.849461][ T4606] Quota error (device loop4): do_insert_tree: Can't read tree quota block 1 [ 94.068848][ T4606] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 94.102383][ T4606] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.95: Failed to acquire dquot type 0 [ 94.168415][ T4606] EXT4-fs (loop4): 1 orphan inode deleted [ 94.202997][ T4606] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 94.292636][ T4606] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 16: comm syz.4.95: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 94.708616][ T4639] loop1: detected capacity change from 0 to 128 [ 94.795047][ T4639] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 94.831087][ T4639] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 94.850118][ T4646] netlink: 12 bytes leftover after parsing attributes in process `syz.0.107'. [ 94.936083][ T4639] EXT4-fs (loop1): shut down requested (1) [ 94.962350][ T3520] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 94.978946][ T4647] device veth3 entered promiscuous mode [ 94.989134][ T4647] bridge1: port 1(veth3) entered blocking state [ 95.001172][ T4647] bridge1: port 1(veth3) entered disabled state [ 95.016652][ T4647] bridge1: port 1(veth3) entered blocking state [ 95.023340][ T4647] bridge1: port 1(veth3) entered forwarding state [ 95.031477][ T4648] fscrypt (loop1, inode 12): Error -5 getting encryption context [ 95.040448][ T4270] bridge1: port 1(veth3) entered disabled state [ 95.064525][ T4646] device veth5 entered promiscuous mode [ 95.075621][ T4646] bridge1: port 2(veth5) entered blocking state [ 95.085257][ T4646] bridge1: port 2(veth5) entered disabled state [ 95.095087][ T4646] bridge1: port 2(veth5) entered blocking state [ 95.101466][ T4646] bridge1: port 2(veth5) entered forwarding state [ 95.114870][ T4270] bridge1: port 2(veth5) entered disabled state [ 95.250422][ T3520] usb 5-1: Using ep0 maxpacket: 32 [ 95.264796][ T26] audit: type=1326 audit(1769090778.466:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4653 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 95.303957][ T4644] loop2: detected capacity change from 0 to 40427 [ 95.323977][ T4654] loop1: detected capacity change from 0 to 512 [ 95.335006][ T26] audit: type=1326 audit(1769090778.516:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4653 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 95.410559][ T4654] EXT4-fs (loop1): orphan cleanup on readonly fs [ 95.420736][ T4654] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.109: bad orphan inode 13 [ 95.431181][ T3520] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 95.506866][ T3520] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.535159][ T4654] ext4_test_bit(bit=12, block=18) = 1 [ 95.570355][ T4654] is_bad_inode(inode)=0 [ 95.600813][ T4654] NEXT_ORPHAN(inode)=2130706432 [ 95.605867][ T3520] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 95.640217][ T4654] max_ino=32 [ 95.643485][ T4654] i_nlink=1 [ 95.655209][ T3520] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.679757][ T4654] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 95.708897][ T3520] usb 5-1: config 0 descriptor?? [ 95.840376][ T4660] TCP: TCP_TX_DELAY enabled [ 95.861299][ T3520] hub 5-1:0.0: USB hub found [ 96.020420][ T1107] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 96.166486][ T4667] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz.1.109: deleted inode referenced: 12 [ 96.660353][ T3520] hub 5-1:0.0: config failed, can't read hub descriptor (err -22) [ 96.956416][ T3520] hid-generic 0003:046D:C31C.0002: item fetching failed at offset 0/1 [ 96.986184][ T3520] hid-generic: probe of 0003:046D:C31C.0002 failed with error -22 [ 97.101934][ T1107] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.112256][ T1107] usb 1-1: config 0 interface 0 has no altsetting 0 [ 97.118898][ T1107] usb 1-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 97.128068][ T1107] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.158068][ T1107] usb 1-1: config 0 descriptor?? [ 97.291075][ T4231] usb 5-1: USB disconnect, device number 2 [ 97.431400][ T4682] loop2: detected capacity change from 0 to 128 [ 97.924430][ T1107] kye 0003:0458:5010.0003: hidraw0: USB HID v0.00 Device [HID 0458:5010] on usb-dummy_hcd.0-1/input0 [ 97.940218][ T4682] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 98.000531][ T4682] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 98.010252][ T1107] kye 0003:0458:5010.0003: tablet-enabling feature report not found [ 98.032570][ T1107] kye 0003:0458:5010.0003: tablet enabling failed [ 98.047881][ T1107] usb 1-1: USB disconnect, device number 3 [ 98.091926][ T4682] EXT4-fs (loop2): shut down requested (1) [ 98.105866][ T4682] fscrypt (loop2, inode 12): Error -5 getting encryption context [ 98.269271][ T4691] fido_id[4691]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 98.550619][ T4692] loop4: detected capacity change from 0 to 2048 [ 98.810293][ T4692] loop4: p1 < > p3 p4 < > [ 98.878042][ T4692] loop4: p3 start 4284289 is beyond EOD, truncated [ 99.125017][ T3562] loop4: p1 < > p3 p4 < > [ 99.140810][ T3562] loop4: p3 start 4284289 is beyond EOD, truncated [ 100.911814][ T4719] loop2: detected capacity change from 0 to 256 [ 100.977155][ T4719] exfat: Deprecated parameter 'namecase' [ 100.985081][ T4719] exfat: Deprecated parameter 'utf8' [ 101.142004][ T4719] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d) [ 102.658188][ T4741] loop4: detected capacity change from 0 to 2048 [ 102.706268][ T4742] loop1: detected capacity change from 0 to 4096 [ 102.778623][ T4741] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable=0x0000000000000001,user_xattr,minixdf,noquota,discard,inode_readahead_blks=0x0000000000002000,,errors=continue. Quota mode: none. [ 102.849297][ T4742] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 102.912932][ T4741] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.115814][ T4741] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.137: bg 0: block 345: padding at end of block bitmap is not set [ 103.131576][ T4741] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117 [ 103.144994][ T4741] EXT4-fs (loop4): This should not happen!! Data will be lost [ 103.144994][ T4741] [ 103.314131][ T4732] loop2: detected capacity change from 0 to 40427 [ 103.409490][ T4732] F2FS-fs (loop2): build fault injection attr: rate: 174, type: 0x1ffff [ 103.870599][ T4732] capability: warning: `syz.2.133' uses deprecated v2 capabilities in a way that may be insecure [ 104.775692][ T4764] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 104.805329][ T4776] loop1: detected capacity change from 0 to 256 [ 104.830432][ T4764] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 104.882408][ T4776] FAT-fs (loop1): Directory bread(block 64) failed [ 104.888977][ T4776] FAT-fs (loop1): Directory bread(block 65) failed [ 104.937380][ T4776] FAT-fs (loop1): Directory bread(block 66) failed [ 104.984040][ T4776] FAT-fs (loop1): Directory bread(block 67) failed [ 105.010828][ T4776] FAT-fs (loop1): Directory bread(block 68) failed [ 105.017398][ T4776] FAT-fs (loop1): Directory bread(block 69) failed [ 105.080392][ T4776] FAT-fs (loop1): Directory bread(block 70) failed [ 105.110404][ T4776] FAT-fs (loop1): Directory bread(block 71) failed [ 105.176296][ T4776] FAT-fs (loop1): Directory bread(block 72) failed [ 105.190535][ T4776] FAT-fs (loop1): Directory bread(block 73) failed [ 106.774678][ T4819] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 106.871982][ T4822] netlink: 8 bytes leftover after parsing attributes in process `syz.4.167'. [ 106.898754][ T26] kauditd_printk_skb: 96 callbacks suppressed [ 106.898767][ T26] audit: type=1326 audit(1769090790.096:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 106.943810][ T26] audit: type=1326 audit(1769090790.146:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 107.139994][ T26] audit: type=1326 audit(1769090790.146:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 107.860271][ T26] audit: type=1326 audit(1769090790.146:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 108.004206][ T26] audit: type=1326 audit(1769090790.146:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 108.027188][ T26] audit: type=1326 audit(1769090790.146:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 108.049430][ T26] audit: type=1326 audit(1769090790.146:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 108.071715][ T7] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 108.079466][ T26] audit: type=1326 audit(1769090790.146:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 108.136176][ T26] audit: type=1326 audit(1769090790.146:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 108.204142][ T26] audit: type=1326 audit(1769090790.146:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4821 comm="syz.3.