last executing test programs: 5m46.786343714s ago: executing program 0 (id=1065): openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r1) getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000370427bd70000000000000000000", @ANYRES32=r2, @ANYBLOB="61060500000000001c0012800b000100677265"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmmsg$inet(r0, &(0x7f00000018c0)=[{{&(0x7f0000000000)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @local, @multicast1}}}], 0x20}}], 0x1, 0x4044880) 5m46.533749788s ago: executing program 0 (id=1069): getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x1a, 0xffffffffffffffff, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ppoll(&(0x7f0000000740)=[{r0, 0x104}], 0x1, 0x0, 0x0, 0x0) pread64(r0, &(0x7f0000000480), 0x1, 0x2) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0x1, 0x1, 0x107fff, 0x10, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb6b, 0x800c1, 0x4, 0x1, 0x3, 0x9, 0xff, 0x1000, 0xc, 0x3, 0x3, 0x80000001, 0xfffffffa, 0x0, 0x1, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0x63c, 0xe, 0x6, 0x100, 0x6, 0x1bfe, 0xb, 0x40, 0x40bed4, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x5, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xa, 0x1fa0860a, 0x7, 0xa9, 0x81, 0x2, 0x180000, 0x4003, 0x8b, 0x5, 0x2af, 0x3, 0x5, 0x2, 0x1, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10000, 0x3f6, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdffffff, 0x2, 0xfffffffe, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x4, 0x1, 0xc50, 0x2, 0xb, 0x2, 0xd9a, 0xc8, 0x2a2, 0xfffffffd, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x5, 0x1fc, 0x1ff, 0xffffffff]}}) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 5m46.447791006s ago: executing program 0 (id=1072): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r1, r0, 0x15, 0x0, @val=@kprobe_multi=@syms={0x0, 0x0, 0x0}}, 0x30) r2 = socket(0x10, 0x803, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, 0x0, &(0x7f0000000300)) 5m46.276601812s ago: executing program 0 (id=1075): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x2000414, &(0x7f0000000040)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES16=0x0, @ANYRES16, @ANYRES16, @ANYRES8], 0x1, 0x2a1, &(0x7f0000000540)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000000e40)={0x2020}, 0x2020) 5m45.809483927s ago: executing program 0 (id=1082): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000000)={0x0, 'veth0_vlan\x00', {0x2}, 0x2b1}) 5m43.554145591s ago: executing program 0 (id=1102): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000) preadv2(r0, &(0x7f0000002240)=[{&(0x7f0000000140)=""/140, 0x48}], 0xc, 0x8, 0x9, 0x11) timer_create(0x1, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 5m42.971666466s ago: executing program 32 (id=1102): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000) preadv2(r0, &(0x7f0000002240)=[{&(0x7f0000000140)=""/140, 0x48}], 0xc, 0x8, 0x9, 0x11) timer_create(0x1, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 5m19.110642069s ago: executing program 4 (id=1286): r0 = syz_clone(0x88206100, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') syz_read_part_table(0x4074, &(0x7f0000000400)="$eJzszzFKK1EUBuB/kjcvowwEQStBDBZ2MnZWs4v0kjVYWag4O7EUF+A+3IOlLiESZKIxtoEg31cczpmfM/fesN3e+6ZafiqSPM+e9pIcT9I1zWf4r893vrab85S71SB1kqv1n08fN3p3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg24y+9YOV5DZJ93J92s/VovxflNlhups2F3VSHYyT+2HK9qjIfjI5++WMYfKapEjylmQ63txzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/5HJlGv2M6765W199OEnXlst0Pv9gd44JAABhGAhmxCAmMRkstPudgf92nD3JfdtXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04kAEAAAAQ5m+dR/sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4KQAA//9ggxZC") fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_open_procfs$namespace(r0, &(0x7f0000000100)='ns/ipc\x00') 5m18.227497602s ago: executing program 4 (id=1293): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_procfs(0x0, &(0x7f0000000a40)='pagemap\x00') ioctl$KVM_SET_XCRS(r0, 0x4188aea7, 0x0) 5m18.065878937s ago: executing program 4 (id=1295): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) setresgid(0xee00, 0x0, 0xee00) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') r1 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0) getdents(r1, 0x0, 0x0) 5m17.942349659s ago: executing program 4 (id=1296): syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x8bc80, 0x0, 0xfc, 0x0, 0x0) mount(0x0, &(0x7f0000000780)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x16, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0) open_tree(r0, &(0x7f0000000640)='\x00', 0x89901) 5m17.693723772s ago: executing program 4 (id=1298): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8) r1 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000280)=0x8) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) dup2(r0, r3) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c) syz_open_dev$evdev(0x0, 0x3, 0x862b01) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000140)={r2}, 0x8) 5m17.454514065s ago: executing program 4 (id=1305): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x49801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_LINK={0x8, 0x1, r3}]}}}]}, 0x40}}, 0x0) syz_mount_image$msdos(&(0x7f00000008c0), &(0x7f0000001200)='./file2\x00', 0x4000, &(0x7f00000000c0)=ANY=[@ANYBLOB="646973636172642c646f74732c646f74732c6e6f646f74732c636865636b3d7374726963742c646f74732c0080fcdc5c3dd34a5bee25f099008bade73ed878442a18112f260a6de8f9de23ca03128aff6e01"], 0x1, 0x11c8, &(0x7f0000002440)="$eJzs209LrFUcB/CfXu3a3DT7d+veTYfa1OYhXbRqI6EQDhTqBBoEjzjWMNPMMM8sZqSF0K5VryNatguiN+C7aCdB1MaVEzmmKUoq6Qj389nMF77POXMOAwNnmLP/wXdf1beLbDvvxvjYWEy0JyMdpEgxHg9iaDfe/Wbpz29X1zeWF8rlxZWUlhbW5t5PKc28+fNnX//w1i/dR5/+OPPTw9ib/Xz/9/lf9x7vPdk/XPuyVqRakZqtbsrTZqvVzTcb1bRVK+pZSp80qnlRTbVmUe2c6bcbrXa7n/Lm1nSp3akWRcqb/VSv9lO3lbqdfsq/yGvNlGVZmi4F5w0Gg8FVn618f3D09GAwGc8djXw+SvEoXojpmIkXYzZeipfjlXg1XovH8Xq8EU+uNT8AAAAAAAAAAAAAAAAAAABwFe7/AwAAAAAAAAAAAAAAAAAAwOi5/w8AAAAAAAAAAAAAAAAAAACj5/4/AAAAAAAAAAAAAAAAAAAAjN7q+sbyQrm8uJLSVMRvu71KrzJ8HfZLH5UX30tHZk9H/dHrVR6c9HPDPp3tH0bpuJ+/sJ+Kd94e9n93H35cPtc/ja3b3z4AAAA8E7J04sLzfZZd1g/Tv34fOHd+n4inExe949RtbYUbKPo79bzRqHaK/uQ/Yec64fBGoy4JY8er+t8mFIT7FcbvxzL+O4z4i4k7cfqhj3olAAAAAAAAAAAAXMdd/J1w1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mIHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVwUAAP//1PuWZQ==") sendto$packet(r0, 0x0, 0x0, 0x40880, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x84, 0x6, @remote}, 0x14) 5m17.18982113s ago: executing program 33 (id=1305): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x49801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_LINK={0x8, 0x1, r3}]}}}]}, 0x40}}, 0x0) syz_mount_image$msdos(&(0x7f00000008c0), &(0x7f0000001200)='./file2\x00', 0x4000, &(0x7f00000000c0)=ANY=[@ANYBLOB="646973636172642c646f74732c646f74732c6e6f646f74732c636865636b3d7374726963742c646f74732c0080fcdc5c3dd34a5bee25f099008bade73ed878442a18112f260a6de8f9de23ca03128aff6e01"], 0x1, 0x11c8, &(0x7f0000002440)="$eJzs209LrFUcB/CfXu3a3DT7d+veTYfa1OYhXbRqI6EQDhTqBBoEjzjWMNPMMM8sZqSF0K5VryNatguiN+C7aCdB1MaVEzmmKUoq6Qj389nMF77POXMOAwNnmLP/wXdf1beLbDvvxvjYWEy0JyMdpEgxHg9iaDfe/Wbpz29X1zeWF8rlxZWUlhbW5t5PKc28+fNnX//w1i/dR5/+OPPTw9ib/Xz/9/lf9x7vPdk/XPuyVqRakZqtbsrTZqvVzTcb1bRVK+pZSp80qnlRTbVmUe2c6bcbrXa7n/Lm1nSp3akWRcqb/VSv9lO3lbqdfsq/yGvNlGVZmi4F5w0Gg8FVn618f3D09GAwGc8djXw+SvEoXojpmIkXYzZeipfjlXg1XovH8Xq8EU+uNT8AAAAAAAAAAAAAAAAAAABwFe7/AwAAAAAAAAAAAAAAAAAAwOi5/w8AAAAAAAAAAAAAAAAAAACj5/4/AAAAAAAAAAAAAAAAAAAAjN7q+sbyQrm8uJLSVMRvu71KrzJ8HfZLH5UX30tHZk9H/dHrVR6c9HPDPp3tH0bpuJ+/sJ+Kd94e9n93H35cPtc/ja3b3z4AAAA8E7J04sLzfZZd1g/Tv34fOHd+n4inExe949RtbYUbKPo79bzRqHaK/uQ/Yec64fBGoy4JY8er+t8mFIT7FcbvxzL+O4z4i4k7cfqhj3olAAAAAAAAAAAAXMdd/J1w1HsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mIHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVwUAAP//1PuWZQ==") sendto$packet(r0, 0x0, 0x0, 0x40880, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x84, 0x6, @remote}, 0x14) 19.329452286s ago: executing program 2 (id=2415): socket$nl_route(0x10, 0x3, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x5fd, 0x4) recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x2120, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat$incfs(0xffffffffffffff9c, 0x0, 0x400000, 0x110) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_emit_ethernet(0x1046, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd6000000010102b00fc020000000000000000000000000001fe8000000000000000000000000000aa670000000000000021"], 0x0) setfsgid(0xee00) syz_open_procfs(0x0, 0x0) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000801}, 0x40810) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) 9.669552373s ago: executing program 2 (id=2443): socket$nl_route(0x10, 0x3, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) r0 = socket(0x1d, 0x2, 0x6) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x3a0, 0x1, 0x0, 0x1, 0xfffffffa, 0x2, 0xfffeffff}, 0x1c) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x3, 0x0, 0x0, 0xffffffffffffffff}) ioctl$BLKSSZGET(r1, 0x1268, &(0x7f0000000180)) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00'}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000580)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0xbc3d, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x2, 0x6}}, 0x20) r5 = syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r5, 0xc4c85513, &(0x7f0000000000)={0x2, 0x4, 0x1, 0x0, 'syz1\x00', 0x109a7}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4000, 0xffffffff, @empty}, {0xa, 0x0, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, 0x800083}, r6}}, 0x48) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0) socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f00000003c0)={0x0, @in={{0x2, 0x4e21, @multicast2}}, 0x7, 0x1}, 0x90) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200), 0x100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$TCSETSW2(r7, 0x402c542c, &(0x7f0000000040)={0x1, 0x806, 0x0, 0x80000007, 0x2, "6d1714a98b08633c45debea890564b7cdcd0f7", 0x6, 0x3}) r8 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000000000)=0xfffffffe, 0x4) syz_open_dev$vim2m(&(0x7f0000000380), 0x4, 0x2) 6.53524198s ago: executing program 2 (id=2448): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_IOCTL(r1, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect) 5.558812933s ago: executing program 2 (id=2453): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x480, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, 0x0, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}]}, 0x30}}, 0x10) listen(r1, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r4 = accept(r1, 0x0, 0x0) r5 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0) recvfrom(r3, &(0x7f0000000280)=""/90, 0xfffffffffffffe4a, 0x530, 0x0, 0x0) 4.145881237s ago: executing program 1 (id=2461): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000200)={@val={0xa}, @void, @eth={@multicast, @remote, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \x00', 0x18, 0x11, 0xff, @empty, @mcast2, {[], {0x4f19, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0xb, 0x10000}}}}}}}}, 0x52) 3.05738924s ago: executing program 3 (id=2466): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x268, 0x300, 0x0, 0x268, 0x3d0, 0x460, 0x460, 0x3d0, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0xa8, 0x110, 0x0, {0x9401}}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x8, 0x3, 0x8001, 0xfffffffa, 'syz1\x00', 'syz0\x00', {0x5}}}}, {{@ipv6={@private2, @local, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x2, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x800038, 0x2000000000000007, 0x3, 0x180, 0x6, 0x10, 0xf1, 0x100000001, 0x1, 0xca0, 0x4000000000000000, 0x2000000002d, 0x0, 0x6, 0x0, 0xbd9], 0xffff1001, 0x43100}) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x200000000000043, 0x2000004, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x7, 0x100008000000009, 0x803, 0x0, 0x9], 0xeeee8000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x1, 0x8, 0x8, 0xb, 0xe5, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x5000, 0x3000, 0x3, 0x0, 0x42, 0x9, 0x75, 0x6, 0x36, 0x0, 0x2, 0xb4}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x1, 0x1, 0xa4, 0x5, 0x5}, {0x8000000, 0xeeee0000, 0x9, 0x40, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe, 0x4}, {0xf000, 0xd000, 0xf, 0x3, 0x16, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0xdddd0000, 0x6, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0xffff1000, 0xf, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xdddd0000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0xeeee0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0x100000, [0x6800000000000000, 0x4, 0x3, 0x8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.997861976s ago: executing program 2 (id=2467): r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4004550c, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(r3, 0x8946, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x80002, 0x0) unshare(0x2a020480) r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r4, 0x40000000af01, 0x0) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f00000002c0)={0x48, 0x7, r0, 0x0, 0x10000, 0x0, 0x3, 0x2ca584, 0x27158b}) syz_clone3(&(0x7f0000000780)={0x0, &(0x7f00000000c0), &(0x7f0000000100), 0x0, {0x1f}, &(0x7f0000000680)=""/189, 0xbd, &(0x7f0000000200)=""/101, &(0x7f0000000740)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x5}, 0x58) sched_setaffinity(0x0, 0x8, &(0x7f0000000800)=0x5) 2.934771132s ago: executing program 1 (id=2468): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b *'], 0xc) 2.730056762s ago: executing program 1 (id=2470): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) unshare(0x22020400) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 2.592120004s ago: executing program 1 (id=2471): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'syzkaller1\x00', 0x4c02}) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x18) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000100)=0x730) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) 2.569184037s ago: executing program 3 (id=2472): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r1, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002380)=ANY=[@ANYBLOB="8800000010000104000000400300d79c3790dd3d", @ANYRES32=r1, @ANYBLOB="24200400858d0000680012800e00010069703665727370616e00000054000280050016000200000004001200140007000000000000000000000000000000000014000600fc00000000000000000000000000000114000700fc020000"], 0x88}, 0x1, 0x0, 0x0, 0x4040014}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0) 1.818027718s ago: executing program 5 (id=2473): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) r2 = syz_io_uring_setup(0x118d, &(0x7f00000000c0)={0x0, 0x8d2e0, 0x0, 0xffffffff, 0xc2, 0x0, r1}, &(0x7f00000003c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r1, 0x0, 0x0, 0x0, 0x80000}) io_uring_enter(r2, 0x47f5, 0x0, 0x0, 0x0, 0x0) 1.664995652s ago: executing program 3 (id=2474): getpid() r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff, 0xc, 0x0, 0x0, 0x9, 0x1, 0x10cf, 0x5505, 0x8b, 0x1, 0x0, 'syz0\x00'}) 1.654834363s ago: executing program 5 (id=2475): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0102}}}, 0x14) socket$igmp(0x2, 0x3, 0x2) connect$802154_dgram(r1, &(0x7f0000000240)={0x24, @none={0x0, 0x3}}, 0x14) sendmmsg(r1, &(0x7f00000196c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0xd, 0x0}}], 0x4000050, 0x400c010) 649.966929ms ago: executing program 5 (id=2476): r0 = socket$alg(0x26, 0x5, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="100000402a2f67a906db46"], 0x10}, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) unlink(&(0x7f0000000580)='./file0\x00') sendmsg$alg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000013c0)="0617d2d503b14bbc2737ddc1796a5b1f7702ffe273f1ba3add98a39ff0e30f9de584b4f78af7f5fdd34db9395be6fb99cb9806faab593b55a010b9b22ebb3088c42e96f2e4de49ef5974dda9d9e8d2afde7d0a41e4ff1674cb04196502c858be537c9f0cb8f1ef6d3725f61de0e08ce21763a064fb5df7fdac89da0d005cf7d6bc7e01e6cf4e662fb7e63052891e8d1bcc7b6cc3c395235a24e56c9ccde678329c3faa829b807f6a14c8e3cebb488ed024a8c07460b2c42a39417b30652d6b47e7c3982c71616d1b5a0fa195292509d8a0111c6d400422199776ca0ff0e44719828f112069b4ad37df284cdbd2766f645463f4130ba65af0db60fa919be089fb13e89194f9e193081cfc730966685a98b69e3b91fa42a940f0ab2026d4c5b7bd8d7a5094a17b5a4f261b1b8a384339ae968557ab460d1a5cdadc0332664b1ebbbd914538d90e7505f7f0cc9af9102280ef2c580c910e3b1b23b13c8d4a868ccaa9de65d98ac801a78baba602fafeeb6d55bb53656746b01e4258da2d88dffc1140d5ccb6348d12389ee21c5f16180fc6cb7890ad409240bd82733bc6c403512c59ba0cd2d92682bbce7b61487fadd2c2edee21cc9d12f4848a954880b183dcff076b0fe064aafc9c766db199fd80e14036a511d2f3d601990b864994081d13b1b0ea2f40f3b0dd979e9eb11e666f4b1c2e1fe52269158040c51b1d89c1b679b664d7c691ada7bd4d9ebce504e38a410db9cbcfb28033eb865cd00bd424a300fa60ec30af4f27ae3b60392a29a34f4439c0171e59e962b19b3814ed3e961ebfd7fa6228c217fa7d5045c4eab1573790b217dc7450ced4901eac5a546cf9575a2997c2025bbdddca62520072b5f8a6a603cca8c1d8cb4502df3f2f4a96e5099cd0f20ab3dd5d5d44846cfc9135138378c8a946d0770f70e2b34858944b1b46a0d3f4626a748b8a829a315f1d14af97b22fa964fbf1d1f09a4ec0e7e06311d76c253e8cfad9be8d7f2baa80b328613d65f463a7d00b3d5ba7a825507bb1f6f5569dbf388ce0215905b97f3bd8d2b39638e02c1cadf2d5170a017d0b3b7f04dfa2e85bd8a280a3e8809408a9e9d8d250869d5e254b274472d1f68f19ed4b324ed228d052f74114ee4e4595fe6534f92d7ba10b7d5971b4714045b22a481b0dea68c7c8d238870d979a91c384f0bfb50582143aef76346972eb58b040568691e133a39aa9716d3262ddac1a1f64bbd554f010c7d354fc9e671dbb0e7327467baf64337d1d3d6254259529fa5bb982da1eb8335649b6f9eb78b91e60702ef781323f3659ee7faa868575daa315f28d5b3dc790004c6efc83c7a5a54b6eed679a3b615b0e0e3e86b9d39726f966e9db62fc45c2e192f2621f6eabc28484ae3b075d4ea6c92f5e04985094458a42b091c906bb22164fe6cc736217872dbb019dd605c2929a39ef871858d2d87dde53ba2dd6a290d67da54092976d0a2a512a9b5cae4f8e096e05b0d2400e486340b3ebcb138f08cee224ea17158759cbdf936e510dde2b8c3abd4d219209dfe46448af8a580797e7adf4a29d8dd860ace10eb1752ebbe7eb018023db26bf891596443910d3eeec6e6a5bf2a11de9397c26f4895ed54e50fdf883a4234ca37df5389cca96c0e9244b9b7627c505c1cd3de89a4fa19af5b3957e0bcef468c8ffe24a22862f11e45713cd3f4d7e17a32235f881ebe5b6675e5302a82cd94e2af8a6bd24e50e403e2e03d0e709cbbcb2d75544fdcfe5fecd37cd946f4fbf63f218be16bac2bf8026f8ed9aa76d757b03dc9d1e8dcbd869daaf8481c47256f5fc48e74acfb03488356cf6962ac077b3a792c05d42649299fce11cd15663cd12c3188bdd7a8bd9c1a2b236d97a430c79e93399dff1aae022b14e415ac346441dcf0794a4b146058aed0b48392d93652c9386ea1fe34c8e2c40636f892e978b1e22e00996