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 109.220587][ T7] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.260573][ T7] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.370542][ T7] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 109.403505][ T7] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 109.443918][ T7] usb 5-1: Manufacturer: syz [ 109.487739][ T7] usb 5-1: config 0 descriptor?? [ 110.470306][ T7] usbhid 5-1:0.0: can't add hid device: -71 [ 110.476396][ T7] usbhid: probe of 5-1:0.0 failed with error -71 [ 110.501262][ T7] usb 5-1: USB disconnect, device number 3 [ 110.624296][ T4864] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2930740056 (2930740056 ns) > initial count (2187300511 ns). Using initial count to start timer. [ 110.682209][ T4868] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2511464707 (20091717656 ns) > initial count (4978712120 ns). Using initial count to start timer. [ 110.921565][ T4883] syz.4.189 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 112.549163][ T4918] netlink: 52 bytes leftover after parsing attributes in process `syz.4.202'. [ 113.337890][ T4939] netlink: 68 bytes leftover after parsing attributes in process `syz.4.211'. [ 113.546284][ T4948] netlink: 52 bytes leftover after parsing attributes in process `syz.4.215'. [ 113.767199][ T4955] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 114.144025][ T4968] device syzkaller0 entered promiscuous mode [ 114.191640][ T4968] tipc: Started in network mode [ 114.210330][ T4968] tipc: Node identity 1a9d3d4c2e87, cluster identity 4711 [ 114.238097][ T4968] tipc: Enabled bearer , priority 0 [ 114.268369][ T4967] tipc: Resetting bearer [ 114.313758][ T4967] tipc: Disabling bearer [ 114.493629][ T4979] process 'syz.0.227' launched './file0' with NULL argv: empty string added [ 114.524049][ T4980] netlink: 'syz.1.228': attribute type 1 has an invalid length. [ 114.576747][ T4982] netlink: 28 bytes leftover after parsing attributes in process `syz.1.228'. [ 114.877645][ T4995] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 114.923092][ T4999] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 115.237536][ T5006] loop4: detected capacity change from 0 to 256 [ 115.315449][ T5006] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d) [ 116.133080][ T5020] netlink: 'syz.4.240': attribute type 1 has an invalid length. [ 116.168302][ T5020] netlink: 28 bytes leftover after parsing attributes in process `syz.4.240'. [ 116.390325][ T4224] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 116.630244][ T4224] usb 4-1: Using ep0 maxpacket: 32 [ 116.751056][ T4224] usb 4-1: config 2 has an invalid interface number: 145 but max is 0 [ 116.759460][ T4224] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 116.783939][ T4224] usb 4-1: config 2 has no interface number 0 [ 116.790104][ T4224] usb 4-1: config 2 interface 145 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 116.810230][ T4224] usb 4-1: config 2 interface 145 has no altsetting 0 [ 116.990399][ T4224] usb 4-1: New USB device found, idVendor=22b8, idProduct=3010, bcdDevice= 0.01 [ 117.020681][ T4224] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.040921][ T146] Bluetooth: Wrong link type (-22) [ 117.052438][ T4224] usb 4-1: Product: syz [ 117.060329][ T4224] usb 4-1: Manufacturer: syz [ 117.065124][ T4224] usb 4-1: SerialNumber: syz [ 117.425366][ T5044] loop1: detected capacity change from 0 to 256 [ 117.574936][ T4224] usb-storage 4-1:2.145: USB Mass Storage device detected [ 117.653827][ T5044] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d) [ 118.051789][ T4224] usb-storage 4-1:2.145: Quirks match for vid 22b8 pid 3010: 30 [ 118.171695][ T5051] netlink: 'syz.2.252': attribute type 1 has an invalid length. [ 118.189195][ T5049] loop0: detected capacity change from 0 to 1024 [ 118.251422][ T4224] usb 4-1: USB disconnect, device number 4 [ 118.325956][ T5055] netlink: 28 bytes leftover after parsing attributes in process `syz.2.252'. [ 118.358263][ T5057] device syzkaller0 entered promiscuous mode [ 118.391820][ T5057] tipc: Started in network mode [ 118.415867][ T5057] tipc: Node identity 9656f9bf1a11, cluster identity 4711 [ 118.444137][ T5057] tipc: Enabled bearer , priority 0 [ 118.500107][ T5058] tipc: Resetting bearer [ 118.563929][ T5056] tipc: Resetting bearer [ 118.722872][ T5049] hfsplus: failed to load root directory [ 118.834002][ T5056] tipc: Disabling bearer [ 119.075048][ T26] kauditd_printk_skb: 54 callbacks suppressed [ 119.075063][ T26] audit: type=1326 audit(1769090802.276:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 119.111354][ T5071] loop1: detected capacity change from 0 to 512 [ 119.245958][ T26] audit: type=1326 audit(1769090802.306:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 119.475369][ T5071] EXT4-fs (loop1): orphan cleanup on readonly fs [ 119.558907][ T5086] loop2: detected capacity change from 0 to 256 [ 119.665719][ T5086] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 119.716611][ T5086] netlink: 'syz.2.261': attribute type 3 has an invalid length. [ 119.833472][ T5071] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.258: bad orphan inode 13 [ 120.451645][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #10!!! [ 120.470364][ T5071] ext4_test_bit(bit=12, block=18) = 1 [ 120.475936][ T5071] is_bad_inode(inode)=0 [ 120.480109][ T5071] NEXT_ORPHAN(inode)=2130706432 [ 120.496950][ T26] audit: type=1326 audit(1769090802.306:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9451ec9a22 code=0x7ffc0000 [ 120.552902][ T5071] max_ino=32 [ 120.556166][ T5071] i_nlink=1 [ 120.559436][ T5071] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 120.655879][ T26] audit: type=1326 audit(1769090802.306:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9451e8a58e code=0x7ffc0000 [ 120.739433][ T5089] netlink: 'syz.4.265': attribute type 1 has an invalid length. [ 121.051084][ T5091] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz.1.258: deleted inode referenced: 12 [ 121.729360][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 121.746797][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!! [ 121.756148][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 121.780173][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!! [ 121.799673][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!! [ 121.809817][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!! [ 121.822071][ T5092] netlink: 28 bytes leftover after parsing attributes in process `syz.4.265'. [ 121.831741][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 121.880192][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 121.893703][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 122.117964][ T26] audit: type=1326 audit(1769090802.306:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f9451ec9ae7 code=0x7ffc0000 [ 122.160207][ T26] audit: type=1326 audit(1769090802.306:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9451e8a58e code=0x7ffc0000 [ 122.719316][ T26] audit: type=1326 audit(1769090802.306:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9451ec994b code=0x7ffc0000 [ 122.810332][ T26] audit: type=1326 audit(1769090802.366:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9451e8a58e code=0x7ffc0000 [ 122.836783][ T26] audit: type=1326 audit(1769090802.366:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9451e8a58e code=0x7ffc0000 [ 122.860441][ T26] audit: type=1326 audit(1769090802.406:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5069 comm="syz.1.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f9451ec8b97 code=0x7ffc0000 [ 123.263575][ T5115] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2930740056 (2930740056 ns) > initial count (2187300511 ns). Using initial count to start timer. [ 123.403866][ T5115] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2511464707 (20091717656 ns) > initial count (4978712120 ns). Using initial count to start timer. [ 123.499591][ T5132] loop4: detected capacity change from 0 to 256 [ 124.429191][ T5134] netlink: 'syz.3.278': attribute type 1 has an invalid length. [ 124.482408][ T5132] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 124.867429][ T5132] netlink: 'syz.4.277': attribute type 3 has an invalid length. [ 124.881724][ T5136] netlink: 28 bytes leftover after parsing attributes in process `syz.3.278'. [ 125.141881][ T5142] loop3: detected capacity change from 0 to 512 [ 125.230769][ T5142] EXT4-fs (loop3): inline encryption not supported [ 125.275465][ T5142] EXT4-fs (loop3): Ignoring removed bh option [ 125.318345][ T5142] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 125.415381][ T5142] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.280: bg 0: block 4: invalid block bitmap [ 125.442872][ T5142] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 125.579374][ T5142] EXT4-fs (loop3): 1 orphan inode deleted [ 125.599274][ T5142] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,inlinecrypt,usrquota,nodioread_nolock,jqfmt=vfsv0,bh,min_batch_time=0x000000000000051c,debug_want_extra_isize=0x000000000000005e,dioread_nolock,,errors=continue. Quota mode: writeback. [ 125.714500][ T5148] loop0: detected capacity change from 0 to 1024 [ 126.352407][ T5156] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.280: Directory hole found for htree leaf block 0 [ 126.985050][ T5142] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.280: Directory hole found for htree leaf block 0 [ 127.037449][ T5142] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.280: Directory hole found for htree leaf block 0 [ 127.051098][ T5142] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.280: Directory hole found for htree leaf block 0 [ 127.229271][ T5159] device syzkaller0 entered promiscuous mode [ 127.246782][ T5007] hfsplus: b-tree write err: -5, ino 4 [ 127.255338][ T26] kauditd_printk_skb: 27 callbacks suppressed [ 127.255351][ T26] audit: type=1326 audit(1769090810.456:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 127.303467][ T5165] tipc: Enabled bearer , priority 0 [ 127.337751][ T26] audit: type=1326 audit(1769090810.506:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 127.372924][ T26] audit: type=1326 audit(1769090810.506:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 127.460419][ T5158] tipc: Resetting bearer [ 127.496329][ T26] audit: type=1326 audit(1769090810.506:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 127.524152][ T26] audit: type=1326 audit(1769090810.506:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 127.573017][ T5158] tipc: Disabling bearer [ 127.711712][ T5171] netlink: 'syz.3.290': attribute type 1 has an invalid length. [ 127.918803][ T26] audit: type=1326 audit(1769090810.506:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 128.275525][ T5177] netlink: 68 bytes leftover after parsing attributes in process `syz.4.291'. [ 128.322057][ T5173] netlink: 28 bytes leftover after parsing attributes in process `syz.3.290'. [ 128.361410][ T26] audit: type=1326 audit(1769090810.506:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 128.450360][ T26] audit: type=1326 audit(1769090810.506:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 128.513943][ T5179] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2930740056 (2930740056 ns) > initial count (2187300511 ns). Using initial count to start timer. [ 128.567133][ T26] audit: type=1326 audit(1769090810.506:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 128.656569][ T26] audit: type=1326 audit(1769090810.506:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5160 comm="syz.4.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 128.861674][ T5189] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2511464707 (20091717656 ns) > initial count (4978712120 ns). Using initial count to start timer. [ 129.203758][ T5198] netlink: 'syz.4.294': attribute type 3 has an invalid length. [ 129.265460][ T5199] loop3: detected capacity change from 0 to 1024 [ 129.503403][ T5199] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 129.516436][ T5199] EXT4-fs (loop3): invalid journal inode [ 129.522204][ T5199] EXT4-fs (loop3): can't get journal size [ 130.374479][ T5199] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,sysvgroups,norecovery,abort,nombcache,,errors=continue. Quota mode: writeback. [ 130.660543][ T5208] loop3: detected capacity change from 0 to 512 [ 130.698350][ T5208] EXT4-fs (loop3): orphan cleanup on readonly fs [ 130.716407][ T5208] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.301: bad orphan inode 13 [ 130.851142][ T5208] ext4_test_bit(bit=12, block=18) = 1 [ 131.611573][ T5208] is_bad_inode(inode)=0 [ 131.637618][ T5208] NEXT_ORPHAN(inode)=2130706432 [ 131.666148][ T5208] max_ino=32 [ 131.669392][ T5208] i_nlink=1 [ 131.720560][ T5208] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 131.757643][ T5216] device syzkaller0 entered promiscuous mode [ 132.044934][ T5224] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz.3.301: deleted inode referenced: 12 [ 133.892508][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.898831][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.254743][ T5228] netlink: 'syz.3.305': attribute type 1 has an invalid length. [ 134.350987][ T5231] netlink: 28 bytes leftover after parsing attributes in process `syz.3.305'. [ 134.766183][ T5242] loop1: detected capacity change from 0 to 256 [ 134.899279][ T5242] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 134.945293][ T5242] netlink: 'syz.1.310': attribute type 3 has an invalid length. [ 135.630746][ T5244] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2930740056 (2930740056 ns) > initial count (2187300511 ns). Using initial count to start timer. [ 135.759359][ T5244] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2511464707 (20091717656 ns) > initial count (4978712120 ns). Using initial count to start timer. [ 136.497078][ T5249] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 137.708064][ T26] kauditd_printk_skb: 51 callbacks suppressed [ 137.708079][ T26] audit: type=1326 audit(1769090820.906:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 137.811224][ T26] audit: type=1326 audit(1769090820.976:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 137.865621][ T26] audit: type=1326 audit(1769090820.976:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9451ec9a22 code=0x7ffc0000 [ 137.909017][ T26] audit: type=1326 audit(1769090820.976:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9451e8a58e code=0x7ffc0000 [ 138.966878][ T26] audit: type=1326 audit(1769090820.976:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f9451ec9ae7 code=0x7ffc0000 [ 139.036912][ T5270] device syzkaller0 entered promiscuous mode [ 139.043491][ T26] audit: type=1326 audit(1769090820.976:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9451e8a58e code=0x7ffc0000 [ 139.186640][ T5270] tipc: Enabled bearer , priority 0 [ 139.227604][ T26] audit: type=1326 audit(1769090820.976:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9451ec994b code=0x7ffc0000 [ 139.408463][ T26] audit: type=1326 audit(1769090820.976:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9451ec994b code=0x7ffc0000 [ 139.933284][ T5270] tipc: Resetting bearer [ 140.024584][ T5281] netlink: 'syz.0.319': attribute type 1 has an invalid length. [ 140.333317][ T26] audit: type=1326 audit(1769090820.976:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f9451e8a58e code=0x7ffc0000 [ 140.356686][ T26] audit: type=1326 audit(1769090820.996:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.1.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9451ec994b code=0x7ffc0000 [ 141.651122][ T5269] tipc: Resetting bearer [ 141.769215][ T5269] tipc: Disabling bearer [ 141.775475][ T5291] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 141.817446][ T5284] netlink: 28 bytes leftover after parsing attributes in process `syz.0.319'. [ 141.840461][ T4261] tipc: Node number set to 874134860 [ 142.060419][ T5304] netlink: 68 bytes leftover after parsing attributes in process `syz.4.327'. [ 142.071296][ T5305] loop3: detected capacity change from 0 to 512 [ 142.179676][ T5305] EXT4-fs (loop3): orphan cleanup on readonly fs [ 142.187891][ T5305] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.328: bad orphan inode 13 [ 142.204053][ T5305] ext4_test_bit(bit=12, block=18) = 1 [ 142.213035][ T5305] is_bad_inode(inode)=0 [ 142.217285][ T5305] NEXT_ORPHAN(inode)=2130706432 [ 142.222636][ T5305] max_ino=32 [ 142.225955][ T5305] i_nlink=1 [ 142.229271][ T5305] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 142.455687][ T5312] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz.3.328: deleted inode referenced: 12 [ 142.585910][ T5301] loop0: detected capacity change from 0 to 40427 [ 142.648761][ T5301] F2FS-fs (loop0): invalid crc value [ 142.662331][ T5301] F2FS-fs (loop0): Found nat_bits in checkpoint [ 142.728635][ T5301] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 142.791003][ T7] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 143.143104][ T5322] attempt to access beyond end of device [ 143.143104][ T5322] loop0: rw=2049, want=45104, limit=40427 [ 143.260677][ T7] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 143.290321][ T7] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 143.309511][ T7] usb 5-1: config 1 has no interface number 0 [ 143.350693][ T5330] device syzkaller0 entered promiscuous mode [ 143.368089][ T5330] tipc: Enabled bearer , priority 0 [ 143.394845][ T5330] tipc: Resetting bearer [ 143.412564][ T5329] tipc: Resetting bearer [ 143.443300][ T5329] tipc: Disabling bearer [ 143.475824][ T26] kauditd_printk_skb: 62 callbacks suppressed [ 143.475836][ T26] audit: type=1326 audit(1769090826.676:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 143.506947][ T7] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 143.518634][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.529151][ T7] usb 5-1: Product: syz [ 143.533610][ T7] usb 5-1: Manufacturer: syz [ 143.538356][ T7] usb 5-1: SerialNumber: syz [ 143.558633][ T26] audit: type=1326 audit(1769090826.716:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 143.707340][ T26] audit: type=1326 audit(1769090826.716:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 143.730872][ T26] audit: type=1326 audit(1769090826.716:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 143.769191][ T26] audit: type=1326 audit(1769090826.716:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 143.861451][ T26] audit: type=1326 audit(1769090826.726:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 144.158194][ T4259] usb 5-1: USB disconnect, device number 4 [ 144.432228][ T26] audit: type=1326 audit(1769090826.726:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 144.555430][ T26] audit: type=1326 audit(1769090826.726:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 144.680198][ T26] audit: type=1326 audit(1769090826.726:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 144.743394][ T26] audit: type=1326 audit(1769090826.726:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5334 comm="syz.3.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 145.105140][ T5351] netlink: 'syz.0.336': attribute type 1 has an invalid length. [ 145.819240][ T5353] netlink: 28 bytes leftover after parsing attributes in process `syz.0.336'. [ 145.911800][ T5363] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 146.384077][ T5370] netlink: 92 bytes leftover after parsing attributes in process `syz.1.349'. [ 146.400845][ T5370] netlink: 12 bytes leftover after parsing attributes in process `syz.1.349'. [ 146.411978][ T5370] netlink: 20 bytes leftover after parsing attributes in process `syz.1.349'. [ 146.421721][ T5370] netlink: 20 bytes leftover after parsing attributes in process `syz.1.349'. [ 146.795432][ T4259] Bluetooth: hci4: command 0x0405 tx timeout [ 147.520471][ T5362] loop3: detected capacity change from 0 to 40427 [ 147.644585][ T5390] loop0: detected capacity change from 0 to 1764 [ 148.331524][ T5362] F2FS-fs (loop3): invalid crc value [ 148.603269][ T5362] F2FS-fs (loop3): Found nat_bits in checkpoint [ 149.916133][ T5413] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 150.009293][ T5415] loop0: detected capacity change from 0 to 736 [ 151.459666][ T5413] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 152.042507][ T5431] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 152.060242][ T13] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 152.359974][ T5442] netlink: 68 bytes leftover after parsing attributes in process `syz.0.372'. [ 153.190453][ T13] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 153.220090][ T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.295820][ T13] usb 5-1: config 0 descriptor?? [ 153.359812][ T13] cp210x 5-1:0.0: cp210x converter detected [ 153.560303][ T13] cp210x 5-1:0.0: failed to get vendor val 0x370b size 1: -32 [ 153.576545][ T13] cp210x 5-1:0.0: querying part number failed [ 153.602610][ T13] usb 5-1: cp210x converter now attached to ttyUSB0 [ 153.781827][ T5462] device syzkaller0 entered promiscuous mode [ 154.076547][ T5470] loop3: detected capacity change from 0 to 1024 [ 154.167555][ T5470] hfsplus: unable to parse mount options [ 154.251644][ T5478] netlink: 68 bytes leftover after parsing attributes in process `syz.0.384'. [ 155.482958][ T7] usb 5-1: USB disconnect, device number 5 [ 155.581503][ T7] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 155.604493][ T7] cp210x 5-1:0.0: device disconnected [ 155.706348][ T5491] netlink: 52 bytes leftover after parsing attributes in process `syz.3.388'. [ 160.259225][ T5506] loop3: detected capacity change from 0 to 8 [ 161.089518][ T5506] SQUASHFS error: lzo decompression failed, data probably corrupt [ 161.139468][ T5506] SQUASHFS error: Failed to read block 0x144: -5 [ 161.180310][ T5506] SQUASHFS error: Unable to read metadata cache entry [142] [ 161.187641][ T5506] SQUASHFS error: Unable to read inode 0x11f [ 163.221131][ T5538] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 163.258230][ T5540] netlink: 100 bytes leftover after parsing attributes