b9e001fccc1a0c3729c496ad1c4fa303e17788e2fcbf3f66ab6fe0f0627e38e25aedb7d97759cd57693816649256a73e54a9b5fe87b2f6832384be609685522ea74f5524ae30a20bb37440dfc1793f39d1b46762b47e00843b71b05cc4bd429ab35740d5c62f32a7fe4693f609386cce049f957274bb4b41333b2f60e5ad330fc7d7ed9d322381838e5ac879815288ec0e3bf4feb67fe76c442ef3eb56a7f28face9099ffadafcf27d4839fc9b47b7d4b26aec96e3437b351ce3930edaa1f9aa39a461d75bdd730f3376d178d4489d3a1981e927686ce294dd1393a0bf73764970bbb09b44c79e272736a85ba4fcc29641874cc81c884437c146ec380511653eda102330bc17e015c9c02ff8294c323332158f518bd58811e8fb05a4f5808f57eead8b17ebcaa16351c38568492e5dcb51acfb950503948ba48bca1f4376baefedde02bc966f60eb25c01196c0436660df1d7e110c9a32222f8e9b0068d60f8472e187564f22e85b76dd8e999641e43623112d8e26c427b54c22923773fe7108989a607f97bf56c268f841f02e2395cd5e6972e350c7a28d5282c39079649dab733d4dd856c94d26bac345960d8c9f747b919f70fe4ddca41e569663f44205dbbac1aa2ac5e714633fe89f46e62fe5f6791ea32e0f2872e25ff3dac391925e57fcd8020f2055078a02538e967d5d92031449258a4bc84963997d2ca4a48b47924776108134131e6ef838fa93cac56ea7a36ca91f11d9e8377896d2f311b52aacbf0bd73103c1ae0354f475eed88f5f8101cfcf3c662c2565aa95e15570ded30f125637e8a14e3dc21f0ab85ea52e969e3c7c0b431f05f88e82b1df3477cada2041e1194a2b18d25be7c53cb74f0cdaf1fcfac483158e8994cb57cdf118ce233e24daeba4e8f31b91ee6286248d1a3cc5b24e99e8318e4379462658d87680513d1cb48d2114f2d355029262840ab99e6e5fdaa00157564e89986a1f0954502652cbbb66669f30f5daebb24ca09c6010097b50341fe51128479f6e4985f3193faccd67bbd55290ac003d276d5c161a7f6c93f0d7b98f07c24bb8f53ee53e6fed3eec1de81f6548bac6abd379c8ec5c60f9fc330cf4c5b0483b528b47d434c470a74c044405fc85e91cad490fa63baeef432ea933409ee6568c16e89434624ed8d03db26a130405544c9c52f18551327515975e1e5371e585fe080c42bd6f0b6c70af5fadc85a001ac24eb2a90881a9fd0c36d032a420b42aba56ed6a3137df63c89e8712af4eb7f2da5851c01720759975eb1f70f1a87d7fc01db882ca9b470a2aa4b40a2f579179693a58bc191bdce1315a9bc59abb461503e49d92cb5b193e1050e630f02440b2c5662603b64b38874a64f94a8c2ac6e641fd7ee9c09f0d69a9a4dbcfcbde3cd39040e05f77a889e69e16404a0c9df41dfe8300b8e7c1b3c5f2aae0c92d82dd2e7c0ffe8c4c71dde369d08c8de66d41ecd91d42376e0af2371bbaa65ed2dcd9138723f2d12d041abae9c5f032542d6f674810880ca1399906eb1b30b85396a57059dfa57e1192f452ec19623db6db4d68eecac8f7961198c4bd8ba8e053678f537d36039f0d83deb20fdc597fbfa14337935921a5bbbdab55bd170e023666cfb77faecbdc43c0976164986ec478dc731c9c6f39a631f6f485abcb2208113fe53f9fcad51728f931e646a7aff82a35501ffc1a198c34e3f5fc221274e6f0b28ea2fdc92054e2d7350b3a0b146a467eadd47d1d34181b846e77ab25509d33804658d4a384a276dbdcd31cf73dc4005922b61ab798b8d6f8f9c60352a4615efe70491f90e685c2a05f2225cd4ae22083d166c6e72f08e09c9730af2537f22c16621cd88b69e2d3cf1afbb26beec644e30420b2f66d77c54743c7885081c685e5da70a5707de423bcb9059adcf3e9485b58f1294e1e8abd807f333f0a0182a2fe961414c14491e3f27292c1f1989ca503afcba6097dd7d4d1f386ff14215e7c448b5fe4dc69c8e06aacee84664b4ea01cbc5bcd6743003e9299679e170282c97d31c0b8ef61bff8646c091d0aea7679f6c4e348ab0c93873365a195a65477522a50126eaec4220ddde00233f3441906a4dd49f8ea33528cc13afeaac21dc4b9fd71872ccfde4c39911de463ca954145b00007758d254e3ebee50677d0016c1b92d28bf17274b2d3b2d92a209e173e1da514732ebd23b1e0dcdf6f720cfd3a06613597cdedebe5531823e295a86fc41df3fda31956742a81e039c3a08e3abaa580b695619256e41f4e2ee1ddc89b8d637902d8f3a62865a5d681acaf7aa6206c2589d50128da6afc9a64e804cb98e8efe3eb6f3156f8b29bd6298d4d684f6a787f1737ef98dbabdbef8bdd4cef47768cebacd3706ce90a017a70980ab41f9fe4468d153b73e6549233e586810054b85d17e61f8a81e6f7d090292994c5ea3edd094a421a4b4b1a1765e5757eee2513199561e36c8f537fdfb9339e1a41f57a7fd55b5cf8c4c6771223229f96188696a12c190df766750f422d17c9b086d3a7812befa0d14ba54d486fa42cad27c92ca16bb1cfa60bffa895c9affb3d948407f1ab47113c4e11058815e71a7b877643b9b435b3b401050769c290ce07e546a345634cd2469df9eb055eb455bbdd523b13c737d04cf94b2cdc191432338129f98cd4c32269d92beb0604f8a779fa5dc7a43e8b4fbc3030bb0694ca140e3bbec5fe51ffc3fa9b39cb82b6d2dcf83b2e934d7da0c92e5c0fa0f31fb6142ecdb5cc5b665b5144ed510cc6bb7f0a74fd9e67fa3d37b6645afea3d5126724908283f7b7f42bfbe1ce12caea4323ea1a2d6290418dd4f14c982220eb0aebe589a04ca157a4f546c0d55734e98ba7b804658f96973c3129c33bc5050aac8bc0b6999a5013d2edd1fd58256d73ae3635d49afc4c9d460f384cdede2c80ae1139d2029f1b56f17e207d6b2d0d8676cce2ee81ae8babcef53ffc70a09ec6c21492dc984b30412a3c6283924e3f9987a6f3999c278c53466bc15f6cec37a9ea642b26bd4a6ecde6532843c1ac1fdfb64335d14abf469ea048f1df8c8b0cc8e5746bb377356428dad5593ca81684d42a7660bd7effdbb8fcf4", 0xe00}, {&(0x7f00000006c0)="9059d63642dc873e5afc1954c0111ca9814807ee58921a6d8f748baac62ea8a24a04b57d8c37f3992d3df0ee741820a7c691d48c38247fd44c618835fb6035b42f213f7047a3575f46099c1e7210777f95cff505690c87a68aa665b8f37fcebe4552bfe0e55cfda15312e96bb07e7961c9b6581e5967df61a4e3cf7f374e2aa6fb9af07c5eeab3cc161882c34dbaf68c958b9f650b04ebfab8dcab50f047adc8144e4e0991d85d8f395e732dee63fb06a5c85ae9b6207e464e2771d60cb23fa160b32fbc1fdf3c502757b8bc00ce99b82101e1915a6c23963e1a3db1c2", 0xdd}], 0x2, &(0x7f0000000300), 0x0, 0x81}, 0x40011) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 649.750089ms ago: executing program 3 (id=2477): r0 = socket$kcm(0x29, 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48) r2 = socket$kcm(0x2, 0x1, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1}) 649.665329ms ago: executing program 1 (id=2478): open$dir(0x0, 0x280002, 0xb0) capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200007, 0x801, 0x4, 0x7}) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000)) 616.537102ms ago: executing program 5 (id=2479): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000700)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4, @local}]}, &(0x7f00000006c0)=0x10) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={r1, 0x8}, &(0x7f0000000040)=0x8) 506.443342ms ago: executing program 3 (id=2480): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan0\x00'}) r2 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xfe33) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r0, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0) ioctl$KVM_SET_GUEST_DEBUG_x86(r3, 0x4048ae9b, &(0x7f0000000080)={0x40003, 0x0, {[0xffffffffffffffff, 0x0, 0x8, 0xfffffffdefffff16, 0x3, 0x10, 0x4, 0x4]}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 426.00416ms ago: executing program 1 (id=2481): socket(0x2b, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x3010}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x4, 0x0, 0x0) r5 = socket(0x40000000015, 0x5, 0x0) connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0) sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYRESHEX=r0], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 374.779865ms ago: executing program 5 (id=2482): r0 = io_uring_setup(0x1fc1, &(0x7f00000002c0)={0x0, 0xfc95, 0x0, 0x0, 0x157}) r1 = socket$inet(0x2, 0x2, 0x0) io_uring_enter(r0, 0x67a7, 0x49ce, 0x8, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000d40)=[{{0x0, 0x0, 0x0}, 0x92}], 0x1, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 113.11916ms ago: executing program 3 (id=2483): socket(0xa, 0x3, 0x3a) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x81, 0x0, 0x9, 0xfffffffffffffffd, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000200)={0x48}) add_key$keyring(&(0x7f0000000400), 0x0, 0x0, 0x0, 0xfffffffffffffffe) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f00000000c0)=ANY=[], 0xd8}, 0x1, 0x0, 0x0, 0x4044001}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x14, 0x2, 0x6, 0x1, 0x6000000}, 0x14}}, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x4b8, 0x378, 0x180, 0x0, 0x2e0, 0x180, 0x448, 0x448, 0x448, 0x448, 0x448, 0x6, 0x0, {[{{@uncond, 0x0, 0x130, 0x158, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@remote, [], @ipv6=@local, [], @ipv4=@private, [], @ipv6=@private1}}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x218}}, {{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}}]}, @ECN={0x28}}, {{@ip={@rand_addr, @dev, 0x0, 0x0, 'syzkaller0\x00', 'macvlan1\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x518) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, &(0x7f0000000580)=""/90) getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x67, 0x0, 0x0) r5 = syz_open_dev$vbi(0x0, 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000000c0)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r5, 0xc0845657, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1a) 65.895284ms ago: executing program 5 (id=2484): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r0, 0x0, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000200)=0x1000000000005) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) mq_notify(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xc, 0x6, @thr={&(0x7f0000000140), 0x0}}) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) fchdir(0xffffffffffffffff) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000400)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f00000002c0)={0x28, 0x7, r6, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8}) ioctl$IOMMU_IOAS_COPY(r5, 0x3b83, &(0x7f0000000040)={0x28, 0x4, r6, r6, 0xf, 0x3, 0x6d}) connect$rose(r0, &(0x7f0000000080)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1, @null}, 0x1c) openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) 0s ago: executing program 2 (id=2485): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000000300)=""/102390, 0x18ff6}], 0x1, 0x0, 0x7) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.16' (ED25519) to the list of known hosts. [ 62.941732][ T5751] cgroup: Unknown subsys name 'net' [ 63.101585][ T5751] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 64.500441][ T5751] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 66.126669][ T5762] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.144669][ T5762] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.154861][ T5762] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.163288][ T5762] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.171116][ T5762] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.181333][ T5766] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.191288][ T5768] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 66.205593][ T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 66.213909][ T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 66.225511][ T5771] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 66.244641][ T5771] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 66.266998][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 66.275820][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 66.284277][ T5771] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 66.284295][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 66.299658][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 66.307888][ T5771] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 66.308595][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 66.323534][ T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 66.324229][ T5771] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 66.338262][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 66.339776][ T5771] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 66.356245][ T5771] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 66.363652][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 66.764948][ T5767] chnl_net:caif_netlink_parms(): no params data found [ 66.847074][ T5761] chnl_net:caif_netlink_parms(): no params data found [ 66.966852][ T5764] chnl_net:caif_netlink_parms(): no params data found [ 67.007449][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.015899][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.023510][ T5767] bridge_slave_0: entered allmulticast mode [ 67.031278][ T5767] bridge_slave_0: entered promiscuous mode [ 67.040835][ T5765] chnl_net:caif_netlink_parms(): no params data found [ 67.069568][ T5761] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.077277][ T5761] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.084834][ T5761] bridge_slave_0: entered allmulticast mode [ 67.092233][ T5761] bridge_slave_0: entered promiscuous mode [ 67.100890][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.108933][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.119923][ T5767] bridge_slave_1: entered allmulticast mode [ 67.129280][ T5767] bridge_slave_1: entered promiscuous mode [ 67.162055][ T5761] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.171279][ T5761] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.178926][ T5761] bridge_slave_1: entered allmulticast mode [ 67.186029][ T5761] bridge_slave_1: entered promiscuous mode [ 67.249313][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.263848][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.290688][ T5761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.303681][ T5761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.381616][ T5764] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.390011][ T5764] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.398382][ T5764] bridge_slave_0: entered allmulticast mode [ 67.406368][ T5764] bridge_slave_0: entered promiscuous mode [ 67.441229][ T5767] team0: Port device team_slave_0 added [ 67.451165][ T5767] team0: Port device team_slave_1 added [ 67.457960][ T5764] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.466084][ T5764] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.473653][ T5764] bridge_slave_1: entered allmulticast mode [ 67.482862][ T5764] bridge_slave_1: entered promiscuous mode [ 67.501566][ T5765] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.509034][ T5765] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.516988][ T5765] bridge_slave_0: entered allmulticast mode [ 67.524194][ T5765] bridge_slave_0: entered promiscuous mode [ 67.533955][ T5761] team0: Port device team_slave_0 added [ 67.582112][ T5765] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.589500][ T5765] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.598244][ T5765] bridge_slave_1: entered allmulticast mode [ 67.605359][ T5765] bridge_slave_1: entered promiscuous mode [ 67.614032][ T5761] team0: Port device team_slave_1 added [ 67.632437][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.640145][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.667184][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.682428][ T5764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.696022][ T5764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.729620][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.737174][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.764264][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.801545][ T5761] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.808915][ T5761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.837006][ T5761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.851079][ T5761] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.858196][ T5761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.884763][ T5761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.908032][ T5765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.949813][ T5764] team0: Port device team_slave_0 added [ 67.957895][ T5765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.993712][ T5767] hsr_slave_0: entered promiscuous mode [ 68.000266][ T5767] hsr_slave_1: entered promiscuous mode [ 68.011612][ T5764] team0: Port device team_slave_1 added [ 68.033258][ T5765] team0: Port device team_slave_0 added [ 68.073012][ T5765] team0: Port device team_slave_1 added [ 68.109382][ T5764] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.118050][ T5764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.147884][ T5764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.193054][ T5761] hsr_slave_0: entered promiscuous mode [ 68.200648][ T5761] hsr_slave_1: entered promiscuous mode [ 68.208351][ T5761] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.218750][ T5761] Cannot create hsr debugfs directory [ 68.237202][ T5764] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.245467][ T5764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.275158][ T5764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.297077][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.304981][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.306951][ T5766] Bluetooth: hci0: command tx timeout [ 68.340457][ T5765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.381537][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.384865][ T5766] Bluetooth: hci1: command tx timeout [ 68.389224][ T51] Bluetooth: hci2: command tx timeout [ 68.395764][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.429153][ T5765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.464691][ T51] Bluetooth: hci3: command tx timeout [ 68.509957][ T5764] hsr_slave_0: entered promiscuous mode [ 68.517059][ T5764] hsr_slave_1: entered promiscuous mode [ 68.523517][ T5764] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.531604][ T5764] Cannot create hsr debugfs directory [ 68.576641][ T5765] hsr_slave_0: entered promiscuous mode [ 68.584284][ T5765] hsr_slave_1: entered promiscuous mode [ 68.590770][ T5765] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.598739][ T5765] Cannot create hsr debugfs directory [ 68.863313][ T5767] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 68.875707][ T5767] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 68.892493][ T5767] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 68.907079][ T5767] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 68.979977][ T5761] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 68.992421][ T5761] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 69.004153][ T5761] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 69.019025][ T5761] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 69.107063][ T5765] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.129631][ T5765] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.157090][ T5765] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.183608][ T5765] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.248781][ T5764] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 69.260419][ T5764] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 69.289929][ T5764] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 69.300094][ T5764] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 69.381028][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.394461][ T5761] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.447362][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.460339][ T5761] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.488558][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.496517][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.533842][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.541186][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.555170][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.562620][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.584279][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.591932][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.604035][ T5765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.681279][ T5765] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.728333][ T5764] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.740326][ T2942] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.748257][ T2942] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.821478][ T5764] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.836880][ T2942] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.844678][ T2942] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.900807][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.908316][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.922972][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.930257][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.009676][ T5765] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.228612][ T5761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.388110][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.398659][ T51] Bluetooth: hci0: command tx timeout [ 70.422078][ T5761] veth0_vlan: entered promiscuous mode [ 70.466472][ T51] Bluetooth: hci2: command tx timeout [ 70.477157][ T51] Bluetooth: hci1: command tx timeout [ 70.498661][ T5761] veth1_vlan: entered promiscuous mode [ 70.518962][ T5764] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.543035][ T5765] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.553357][ T51] Bluetooth: hci3: command tx timeout [ 70.650162][ T5764] veth0_vlan: entered promiscuous mode [ 70.671919][ T5767] veth0_vlan: entered promiscuous mode [ 70.697081][ T5764] veth1_vlan: entered promiscuous mode [ 70.717421][ T5767] veth1_vlan: entered promiscuous mode [ 70.737016][ T5761] veth0_macvtap: entered promiscuous mode [ 70.746910][ T5765] veth0_vlan: entered promiscuous mode [ 70.769405][ T5761] veth1_macvtap: entered promiscuous mode [ 70.790772][ T5765] veth1_vlan: entered promiscuous mode [ 70.830542][ T5767] veth0_macvtap: entered promiscuous mode [ 70.850420][ T5761] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.860399][ T5767] veth1_macvtap: entered promiscuous mode [ 70.883307][ T5761] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.899998][ T5761] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.912388][ T5761] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.922595][ T5761] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.932777][ T5761] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.968328][ T5765] veth0_macvtap: entered promiscuous mode [ 70.998807][ T5764] veth0_macvtap: entered promiscuous mode [ 71.010272][ T5765] veth1_macvtap: entered promiscuous mode [ 71.027550][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.039887][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.052300][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.060844][ T5764] veth1_macvtap: entered promiscuous mode [ 71.100860][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.115571][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.130692][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.142078][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.153241][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.163354][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.174144][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.187283][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.200768][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.212238][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.222979][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.234407][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.245961][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.257839][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.270964][ T5764] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.287625][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.299341][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.309873][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.320777][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.332784][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.358263][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.368930][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.380862][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.392688][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.403321][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.414321][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.428863][ T5764] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.438120][ T5765] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.447759][ T5765] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.456803][ T5765] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.466375][ T5765] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.478588][ T5767] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.487798][ T5767] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.496621][ T5767] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.506685][ T5767] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.528257][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.540064][ T5764] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.550702][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.551151][ T5764] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.568525][ T5764] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.580488][ T5764] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.594281][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.601502][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.644881][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.655838][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.801785][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.836209][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.889881][ T5853] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.903616][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.919951][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.947701][ T5853] batadv0: entered promiscuous mode [ 71.953918][ T5853] vlan2: entered promiscuous mode [ 72.046230][ T1124] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.097815][ T1124] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.167523][ T1124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.168135][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.195135][ T1124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.195174][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.228933][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.264631][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.313212][ T5859] syz.2.6[5859]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 72.359571][ T5859] loop2: detected capacity change from 0 to 2048 [ 72.464827][ T51] Bluetooth: hci0: command tx timeout [ 72.471452][ T5859] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.554746][ T51] Bluetooth: hci1: command tx timeout [ 72.558784][ T5766] Bluetooth: hci2: command tx timeout [ 72.621661][ T5864] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 72.639449][ T5766] Bluetooth: hci3: command tx timeout [ 72.798764][ T5761] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.959576][ T5867] loop0: detected capacity change from 0 to 32768 [ 72.968027][ T5867] ======================================================= [ 72.968027][ T5867] WARNING: The mand mount option has been deprecated and [ 72.968027][ T5867] and is ignored by this kernel. Remove the mand [ 72.968027][ T5867] option from the mount to silence this warning. [ 72.968027][ T5867] ======================================================= [ 73.034360][ T5867] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1 (5867) [ 73.278211][ T5871] loop1: detected capacity change from 0 to 32768 [ 73.302260][ T5867] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 73.314742][ T5867] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 73.324200][ T5867] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 73.334275][ T5867] BTRFS info (device loop0): force zstd compression, level 3 [ 73.342209][ T5867] BTRFS info (device loop0): turning on sync discard [ 73.350578][ T5867] BTRFS info (device loop0): force clearing of disk cache [ 73.358148][ T5867] BTRFS info (device loop0): enabling disk space caching [ 73.366039][ T5867] BTRFS info (device loop0): turning off discard [ 73.372500][ T5867] BTRFS info (device loop0): disk space caching is enabled [ 73.386443][ T5874] loop3: detected capacity change from 0 to 4096 [ 73.408134][ T5871] gfs2: fsid=@&: Trying to join cluster "lock_nolock", "@&" [ 73.416398][ T5871] gfs2: fsid=@&: Now mounting FS (format 0)... [ 73.438040][ T5871] gfs2: fsid=@&.0: fatal: filesystem consistency error [ 73.438040][ T5871] inode = 1 19 [ 73.438040][ T5871] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472 [ 73.459443][ T5871] gfs2: fsid=@&.0: G: s:SH n:2/13 f:qobnN t:SH d:EX/0 a:0 v:0 r:4 m:20 p:1 [ 73.468338][ T5871] gfs2: fsid=@&.0: H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0xdb/0x320 [ 73.477362][ T5871] gfs2: fsid=@&.0: I: n:1/19 t:8 f:0x00 d:0x00000200 s:8388608 p:0 [ 73.485840][ T5871] gfs2: fsid=@&.0: about to withdraw this file system [ 73.493065][ T5871] gfs2: fsid=@&.0: Journal recovery skipped for jid 0 until next mount. [ 73.501940][ T5871] gfs2: fsid=@&.0: Glock dequeues delayed: 0 [ 73.509382][ T5871] gfs2: fsid=@&.0: File system withdrawn [ 73.515486][ T5871] CPU: 0 PID: 5871 Comm: syz.1.2 Not tainted syzkaller #0 [ 73.522977][ T5871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 73.533265][ T5871] Call Trace: [ 73.536928][ T5871] [ 73.539904][ T5871] dump_stack_lvl+0x16c/0x230 [ 73.544624][ T5871] ? kobject_uevent_env+0x363/0x8c0 [ 73.550297][ T5871] ? show_regs_print_info+0x20/0x20 [ 73.555719][ T5871] ? load_image+0x3b0/0x3b0 [ 73.560257][ T5871] ? kobject_uevent_env+0x363/0x8c0 [ 73.565679][ T5871] gfs2_withdraw+0xe50/0x13b0 [ 73.570415][ T5871] ? gfs2_lm+0x220/0x220 [ 73.574704][ T5871] ? make_kgid+0x1ae/0x640 [ 73.579188][ T5871] ? gfs2_consist_inode_i+0xf5/0x110 [ 73.584612][ T5871] gfs2_inode_refresh+0xb83/0xff0 [ 73.589690][ T5871] ? gfs2_inode_metasync+0xf0/0xf0 [ 73.595051][ T5871] ? gfs2_glock_nq+0xd4f/0x1420 [ 73.599942][ T5871] gfs2_instantiate+0x162/0x220 [ 73.605041][ T5871] gfs2_glock_wait+0x1d4/0x2a0 [ 73.609939][ T5871] init_journal+0xc6e/0x2260 [ 73.614562][ T5871] ? init_inodes+0xdb/0x320 [ 73.619369][ T5871] ? _compound_head+0x120/0x120 [ 73.624250][ T5871] ? vsnprintf+0x1957/0x1a40 [ 73.628860][ T5871] ? snprintf+0xdb/0x120 [ 73.633277][ T5871] ? init_inodes+0xdb/0x320 [ 73.637983][ T5871] ? vscnprintf+0x80/0x80 [ 73.642341][ T5871] ? gfs2_glock_nq_num+0x183/0x1c0 [ 73.648082][ T5871] init_inodes+0xdb/0x320 [ 73.652686][ T5871] gfs2_fill_super+0x1815/0x1f80 [ 73.657738][ T5871] ? gfs2_reconfigure+0xb10/0xb10 [ 73.663118][ T5871] ? init_locking+0xb8/0x200 [ 73.667800][ T5871] ? setup_bdev_super+0x56b/0x660 [ 73.673095][ T5871] get_tree_bdev+0x3e4/0x510 [ 73.677720][ T5871] ? end_current_label_crit_section+0x170/0x170 [ 73.684129][ T5871] ? gfs2_reconfigure+0xb10/0xb10 [ 73.689266][ T5871] ? setup_bdev_super+0x660/0x660 [ 73.694476][ T5871] gfs2_get_tree+0x51/0x1e0 [ 73.699002][ T5871] vfs_get_tree+0x8c/0x280 [ 73.703508][ T5871] do_new_mount+0x24b/0xa40 [ 73.708203][ T5871] __se_sys_mount+0x2da/0x3c0 [ 73.713052][ T5871] ? __x64_sys_mount+0xc0/0xc0 [ 73.717811][ T5871] ? lockdep_hardirqs_on+0x98/0x150 [ 73.723036][ T5871] ? __x64_sys_mount+0x20/0xc0 [ 73.728008][ T5871] do_syscall_64+0x55/0xb0 [ 73.732723][ T5871] ? clear_bhb_loop+0x40/0x90 [ 73.737481][ T5871] ? clear_bhb_loop+0x40/0x90 [ 73.742347][ T5871] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 73.748435][ T5871] RIP: 0033:0x7f30ad390eea [ 73.753040][ T5871] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.773108][ T5871] RSP: 002b:00007f30ae1a2e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 73.782226][ T5871] RAX: ffffffffffffffda RBX: 00007f30ae1a2ef0 RCX: 00007f30ad390eea [ 73.790387][ T5871] RDX: 0000200000000400 RSI: 0000200000000000 RDI: 00007f30ae1a2eb0 [ 73.799249][ T5871] RBP: 0000200000000400 R08: 00007f30ae1a2ef0 R09: 0000000002a00041 [ 73.807345][ T5871] R10: 0000000002a00041 R11: 0000000000000246 R12: 0000200000000000 [ 73.815344][ T5871] R13: 00007f30ae1a2eb0 R14: 000000000001260e R15: 0000200000000240 [ 73.823433][ T5871] [ 73.830418][ T5871] gfs2: fsid=@&.0: can't acquire journal inode glock: -5 [ 73.835223][ T5867] BTRFS info (device loop0): enabling ssd optimizations [ 73.862488][ T5867] BTRFS info (device loop0): rebuilding free space tree [ 73.992703][ T5867] BTRFS info (device loop0): disabling free space tree [ 74.003112][ T5867] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 74.014680][ T5867] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 74.545854][ T5766] Bluetooth: hci0: command tx timeout [ 74.566804][ T5765] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 74.624730][ T5766] Bluetooth: hci1: command tx timeout [ 74.637782][ T5766] Bluetooth: hci2: command tx timeout [ 74.704721][ T5766] Bluetooth: hci3: command tx timeout [ 74.930162][ T5884] loop2: detected capacity change from 0 to 32768 [ 74.990728][ T5900] loop3: detected capacity change from 0 to 256 [ 75.006418][ T5884] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.7 (5884) [ 75.142478][ T5900] FAT-fs (loop3): Directory bread(block 64) failed [ 75.205585][ T5900] FAT-fs (loop3): Directory bread(block 65) failed [ 75.212693][ T5900] FAT-fs (loop3): Directory bread(block 66) failed [ 75.317240][ T5900] FAT-fs (loop3): Directory bread(block 67) failed [ 75.357098][ T5884] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 75.394276][ T5900] FAT-fs (loop3): Directory bread(block 68) failed [ 75.424129][ T5884] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 75.436702][ T5884] BTRFS info (device loop2): using free space tree [ 75.446093][ T5900] FAT-fs (loop3): Directory bread(block 69) failed [ 75.457363][ T5900] FAT-fs (loop3): Directory bread(block 70) failed [ 75.466667][ T5900] FAT-fs (loop3): Directory bread(block 71) failed [ 75.473368][ T5900] FAT-fs (loop3): Directory bread(block 72) failed [ 75.483662][ T5900] FAT-fs (loop3): Directory bread(block 73) failed [ 75.697906][ T5884] BTRFS info (device loop2): enabling ssd optimizations [ 75.731917][ T5884] BTRFS info (device loop2): auto enabling async discard [ 75.785650][ T5921] loop0: detected capacity change from 0 to 2048 [ 75.917005][ T5925] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 75.962739][ T5884] BTRFS warning (device loop2): failed to trim 1 device(s), last error -512 [ 76.017141][ T5921] NILFS (loop0): error -2 truncating bmap (ino=16) [ 76.088020][ T5761] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 77.289850][ T5936] loop3: detected capacity change from 0 to 32768 [ 77.306377][ T5936] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.19 (5936) [ 77.340640][ T5936] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 77.351908][ T5936] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 77.363004][ T5936] BTRFS info (device loop3): using free space tree [ 77.454673][ T5936] BTRFS info (device loop3): enabling ssd optimizations [ 77.461781][ T5936] BTRFS info (device loop3): auto enabling async discard [ 77.803378][ T5767] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 77.992056][ T5928] syz.0.16: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 78.046683][ T5928] CPU: 1 PID: 5928 Comm: syz.0.16 Not tainted syzkaller #0 [ 78.055721][ T5928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 78.067099][ T5928] Call Trace: [ 78.070859][ T5928] [ 78.073804][ T5928] dump_stack_lvl+0x16c/0x230 [ 78.078527][ T5928] ? show_regs_print_info+0x20/0x20 [ 78.084128][ T5928] ? load_image+0x3b0/0x3b0 [ 78.089132][ T5928] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 78.096604][ T5928] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 78.103165][ T5928] warn_alloc+0x210/0x300 [ 78.107732][ T5928] ? zone_watermark_ok_safe+0x230/0x230 [ 78.114868][ T5928] ? _raw_spin_unlock+0x28/0x40 [ 78.122398][ T5928] ? netlink_rcv_skb+0x216/0x480 [ 78.129246][ T5928] __vmalloc_node_range+0x662/0x1320 [ 78.136096][ T5928] ? __asan_memset+0x22/0x40 [ 78.142587][ T5928] ? free_vm_area+0x50/0x50 [ 78.148127][ T5928] ? kvmalloc_node+0x70/0x180 [ 78.154076][ T5928] ? rcu_is_watching+0x15/0xb0 [ 78.158910][ T5928] ? kvmalloc_node+0x70/0x180 [ 78.165491][ T5928] ? trace_kmalloc+0x1f/0xa0 [ 78.173483][ T5928] kvmalloc_node+0x13f/0x180 [ 78.180231][ T5928] ? hash_ipportnet6_resize+0x28f/0x1e50 [ 78.187131][ T5928] hash_ipportnet6_resize+0x28f/0x1e50 [ 78.195369][ T5928] ? lockdep_hardirqs_on+0x98/0x150 [ 78.203438][ T5928] call_ad+0x43f/0xae0 [ 78.209095][ T5928] ? ip_set_ad+0x930/0x930 [ 78.214909][ T5928] ? __nla_parse+0x40/0x50 [ 78.221007][ T5928] ip_set_ad+0x787/0x930 [ 78.226521][ T5928] ? trace_raw_output_contention_end+0xd0/0xd0 [ 78.235340][ T5928] ? ip_set_dump_done+0x1e0/0x1e0 [ 78.242173][ T5928] ? rcu_is_watching+0x15/0xb0 [ 78.249122][ T5928] nfnetlink_rcv_msg+0xb49/0x1130 [ 78.256522][ T5928] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 78.263750][ T5928] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 78.270725][ T5928] ? nfnetlink_unbind+0x160/0x160 [ 78.277813][ T5928] ? __dev_queue_xmit+0x1a64/0x35a0 [ 78.286133][ T5928] ? __netlink_deliver_tap+0x5ab/0x830 [ 78.293092][ T5928] ? netlink_deliver_tap+0x19c/0x1b0 [ 78.299556][ T5928] ? netlink_unicast+0x72c/0x8d0 [ 78.305683][ T5928] ? netlink_sendmsg+0x8c1/0xbe0 [ 78.311445][ T5928] ? ____sys_sendmsg+0x5bf/0x950 [ 78.317264][ T5928] ? ___sys_sendmsg+0x220/0x290 [ 78.323812][ T5928] ? __se_sys_sendmsg+0x1a5/0x270 [ 78.330969][ T5928] ? do_syscall_64+0x55/0xb0 [ 78.336528][ T5928] netlink_rcv_skb+0x216/0x480 [ 78.342209][ T5928] ? nfnetlink_unbind+0x160/0x160 [ 78.347921][ T5928] ? netlink_ack+0x1110/0x1110 [ 78.353259][ T5928] ? apparmor_capable+0x137/0x1a0 [ 78.358765][ T5928] ? bpf_lsm_capable+0x9/0x10 [ 78.364279][ T5928] ? security_capable+0x89/0xb0 [ 78.370310][ T5928] nfnetlink_rcv+0x274/0x2180 [ 78.375312][ T5928] ? __local_bh_enable_ip+0x12e/0x1c0 [ 78.380916][ T5928] ? lockdep_hardirqs_on+0x98/0x150 [ 78.386774][ T5928] ? __local_bh_enable_ip+0x12e/0x1c0 [ 78.393319][ T5928] ? _local_bh_enable+0xa0/0xa0 [ 78.399263][ T5928] ? __dev_queue_xmit+0x245/0x35a0 [ 78.405304][ T5928] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 78.411183][ T5928] ? __dev_queue_xmit+0x245/0x35a0 [ 78.416892][ T5928] ? ref_tracker_free+0x634/0x7d0 [ 78.423016][ T5928] ? __copy_skb_header+0xa7/0x550 [ 78.424967][ T5966] netlink: 104 bytes leftover after parsing attributes in process `syz.1.25'. [ 78.428261][ T5928] ? refcount_inc+0x70/0x70 [ 78.443470][ T5928] ? __skb_clone+0x63/0x790 [ 78.448713][ T5928] ? __skb_clone+0x480/0x790 [ 78.453625][ T5928] ? __netlink_deliver_tap+0x7e8/0x830 [ 78.459901][ T5928] ? netlink_deliver_tap+0x2e/0x1b0 [ 78.465959][ T5928] ? __lock_acquire+0x7c80/0x7c80 [ 78.471102][ T5928] ? netlink_deliver_tap+0x2e/0x1b0 [ 78.476515][ T5928] netlink_unicast+0x751/0x8d0 [ 78.481330][ T5928] netlink_sendmsg+0x8c1/0xbe0 [ 78.486924][ T5928] ? netlink_getsockopt+0x580/0x580 [ 78.492845][ T5928] ? aa_sock_msg_perm+0x94/0x150 [ 78.498309][ T5928] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 78.504078][ T5928] ? security_socket_sendmsg+0x80/0xa0 [ 78.510389][ T5928] ? netlink_getsockopt+0x580/0x580 [ 78.516065][ T5928] ____sys_sendmsg+0x5bf/0x950 [ 78.521508][ T5928] ? __asan_memset+0x22/0x40 [ 78.526396][ T5928] ? __sys_sendmsg_sock+0x30/0x30 [ 78.531808][ T5928] ? __import_iovec+0x5f2/0x860 [ 78.537355][ T5928] ? import_iovec+0x73/0xa0 [ 78.542160][ T5928] ___sys_sendmsg+0x220/0x290 [ 78.547397][ T5928] ? __sys_sendmsg+0x270/0x270 [ 78.552334][ T5928] __se_sys_sendmsg+0x1a5/0x270 [ 78.557404][ T5928] ? __x64_sys_sendmsg+0x80/0x80 [ 78.564605][ T5928] ? lockdep_hardirqs_on+0x98/0x150 [ 78.571563][ T5928] do_syscall_64+0x55/0xb0 [ 78.576606][ T5928] ? clear_bhb_loop+0x40/0x90 [ 78.581700][ T5928] ? clear_bhb_loop+0x40/0x90 [ 78.586947][ T5928] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 78.593732][ T5928] RIP: 0033:0x7f06a358f749 [ 78.594237][ T5964] loop2: detected capacity change from 0 to 32768 [ 78.599385][ T5928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.599407][ T5928] RSP: 002b:00007f06a43d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 78.599426][ T5928] RAX: ffffffffffffffda RBX: 00007f06a37e5fa0 RCX: 00007f06a358f749 [ 78.599437][ T5928] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000005 [ 78.599447][ T5928] RBP: 00007f06a3613f91 R08: 0000000000000000 R09: 0000000000000000 [ 78.599457][ T5928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 78.599466][ T5928] R13: 00007f06a37e6038 R14: 00007f06a37e5fa0 R15: 00007ffc67348b28 [ 78.599491][ T5928] [ 78.636381][ T5964] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.23 (5964) [ 78.652832][ T5928] Mem-Info: [ 78.797893][ T5964] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 78.811027][ T5964] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 78.839702][ T5964] BTRFS info (device loop2): using free space tree [ 78.850439][ T5928] active_anon:10759 inactive_anon:0 isolated_anon:0 [ 78.850439][ T5928] active_file:1099 inactive_file:39877 isolated_file:0 [ 78.850439][ T5928] unevictable:768 dirty:1719 writeback:13 [ 78.850439][ T5928] slab_reclaimable:10169 slab_unreclaimable:92425 [ 78.850439][ T5928] mapped:25125 shmem:6488 pagetables:573 [ 78.850439][ T5928] sec_pagetables:0 bounce:0 [ 78.850439][ T5928] kernel_misc_reclaimable:0 [ 78.850439][ T5928] free:1359783 free_pcp:8354 free_cma:0 [ 78.861110][ T5970] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 78.926573][ T5928] Node 0 active_anon:43236kB inactive_anon:0kB active_file:4396kB inactive_file:159408kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100600kB dirty:6868kB writeback:52kB shmem:24516kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11356kB pagetables:2292kB sec_pagetables:0kB all_unreclaimable? no [ 78.985477][ T5928] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 79.033165][ T5928] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 79.125743][ T5964] BTRFS info (device loop2): enabling ssd optimizations [ 79.133128][ T5964] BTRFS info (device loop2): auto enabling async discard [ 79.154001][ T5928] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 79.160943][ T5928] Node 0 DMA32 free:1523276kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:50184kB inactive_anon:0kB active_file:4396kB inactive_file:158304kB unevictable:1536kB writepending:6900kB present:3129332kB managed:2589640kB mlocked:0kB bounce:0kB free_pcp:9152kB local_pcp:5012kB free_cma:0kB [ 79.202882][ T5928] lowmem_reserve[]: 0 0 1 1 1 [ 79.211228][ T5928] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:12kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 79.246999][ T5928] lowmem_reserve[]: 0 0 0 0 0 [ 79.252135][ T5928] Node 1 Normal free:3893460kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:8kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23452kB local_pcp:11168kB free_cma:0kB [ 79.365080][ T5928] lowmem_reserve[]: 0 0 0 0 0 [ 79.373818][ T5928] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 79.438442][ T5928] Node 0 DMA32: 116*4kB (UE) 873*8kB (UME) 242*16kB (U) 2*32kB (ME) 1*64kB (E) 0*128kB 2*256kB (ME) 13*512kB (UME) 8*1024kB (UM) 6*2048kB (ME) 362*4096kB (M) = 1521848kB [ 79.459602][ T5761] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 79.521436][ T5928] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 79.571500][ T5928] Node 1 Normal: 199*4kB (UME) 63*8kB (UME) 36*16kB (UME) 48*32kB (UME) 14*64kB (UME) 4*128kB (UME) 2*256kB (UM) 2*512kB (UE) 2*1024kB (UE) 1*2048kB (E) 948*4096kB (M) = 3893460kB [ 79.609555][ T5928] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 79.654816][ T5928] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 79.684137][ T5928] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 79.698727][ T5928] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 79.709763][ T5928] 47381 total pagecache pages [ 79.724929][ T5928] 0 pages in swap cache [ 79.734915][ T5928] Free swap = 124996kB [ 79.756893][ T5928] Total swap = 124996kB [ 79.772468][ T5928] 2097051 pages RAM [ 79.783403][ T5928] 0 pages HighMem/MovableOnly [ 79.786173][ T5774] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop2 scanned by udevd (5774) [ 79.800986][ T5928] 416127 pages reserved [ 79.811292][ T5928] 0 pages cma reserved [ 79.907892][ T5999] binder: 5998:5999 ioctl c0306201 200000000680 returned -14 [ 80.073975][ T6002] binder: 6001:6002 unknown command 0 [ 80.094331][ T6002] binder: 6001:6002 ioctl c0306201 200000004a40 returned -22 [ 80.435450][ T6012] loop2: detected capacity change from 0 to 4096 [ 80.456200][ T6012] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 80.491205][ T6012] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 80.814791][ T6018] netlink: 20 bytes leftover after parsing attributes in process `syz.3.39'. [ 81.126227][ T6020] loop2: detected capacity change from 0 to 32768 [ 81.178167][ T6020] JBD2: Ignoring recovery information on journal [ 81.181245][ T6022] netlink: 4 bytes leftover after parsing attributes in process `syz.3.40'. [ 81.198367][ T6022] veth1_to_bond: entered promiscuous mode [ 81.232342][ T6022] veth1_to_bond: entered allmulticast mode [ 81.261834][ T6020] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 81.327155][ T6027] veth1_to_bond: left promiscuous mode [ 81.351021][ T6027] veth1_to_bond: left allmulticast mode [ 81.422725][ T5761] ocfs2: Unmounting device (7,2) on (node local) [ 81.498648][ T6015] loop0: detected capacity change from 0 to 32768 [ 81.536464][ T6029] loop1: detected capacity change from 0 to 128 [ 81.549442][ T6015] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 81.634848][ T6032] syzkaller0: entered promiscuous mode [ 81.700522][ T6032] syzkaller0: entered allmulticast mode [ 81.708797][ T6029] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 81.797923][ T6029] ext4 filesystem being mounted at /6/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 81.849460][ T42] cfg80211: failed to load regulatory.db [ 81.967618][ T5778] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 81.991993][ T5764] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 82.237180][ T6047] loop1: detected capacity change from 0 to 2048 [ 82.258621][ T6047] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 82.268749][ T6047] NILFS (loop1): too large filesystem blocksize: 2 ^ 347668480 KiB [ 82.315524][ T6045] loop8: detected capacity change from 0 to 8 [ 82.357506][ T6045] Dev loop8: unable to read RDB block 8 [ 82.394021][ T6045] loop8: unable to read partition table [ 82.413192][ T5774] udevd[5774]: incorrect nilfs2 checksum on /dev/loop1 [ 82.445379][ T6045] loop8: partition table beyond EOD, truncated [ 82.490690][ T6045] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 82.560804][ T6047] loop1: detected capacity change from 0 to 32768 [ 82.583763][ T6047] (syz.1.48,6047,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 82.602120][ T6047] (syz.1.48,6047,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 82.666589][ T6047] JBD2: Ignoring recovery information on journal [ 82.746377][ T6047] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 82.787300][ T6047] (syz.1.48,6047,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0x7b88ddff. Applying ECC. [ 82.803691][ T6047] (syz.1.48,6047,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x98842a5e, computed 0x6bfa06d7 [ 82.816538][ T6047] (syz.1.48,6047,1):ocfs2_read_virt_blocks:1027 ERROR: status = -5 [ 82.824607][ T6047] (syz.1.48,6047,1):ocfs2_read_quota_block:150 ERROR: status = -5 [ 82.834046][ T6047] (syz.1.48,6047,1):ocfs2_local_check_quota_file:209 ERROR: status = -5 [ 82.842829][ T6047] (syz.1.48,6047,1):ocfs2_local_check_quota_file:211 ERROR: failed to read global quota file header (type=1) [ 82.856093][ T6047] (syz.1.48,6047,1):ocfs2_enable_quotas:939 ERROR: status = -22 [ 82.865289][ T6047] (syz.1.48,6047,1):ocfs2_fill_super:1145 ERROR: status = -22 [ 82.931885][ T6047] ocfs2: Unmounting device (7,1) on (node local) [ 83.279456][ T6055] loop0: detected capacity change from 0 to 2048 [ 83.291897][ T6053] loop1: detected capacity change from 0 to 4096 [ 83.326168][ T6053] ntfs3: Unknown parameter 'sheta' [ 83.337618][ T6055] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 83.830489][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 84.646194][ T6070] loop1: detected capacity change from 0 to 65536 [ 84.734357][ T6070] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 84.805334][ T6070] XFS (loop1): Ending clean mount [ 84.895964][ T5764] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 84.986652][ T6068] loop3: detected capacity change from 0 to 32768 [ 85.005085][ T6068] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 85.276900][ T5756] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 85.981954][ T6104] loop0: detected capacity change from 0 to 512 [ 86.574255][ T6108] loop3: detected capacity change from 0 to 32768 [ 86.617684][ T6108] XFS (loop3): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 86.729428][ T6108] XFS (loop3): Starting recovery (logdev: internal) [ 86.767009][ T6108] XFS (loop3): Ending recovery (logdev: internal) [ 86.866641][ T5767] XFS (loop3): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 87.491407][ T6120] loop0: detected capacity change from 0 to 32768 [ 87.520689][ T6120] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 87.656020][ T5774] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 87.899797][ T6126] loop1: detected capacity change from 0 to 32768 [ 87.927774][ T6126] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 88.264829][ T6137] loop0: detected capacity change from 0 to 32768 [ 88.302708][ T6137] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.77 (6137) [ 88.333255][ T6137] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 88.343683][ T6137] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 88.353501][ T6137] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 88.363305][ T6137] BTRFS info (device loop0): use zstd compression, level 3 [ 88.367886][ T5756] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 88.370874][ T6137] BTRFS info (device loop0): using free space tree [ 88.508597][ T6137] BTRFS info (device loop0): enabling ssd optimizations [ 88.516183][ T6137] BTRFS info (device loop0): auto enabling async discard [ 88.720191][ T5765] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 89.340532][ T6163] loop1: detected capacity change from 0 to 32768 [ 89.391935][ T6163] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 89.502957][ T5774] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 90.953325][ T6174] loop0: detected capacity change from 0 to 32768 [ 90.977783][ T6174] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 91.249937][ T5774] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 91.449823][ T6170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.85'. [ 91.675432][ T6181] loop2: detected capacity change from 0 to 128 [ 91.714021][ T6184] loop0: detected capacity change from 0 to 512 [ 91.755897][ T6181] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 91.772607][ T6184] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2249: inode #15: comm syz.0.92: corrupted in-inode xattr: bad e_name length [ 91.786736][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.795295][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.819324][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 91.914614][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 91.994822][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.020712][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 92.052233][ T6184] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.92: couldn't read orphan inode 15 (err -117) [ 92.118987][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 92.128628][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 92.160736][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 92.221462][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 92.468377][ T6184] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.648222][ T6184] EXT4-fs warning (device loop0): dx_probe:893: inode #2: comm syz.0.92: dx entry: limit 0 != root limit 125 [ 92.660505][ T6184] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.92: Corrupt directory, running e2fsck is recommended [ 92.673951][ T6184] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 3: comm syz.0.92: path /23/file7: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0 [ 92.866826][ T6186] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 92.902755][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.282988][ T6203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.98'. [ 93.307744][ T6199] loop2: detected capacity change from 0 to 32768 [ 93.308441][ T6203] netlink: 12 bytes leftover after parsing attributes in process `syz.1.98'. [ 93.336114][ T6199] gfs2: fsid=@&: Trying to join cluster "lock_nolock", "@&" [ 93.343975][ T6199] gfs2: fsid=@&: Now mounting FS (format 0)... [ 93.375298][ T6199] gfs2: fsid=@&.0: fatal: filesystem consistency error [ 93.375298][ T6199] inode = 1 19 [ 93.375298][ T6199] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472 [ 93.396617][ T6199] gfs2: fsid=@&.0: G: s:SH n:2/13 f:qobnN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 93.403829][ T6203] netlink: 'syz.1.98': attribute type 18 has an invalid length. [ 93.411702][ T6199] gfs2: fsid=@&.0: H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0xdb/0x320 [ 93.411776][ T6199] gfs2: fsid=@&.0: I: n:1/19 t:8 f:0x00 d:0x00000200 s:8388608 p:0 [ 93.411810][ T6199] gfs2: fsid=@&.0: about to withdraw this file system [ 93.411823][ T6199] gfs2: fsid=@&.0: Journal recovery skipped for jid 0 until next mount. [ 93.411832][ T6199] gfs2: fsid=@&.0: Glock dequeues delayed: 0 [ 93.416160][ T6199] gfs2: fsid=@&.0: File system withdrawn [ 93.471208][ T6199] CPU: 1 PID: 6199 Comm: syz.2.95 Not tainted syzkaller #0 [ 93.479021][ T6199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 93.489472][ T6199] Call Trace: [ 93.492883][ T6199] [ 93.496026][ T6199] dump_stack_lvl+0x16c/0x230 [ 93.501288][ T6199] ? kobject_uevent_env+0x363/0x8c0 [ 93.506634][ T6199] ? show_regs_print_info+0x20/0x20 [ 93.512138][ T6199] ? load_image+0x3b0/0x3b0 [ 93.516882][ T6199] ? kobject_uevent_env+0x363/0x8c0 [ 93.517322][ T6207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 93.522288][ T6199] gfs2_withdraw+0xe50/0x13b0 [ 93.522336][ T6199] ? gfs2_lm+0x220/0x220 [ 93.522358][ T6199] ? make_kgid+0x1ae/0x640 [ 93.522382][ T6199] ? gfs2_consist_inode_i+0xf5/0x110 [ 93.551820][ T6199] gfs2_inode_refresh+0xb83/0xff0 [ 93.556893][ T6199] ? gfs2_inode_metasync+0xf0/0xf0 [ 93.562128][ T6199] ? gfs2_glock_nq+0xd4f/0x1420 [ 93.567224][ T6199] gfs2_instantiate+0x162/0x220 [ 93.572502][ T6199] gfs2_glock_wait+0x1d4/0x2a0 [ 93.577409][ T6199] init_journal+0xc6e/0x2260 [ 93.582329][ T6199] ? init_inodes+0xdb/0x320 [ 93.586873][ T6199] ? _compound_head+0x120/0x120 [ 93.591726][ T6199] ? vsnprintf+0x1957/0x1a40 [ 93.596417][ T6199] ? snprintf+0xdb/0x120 [ 93.600860][ T6199] ? init_inodes+0xdb/0x320 [ 93.605380][ T6199] ? vscnprintf+0x80/0x80 [ 93.609864][ T6199] ? gfs2_glock_nq_num+0x183/0x1c0 [ 93.615077][ T6199] init_inodes+0xdb/0x320 [ 93.619438][ T6199] gfs2_fill_super+0x1815/0x1f80 [ 93.624407][ T6199] ? gfs2_reconfigure+0xb10/0xb10 [ 93.629710][ T6199] ? init_locking+0xb8/0x200 [ 93.634836][ T6199] ? setup_bdev_super+0x56b/0x660 [ 93.639947][ T6199] get_tree_bdev+0x3e4/0x510 [ 93.644544][ T6199] ? end_current_label_crit_section+0x170/0x170 [ 93.650873][ T6199] ? gfs2_reconfigure+0xb10/0xb10 [ 93.655925][ T6199] ? setup_bdev_super+0x660/0x660 [ 93.662182][ T6199] gfs2_get_tree+0x51/0x1e0 [ 93.666697][ T6199] vfs_get_tree+0x8c/0x280 [ 93.671110][ T6199] do_new_mount+0x24b/0xa40 [ 93.675718][ T6199] __se_sys_mount+0x2da/0x3c0 [ 93.680457][ T6199] ? __x64_sys_mount+0xc0/0xc0 [ 93.685407][ T6199] ? lockdep_hardirqs_on+0x98/0x150 [ 93.690786][ T6199] ? __x64_sys_mount+0x20/0xc0 [ 93.695757][ T6199] do_syscall_64+0x55/0xb0 [ 93.700361][ T6199] ? clear_bhb_loop+0x40/0x90 [ 93.705222][ T6199] ? clear_bhb_loop+0x40/0x90 [ 93.710957][ T6199] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 93.717033][ T6199] RIP: 0033:0x7faf11590eea [ 93.721474][ T6199] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.742743][ T6199] RSP: 002b:00007faf123e6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 93.751609][ T6199] RAX: ffffffffffffffda RBX: 00007faf123e6ef0 RCX: 00007faf11590eea [ 93.759839][ T6199] RDX: 0000200000000400 RSI: 0000200000000000 RDI: 00007faf123e6eb0 [ 93.768328][ T6199] RBP: 0000200000000400 R08: 00007faf123e6ef0 R09: 0000000002a00041 [ 93.776569][ T6199] R10: 0000000002a00041 R11: 0000000000000246 R12: 0000200000000000 [ 93.784887][ T6199] R13: 00007faf123e6eb0 R14: 000000000001260e R15: 0000200000000240 [ 93.793222][ T6199] [ 93.798083][ T6199] gfs2: fsid=@&.0: can't acquire journal inode glock: -5 [ 93.966022][ T6207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 95.190594][ T5770] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 95.431993][ T5770] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 95.454717][ T5770] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 95.481082][ T5770] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 95.511681][ T5770] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.564183][ T6225] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 95.603695][ T5770] usb 2-1: Quirk or no altest; falling back to MIDI 1.0 [ 95.985199][ T5770] usb 2-1: USB disconnect, device number 2 [ 96.091815][ T6237] loop0: detected capacity change from 0 to 32768 [ 96.123620][ T6237] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 96.156456][ T6234] loop2: detected capacity change from 0 to 32768 [ 96.186099][ T6234] gfs2: fsid=@&: Trying to join cluster "lock_nolock", "@&" [ 96.203625][ T6234] gfs2: fsid=@&: Now mounting FS (format 0)... [ 96.278078][ T6234] gfs2: fsid=@&.0: fatal: filesystem consistency error [ 96.278078][ T6234] inode = 1 19 [ 96.278078][ T6234] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472 [ 96.365217][ T6234] gfs2: fsid=@&.0: G: s:SH n:2/13 f:qobnN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 96.374148][ T6234] gfs2: fsid=@&.0: H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0xdb/0x320 [ 96.399002][ T5756] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 96.444699][ T6234] gfs2: fsid=@&.0: I: n:1/19 t:8 f:0x00 d:0x00000200 s:8388608 p:0 [ 96.452768][ T6234] gfs2: fsid=@&.0: about to withdraw this file system [ 96.521610][ T6234] gfs2: fsid=@&.0: Journal recovery skipped for jid 0 until next mount. [ 96.584326][ T6234] gfs2: fsid=@&.0: Glock dequeues delayed: 0 [ 96.627000][ T6234] gfs2: fsid=@&.0: File system withdrawn [ 96.692121][ T6234] CPU: 0 PID: 6234 Comm: syz.2.109 Not tainted syzkaller #0 [ 96.699590][ T6234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 96.702382][ T6242] loop0: detected capacity change from 0 to 40427 [ 96.709796][ T6234] Call Trace: [ 96.709807][ T6234] [ 96.709815][ T6234] dump_stack_lvl+0x16c/0x230 [ 96.709846][ T6234] ? kobject_uevent_env+0x363/0x8c0 [ 96.709867][ T6234] ? show_regs_print_info+0x20/0x20 [ 96.709891][ T6234] ? load_image+0x3b0/0x3b0 [ 96.745815][ T6234] ? kobject_uevent_env+0x363/0x8c0 [ 96.751330][ T6234] gfs2_withdraw+0xe50/0x13b0 [ 96.756814][ T6234] ? gfs2_lm+0x220/0x220 [ 96.761540][ T6234] ? make_kgid+0x1ae/0x640 [ 96.766016][ T6234] ? gfs2_consist_inode_i+0xf5/0x110 [ 96.771785][ T6234] gfs2_inode_refresh+0xb83/0xff0 [ 96.776857][ T6234] ? gfs2_inode_metasync+0xf0/0xf0 [ 96.782100][ T6234] ? gfs2_glock_nq+0xd4f/0x1420 [ 96.787094][ T6234] gfs2_instantiate+0x162/0x220 [ 96.792082][ T6234] gfs2_glock_wait+0x1d4/0x2a0 [ 96.796992][ T6234] init_journal+0xc6e/0x2260 [ 96.802241][ T6234] ? init_inodes+0xdb/0x320 [ 96.806787][ T6234] ? _compound_head+0x120/0x120 [ 96.811759][ T6234] ? vsnprintf+0x1957/0x1a40 [ 96.816396][ T6234] ? snprintf+0xdb/0x120 [ 96.820943][ T6234] ? init_inodes+0xdb/0x320 [ 96.825744][ T6234] ? vscnprintf+0x80/0x80 [ 96.830108][ T6234] ? gfs2_glock_nq_num+0x183/0x1c0 [ 96.835258][ T6234] init_inodes+0xdb/0x320 [ 96.839712][ T6234] gfs2_fill_super+0x1815/0x1f80 [ 96.844778][ T6234] ? gfs2_reconfigure+0xb10/0xb10 [ 96.849928][ T6234] ? init_locking+0xb8/0x200 [ 96.854826][ T6234] ? setup_bdev_super+0x56b/0x660 [ 96.859879][ T6234] get_tree_bdev+0x3e4/0x510 [ 96.864504][ T6234] ? end_current_label_crit_section+0x170/0x170 [ 96.870880][ T6234] ? gfs2_reconfigure+0xb10/0xb10 [ 96.875955][ T6234] ? setup_bdev_super+0x660/0x660 [ 96.881278][ T6234] gfs2_get_tree+0x51/0x1e0 [ 96.885872][ T6234] vfs_get_tree+0x8c/0x280 [ 96.890421][ T6234] do_new_mount+0x24b/0xa40 [ 96.895052][ T6234] __se_sys_mount+0x2da/0x3c0 [ 96.896601][ T6242] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 96.899744][ T6234] ? __x64_sys_mount+0xc0/0xc0 [ 96.899772][ T6234] ? lockdep_hardirqs_on+0x98/0x150 [ 96.899791][ T6234] ? __x64_sys_mount+0x20/0xc0 [ 96.899807][ T6234] do_syscall_64+0x55/0xb0 [ 96.899822][ T6234] ? clear_bhb_loop+0x40/0x90 [ 96.899840][ T6234] ? clear_bhb_loop+0x40/0x90 [ 96.899859][ T6234] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 96.899876][ T6234] RIP: 0033:0x7faf11590eea [ 96.899893][ T6234] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.899905][ T6234] RSP: 002b:00007faf123e6e68 EFLAGS: 00000246 [ 96.908052][ T6242] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 96.912639][ T6234] ORIG_RAX: 00000000000000a5 [ 96.994474][ T6234] RAX: ffffffffffffffda RBX: 00007faf123e6ef0 RCX: 00007faf11590eea [ 97.003005][ T6234] RDX: 0000200000000400 RSI: 0000200000000000 RDI: 00007faf123e6eb0 [ 97.011617][ T6234] RBP: 0000200000000400 R08: 00007faf123e6ef0 R09: 0000000002a00041 [ 97.019632][ T6234] R10: 0000000002a00041 R11: 0000000000000246 R12: 0000200000000000 [ 97.027995][ T6234] R13: 00007faf123e6eb0 R14: 000000000001260e R15: 0000200000000240 [ 97.036191][ T6234] [ 97.058256][ T6242] F2FS-fs (loop0): invalid crc value [ 97.064161][ T6234] gfs2: fsid=@&.0: can't acquire journal inode glock: -5 [ 97.103065][ T6242] F2FS-fs (loop0): Found nat_bits in checkpoint [ 97.147836][ T6249] pim6reg: entered allmulticast mode [ 97.192526][ T6242] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 97.200359][ T6242] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 97.855802][ T6264] loop2: detected capacity change from 0 to 64 [ 99.340351][ T6285] loop0: detected capacity change from 0 to 32768 [ 99.416023][ T6285] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 99.663645][ T5774] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 100.001038][ T6298] loop0: detected capacity change from 0 to 512 [ 100.064495][ T6292] loop1: detected capacity change from 0 to 32768 [ 100.080325][ T6292] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 100.081471][ T6298] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 100.088638][ T6292] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 100.150508][ T6292] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 100.213829][ T6292] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 100.255961][ T6298] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 100.302561][ T6284] loop2: detected capacity change from 0 to 32768 [ 100.332782][ T6284] gfs2: fsid=@&: Trying to join cluster "lock_nolock", "@&" [ 100.341459][ T6284] gfs2: fsid=@&: Now mounting FS (format 0)... [ 100.382454][ T6284] gfs2: fsid=@&.0: fatal: filesystem consistency error [ 100.382454][ T6284] inode = 1 19 [ 100.382454][ T6284] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472 [ 100.452974][ T6298] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 100.491016][ T6284] gfs2: fsid=@&.0: G: s:SH n:2/13 f:qobnN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 100.508363][ T6298] EXT4-fs (loop0): 1 truncate cleaned up [ 100.520881][ T6298] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.531072][ T6284] gfs2: fsid=@&.0: H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0xdb/0x320 [ 100.586524][ T6284] gfs2: fsid=@&.0: I: n:1/19 t:8 f:0x00 d:0x00000200 s:8388608 p:0 [ 100.628098][ T6284] gfs2: fsid=@&.0: about to withdraw this file system [ 100.668660][ T6284] gfs2: fsid=@&.0: Journal recovery skipped for jid 0 until next mount. [ 100.694624][ T6284] gfs2: fsid=@&.0: Glock dequeues delayed: 0 [ 100.711715][ T6284] gfs2: fsid=@&.0: File system withdrawn [ 100.731031][ T6284] CPU: 0 PID: 6284 Comm: syz.2.129 Not tainted syzkaller #0 [ 100.738639][ T6284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 100.748724][ T6284] Call Trace: [ 100.752153][ T6284] [ 100.755097][ T6284] dump_stack_lvl+0x16c/0x230 [ 100.759822][ T6284] ? kobject_uevent_env+0x363/0x8c0 [ 100.765218][ T6284] ? show_regs_print_info+0x20/0x20 [ 100.770534][ T6284] ? load_image+0x3b0/0x3b0 [ 100.775060][ T6284] ? kobject_uevent_env+0x363/0x8c0 [ 100.780413][ T6284] gfs2_withdraw+0xe50/0x13b0 [ 100.785231][ T6284] ? gfs2_lm+0x220/0x220 [ 100.789856][ T6284] ? make_kgid+0x1ae/0x640 [ 100.794299][ T6284] ? gfs2_consist_inode_i+0xf5/0x110 [ 100.799702][ T6284] gfs2_inode_refresh+0xb83/0xff0 [ 100.804926][ T6284] ? gfs2_inode_metasync+0xf0/0xf0 [ 100.810173][ T6284] ? gfs2_glock_nq+0xd4f/0x1420 [ 100.815258][ T6284] gfs2_instantiate+0x162/0x220 [ 100.820325][ T6284] gfs2_glock_wait+0x1d4/0x2a0 [ 100.825230][ T6284] init_journal+0xc6e/0x2260 [ 100.830139][ T6284] ? init_inodes+0xdb/0x320 [ 100.834781][ T6284] ? _compound_head+0x120/0x120 [ 100.840127][ T6284] ? vsnprintf+0x1957/0x1a40 [ 100.845025][ T6284] ? snprintf+0xdb/0x120 [ 100.849481][ T6284] ? init_inodes+0xdb/0x320 [ 100.854104][ T6284] ? vscnprintf+0x80/0x80 [ 100.858460][ T6284] ? gfs2_glock_nq_num+0x183/0x1c0 [ 100.863618][ T6284] init_inodes+0xdb/0x320 [ 100.868154][ T6284] gfs2_fill_super+0x1815/0x1f80 [ 100.873269][ T6284] ? gfs2_reconfigure+0xb10/0xb10 [ 100.878866][ T6284] ? init_locking+0xb8/0x200 [ 100.883651][ T6284] ? setup_bdev_super+0x56b/0x660 [ 100.889927][ T6284] get_tree_bdev+0x3e4/0x510 [ 100.894833][ T6284] ? end_current_label_crit_section+0x170/0x170 [ 100.901530][ T6284] ? gfs2_reconfigure+0xb10/0xb10 [ 100.906856][ T6284] ? setup_bdev_super+0x660/0x660 [ 100.912216][ T6284] gfs2_get_tree+0x51/0x1e0 [ 100.916940][ T6284] vfs_get_tree+0x8c/0x280 [ 100.921420][ T6284] do_new_mount+0x24b/0xa40 [ 100.926096][ T6284] __se_sys_mount+0x2da/0x3c0 [ 100.930908][ T6284] ? __x64_sys_mount+0xc0/0xc0 [ 100.936070][ T6284] ? lockdep_hardirqs_on+0x98/0x150 [ 100.942245][ T6284] ? __x64_sys_mount+0x20/0xc0 [ 100.946169][ T6310] loop1: detected capacity change from 0 to 32768 [ 100.947364][ T6284] do_syscall_64+0x55/0xb0 [ 100.958823][ T6284] ? clear_bhb_loop+0x40/0x90 [ 100.964339][ T6284] ? clear_bhb_loop+0x40/0x90 [ 100.969055][ T6284] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 100.975252][ T6284] RIP: 0033:0x7faf11590eea [ 100.979699][ T6284] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.001018][ T6284] RSP: 002b:00007faf123e6e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 101.010258][ T6284] RAX: ffffffffffffffda RBX: 00007faf123e6ef0 RCX: 00007faf11590eea [ 101.019491][ T6284] RDX: 0000200000000400 RSI: 0000200000000000 RDI: 00007faf123e6eb0 [ 101.028098][ T6284] RBP: 0000200000000400 R08: 00007faf123e6ef0 R09: 0000000002a00041 [ 101.032151][ T6310] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 101.036523][ T6284] R10: 0000000002a00041 R11: 0000000000000246 R12: 0000200000000000 [ 101.036543][ T6284] R13: 00007faf123e6eb0 R14: 000000000001260e R15: 0000200000000240 [ 101.036567][ T6284] [ 101.108835][ T6284] gfs2: fsid=@&.0: can't acquire journal inode glock: -5 [ 101.199044][ T5756] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 101.329956][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.408081][ T6339] CUSE: unknown device info "/dev/cuse" [ 102.414148][ T6339] CUSE: DEVNAME unspecified [ 102.872590][ T6343] loop2: detected capacity change from 0 to 32768 [ 102.887089][ T6343] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 102.897720][ T6343] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 102.906545][ T6343] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 102.916199][ T6343] BTRFS info (device loop2): force zstd compression, level 3 [ 102.923798][ T6343] BTRFS info (device loop2): turning on sync discard [ 102.931477][ T6343] BTRFS info (device loop2): force clearing of disk cache [ 102.939054][ T6343] BTRFS info (device loop2): enabling disk space caching [ 102.949649][ T6343] BTRFS info (device loop2): turning off discard [ 102.956174][ T6343] BTRFS info (device loop2): disk space caching is enabled [ 103.079340][ T6343] BTRFS info (device loop2): enabling ssd optimizations [ 103.087583][ T6343] BTRFS info (device loop2): rebuilding free space tree [ 103.104370][ T6343] BTRFS info (device loop2): disabling free space tree [ 103.111638][ T6343] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 103.121727][ T6343] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 103.238327][ T6354] kvm: pic: non byte write [ 103.249828][ T5761] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 103.626764][ T6377] x_tables: ip_tables: osf match: only valid for protocol 6 [ 103.949948][ T6388] Zero length message leads to an empty skb [ 104.938603][ T6415] process 'syz.3.173' launched './file0' with NULL argv: empty string added [ 105.769453][ T6422] overlayfs: failed to clone upperpath [ 106.075649][ T6430] netlink: 28 bytes leftover after parsing attributes in process `syz.3.179'. [ 106.102965][ T6430] netlink: 28 bytes leftover after parsing attributes in process `syz.3.179'. [ 106.128386][ T6432] loop1: detected capacity change from 0 to 64 [ 106.605379][ T6451] xt_hashlimit: max too large, truncated to 1048576 [ 106.684065][ T6451] loop0: detected capacity change from 0 to 2048 [ 107.039275][ T6455] loop2: detected capacity change from 0 to 32768 [ 107.053053][ T6455] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.189 (6455) [ 107.076835][ T6455] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 107.087943][ T6455] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 107.096843][ T6455] BTRFS error (device loop2): unrecognized mount option 'mand' [ 107.120409][ T6455] BTRFS error (device loop2): open_ctree failed: -22 [ 107.131877][ T6451] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.188215][ T5756] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by udevd (5756) [ 107.451386][ T6451] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.187: bg 0: block 234: padding at end of block bitmap is not set [ 107.498129][ T6451] EXT4-fs (loop0): Remounting filesystem read-only [ 107.716236][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.235272][ T6487] (null): rxe_set_mtu: Set mtu to 1024 [ 108.638235][ T6487] infiniband syz0: set active [ 108.661385][ T6487] infiniband syz0: added bond_slave_0 [ 108.784374][ T6502] loop1: detected capacity change from 0 to 64 [ 108.809036][ T6487] RDS/IB: syz0: added [ 108.826889][ T6487] smc: adding ib device syz0 with port count 1 [ 108.865345][ T6487] smc: ib device syz0 port 1 has pnetid [ 108.905083][ T6502] syz.1.207 uses obsolete (PF_INET,SOCK_PACKET) [ 109.397028][ T6516] netlink: 20 bytes leftover after parsing attributes in process `syz.0.214'. [ 109.599006][ T786] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 109.723112][ T6520] loop0: detected capacity change from 0 to 4096 [ 110.105505][ T786] usb 2-1: Using ep0 maxpacket: 8 [ 110.113994][ T786] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 110.130374][ T786] usb 2-1: config 179 has no interface number 0 [ 110.140288][ T786] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 110.152610][ T786] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 110.164933][ T786] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 110.179417][ T786] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 110.194477][ T786] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 110.244593][ T786] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 110.355171][ T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.378281][ T6509] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 110.672764][ T786] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input6 [ 110.958942][ T5857] usb 2-1: USB disconnect, device number 3 [ 110.959043][ C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 110.974626][ C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 110.984108][ C0] vkms_vblank_simulate: vblank timer overrun [ 110.996673][ T5857] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 112.119022][ T6559] loop1: detected capacity change from 0 to 4096 [ 112.152438][ T8] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 112.249380][ T6559] netlink: 6 bytes leftover after parsing attributes in process `syz.1.232'. [ 112.368562][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 112.392875][ T8] usb 1-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 112.425010][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.448480][ T8] usb 1-1: config 0 descriptor?? [ 112.465778][ T8] gspca_main: sq930x-2.14.0 probing 041e:403c [ 112.800813][ T6555] loop0: detected capacity change from 0 to 4096 [ 112.890807][ T6583] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 113.302179][ T6590] netlink: 76 bytes leftover after parsing attributes in process `syz.1.243'. [ 113.832399][ T6594] loop1: detected capacity change from 0 to 40427 [ 113.884422][ T6594] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 113.892508][ T6594] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 113.911723][ T6594] F2FS-fs (loop1): invalid crc value [ 113.924336][ T6594] F2FS-fs (loop1): Current segment's next free block offset is inconsistent with bitmap, logtype:1, segno:11, type:0, next_blkoff:0, blkofs:0 [ 113.927464][ T6582] overlayfs: failed to clone upperpath [ 113.963415][ T6594] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-117) [ 114.340524][ T6603] IPVS: sh: FWM 3 0x00000003 - no destination available [ 114.348031][ C1] IPVS: sh: FWM 3 0x00000003 - no destination available [ 114.374901][ T42] IPVS: starting estimator thread 0... [ 114.454611][ T8] gspca_sq930x: reg_w 0105 bc00 failed -71 [ 114.462823][ T8] sq930x: probe of 1-1:0.0 failed with error -71 [ 114.470182][ T6604] IPVS: using max 25 ests per chain, 60000 per kthread [ 114.500737][ T8] usb 1-1: USB disconnect, device number 2 [ 114.862052][ T6614] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 115.620525][ T6630] loop1: detected capacity change from 0 to 40427 [ 115.638373][ T6630] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 115.645285][ T6630] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 115.671193][ T6630] F2FS-fs (loop1): Found nat_bits in checkpoint [ 115.721681][ T6630] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 115.729328][ T6630] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 115.864795][ T6634] loop0: detected