in process `syz.0.393'. [ 163.606951][ T26] kauditd_printk_skb: 68 callbacks suppressed [ 163.606964][ T26] audit: type=1326 audit(1769090846.806:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 163.697787][ T26] audit: type=1326 audit(1769090846.816:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 163.850960][ T26] audit: type=1326 audit(1769090846.846:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 163.900484][ T26] audit: type=1326 audit(1769090846.846:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 163.932994][ T26] audit: type=1326 audit(1769090846.846:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 165.907724][ T26] audit: type=1326 audit(1769090846.846:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 165.990520][ T26] audit: type=1326 audit(1769090846.846:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 166.014050][ T26] audit: type=1326 audit(1769090846.856:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 166.046635][ T26] audit: type=1326 audit(1769090846.856:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 166.161073][ T26] audit: type=1326 audit(1769090846.856:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5560 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 167.170946][ T5589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.420'. [ 167.429647][ T5578] netlink: 8 bytes leftover after parsing attributes in process `syz.0.416'. [ 167.777700][ T4261] usb 2-1: new low-speed USB device number 2 using dummy_hcd [ 168.487147][ T4261] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 168.510593][ T4261] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.585342][ T4261] usb 2-1: config 0 descriptor?? [ 168.632852][ T26] kauditd_printk_skb: 57 callbacks suppressed [ 168.632865][ T26] audit: type=1326 audit(1769090851.836:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5610 comm="syz.3.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 168.697798][ T26] audit: type=1326 audit(1769090851.836:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5610 comm="syz.3.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 168.907804][ T4261] asix: probe of 2-1:0.0 failed with error -22 [ 172.023345][ T4261] usb 2-1: USB disconnect, device number 2 [ 172.588333][ T5639] loop0: detected capacity change from 0 to 256 [ 172.880826][ T5648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.438'. [ 172.897987][ T5639] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 176.959161][ T5665] loop3: detected capacity change from 0 to 128 [ 176.990908][ T26] audit: type=1326 audit(1769090860.186:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 177.084596][ T26] audit: type=1326 audit(1769090860.196:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 177.183335][ T26] audit: type=1326 audit(1769090860.196:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 177.217230][ T26] audit: type=1326 audit(1769090860.196:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 177.667704][ T5665] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 179.322661][ T26] audit: type=1326 audit(1769090860.196:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 179.350448][ T5665] ext4 filesystem being mounted at /74/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 179.459538][ T26] audit: type=1326 audit(1769090860.196:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 179.520623][ T26] audit: type=1326 audit(1769090860.196:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 179.660859][ T26] audit: type=1326 audit(1769090860.196:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 179.820208][ T26] audit: type=1326 audit(1769090860.196:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 179.973350][ T26] audit: type=1326 audit(1769090860.196:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5652 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 180.478082][ T5694] netlink: 8 bytes leftover after parsing attributes in process `syz.2.453'. [ 183.352202][ T5734] netlink: 8 bytes leftover after parsing attributes in process `syz.0.465'. [ 184.260427][ T4261] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 184.660348][ T4261] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 184.696051][ T4261] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 184.753785][ T4261] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 184.851196][ T4261] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 185.920405][ T4261] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.991414][ T4261] usb 4-1: config 0 descriptor?? [ 186.010427][ T4289] Bluetooth: hci1: command 0x0406 tx timeout [ 186.016496][ T4289] Bluetooth: hci2: command 0x0406 tx timeout [ 186.022993][ T5756] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 186.038337][ T4289] Bluetooth: hci3: command 0x0406 tx timeout [ 186.055117][ T4289] Bluetooth: hci0: command 0x0406 tx timeout [ 186.065154][ T4289] Bluetooth: hci4: command 0x0406 tx timeout [ 186.482875][ T4261] plantronics 0003:047F:FFFF.0004: unknown main item tag 0xd [ 186.509381][ T4261] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 186.570765][ T4261] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 186.814048][ T4261] usb 4-1: USB disconnect, device number 5 [ 187.241290][ T5798] netlink: 8 bytes leftover after parsing attributes in process `syz.0.486'. [ 187.655077][ T5802] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2930740056 (2930740056 ns) > initial count (2187300511 ns). Using initial count to start timer. [ 187.748360][ T5807] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2511464707 (20091717656 ns) > initial count (4978712120 ns). Using initial count to start timer. [ 189.616985][ T5824] loop3: detected capacity change from 0 to 256 [ 190.706968][ T5824] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d) [ 190.942845][ T5828] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 191.025722][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 191.025734][ T26] audit: type=1326 audit(1769090874.226:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 191.250056][ T26] audit: type=1326 audit(1769090874.226:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 191.339356][ T26] audit: type=1326 audit(1769090874.226:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 191.380183][ T26] audit: type=1326 audit(1769090874.226:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 191.737711][ T26] audit: type=1326 audit(1769090874.226:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 192.536998][ T26] audit: type=1326 audit(1769090874.226:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 192.564929][ T26] audit: type=1326 audit(1769090874.226:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 192.649217][ T26] audit: type=1326 audit(1769090874.226:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 192.676160][ T26] audit: type=1326 audit(1769090874.226:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 192.704604][ T26] audit: type=1326 audit(1769090874.236:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.0.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 194.089463][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.096251][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 197.848980][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 197.848996][ T26] audit: type=1326 audit(1769091137.043:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.025174][ T26] audit: type=1326 audit(1769091137.043:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.190519][ T26] audit: type=1326 audit(1769091137.043:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.293985][ T26] audit: type=1326 audit(1769091137.053:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.383734][ T26] audit: type=1326 audit(1769091137.053:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.476232][ T26] audit: type=1326 audit(1769091137.053:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.585127][ T26] audit: type=1326 audit(1769091137.053:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.607584][ T26] audit: type=1326 audit(1769091137.053:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.630345][ T26] audit: type=1326 audit(1769091137.053:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.654568][ T26] audit: type=1326 audit(1769091137.053:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5870 comm="syz.3.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 198.741262][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 200.597928][ T5899] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2930740056 (2930740056 ns) > initial count (2187300511 ns). Using initial count to start timer. [ 200.676024][ T5904] loop0: detected capacity change from 0 to 256 [ 201.438719][ T5904] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d) [ 201.485545][ T5899] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2511464707 (20091717656 ns) > initial count (4978712120 ns). Using initial count to start timer. [ 201.788896][ T5908] loop0: detected capacity change from 0 to 256 [ 201.923431][ T5908] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d) [ 202.231045][ T5914] loop6: detected capacity change from 0 to 7 [ 202.257995][ T5914] loop6: [ 202.291658][ T5914] loop6: partition table partially beyond EOD, truncated [ 204.178878][ T26] kauditd_printk_skb: 36 callbacks suppressed [ 204.178893][ T26] audit: type=1326 audit(1769091143.373:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 204.385291][ T26] audit: type=1326 audit(1769091143.413:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 204.417124][ T26] audit: type=1326 audit(1769091143.413:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 204.549933][ T26] audit: type=1326 audit(1769091143.413:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 204.639944][ T26] audit: type=1326 audit(1769091143.413:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 204.794521][ T26] audit: type=1326 audit(1769091143.413:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 206.215652][ T26] audit: type=1326 audit(1769091143.413:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 206.241388][ T26] audit: type=1326 audit(1769091143.413:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 206.296752][ T5942] netlink: 28 bytes leftover after parsing attributes in process `syz.2.533'. [ 206.318066][ T26] audit: type=1326 audit(1769091143.413:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 206.475319][ T26] audit: type=1326 audit(1769091143.413:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5924 comm="syz.0.526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 206.606221][ T5951] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 207.668366][ T5943] bond2 (unregistering): Released all slaves [ 208.743561][ T5947] netlink: 28 bytes leftover after parsing attributes in process `syz.2.533'. [ 209.137694][ T5969] netlink: 8 bytes leftover after parsing attributes in process `syz.1.538'. [ 211.158008][ T5985] device syzkaller0 entered promiscuous mode [ 211.400999][ T5985] tipc: Enabled bearer , priority 0 [ 211.770491][ T5985] tipc: Resetting bearer [ 211.816574][ T5984] tipc: Resetting bearer [ 211.846267][ T5984] tipc: Disabling bearer [ 212.322818][ T5997] loop0: detected capacity change from 0 to 512 [ 212.421662][ T5997] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 212.517213][ T5997] ext4 filesystem being mounted at /120/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 212.801530][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 212.801557][ T26] audit: type=1800 audit(1769091151.993:718): pid=5997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.548" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 213.283738][ T6011] netlink: 68 bytes leftover after parsing attributes in process `syz.0.550'. [ 213.353203][ T6012] netlink: 8 bytes leftover after parsing attributes in process `syz.2.551'. [ 213.561618][ T6018] netlink: 28 bytes leftover after parsing attributes in process `syz.3.552'. [ 214.269717][ T6028] loop0: detected capacity change from 0 to 1024 [ 214.892227][ T6029] bond4 (unregistering): Released all slaves [ 215.660360][ T6034] netlink: 28 bytes leftover after parsing attributes in process `syz.3.552'. [ 216.168019][ T26] audit: type=1326 audit(1769091155.363:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6054 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 216.744581][ T26] audit: type=1326 audit(1769091155.363:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6054 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 216.780856][ T26] audit: type=1326 audit(1769091155.463:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6054 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 216.845409][ T26] audit: type=1326 audit(1769091155.463:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6054 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 216.909338][ T26] audit: type=1326 audit(1769091155.463:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6054 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 216.941612][ T26] audit: type=1326 audit(1769091155.513:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.3.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 216.973357][ T6069] loop0: detected capacity change from 0 to 128 [ 217.012626][ T26] audit: type=1326 audit(1769091155.513:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.3.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 217.060311][ T26] audit: type=1326 audit(1769091155.523:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.3.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 217.087496][ T26] audit: type=1326 audit(1769091155.523:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6059 comm="syz.3.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 217.260478][ T6069] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 217.340400][ T6069] ext4 filesystem being mounted at /124/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 219.306834][ T6085] netlink: 68 bytes leftover after parsing attributes in process `syz.3.570'. [ 222.140370][ T6114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.579'. [ 222.466789][ T6120] netlink: 68 bytes leftover after parsing attributes in process `syz.4.584'. [ 223.303953][ T26] kauditd_printk_skb: 44 callbacks suppressed [ 223.303967][ T26] audit: type=1326 audit(1769091162.503:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.369017][ T6136] binder: 6126:6136 ioctl c0306201 0 returned -14 [ 223.437197][ T26] audit: type=1326 audit(1769091162.553:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.561388][ T26] audit: type=1326 audit(1769091162.553:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.584401][ T26] audit: type=1326 audit(1769091162.553:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.619835][ T26] audit: type=1326 audit(1769091162.553:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.666737][ T26] audit: type=1326 audit(1769091162.553:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.691058][ T26] audit: type=1326 audit(1769091162.553:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.715548][ T26] audit: type=1326 audit(1769091162.553:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.739808][ T26] audit: type=1326 audit(1769091162.553:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 223.763188][ T26] audit: type=1326 audit(1769091162.553:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6131 comm="syz.4.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 224.330504][ T6156] device ip6tnl0 entered promiscuous mode [ 224.985283][ T6150] device ip6tnl0 left promiscuous mode [ 225.191015][ T6158] netlink: 68 bytes leftover after parsing attributes in process `syz.1.595'. [ 225.490493][ T6167] netlink: 8 bytes leftover after parsing attributes in process `syz.4.598'. [ 227.844278][ T6185] loop0: detected capacity change from 0 to 8 [ 227.993905][ T6183] SQUASHFS error: zlib decompression failed, data probably corrupt [ 228.025720][ T6183] SQUASHFS error: Failed to read block 0x4de: -5 [ 228.084656][ T6183] SQUASHFS error: Failed to read block 0x4e2: -5 [ 228.201158][ T6183] SQUASHFS error: Failed to read block 0x9ca: -5 [ 228.280512][ T6183] SQUASHFS error: Failed to read block 0x2cf2: -5 [ 228.287597][ T6183] SQUASHFS error: Failed to read block 0x52cf2: -5 [ 228.328620][ T6183] SQUASHFS error: Failed to read block 0x535f2: -5 [ 228.360796][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 228.360809][ T26] audit: type=1326 audit(1769091167.563:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 228.598821][ T26] audit: type=1326 audit(1769091167.563:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 228.702816][ T26] audit: type=1326 audit(1769091167.563:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 228.976878][ T26] audit: type=1326 audit(1769091167.563:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 229.010361][ T26] audit: type=1326 audit(1769091167.563:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 229.050789][ T26] audit: type=1326 audit(1769091167.563:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 229.149213][ T6207] device ip6tnl0 entered promiscuous mode [ 229.312448][ T26] audit: type=1326 audit(1769091167.563:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 229.400624][ T26] audit: type=1326 audit(1769091167.563:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 229.748945][ T6204] device ip6tnl0 left promiscuous mode [ 229.926158][ T26] audit: type=1326 audit(1769091167.563:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 230.090199][ T26] audit: type=1326 audit(1769091167.563:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.4.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 230.215593][ T6213] netlink: 8 bytes leftover after parsing attributes in process `syz.1.610'. [ 230.292063][ T6216] loop0: detected capacity change from 0 to 256 [ 230.467456][ T6216] exfat: Deprecated parameter 'utf8' [ 230.483417][ T6216] exfat: Deprecated parameter 'namecase' [ 230.489098][ T6216] exfat: Deprecated parameter 'utf8' [ 230.520008][ T6216] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 230.606082][ T6216] attempt to access beyond end of device [ 230.606082][ T6216] loop0: rw=524288, want=34359738496, limit=256 [ 230.644043][ T6216] attempt to access beyond end of device [ 230.644043][ T6216] loop0: rw=0, want=34359738496, limit=256 [ 233.271710][ T6249] loop0: detected capacity change from 0 to 128 [ 233.354298][ T6249] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 233.426719][ T6249] ext4 filesystem being mounted at /133/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 233.442630][ T26] kauditd_printk_skb: 84 callbacks suppressed [ 233.442643][ T26] audit: type=1326 audit(1769091172.643:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6243 comm="syz.2.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c567cb9 code=0x7ffc0000 [ 233.856500][ T26] audit: type=1326 audit(1769091172.643:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6243 comm="syz.2.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b7c567cb9 code=0x7ffc0000 [ 233.929256][ T6257] loop3: detected capacity change from 0 to 512 [ 234.147780][ T6257] EXT4-fs warning (device loop3): ext4_multi_mount_protect:300: Invalid MMP block in superblock [ 234.226748][ T6260] device ip6tnl0 entered promiscuous mode [ 234.927133][ T6254] device ip6tnl0 left promiscuous mode [ 235.161098][ T26] audit: type=1326 audit(1769091174.363:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.0.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 235.327846][ T6272] loop0: detected capacity change from 0 to 512 [ 235.339722][ T26] audit: type=1326 audit(1769091174.493:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.0.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 235.404507][ T26] audit: type=1326 audit(1769091174.493:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.0.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5eaaae2a22 code=0x7ffc0000 [ 235.442651][ T6272] EXT4-fs (loop0): orphan cleanup on readonly fs [ 235.452252][ T26] audit: type=1326 audit(1769091174.493:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.0.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5eaaaa358e code=0x7ffc0000 [ 235.474556][ T26] audit: type=1326 audit(1769091174.513:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.0.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5eaaae2ae7 code=0x7ffc0000 [ 235.501042][ T26] audit: type=1326 audit(1769091174.513:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.0.