capacity change from 0 to 40427 [ 116.096126][ T5764] syz-executor: attempt to access beyond end of device [ 116.096126][ T5764] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 116.173616][ T5764] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 119.275609][ T6736] fuse: Bad value for 'fd' [ 119.415807][ T6738] fuse: Unknown parameter '' [ 119.451154][ T6738] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 119.867179][ T27] audit: type=1326 audit(1766413741.233:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 119.923159][ T27] audit: type=1326 audit(1766413741.233:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 119.983271][ T27] audit: type=1326 audit(1766413741.243:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 120.011927][ T27] audit: type=1326 audit(1766413741.243:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 120.040078][ T27] audit: type=1326 audit(1766413741.253:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 120.071966][ T27] audit: type=1326 audit(1766413741.253:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 120.102823][ T27] audit: type=1326 audit(1766413741.253:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 120.130896][ T27] audit: type=1326 audit(1766413741.283:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 120.163394][ T27] audit: type=1326 audit(1766413741.283:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 120.193413][ T27] audit: type=1326 audit(1766413741.283:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f30ad38df90 code=0x7ffc0000 [ 120.654209][ T6781] veth2: entered allmulticast mode [ 124.495012][ T6820] loop0: detected capacity change from 0 to 32768 [ 124.519233][ T6820] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.337 (6820) [ 124.645969][ T6820] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 124.673667][ T6820] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 124.708896][ T6820] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 124.744715][ T6820] BTRFS info (device loop0): force zstd compression, level 3 [ 124.769291][ T6820] BTRFS info (device loop0): turning on sync discard [ 124.798268][ T6820] BTRFS info (device loop0): force clearing of disk cache [ 124.813137][ T6820] BTRFS info (device loop0): enabling disk space caching [ 124.825055][ T6820] BTRFS info (device loop0): turning off discard [ 124.831433][ T6820] BTRFS info (device loop0): disk space caching is enabled [ 125.093432][ T6820] BTRFS info (device loop0): enabling ssd optimizations [ 125.124902][ T6820] BTRFS info (device loop0): rebuilding free space tree [ 125.592259][ T6820] BTRFS info (device loop0): disabling free space tree [ 125.630379][ T6820] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 125.658687][ T6820] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 125.965903][ T6870] netlink: 'syz.2.349': attribute type 27 has an invalid length. [ 126.003173][ T5765] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 126.585843][ T6870] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.595861][ T6870] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.268933][ T6901] loop2: detected capacity change from 0 to 7 [ 128.310362][ T6901] Dev loop2: unable to read RDB block 7 [ 128.332650][ T6870] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 128.345652][ T6901] loop2: AHDI p1 p2 p3 [ 128.349882][ T6901] loop2: partition table partially beyond EOD, truncated [ 128.379816][ T6901] loop2: p1 start 1601398130 is beyond EOD, truncated [ 128.395606][ T6901] loop2: p2 start 1702059890 is beyond EOD, truncated [ 128.415713][ T6870] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 129.069976][ T6870] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.092108][ T6870] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.119410][ T6870] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.144781][ T6870] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.339232][ T6870] veth2: left allmulticast mode [ 129.412280][ T6873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 129.434310][ T6873] 8021q: adding VLAN 0 to HW filter on device team0 [ 129.471083][ T6873] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 129.620711][ T6883] netlink: 4 bytes leftover after parsing attributes in process `syz.3.354'. [ 129.721749][ T6903] netlink: 'syz.1.362': attribute type 32 has an invalid length. [ 129.767536][ T6903] netlink: 16 bytes leftover after parsing attributes in process `syz.1.362'. [ 129.885209][ T6903] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 130.667193][ T6925] fuse: root generation should be zero [ 130.754218][ T6933] overlayfs: failed to clone upperpath [ 132.321611][ T6969] 9pnet_fd: Insufficient options for proto=fd [ 132.553753][ T6980] netlink: 32 bytes leftover after parsing attributes in process `syz.2.393'. [ 133.121956][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.146174][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 136.800928][ T7075] overlayfs: missing 'lowerdir' [ 136.968490][ T7082] loop0: detected capacity change from 0 to 512 [ 137.663120][ T7080] overlayfs: failed to clone upperpath [ 138.923368][ T7132] netlink: 4 bytes leftover after parsing attributes in process `syz.3.452'. [ 138.988325][ T7135] loop1: detected capacity change from 0 to 128 [ 139.000662][ T7132] infiniband syz0: set down [ 139.169417][ T7132] bond0: (slave bond_slave_0): Releasing backup interface [ 139.197322][ T12] smc: removing ib device syz0 [ 142.079200][ T7167] loop1: detected capacity change from 0 to 32768 [ 142.105897][ T7167] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.465 (7167) [ 142.139021][ T7167] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 142.158624][ T7167] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 142.170280][ T7167] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 142.180881][ T7167] BTRFS info (device loop1): force zstd compression, level 3 [ 142.194383][ T7167] BTRFS info (device loop1): turning on sync discard [ 142.206413][ T7167] BTRFS info (device loop1): force clearing of disk cache [ 142.218210][ T7167] BTRFS info (device loop1): enabling disk space caching [ 142.230795][ T7167] BTRFS info (device loop1): turning off discard [ 142.240678][ T7167] BTRFS info (device loop1): disk space caching is enabled [ 142.383964][ T7167] BTRFS info (device loop1): enabling ssd optimizations [ 142.405878][ T7167] BTRFS info (device loop1): rebuilding free space tree [ 142.456211][ T7167] BTRFS info (device loop1): disabling free space tree [ 142.468889][ T7167] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 142.514685][ T7167] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 142.701948][ T5764] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 143.115425][ T7218] "syz.0.480" (7218) uses obsolete ecb(arc4) skcipher [ 145.230349][ T7268] kvm: requested 129066 ns i8254 timer period limited to 200000 ns [ 145.242117][ T7268] kvm: requested 49447 ns i8254 timer period limited to 200000 ns [ 145.250708][ T7268] kvm: requested 68723 ns i8254 timer period limited to 200000 ns [ 145.259283][ T7268] kvm: requested 8380 ns i8254 timer period limited to 200000 ns [ 145.268430][ T7268] kvm: requested 112304 ns i8254 timer period limited to 200000 ns [ 145.278746][ T7268] kvm: requested 15085 ns i8254 timer period limited to 200000 ns [ 145.287602][ T7268] kvm: requested 166781 ns i8254 timer period limited to 200000 ns [ 145.296126][ T7268] kvm: requested 98895 ns i8254 timer period limited to 200000 ns [ 145.304316][ T7268] kvm: requested 102247 ns i8254 timer period limited to 200000 ns [ 145.313032][ T7268] kvm: requested 2514 ns i8254 timer period limited to 200000 ns [ 146.304062][ T7303] bridge_slave_0: left allmulticast mode [ 146.317097][ T7303] bridge_slave_0: left promiscuous mode [ 146.323202][ T7303] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.349089][ T7303] bridge_slave_1: left allmulticast mode [ 146.360794][ T7303] bridge_slave_1: left promiscuous mode [ 146.368534][ T7303] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.391982][ T7303] bond0: (slave bond_slave_0): Releasing backup interface [ 146.424447][ T7303] bond0: (slave bond_slave_1): Releasing backup interface [ 146.491208][ T7303] team0: Port device team_slave_0 removed [ 146.534308][ T7303] team0: Port device team_slave_1 removed [ 146.550438][ T7303] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.571115][ T7303] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 146.595618][ T7303] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.615474][ T7303] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 146.776403][ T7319] vlan2: entered promiscuous mode [ 146.791591][ T7319] bond0: entered promiscuous mode [ 146.824626][ T7319] bond_slave_1: entered promiscuous mode [ 147.441355][ T7360] vlan2: entered promiscuous mode [ 147.446873][ T7360] bond0: entered promiscuous mode [ 147.452015][ T7360] bond_slave_0: entered promiscuous mode [ 147.460794][ T7360] bond_slave_1: entered promiscuous mode [ 148.076468][ T7375] loop1: detected capacity change from 0 to 512 [ 149.237848][ T7417] mmap: syz.1.559 (7417) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 149.950654][ T7422] netlink: 'syz.1.560': attribute type 3 has an invalid length. [ 150.252732][ T7432] loop0: detected capacity change from 0 to 128 [ 150.280828][ T7432] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 151.563378][ T7461] netlink: 44 bytes leftover after parsing attributes in process `syz.1.576'. [ 151.586741][ T7461] netlink: 59 bytes leftover after parsing attributes in process `syz.1.576'. [ 151.629810][ T7460] loop0: detected capacity change from 0 to 8192 [ 152.043925][ T7472] capability: warning: `syz.1.581' uses deprecated v2 capabilities in a way that may be insecure [ 152.413952][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 152.413965][ T27] audit: type=1326 audit(1766428961.782:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 152.857709][ T27] audit: type=1326 audit(1766428961.782:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 153.114867][ T27] audit: type=1326 audit(1766428961.792:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 153.204785][ T27] audit: type=1326 audit(1766428961.792:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 153.237590][ T27] audit: type=1326 audit(1766428961.792:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 153.262777][ T27] audit: type=1326 audit(1766428961.792:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 153.285666][ T27] audit: type=1326 audit(1766428961.792:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 153.314732][ T27] audit: type=1326 audit(1766428961.792:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 153.386615][ T27] audit: type=1326 audit(1766428961.792:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 153.461657][ T27] audit: type=1326 audit(1766428961.792:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 154.719883][ T7535] netlink: 8 bytes leftover after parsing attributes in process `syz.2.607'. [ 155.652906][ T7541] netlink: 28 bytes leftover after parsing attributes in process `syz.0.606'. [ 155.903603][ T7530] loop1: detected capacity change from 0 to 32768 [ 155.919009][ T7530] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.604 (7530) [ 155.996218][ T7530] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 156.035054][ T7530] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 156.043837][ T7530] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 156.088469][ T7530] BTRFS info (device loop1): force zstd compression, level 3 [ 156.115529][ T7530] BTRFS info (device loop1): turning on sync discard [ 156.146099][ T7530] BTRFS info (device loop1): force clearing of disk cache [ 156.153380][ T7530] BTRFS info (device loop1): enabling disk space caching [ 156.184566][ T7530] BTRFS info (device loop1): turning off discard [ 156.190993][ T7530] BTRFS info (device loop1): disk space caching is enabled [ 156.384687][ T7530] BTRFS info (device loop1): enabling ssd optimizations [ 156.415190][ T7530] BTRFS info (device loop1): rebuilding free space tree [ 156.517768][ T7530] BTRFS info (device loop1): disabling free space tree [ 156.552330][ T7530] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 156.587934][ T7530] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 156.817202][ T5764] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 157.257744][ T7595] loop0: detected capacity change from 0 to 256 [ 157.591374][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 157.591387][ T27] audit: type=1326 audit(1766428966.972:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 157.663989][ T27] audit: type=1326 audit(1766428967.012:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 157.688713][ T27] audit: type=1326 audit(1766428967.012:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 157.719304][ T27] audit: type=1326 audit(1766428967.012:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 157.748777][ T27] audit: type=1326 audit(1766428967.022:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 157.814767][ T27] audit: type=1326 audit(1766428967.022:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 157.878744][ T27] audit: type=1326 audit(1766428967.022:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 157.934738][ T27] audit: type=1326 audit(1766428967.022:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 157.965875][ T27] audit: type=1326 audit(1766428967.022:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 158.001101][ T27] audit: type=1326 audit(1766428967.022:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7605 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 158.233847][ T7628] sctp: [Deprecated]: syz.1.640 (pid 7628) Use of struct sctp_assoc_value in delayed_ack socket option. [ 158.233847][ T7628] Use struct sctp_sack_info instead [ 158.737913][ T7650] loop0: detected capacity change from 0 to 16 [ 158.819397][ T7650] erofs: (device loop0): mounted with root inode @ nid 36. [ 158.933157][ T7652] x_tables: unsorted entry at hook 3 [ 159.060070][ T7655] overlayfs: failed to clone upperpath [ 159.084355][ T7655] overlayfs: failed to clone lowerpath [ 159.710586][ T7671] loop0: detected capacity change from 0 to 8192 [ 159.859916][ T7677] xt_TCPMSS: Only works on TCP SYN packets [ 160.008987][ T7682] netlink: 8 bytes leftover after parsing attributes in process `syz.0.661'. [ 160.482837][ T7706] Driver unsupported XDP return value 0 on prog (id 28) dev N/A, expect packet loss! [ 160.801814][ T7699] loop0: detected capacity change from 0 to 8192 [ 161.334522][ C1] sched: RT throttling activated [ 161.414384][ T7716] netlink: 4 bytes leftover after parsing attributes in process `syz.0.673'. [ 161.505963][ T7716] netlink: 28 bytes leftover after parsing attributes in process `syz.0.673'. [ 162.349473][ T7738] loop0: detected capacity change from 0 to 1764 [ 162.942347][ T7759] overlayfs: failed to clone upperpath [ 162.966188][ T7759] capability: warning: `syz.2.690' uses 32-bit capabilities (legacy support in use) [ 162.975475][ T7761] netlink: 4 bytes leftover after parsing attributes in process `syz.3.691'. [ 163.282760][ T7767] overlayfs: failed to clone upperpath [ 163.556213][ T7763] loop0: detected capacity change from 0 to 8192 [ 164.054609][ T27] kauditd_printk_skb: 18 callbacks suppressed [ 164.054623][ T27] audit: type=1326 audit(1766428973.432:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7787 comm="syz.1.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 164.063855][ T7789] loop1: detected capacity change from 0 to 256 [ 164.112712][ T27] audit: type=1326 audit(1766428973.432:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7787 comm="syz.1.701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 164.114281][ T7789] FAT-fs (loop1): Unrecognized mount option "Å©›ä3!hÂʘAŠC€»ÐE™¨ZÅjÆ §ƒ"Ÿt¬ª!ß÷qíýYPÝ#jj$¶O0¸YO©üÞầ43°Åöÿˆµ•à4ϽkûM¢k0Ž*§ö†%ÇY”S4¼{¼‘µ0ê(µÇu甶ëCzÝ#HnÚœf èi˜h@á‚ [ 164.535719][ T7789] dump_stack_lvl+0x16c/0x230 [ 164.540450][ T7789] ? show_regs_print_info+0x20/0x20 [ 164.545690][ T7789] ? load_image+0x3b0/0x3b0 [ 164.550229][ T7789] ? find_vma+0x12e/0x1b0 [ 164.554607][ T7789] fixup_user_fault+0x652/0x710 [ 164.559506][ T7789] fault_in_user_writeable+0x71/0xe0 [ 164.564962][ T7789] futex_wake_op+0x599/0xd30 [ 164.569597][ T7789] ? futex_wake+0x4b0/0x4b0 [ 164.574310][ T7789] ? __seccomp_filter+0xa49/0x1b70 [ 164.579449][ T7789] ? kmem_cache_free+0xf8/0x280 [ 164.584418][ T7789] ? __seccomp_filter+0xa49/0x1b70 [ 164.591578][ T7789] ? up_read+0x20/0x20 [ 164.595978][ T7789] ? userfaultfd_unmap_complete+0x279/0x2d0 [ 164.601905][ T7789] do_futex+0x385/0x3e0 [ 164.606096][ T7789] ? __ia32_sys_get_robust_list+0x110/0x110 [ 164.612046][ T7789] __se_sys_futex+0x36f/0x3f0 [ 164.616782][ T7789] ? __x64_sys_futex+0xf0/0xf0 [ 164.621597][ T7789] ? __x64_sys_futex+0x21/0xf0 [ 164.626401][ T7789] do_syscall_64+0x55/0xb0 [ 164.630856][ T7789] ? clear_bhb_loop+0x40/0x90 [ 164.635556][ T7789] ? clear_bhb_loop+0x40/0x90 [ 164.640277][ T7789] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 164.646209][ T7789] RIP: 0033:0x7f30ad38f749 [ 164.650661][ T7789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.670648][ T7789] RSP: 002b:00007f30ae1a3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 164.679105][ T7789] RAX: ffffffffffffffda RBX: 00007f30ad5e5fa0 RCX: 00007f30ad38f749 [ 164.687105][ T7789] RDX: 0000000000000000 RSI: 0000000000000085 RDI: 0000000000000000 [ 164.695367][ T7789] RBP: 00007f30ad413f91 R08: 0000200000000080 R09: 0000000000000002 [ 164.704169][ T7789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.712433][ T7789] R13: 00007f30ad5e6038 R14: 00007f30ad5e5fa0 R15: 00007ffe8715d7a8 [ 164.720737][ T7789] [ 164.963130][ T7809] netlink: 12 bytes leftover after parsing attributes in process `syz.1.710'. [ 166.298318][ T7857] overlayfs: failed to clone upperpath [ 166.615059][ T7875] netlink: 8 bytes leftover after parsing attributes in process `syz.1.736'. [ 167.140100][ T7888] loop1: detected capacity change from 0 to 8192 [ 167.149669][ T7894] team0: No ports can be present during mode change [ 167.238351][ T7896] loop0: detected capacity change from 0 to 256 [ 167.490843][ T7902] netlink: 32 bytes leftover after parsing attributes in process `syz.1.749'. [ 167.534798][ T7902] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073457827969) [ 167.574642][ T7902] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647 [ 167.935403][ T7922] ip6gre1: entered promiscuous mode [ 167.940676][ T7922] ip6gre1: entered allmulticast mode [ 168.138105][ T7906] loop0: detected capacity change from 0 to 32768 [ 168.196319][ T7906] loop0: p9 p11 p16 [ 168.535748][ T5774] udevd[5774]: inotify_add_watch(7, /dev/loop0p9, 10) failed: No such file or directory [ 168.552717][ T5756] udevd[5756]: inotify_add_watch(7, /dev/loop0p11, 10) failed: No such file or directory [ 168.582992][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop0p16, 10) failed: No such file or directory [ 168.798694][ T7948] syz.3.765: attempt to access beyond end of device [ 168.798694][ T7948] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 168.811687][ T7948] FAT-fs (loop7): unable to read boot sector [ 170.443243][ T8007] overlayfs: failed to clone upperpath [ 170.453594][ T8006] loop0: detected capacity change from 0 to 512 [ 170.581116][ T8006] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 171.265284][ T8032] tmpfs: Bad value for 'mpol' [ 171.485413][ T27] kauditd_printk_skb: 176 callbacks suppressed [ 171.485426][ T27] audit: type=1326 audit(1766428980.872:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.1.805" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x0 [ 172.521217][ T27] audit: type=1326 audit(1766428981.902:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.583388][ T27] audit: type=1326 audit(1766428981.922:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.658567][ T27] audit: type=1326 audit(1766428981.932:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.698479][ T8068] loop0: detected capacity change from 0 to 128 [ 172.705153][ T27] audit: type=1326 audit(1766428981.932:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.748750][ T27] audit: type=1326 audit(1766428981.932:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.800576][ T27] audit: type=1326 audit(1766428981.932:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.836949][ T8068] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 172.846048][ T27] audit: type=1326 audit(1766428981.932:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.846089][ T27] audit: type=1326 audit(1766428981.932:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.846121][ T27] audit: type=1326 audit(1766428981.932:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.1.