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5eaaaa358e code=0x7ffc0000 [ 235.502481][ T6272] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.628: bad orphan inode 13 [ 235.525045][ T26] audit: type=1326 audit(1769091174.523:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.0.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5eaaae294b code=0x7ffc0000 [ 235.555890][ T26] audit: type=1326 audit(1769091174.573:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.0.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5eaaaa358e code=0x7ffc0000 [ 235.587040][ T6272] ext4_test_bit(bit=12, block=18) = 1 [ 235.592844][ T6272] is_bad_inode(inode)=0 [ 235.600932][ T6272] NEXT_ORPHAN(inode)=2130706432 [ 235.605947][ T6272] max_ino=32 [ 235.609242][ T6272] i_nlink=1 [ 235.613100][ T6272] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 238.098121][ T6293] loop3: detected capacity change from 0 to 128 [ 238.210127][ T6293] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 238.225830][ T6297] EXT4-fs error (device loop0): ext4_lookup:1862: inode #2: comm syz.0.628: deleted inode referenced: 12 [ 238.230615][ T6293] ext4 filesystem being mounted at /105/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 238.925218][ T6303] device ip6tnl0 entered promiscuous mode [ 239.214729][ T26] kauditd_printk_skb: 51 callbacks suppressed [ 239.214742][ T26] audit: type=1326 audit(1769091178.413:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 239.350222][ T26] audit: type=1326 audit(1769091178.443:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 239.413395][ T26] audit: type=1326 audit(1769091178.443:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 239.447142][ T26] audit: type=1326 audit(1769091178.443:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 239.566803][ T6300] device ip6tnl0 left promiscuous mode [ 239.816331][ T26] audit: type=1326 audit(1769091178.443:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 239.956991][ T26] audit: type=1326 audit(1769091178.443:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 239.997026][ T26] audit: type=1326 audit(1769091178.443:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 240.109810][ T6315] netlink: 8 bytes leftover after parsing attributes in process `syz.4.639'. [ 240.140161][ T26] audit: type=1326 audit(1769091178.443:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 240.185253][ T26] audit: type=1326 audit(1769091178.443:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 240.248492][ T26] audit: type=1326 audit(1769091178.443:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.1.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f9451ec9cb9 code=0x7ffc0000 [ 242.363960][ T6336] loop3: detected capacity change from 0 to 128 [ 242.426402][ T6336] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 242.565619][ T6336] ext4 filesystem being mounted at /107/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 242.722201][ T6344] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 243.665299][ T6347] loop0: detected capacity change from 0 to 1024 [ 244.490324][ T4283] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 244.501069][ T6364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.653'. [ 244.631595][ T26] kauditd_printk_skb: 79 callbacks suppressed [ 244.631609][ T26] audit: type=1326 audit(1769091183.833:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 244.710338][ T26] audit: type=1326 audit(1769091183.833:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.3.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 245.271262][ T4283] usb 2-1: Using ep0 maxpacket: 16 [ 245.412672][ T4283] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 254, using maximum allowed: 30 [ 245.441123][ T4283] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 245.478938][ T4283] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8 [ 245.514984][ T4283] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 254 [ 246.120351][ T4283] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 246.146132][ T4283] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 246.175957][ T4283] usb 2-1: SerialNumber: syz [ 246.230938][ T6362] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 246.240628][ T6362] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 246.511872][ T7] usb 2-1: USB disconnect, device number 3 [ 246.705400][ T6377] device ip6tnl0 entered promiscuous mode [ 248.153451][ T6381] netlink: 68 bytes leftover after parsing attributes in process `syz.2.659'. [ 248.165560][ T6374] device ip6tnl0 left promiscuous mode [ 248.925412][ T26] audit: type=1326 audit(1769091188.123:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 249.169530][ T26] audit: type=1326 audit(1769091188.123:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 250.655968][ T26] audit: type=1326 audit(1769091188.123:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 250.737710][ T26] audit: type=1326 audit(1769091188.123:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 250.830176][ T26] audit: type=1326 audit(1769091188.123:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 250.930129][ T26] audit: type=1326 audit(1769091188.123:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 251.016466][ T26] audit: type=1326 audit(1769091188.123:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 251.116235][ T26] audit: type=1326 audit(1769091188.123:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 251.228088][ T26] audit: type=1326 audit(1769091188.123:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 251.275928][ T26] audit: type=1326 audit(1769091188.123:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 251.329563][ T26] audit: type=1326 audit(1769091188.123:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 251.363590][ T26] audit: type=1326 audit(1769091188.123:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6396 comm="syz.0.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 251.899992][ T6429] loop0: detected capacity change from 0 to 512 [ 252.267972][ T6429] EXT4-fs (loop0): orphan cleanup on readonly fs [ 252.310863][ T6429] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.668: bad orphan inode 13 [ 252.413150][ T6411] loop3: detected capacity change from 0 to 40427 [ 252.424264][ T6429] ext4_test_bit(bit=12, block=18) = 1 [ 252.429759][ T6429] is_bad_inode(inode)=0 [ 252.458322][ T6429] NEXT_ORPHAN(inode)=2130706432 [ 252.466769][ T6429] max_ino=32 [ 252.473029][ T6429] i_nlink=1 [ 252.476350][ T6429] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 253.816296][ T6411] F2FS-fs (loop3): invalid crc value [ 253.977493][ T6448] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 254.211876][ T6411] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12) [ 254.379435][ T6451] EXT4-fs error (device loop0): ext4_lookup:1862: inode #2: comm syz.0.668: deleted inode referenced: 12 [ 255.693742][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.700052][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.053488][ T6462] device ip6tnl0 entered promiscuous mode [ 256.220707][ T6452] device ip6tnl0 left promiscuous mode [ 256.812019][ T6456] loop3: detected capacity change from 0 to 40427 [ 256.858721][ T6456] F2FS-fs (loop3): invalid crc value [ 256.945930][ T6456] F2FS-fs (loop3): Found nat_bits in checkpoint [ 257.331747][ T6456] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 260.097428][ T26] kauditd_printk_skb: 166 callbacks suppressed [ 260.097445][ T26] audit: type=1326 audit(1769091199.293:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 260.282815][ T26] audit: type=1326 audit(1769091199.313:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 260.823332][ T26] audit: type=1326 audit(1769091199.343:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 262.394786][ T26] audit: type=1326 audit(1769091199.343:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 262.441392][ T26] audit: type=1326 audit(1769091199.343:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 262.528131][ T26] audit: type=1326 audit(1769091199.343:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 262.557391][ T26] audit: type=1326 audit(1769091199.343:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 262.585797][ T26] audit: type=1326 audit(1769091199.343:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 262.646837][ T26] audit: type=1326 audit(1769091199.343:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 262.717873][ T26] audit: type=1326 audit(1769091199.343:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6485 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe311939cb9 code=0x7ffc0000 [ 265.513816][ T6524] 8021q: adding VLAN 0 to HW filter on device bond3 [ 265.523115][ T6524] bond2: (slave bond3): Enslaving as an active interface with an up link [ 265.546627][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 265.546642][ T26] audit: type=1326 audit(1769091204.743:1258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 265.570995][ T6532] loop3: detected capacity change from 0 to 512 [ 265.594026][ T6524] netlink: 28 bytes leftover after parsing attributes in process `syz.2.703'. [ 265.604476][ T26] audit: type=1326 audit(1769091204.753:1259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 265.641622][ T6531] netlink: 68 bytes leftover after parsing attributes in process `syz.4.704'. [ 265.651728][ T26] audit: type=1326 audit(1769091204.753:1260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe7d3ab9a22 code=0x7ffc0000 [ 265.680730][ T6532] EXT4-fs (loop3): orphan cleanup on readonly fs [ 265.697439][ T6524] 8021q: adding VLAN 0 to HW filter on device bond2 [ 265.702878][ T6532] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.697: bad orphan inode 13 [ 265.716904][ T6532] ext4_test_bit(bit=12, block=18) = 1 [ 265.722379][ T6532] is_bad_inode(inode)=0 [ 265.726556][ T6532] NEXT_ORPHAN(inode)=2130706432 [ 265.730401][ T26] audit: type=1326 audit(1769091204.763:1261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe7d3a7a58e code=0x7ffc0000 [ 265.731549][ T6532] max_ino=32 [ 265.756881][ T6532] i_nlink=1 [ 265.770691][ T6532] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 265.900787][ T6528] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 265.969759][ T26] audit: type=1326 audit(1769091204.763:1262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe7d3ab9ae7 code=0x7ffc0000 [ 266.074314][ T6538] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz.3.697: deleted inode referenced: 12 [ 266.150071][ T26] audit: type=1326 audit(1769091204.763:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe7d3a7a58e code=0x7ffc0000 [ 266.287935][ T26] audit: type=1326 audit(1769091204.763:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe7d3ab994b code=0x7ffc0000 [ 266.630211][ T26] audit: type=1326 audit(1769091204.793:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe7d3a7a58e code=0x7ffc0000 [ 266.745505][ T5893] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 266.789693][ T26] audit: type=1326 audit(1769091204.793:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe7d3a7a58e code=0x7ffc0000 [ 266.890143][ T26] audit: type=1326 audit(1769091204.833:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.3.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe7d3ab8b97 code=0x7ffc0000 [ 267.136284][ T6549] device ip6tnl0 entered promiscuous mode [ 267.142990][ T6548] device ip6tnl0 left promiscuous mode [ 268.834308][ T6569] netlink: 68 bytes leftover after parsing attributes in process `syz.2.715'. [ 268.915590][ T6542] loop0: detected capacity change from 0 to 40427 [ 268.942379][ T6542] F2FS-fs (loop0): invalid crc value [ 268.988563][ T6542] F2FS-fs (loop0): Found nat_bits in checkpoint [ 269.243619][ T6542] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 269.283864][ T6577] loop3: detected capacity change from 0 to 512 [ 269.549120][ T6577] EXT4-fs (loop3): orphan cleanup on readonly fs [ 269.587632][ T6577] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.717: bad orphan inode 13 [ 269.651018][ T6577] ext4_test_bit(bit=12, block=18) = 1 [ 269.656455][ T6577] is_bad_inode(inode)=0 [ 269.684917][ T6577] NEXT_ORPHAN(inode)=2130706432 [ 269.689817][ T6577] max_ino=32 [ 269.714696][ T6577] i_nlink=1 [ 269.725071][ T6582] 8021q: adding VLAN 0 to HW filter on device bond5 [ 269.753314][ T6577] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 269.776375][ T6582] bond4: (slave bond5): Enslaving as an active interface with an up link [ 270.156340][ T6596] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz.3.717: deleted inode referenced: 12 [ 271.170809][ T21] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 271.208124][ T6609] device ip6tnl0 entered promiscuous mode [ 271.214592][ T6608] device ip6tnl0 left promiscuous mode [ 271.580349][ T21] usb 5-1: Using ep0 maxpacket: 8 [ 271.626372][ T6621] netlink: 68 bytes leftover after parsing attributes in process `syz.2.727'. [ 271.727788][ T26] kauditd_printk_skb: 62 callbacks suppressed [ 271.727800][ T26] audit: type=1326 audit(1769091210.923:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 271.760568][ T21] usb 5-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5 [ 271.769655][ T21] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.779551][ T4192] attempt to access beyond end of device [ 271.779551][ T4192] loop0: rw=2049, want=45104, limit=40427 [ 271.855250][ T26] audit: type=1326 audit(1769091210.973:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 271.946236][ T26] audit: type=1326 audit(1769091210.973:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 271.998118][ T26] audit: type=1326 audit(1769091210.973:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 272.002325][ T21] usb 5-1: config 0 descriptor?? [ 272.080977][ T26] audit: type=1326 audit(1769091210.973:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 272.115348][ T6627] 8021q: adding VLAN 0 to HW filter on device bond7 [ 272.125814][ T26] audit: type=1326 audit(1769091210.973:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 272.160821][ T6627] bond6: (slave bond7): Enslaving as an active interface with an up link [ 272.164651][ T26] audit: type=1326 audit(1769091210.973:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 272.220171][ T26] audit: type=1326 audit(1769091210.973:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 272.280482][ T26] audit: type=1326 audit(1769091210.973:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 272.320101][ T26] audit: type=1326 audit(1769091210.973:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 272.353752][ T21] usb 5-1: USB disconnect, device number 6 [ 273.631161][ T6647] usb usb8: usbfs: process 6647 (syz.4.733) did not claim interface 0 before use [ 273.944391][ T6653] device ip6tnl0 entered promiscuous mode [ 273.950691][ T6651] device ip6tnl0 left promiscuous mode [ 274.253232][ T6662] netlink: 68 bytes leftover after parsing attributes in process `syz.4.739'. [ 276.057279][ T6671] 8021q: adding VLAN 0 to HW filter on device bond3 [ 276.065699][ T6671] bond2: (slave bond3): Enslaving as an active interface with an up link [ 276.080885][ T6669] netlink: 28 bytes leftover after parsing attributes in process `syz.4.741'. [ 276.129014][ T6669] 8021q: adding VLAN 0 to HW filter on device bond2 [ 276.198146][ T6677] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 277.195975][ T26] kauditd_printk_skb: 57 callbacks suppressed [ 277.195991][ T26] audit: type=1326 audit(1769091216.393:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 277.272050][ T6693] loop3: detected capacity change from 0 to 512 [ 277.310774][ T26] audit: type=1326 audit(1769091216.393:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 277.400507][ T26] audit: type=1326 audit(1769091216.453:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe7d3ab9cb9 code=0x7ffc0000 [ 277.424323][ T6693] EXT4-fs (loop3): orphan cleanup on readonly fs [ 277.438840][ T6693] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.747: bad orphan inode 13 [ 277.458013][ T6693] ext4_test_bit(bit=12, block=18) = 1 [ 277.599804][ T6693] is_bad_inode(inode)=0 [ 277.631147][ T6693] NEXT_ORPHAN(inode)=2130706432 [ 277.662089][ T26] audit: type=1326 audit(1769091216.453:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe7d3ab9a22 code=0x7ffc0000 [ 277.858693][ T6693] max_ino=32 [ 277.866684][ T6693] i_nlink=1 [ 277.866913][ T26] audit: type=1326 audit(1769091216.453:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe7d3a7a58e code=0x7ffc0000 [ 277.891745][ T6695] loop0: detected capacity change from 0 to 256 [ 277.904033][ T26] audit: type=1326 audit(1769091216.473:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe7d3ab9ae7 code=0x7ffc0000 [ 277.920251][ T6693] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 277.952108][ T6695] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d) [ 278.110196][ T26] audit: type=1326 audit(1769091216.473:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe7d3a7a58e code=0x7ffc0000 [ 278.361080][ T26] audit: type=1326 audit(1769091216.473:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe7d3ab994b code=0x7ffc0000 [ 278.393874][ T26] audit: type=1326 audit(1769091216.543:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe7d3a7a58e code=0x7ffc0000 [ 278.493305][ T26] audit: type=1326 audit(1769091216.543:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6692 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe7d3a7a58e code=0x7ffc0000 [ 278.522061][ T6712] netlink: 68 bytes leftover after parsing attributes in process `syz.2.752'. [ 278.523700][ T6715] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz.3.747: deleted inode referenced: 12 [ 279.499687][ T6723] netlink: 'syz.2.755': attribute type 1 has an invalid length. [ 279.658087][ T6727] 8021q: adding VLAN 0 to HW filter on device bond9 [ 279.716481][ T6727] bond8: (slave bond9): Enslaving as an active interface with an up link [ 282.970224][ T6757] netlink: 68 bytes leftover after parsing attributes in process `syz.3.765'. [ 284.059967][ T6768] netlink: 'syz.4.768': attribute type 1 has an invalid length. [ 284.193666][ T6773] 8021q: adding VLAN 0 to HW filter on device bond5 [ 284.256217][ T6773] bond4: (slave bond5): Enslaving as an active interface with an up link [ 284.373596][ T6778] netlink: 28 bytes leftover after parsing attributes in process `syz.4.768'. [ 284.397159][ T26] kauditd_printk_skb: 64 callbacks suppressed [ 284.397171][ T26] audit: type=1326 audit(1769091223.593:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 284.455529][ T6778] 8021q: adding VLAN 0 to HW filter on device bond4 [ 285.380793][ T26] audit: type=1326 audit(1769091223.653:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 285.404324][ T5045] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready [ 285.411709][ T26] audit: type=1326 audit(1769091223.653:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 285.411748][ T26] audit: type=1326 audit(1769091223.653:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 285.609408][ T26] audit: type=1326 audit(1769091223.653:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 285.719589][ T26] audit: type=1326 audit(1769091223.653:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 285.894143][ T26] audit: type=1326 audit(1769091223.653:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 285.916571][ T26] audit: type=1326 audit(1769091223.653:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 285.955031][ T26] audit: type=1326 audit(1769091223.653:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 285.979541][ T6797] loop0: detected capacity change from 0 to 512 [ 286.018132][ T26] audit: type=1326 audit(1769091223.653:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.0.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eaaae2cb9 code=0x7ffc0000 [ 286.115984][ T6797] EXT4-fs (loop0): orphan cleanup on readonly fs [ 286.138825][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.3.769'. [ 286.235892][ T6797] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.774: bad orphan inode 13 [ 286.323601][ T6797] ext4_test_bit(bit=12, block=18) = 1 [ 286.329065][ T6797] is_bad_inode(inode)=0 [ 286.340472][ T6797] NEXT_ORPHAN(inode)=2130706432 [ 286.345443][ T6797] max_ino=32 [ 286.348666][ T6797] i_nlink=1 [ 286.352032][ T6797] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 286.718428][ T6806] EXT4-fs error (device loop0): ext4_lookup:1862: inode #2: comm syz.0.774: deleted inode referenced: 12 [ 288.101809][ T6826] netlink: 'syz.2.785': attribute type 1 has an invalid length. [ 288.239740][ T6828] 8021q: adding VLAN 0 to HW filter on device bond11 [ 288.312258][ T6828] bond10: (slave bond11): Enslaving as an active interface with an up link [ 288.436839][ C1] ------------[ cut here ]------------ [ 288.442788][ C1] WARNING: CPU: 1 PID: 6818 at net/mac80211/tx.c:4859 __ieee80211_beacon_get+0x179f/0x2000 [ 288.452845][ C1] Modules linked in: [ 288.456764][ C1] CPU: 1 PID: 6818 Comm: syz.1.783 Not tainted syzkaller #0 [ 288.464094][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 288.474201][ C1] RIP: 0010:__ieee80211_beacon_get+0x179f/0x2000 [ 288.480595][ C1] Code: 2a f8 0f 0b 4f 89 64 2f 04 4f 89 64 2f 0c 43 c6 44 2f 14 f8 e9 19 fe ff ff e8 0d c0 2a f8 0f 0b e9 03 ef ff ff e8 01 c0 2a f8 <0f> 0b e9 76 f2 ff ff e8 15 89 6d 00 89 d9 80 e1 07 80 c1 03 38 c1 [ 288.500268][ C1] RSP: 0018:ffffc90000dd08e0 EFLAGS: 00010246 [ 288.506365][ C1] RAX: ffffffff894e5f9f RBX: ffff88805ff3a298 RCX: ffff888020e2d940 [ 288.514376][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 288.522400][ C1] RBP: ffffc90000dd0b08 R08: ffff888020e2d940 R09: 0000000000000003 [ 288.530443][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888077a34e00 [ 288.538448][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920001ba12c [ 288.546478][ C1] FS: 00007f94501046c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 288.555455][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 288.562076][ C1] CR2: 00007f0b7a360000 CR3: 00000000233dc000 CR4: 00000000003506e0 [ 288.570090][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 288.578077][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 288.586098][ C1] Call Trace: [ 288.589407][ C1] [ 288.592338][ C1] ? ieee80211_beacon_get_template+0x30/0x30 [ 288.598444][ C1] ? verify_lock_unused+0x140/0x140 [ 288.603794][ C1] ? __lock_acquire+0x13bc/0x7d10 [ 288.608862][ C1] ? trace_pelt_se_tp+0x39/0x100 [ 288.613866][ C1] ? verify_lock_unused+0x140/0x140 [ 288.619109][ C1] ieee80211_beacon_get_tim+0x48/0x840 [ 288.624632][ C1] mac80211_hwsim_beacon_tx+0xf4/0x920 [ 288.630118][ C1] __iterate_interfaces+0x243/0x500 [ 288.635342][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 288.641619][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 288.647878][ C1] ieee80211_iterate_active_interfaces_atomic+0xb3/0x140 [ 288.655035][ C1] mac80211_hwsim_beacon+0x9b/0x180 [ 288.660300][ C1] ? hw_scan_work+0xed0/0xed0 [ 288.664997][ C1] __hrtimer_run_queues+0x4eb/0xb70 [ 288.670243][ C1] ? hrtimer_interrupt+0x8d0/0x8d0 [ 288.675398][ C1] hrtimer_run_softirq+0x176/0x240 [ 288.680572][ C1] handle_softirqs+0x339/0x830 [ 288.685359][ C1] ? __irq_exit_rcu+0x13b/0x230 [ 288.690258][ C1] ? do_softirq+0x210/0x210 [ 288.694802][ C1] __irq_exit_rcu+0x13b/0x230 [ 288.699500][ C1] ? irq_exit_rcu+0x20/0x20 [ 288.704074][ C1] irq_exit_rcu+0x5/0x20 [ 288.708375][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 288.714783][ C1] [ 288.717740][ C1] [ 288.720703][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 288.726705][ C1] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 288.732449][ C1] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 90 90 90 90 90 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 90 90 90 90 90 90 48 bb f9 ef ff ff ff 7f [ 288.752087][ C1] RSP: 0018:ffffc9000349f8f8 EFLAGS: 00040246 [ 288.758154][ C1] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 000020000011e7f0 [ 288.766143][ C1] RDX: ffffc9000349fd90 RSI: 0000000000000002 RDI: 00000000ffffffff [ 288.774130][ C1] RBP: ffffc9000349fa90 R08: ffffc9000349f6e7 R09: 1ffff92000693edc [ 288.782120][ C1] R10: dffffc0000000000 R11: fffff52000693edd R12: dffffc0000000000 [ 288.790119][ C1] R13: 000020000011e7c0 R14: 0000000000000000 R15: 0000000000000000 [ 288.798123][ C1] ____sys_recvmsg+0x399/0x5e0 [ 288.802925][ C1] ? __sys_recvmsg_sock+0x40/0x40 [ 288.807964][ C1] ? import_iovec+0x6f/0xa0 [ 288.812486][ C1] ___sys_recvmsg+0x21a/0x5c0 [ 288.817185][ C1] ? __sys_recvmsg+0x280/0x280 [ 288.821981][ C1] ? __lock_acquire+0x7d10/0x7d10 [ 288.827010][ C1] ? __might_fault+0x1c/0x110 [ 288.831722][ C1] ? __might_fault+0xb3/0x110 [ 288.836403][ C1] do_recvmmsg+0x382/0x850 [ 288.840843][ C1] ? __sys_recvmmsg+0x290/0x290 [ 288.845715][ C1] ? __lock_acquire+0x7d10/0x7d10 [ 288.850797][ C1] __x64_sys_recvmmsg+0x195/0x250 [ 288.855919][ C1] ? do_recvmmsg+0x850/0x850 [ 288.860572][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 288.865818][ C1] do_syscall_64+0x4c/0xa0 [ 288.870263][ C1] ? clear_bhb_loop+0x30/0x80 [ 288.874975][ C1] ? clear_bhb_loop+0x30/0x80 [ 288.879661][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 288.885590][ C1] RIP: 0033:0x7f9451ec9cb9 [ 288.890006][ C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 288.909754][ C1] RSP: 002b:00007f9450104028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 288.918196][ C1] RAX: ffffffffffffffda RBX: 00007f9452145090 RCX: 00007f9451ec9cb9 [ 288.926195][ C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 288.934185][ C1] RBP: 00007f9451f37bf7 R08: 0000000000000000 R09: 0000000000000000 [ 288.942197][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 288.950199][ C1] R13: 00007f9452145128 R14: 00007f9452145090 R15: 00007ffcaa7d6358 [ 288.958205][ C1] [ 288.961272][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 288.968550][ C1] CPU: 1 PID: 6818 Comm: syz.1.783 Not tainted syzkaller #0 [ 288.975831][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 288.985882][ C1] Call Trace: [ 288.989159][ C1] [ 288.992002][ C1] dump_stack_lvl+0x188/0x250 [ 288.996770][ C1] ? show_regs_print_info+0x20/0x20 [ 289.001967][ C1] ? load_image+0x400/0x400 [ 289.006474][ C1] panic+0x2e5/0x810 [ 289.010379][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 289.014908][ C1] ? __ieee80211_beacon_get+0x179f/0x2000 [ 289.020627][ C1] __warn+0x248/0x2b0 [ 289.024622][ C1] ? __ieee80211_beacon_get+0x179f/0x2000 [ 289.030338][ C1] report_bug+0x1b7/0x2e0 [ 289.034708][ C1] handle_bug+0x3a/0x70 [ 289.038874][ C1] exc_invalid_op+0x16/0x40 [ 289.043380][ C1] asm_exc_invalid_op+0x16/0x20 [ 289.048227][ C1] RIP: 0010:__ieee80211_beacon_get+0x179f/0x2000 [ 289.054590][ C1] Code: 2a f8 0f 0b 4f 89 64 2f 04 4f 89 64 2f 0c 43 c6 44 2f 14 f8 e9 19 fe ff ff e8 0d c0 2a f8 0f 0b e9 03 ef ff ff e8 01 c0 2a f8 <0f> 0b e9 76 f2 ff ff e8 15 89 6d 00 89 d9 80 e1 07 80 c1 03 38 c1 [ 289.074194][ C1] RSP: 0018:ffffc90000dd08e0 EFLAGS: 00010246 [ 289.080263][ C1] RAX: ffffffff894e5f9f RBX: ffff88805ff3a298 RCX: ffff888020e2d940 [ 289.088232][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 289.096190][ C1] RBP: ffffc90000dd0b08 R08: ffff888020e2d940 R09: 0000000000000003 [ 289.104162][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888077a34e00 [ 289.112131][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920001ba12c [ 289.120133][ C1] ? __ieee80211_beacon_get+0x179f/0x2000 [ 289.125886][ C1] ? ieee80211_beacon_get_template+0x30/0x30 [ 289.131863][ C1] ? verify_lock_unused+0x140/0x140 [ 289.137062][ C1] ? __lock_acquire+0x13bc/0x7d10 [ 289.142080][ C1] ? trace_pelt_se_tp+0x39/0x100 [ 289.147016][ C1] ? verify_lock_unused+0x140/0x140 [ 289.152236][ C1] ieee80211_beacon_get_tim+0x48/0x840 [ 289.157692][ C1] mac80211_hwsim_beacon_tx+0xf4/0x920 [ 289.163152][ C1] __iterate_interfaces+0x243/0x500 [ 289.168352][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 289.174589][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 289.180817][ C1] ieee80211_iterate_active_interfaces_atomic+0xb3/0x140 [ 289.187834][ C1] mac80211_hwsim_beacon+0x9b/0x180 [ 289.193030][ C1] ? hw_scan_work+0xed0/0xed0 [ 289.197709][ C1] __hrtimer_run_queues+0x4eb/0xb70 [ 289.202913][ C1] ? hrtimer_interrupt+0x8d0/0x8d0 [ 289.208027][ C1] hrtimer_run_softirq+0x176/0x240 [ 289.213137][ C1] handle_softirqs+0x339/0x830 [ 289.217899][ C1] ? __irq_exit_rcu+0x13b/0x230 [ 289.222748][ C1] ? do_softirq+0x210/0x210 [ 289.227249][ C1] __irq_exit_rcu+0x13b/0x230 [ 289.231919][ C1] ? irq_exit_rcu+0x20/0x20 [ 289.236428][ C1] irq_exit_rcu+0x5/0x20 [ 289.240667][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 289.246306][ C1] [ 289.249233][ C1] [ 289.252161][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 289.258144][ C1] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 289.263883][ C1] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 90 90 90 90 90 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 90 90 90 90 90 90 48 bb f9 ef ff ff ff 7f [ 289.283681][ C1] RSP: 0018:ffffc9000349f8f8 EFLAGS: 00040246 [ 289.289736][ C1] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 000020000011e7f0 [ 289.297701][ C1] RDX: ffffc9000349fd90 RSI: 0000000000000002 RDI: 00000000ffffffff [ 289.305666][ C1] RBP: ffffc9000349fa90 R08: ffffc9000349f6e7 R09: 1ffff92000693edc [ 289.313718][ C1] R10: dffffc0000000000 R11: fffff52000693edd R12: dffffc0000000000 [ 289.321696][ C1] R13: 000020000011e7c0 R14: 0000000000000000 R15: 0000000000000000 [ 289.329668][ C1] ____sys_recvmsg+0x399/0x5e0 [ 289.334431][ C1] ? __sys_recvmsg_sock+0x40/0x40 [ 289.339537][ C1] ? import_iovec+0x6f/0xa0 [ 289.344064][ C1] ___sys_recvmsg+0x21a/0x5c0 [ 289.348745][ C1] ? __sys_recvmsg+0x280/0x280 [ 289.353521][ C1] ? __lock_acquire+0x7d10/0x7d10 [ 289.358548][ C1] ? __might_fault+0x1c/0x110 [ 289.363252][ C1] ? __might_fault+0xb3/0x110 [ 289.367928][ C1] do_recvmmsg+0x382/0x850 [ 289.372341][ C1] ? __sys_recvmmsg+0x290/0x290 [ 289.377216][ C1] ? __lock_acquire+0x7d10/0x7d10 [ 289.382242][ C1] __x64_sys_recvmmsg+0x195/0x250 [ 289.387262][ C1] ? do_recvmmsg+0x850/0x850 [ 289.391851][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 289.397046][ C1] do_syscall_64+0x4c/0xa0 [ 289.401459][ C1] ? clear_bhb_loop+0x30/0x80 [ 289.406134][ C1] ? clear_bhb_loop+0x30/0x80 [ 289.410800][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 289.416696][ C1] RIP: 0033:0x7f9451ec9cb9 [ 289.421262][ C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.440871][ C1] RSP: 002b:00007f9450104028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 289.449283][ C1] RAX: ffffffffffffffda RBX: 00007f9452145090 RCX: 00007f9451ec9cb9 [ 289.457252][ C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 289.465234][ C1] RBP: 00007f9451f37bf7 R08: 0000000000000000 R09: 0000000000000000 [ 289.473235][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 289.481212][ C1] R13: 00007f9452145128 R14: 00007f9452145090 R15: 00007ffcaa7d6358 [ 289.489200][ C1] [ 289.492530][ C1] Kernel Offset: disabled [ 289.496877][ C1] Rebooting in 86400 seconds..