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 172.893463][ T8071] overlayfs: failed to resolve './bus': -2 [ 173.410943][ T8086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.827'. [ 173.690328][ T8100] bridge_slave_0: left allmulticast mode [ 173.706841][ T8100] bridge_slave_0: left promiscuous mode [ 173.712657][ T8100] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.760675][ T8100] bridge_slave_1: left allmulticast mode [ 173.769609][ T8100] bridge_slave_1: left promiscuous mode [ 173.779981][ T8100] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.794451][ T8100] bond0: (slave bond_slave_1): Releasing backup interface [ 173.815257][ T8100] bond_slave_1: left promiscuous mode [ 173.871567][ T8100] team0: Port device team_slave_0 removed [ 173.906290][ T8100] team0: Port device team_slave_1 removed [ 173.919303][ T8100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.930319][ T8100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.942128][ T8100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.960228][ T8100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 174.069676][ T8116] loop1: detected capacity change from 0 to 128 [ 174.091230][ T8116] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 174.211987][ T8118] tmpfs: Bad value for 'mpol' [ 176.862760][ T8218] xt_CT: No such helper "snmp" [ 177.455496][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 177.455509][ T27] audit: type=1326 audit(1766428986.842:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8241 comm="syz.2.896" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faf1158f749 code=0x0 [ 177.500768][ T8244] loop1: detected capacity change from 0 to 128 [ 177.527618][ T8244] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 177.917285][ T8259] fuse: Bad value for 'fd' [ 178.005340][ T8259] kvm: pic: non byte write [ 178.011916][ T8259] kvm: vcpu 0: requested 6656 ns lapic timer period limited to 200000 ns [ 178.023968][ T8259] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3480241289 (13920965156 ns) > initial count (200000 ns). Using initial count to start timer. [ 178.243973][ T8265] kvm: kvm [8264]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 178.253785][ T8265] kvm: kvm [8264]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 178.348612][ T8268] netlink: 220 bytes leftover after parsing attributes in process `syz.2.906'. [ 178.369861][ T8268] tc_dump_action: action bad kind [ 178.390451][ T27] audit: type=1326 audit(1766428987.772:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8269 comm="syz.0.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a358f749 code=0x7ffc0000 [ 178.446222][ T27] audit: type=1326 audit(1766428987.792:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8269 comm="syz.0.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a358f749 code=0x7ffc0000 [ 178.497742][ T27] audit: type=1326 audit(1766428987.802:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8269 comm="syz.0.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f06a358f749 code=0x7ffc0000 [ 178.598491][ T27] audit: type=1326 audit(1766428987.802:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8269 comm="syz.0.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a358f749 code=0x7ffc0000 [ 178.654998][ T27] audit: type=1326 audit(1766428987.802:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8269 comm="syz.0.907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a358f749 code=0x7ffc0000 [ 178.910924][ T8290] loop1: detected capacity change from 0 to 2048 [ 178.960764][ T8290] loop1: p1 < > [ 179.697008][ T8307] overlayfs: failed to clone lowerpath [ 179.862576][ T8315] veth0: entered promiscuous mode [ 179.869299][ T8315] netlink: 4 bytes leftover after parsing attributes in process `syz.2.925'. [ 179.897394][ T8315] veth0 (unregistering): left promiscuous mode [ 180.039566][ T27] audit: type=1326 audit(1766428989.422:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf1158f749 code=0x7ffc0000 [ 180.068102][ T27] audit: type=1326 audit(1766428989.422:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf1158f749 code=0x7ffc0000 [ 180.112224][ T27] audit: type=1326 audit(1766428989.422:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf1158f749 code=0x7ffc0000 [ 180.172510][ T27] audit: type=1326 audit(1766428989.422:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf1158f749 code=0x7ffc0000 [ 180.840547][ T8354] kernel read not supported for file /묥 (pid: 8354 comm: syz.1.942) [ 181.029966][ T8360] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 181.333489][ T8375] cgroup: noprefix used incorrectly [ 182.027878][ T8399] loop1: detected capacity change from 0 to 8192 [ 182.457039][ T8414] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0103 with DS=0x91 [ 182.942116][ T8425] loop0: detected capacity change from 0 to 8192 [ 183.426019][ T8445] loop0: detected capacity change from 0 to 1764 [ 183.514969][ T8445] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 184.413218][ T8487] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1000'. [ 184.815660][ T8505] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1009'. [ 184.829704][ T8505] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1009'. [ 184.999485][ T8491] loop1: detected capacity change from 0 to 32768 [ 185.050803][ T8491] loop1: p9 p11 p16 [ 185.305630][ T8524] loop0: detected capacity change from 0 to 128 [ 185.318096][ T8520] create_pit_timer: 6 callbacks suppressed [ 185.318112][ T8520] kvm: requested 135771 ns i8254 timer period limited to 200000 ns [ 185.347040][ T8524] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 185.368399][ T8520] kvm: requested 109790 ns i8254 timer period limited to 200000 ns [ 185.386205][ T8520] kvm: requested 92190 ns i8254 timer period limited to 200000 ns [ 185.406581][ T8520] kvm: requested 192762 ns i8254 timer period limited to 200000 ns [ 185.420822][ T8520] kvm: requested 19276 ns i8254 timer period limited to 200000 ns [ 185.453166][ T8520] kvm: requested 129904 ns i8254 timer period limited to 200000 ns [ 185.467166][ T8520] kvm: requested 58666 ns i8254 timer period limited to 200000 ns [ 185.480628][ T8520] kvm: requested 199466 ns i8254 timer period limited to 200000 ns [ 185.490122][ T8520] kvm: requested 66209 ns i8254 timer period limited to 200000 ns [ 185.505517][ T5756] udevd[5756]: inotify_add_watch(7, /dev/loop1p11, 10) failed: No such file or directory [ 185.516304][ T8520] kvm: requested 199466 ns i8254 timer period limited to 200000 ns [ 185.526229][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop1p16, 10) failed: No such file or directory [ 185.530936][ T5774] udevd[5774]: inotify_add_watch(7, /dev/loop1p9, 10) failed: No such file or directory [ 186.063861][ T8547] loop1: detected capacity change from 0 to 128 [ 186.087887][ T8547] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 186.525235][ T8563] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 186.700575][ T8570] overlayfs: failed to clone upperpath [ 186.878748][ T8579] overlayfs: failed to clone upperpath [ 187.130443][ T8586] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1044'. [ 188.149491][ T8603] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1052'. [ 188.342381][ T8614] loop0: detected capacity change from 0 to 128 [ 188.386921][ T8614] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 188.476972][ T8616] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 188.491959][ T8616] team0: Device macvtap1 is already an upper device of the team interface [ 188.792540][ T8632] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1065'. [ 189.312809][ T8651] loop0: detected capacity change from 0 to 128 [ 189.343074][ T8651] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 189.482274][ T8651] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 189.705862][ T8662] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4219875948 (135036030336 ns) > initial count (99798197984 ns). Using initial count to start timer. [ 190.382719][ T8694] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1094'. [ 191.463204][ T5766] Bluetooth: hci2: command 0x0406 tx timeout [ 191.463758][ T5762] Bluetooth: hci3: command 0x0406 tx timeout [ 191.471368][ T5766] Bluetooth: hci0: command 0x0406 tx timeout [ 191.476823][ T5762] Bluetooth: hci1: command 0x0406 tx timeout [ 192.042477][ T1124] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.328957][ T1124] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.509615][ T1124] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.687664][ T1124] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.325560][ T8728] overlayfs: failed to clone upperpath [ 193.369498][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 193.381992][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 193.393050][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 193.404324][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 193.412488][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 193.420077][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 193.964030][ T8745] loop1: detected capacity change from 0 to 736 [ 194.498494][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.505147][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.790988][ T8754] loop1: detected capacity change from 0 to 32768 [ 194.877610][ T8754] loop1: p9 p11 p16 [ 194.890262][ T8730] chnl_net:caif_netlink_parms(): no params data found [ 195.492744][ T5774] udevd[5774]: inotify_add_watch(7, /dev/loop1p9, 10) failed: No such file or directory [ 195.501626][ T5756] udevd[5756]: inotify_add_watch(7, /dev/loop1p11, 10) failed: No such file or directory [ 195.505969][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop1p16, 10) failed: No such file or directory [ 195.535149][ T5768] Bluetooth: hci2: command tx timeout [ 195.892308][ T8730] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.923848][ T8730] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.952862][ T8730] bridge_slave_0: entered allmulticast mode [ 195.971465][ T8730] bridge_slave_0: entered promiscuous mode [ 196.092687][ T8730] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.100114][ T8730] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.122580][ T8730] bridge_slave_1: entered allmulticast mode [ 196.157404][ T8730] bridge_slave_1: entered promiscuous mode [ 196.263928][ T1124] hsr_slave_0: left promiscuous mode [ 196.272353][ T1124] hsr_slave_1: left promiscuous mode [ 196.292369][ T1124] veth1_macvtap: left promiscuous mode [ 196.298957][ T1124] veth0_macvtap: left promiscuous mode [ 196.305901][ T1124] veth1_vlan: left promiscuous mode [ 196.311542][ T1124] veth0_vlan: left promiscuous mode [ 197.593987][ T5768] Bluetooth: hci2: command tx timeout [ 197.678800][ T1124] bond0 (unregistering): Released all slaves [ 197.719911][ T8818] netlink: 'syz.3.1133': attribute type 30 has an invalid length. [ 197.728096][ T8818] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 197.739180][ T8818] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 197.758312][ T8730] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.810873][ T8730] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.951118][ T8730] team0: Port device team_slave_0 added [ 198.008822][ T8730] team0: Port device team_slave_1 added [ 198.036430][ T8830] loop1: detected capacity change from 0 to 16 [ 198.070692][ T8830] erofs: (device loop1): mounted with root inode @ nid 36. [ 198.244878][ T8730] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 198.252568][ T8730] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.342736][ T8730] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 198.386402][ T8730] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 198.394106][ T8730] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.469597][ T8730] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 198.686633][ T8730] hsr_slave_0: entered promiscuous mode [ 198.715170][ T8730] hsr_slave_1: entered promiscuous mode [ 198.735380][ T8730] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 198.776274][ T8730] Cannot create hsr debugfs directory [ 199.429694][ T8730] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 199.464427][ T8730] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 199.480473][ T8730] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 199.501732][ T8730] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 199.666397][ T5768] Bluetooth: hci2: command tx timeout [ 199.731566][ T8730] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.774449][ T8730] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.819162][ T1124] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.826521][ T1124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.911201][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.918525][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.235950][ T8909] netlink: 'syz.2.1158': attribute type 27 has an invalid length. [ 201.038682][ T8909] vlan2: left promiscuous mode [ 201.048816][ T8909] bond0: left promiscuous mode [ 201.059276][ T8909] bond_slave_0: left promiscuous mode [ 201.065466][ T8909] bond_slave_1: left promiscuous mode [ 201.272955][ T8909] ip6gre1: left promiscuous mode [ 201.278655][ T8909] ip6gre1: left allmulticast mode [ 201.863041][ T5768] Bluetooth: hci2: command tx timeout [ 202.043637][ T8730] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.202088][ T8730] veth0_vlan: entered promiscuous mode [ 203.250912][ T8730] veth1_vlan: entered promiscuous mode [ 203.387899][ T8730] veth0_macvtap: entered promiscuous mode [ 203.408451][ T8730] veth1_macvtap: entered promiscuous mode [ 203.445700][ T8975] loop1: detected capacity change from 0 to 256 [ 203.482609][ T8730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 203.497833][ T8730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.510985][ T8730] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.549681][ T8730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 203.581205][ T8730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.608983][ T8730] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.658225][ T8730] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.697616][ T8730] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.708536][ T8730] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.729530][ T8730] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.994086][ T2929] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.022968][ T2929] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.107840][ T2929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.131923][ T2929] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.457841][ T9004] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 205.046083][ T9030] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1187'. [ 205.137746][ T9030] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 206.075722][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 206.075739][ T27] audit: type=1326 audit(1766429015.402:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.305425][ T27] audit: type=1326 audit(1766429015.402:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.471375][ T27] audit: type=1326 audit(1766429015.422:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.495607][ T27] audit: type=1326 audit(1766429015.432:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.552686][ T27] audit: type=1326 audit(1766429015.422:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.685015][ T27] audit: type=1326 audit(1766429015.432:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.748995][ T27] audit: type=1326 audit(1766429015.432:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.804786][ T27] audit: type=1326 audit(1766429015.432:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.858499][ T27] audit: type=1326 audit(1766429015.432:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 206.924651][ T27] audit: type=1326 audit(1766429015.492:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9054 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 212.342472][ T27] kauditd_printk_skb: 76 callbacks suppressed [ 212.342487][ T27] audit: type=1326 audit(1766429021.722:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.404879][ T27] audit: type=1326 audit(1766429021.752:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.473535][ T27] audit: type=1326 audit(1766429021.772:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.512157][ T27] audit: type=1326 audit(1766429021.832:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9205 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f059e9c2005 code=0x7ffc0000 [ 212.560815][ T27] audit: type=1326 audit(1766429021.822:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.584912][ T27] audit: type=1326 audit(1766429021.832:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.683121][ T27] audit: type=1326 audit(1766429021.842:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.740325][ T27] audit: type=1326 audit(1766429021.842:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.776589][ T27] audit: type=1326 audit(1766429021.842:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9199 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.801238][ T27] audit: type=1326 audit(1766429021.972:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9205 comm="syz.4.1238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f059e98f749 code=0x7ffc0000 [ 212.981934][ T9224] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1246'. [ 214.828256][ T9265] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1263'. [ 215.050251][ T9271] loop4: detected capacity change from 0 to 8192 [ 215.599171][ T9300] loop4: detected capacity change from 0 to 16 [ 215.634191][ T9300] erofs: (device loop4): mounted with root inode @ nid 36. [ 215.650453][ T9300] syz.4.1276: attempt to access beyond end of device [ 215.650453][ T9300] loop4: rw=0, sector=36, nr_sectors = 1 limit=16 [ 215.668892][ T9300] syz.4.1276: attempt to access beyond end of device [ 215.668892][ T9300] loop4: rw=0, sector=36, nr_sectors = 1 limit=16 [ 215.922350][ T9307] loop4: detected capacity change from 0 to 8192 [ 217.117865][ T9333] loop4: detected capacity change from 0 to 32768 [ 217.167862][ T9333] loop4: p1 p3 < > [ 217.579856][ T5774] udevd[5774]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 217.586676][ T5756] udevd[5756]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 217.713810][ T9362] overlayfs: failed to clone upperpath [ 218.130379][ T59] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.228200][ T59] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.319172][ T59] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.414478][ T59] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.513219][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 218.525895][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 218.536722][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 218.544912][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 218.556474][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 218.564034][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 219.425077][ T9417] program syz.1.1315 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 219.698094][ T9385] chnl_net:caif_netlink_parms(): no params data found [ 220.634635][ T5768] Bluetooth: hci2: command tx timeout [ 220.984075][ T9385] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.006337][ T9385] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.014469][ T9385] bridge_slave_0: entered allmulticast mode [ 221.035878][ T9385] bridge_slave_0: entered promiscuous mode [ 221.067067][ T9385] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.084646][ T9385] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.092013][ T9385] bridge_slave_1: entered allmulticast mode [ 221.135906][ T9385] bridge_slave_1: entered promiscuous mode [ 221.385972][ T9385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 221.459263][ T9385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.531930][ T59] hsr_slave_0: left promiscuous mode [ 221.551334][ T59] hsr_slave_1: left promiscuous mode [ 221.592180][ T9463] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3482940618 (6965881236 ns) > initial count (504378442 ns). Using initial count to start timer. [ 221.624890][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 221.632451][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 221.661267][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 221.693221][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 221.715550][ T59] bridge_slave_1: left allmulticast mode [ 221.721486][ T59] bridge_slave_1: left promiscuous mode [ 221.754625][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.798584][ T59] bridge_slave_0: left allmulticast mode [ 221.804282][ T59] bridge_slave_0: left promiscuous mode [ 221.829380][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.937236][ T59] veth1_macvtap: left promiscuous mode [ 221.942829][ T59] veth0_macvtap: left promiscuous mode [ 221.953754][ T59] veth1_vlan: left promiscuous mode [ 221.971971][ T59] veth0_vlan: left promiscuous mode [ 222.715214][ T5768] Bluetooth: hci2: command tx timeout [ 222.940375][ T59] team0 (unregistering): Port device team_slave_1 removed [ 223.084264][ T59] team0 (unregistering): Port device team_slave_0 removed [ 223.167590][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 223.266827][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 224.954581][ T5768] Bluetooth: hci2: command tx timeout [ 226.282604][ T59] bond0 (unregistering): Released all slaves [ 226.580619][ T9385] team0: Port device team_slave_0 added [ 226.609824][ T9385] team0: Port device team_slave_1 added [ 226.677156][ T9524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1351'. [ 226.757500][ T9385] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.774836][ T9385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.834767][ T9385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.859654][ T9385] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.875399][ T9385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.958180][ T9385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 227.169801][ T9385] hsr_slave_0: entered promiscuous mode [ 227.206595][ T9385] hsr_slave_1: entered promiscuous mode [ 227.225992][ T9385] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 227.254645][ T9385] Cannot create hsr debugfs directory [ 227.342285][ T9546] loop1: detected capacity change from 0 to 512 [ 227.744666][ T5768] Bluetooth: hci2: command tx timeout [ 227.803533][ T9558] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1358'. [ 227.854333][ T9385] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 227.879432][ T9385] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 227.945114][ T9385] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 227.968945][ T9385] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 228.190117][ T9385] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.276662][ T9385] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.308683][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.316428][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.368844][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.376055][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.101188][ T9385] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.869967][ T9385] veth0_vlan: entered promiscuous mode [ 229.906704][ T9385] veth1_vlan: entered promiscuous mode [ 230.018745][ T9385] veth0_macvtap: entered promiscuous mode [ 230.062079][ T9385] veth1_macvtap: entered promiscuous mode [ 230.121229][ T9385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.153105][ T9385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.196720][ T9385] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 230.229856][ T9385] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 230.254535][ T9385] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.290771][ T9385] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 230.318275][ T9385] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.344573][ T9385] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.353530][ T9385] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.394680][ T9385] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.681289][ T3517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.712500][ T3517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.763536][ T2942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.788552][ T2942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.074254][ T9663] netlink: 63503 bytes leftover after parsing attributes in process `syz.2.1378'. [ 231.873849][ T9685] syz.1.1387 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 232.599867][ T9677] overlayfs: missing 'lowerdir' [ 232.783203][ T9698] IPv6: NLM_F_CREATE should be specified when creating new route [ 233.619186][ T9730] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1399'. [ 233.818088][ T9735] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1400'. [ 233.841710][ T9735] team_slave_0: entered promiscuous mode [ 233.848178][ T9735] team_slave_1: entered promiscuous mode [ 233.867116][ T9735] macvtap1: entered promiscuous mode [ 233.885441][ T9735] team0: entered promiscuous mode [ 233.891164][ T9735] macvtap1: entered allmulticast mode [ 233.905541][ T9735] team0: entered allmulticast mode [ 233.921034][ T9735] team_slave_0: entered allmulticast mode [ 233.931196][ T9735] team_slave_1: entered allmulticast mode [ 233.946816][ T9735] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 233.962724][ T9738] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1400'. [ 234.024226][ T9738] team0: left allmulticast mode [ 234.044856][ T9738] team_slave_0: left allmulticast mode [ 234.065340][ T9738] team_slave_1: left allmulticast mode [ 234.091431][ T9738] team0: left promiscuous mode [ 234.113941][ T9738] team_slave_0: left promiscuous mode [ 234.119563][ T9738] team_slave_1: left promiscuous mode [ 234.644726][ T786] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 234.955573][ T786] usb 6-1: Using ep0 maxpacket: 8 [ 234.974154][ T786] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 234.985972][ T786] usb 6-1: config 0 has no interface number 0 [ 235.026503][ T786] usb 6-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping [ 235.066582][ T786] usb 6-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping [ 235.097834][ T786] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 235.194186][ T786] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 235.224574][ T786] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.245727][ T786] usb 6-1: config 0 descriptor?? [ 236.120987][ T786] ldusb 6-1:0.55: Interrupt in endpoint not found [ 236.329477][ T786] usb 6-1: USB disconnect, device number 2 [ 242.041182][ T9867] overlayfs: failed to clone lowerpath [ 242.127211][ T9873] overlayfs: failed to clone lowerpath [ 243.719235][ T9911] overlay: Unknown parameter '/' [ 244.837407][ T2129] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 246.134798][ T23] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 246.245459][ T2129] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 246.260473][ T2129] usb 2-1: config 0 has no interfaces? [ 246.266597][ T2129] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 246.281866][ T2129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.318213][ T2129] usb 2-1: config 0 descriptor?? [ 246.326733][ T23] usb 6-1: Using ep0 maxpacket: 16 [ 246.349988][ T23] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping [ 247.417984][ T23] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 247.435557][ T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 247.443939][ T23] usb 6-1: Product: syz [ 247.448727][ T23] usb 6-1: Manufacturer: syz [ 247.453360][ T23] usb 6-1: SerialNumber: syz [ 247.461428][ T23] usb 6-1: config 0 descriptor?? [ 248.122196][ T23] usb 6-1: USB disconnect, device number 3 [ 249.229613][ T5770] usb 2-1: USB disconnect, device number 4 [ 253.314799][ T23] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 253.563692][ T23] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 253.605790][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.615158][ T23] usb 2-1: Product: syz [ 253.619490][ T23] usb 2-1: Manufacturer: syz [ 253.624604][ T23] usb 2-1: SerialNumber: syz [ 253.669913][ T23] usb 2-1: config 0 descriptor?? [ 254.852462][ T23] airspy 2-1:0.0: usb_control_msg() failed -71 request 0a [ 254.878110][ T23] airspy 2-1:0.0: Could not detect board [ 254.884006][ T23] airspy: probe of 2-1:0.0 failed with error -71 [ 254.922346][ T23] usb 2-1: USB disconnect, device number 5 [ 255.910517][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.917497][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.051995][T10066] overlayfs: failed to clone lowerpath [ 256.135589][T10067] overlayfs: failed to clone lowerpath [ 256.609678][T10099] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1480'. [ 259.279353][T10128] kvm: pic: non byte read [ 259.309571][T10128] kvm: pic: level sensitive irq not supported [ 259.309706][T10128] kvm: pic: non byte read [ 259.345213][T10128] kvm: pic: single mode not supported [ 259.345295][T10128] kvm: pic: non byte read [ 259.365133][T10128] kvm: pic: non byte read [ 259.384917][T10128] kvm: pic: non byte read [ 259.389676][T10128] kvm: pic: non byte read [ 260.193226][T10153] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1491'. [ 262.214937][T10181] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1500'. [ 262.338408][T10184] vxcan1: entered promiscuous mode [ 263.331213][T10201] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 264.492633][T10233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1517'. [ 266.147135][ T5768] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 266.159193][ T5768] Bluetooth: hci2: Injecting HCI hardware error event [ 266.169845][ T5768] Bluetooth: hci2: hardware error 0x00 [ 268.864664][ T5768] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 272.895147][T10335] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1542'. [ 274.186761][T10362] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1548'. [ 274.444676][ T5770] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 274.826903][ T5770] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 274.845915][ T5770] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 274.861955][ T5770] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 274.871565][ T5770] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.891910][ T5770] usb 6-1: config 0 descriptor?? [ 275.283891][ T5770] usbhid 6-1:0.0: can't add hid device: -71 [ 275.301062][ T5770] usbhid: probe of 6-1:0.0 failed with error -71 [ 275.320323][ T5770] usb 6-1: USB disconnect, device number 4 [ 275.897514][ T23] libceph: connect (1)[c::]:6789 error -101 [ 276.081862][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 276.215974][T10425] TCP: TCP_TX_DELAY enabled [ 276.240775][T10421] ceph: No mds server is up or the cluster is laggy [ 276.587159][T10436] overlayfs: failed to clone upperpath [ 277.957145][ T23] page_pool_release_retry() stalled pool shutdown 1 inflight 60 sec [ 278.935480][T10491] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1581'. [ 279.839490][T10507] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1585'. [ 281.032380][T10560] trusted_key: encrypted_key: insufficient parameters specified [ 281.072499][T10560] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1599'. [ 281.113366][ T23] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 281.316042][T10555] ceph: No mds server is up or the cluster is laggy [ 281.444746][ T23] usb 6-1: Using ep0 maxpacket: 16 [ 281.772828][ T23] usb 6-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 281.794759][ T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.811730][ T23] usb 6-1: Product: syz [ 281.821221][ T23] usb 6-1: Manufacturer: syz [ 281.858147][ T23] usb 6-1: SerialNumber: syz [ 281.887977][ T23] usb 6-1: config 0 descriptor?? [ 283.591850][ T23] usb 6-1: USB disconnect, device number 5 [ 286.305498][T10644] overlayfs: failed to clone upperpath [ 290.252104][T10683] batman_adv: batadv0: Adding interface: dummy0 [ 290.258653][T10683] batman_adv: batadv0: The MTU of interface dummy0 is too small (1536) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.316016][T10683] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 292.715348][ T42] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 292.920341][ T42] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 292.955365][ T42] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.963594][ T42] usb 6-1: Product: syz [ 293.012215][ T42] usb 6-1: Manufacturer: syz [ 293.017860][ T42] usb 6-1: SerialNumber: syz [ 293.221962][ T42] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 293.334736][ T2129] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 293.750205][ T8] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 293.959833][ T8] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 293.969423][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.977812][ T8] usb 2-1: Product: syz [ 293.982136][ T8] usb 2-1: Manufacturer: syz [ 293.988267][ T8] usb 2-1: SerialNumber: syz [ 294.003094][ T8] r8152-cfgselector 2-1: config 0 descriptor?? [ 294.231600][ T8] r8152-cfgselector 2-1: Unknown version 0x0020 [ 294.247461][ T8] r8152-cfgselector 2-1: bad CDC descriptors [ 294.410878][T10733] overlayfs: failed to clone upperpath [ 294.433709][ T27] kauditd_printk_skb: 6 callbacks suppressed [ 294.433723][ T27] audit: type=1326 audit(1766429332.814:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 294.439972][T10718] 9pnet_fd: Insufficient options for proto=fd [ 294.442715][ T8] r8152-cfgselector 2-1: Unknown version 0x0000 [ 294.469627][ T2129] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 294.470335][ T2129] ath9k_htc: Failed to initialize the device [ 294.515162][ T8] r8152-cfgselector 2-1: USB disconnect, device number 6 [ 294.517952][ T27] audit: type=1326 audit(1766429332.814:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 294.554307][ T27] audit: type=1326 audit(1766429332.814:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 294.586578][ T27] audit: type=1326 audit(1766429332.814:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 294.610842][ T27] audit: type=1326 audit(1766429332.814:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f30ad38df90 code=0x7ffc0000 [ 294.637371][ T27] audit: type=1326 audit(1766429332.814:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 294.662389][ T27] audit: type=1326 audit(1766429332.814:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 294.686118][ T27] audit: type=1326 audit(1766429332.814:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 294.710103][ T27] audit: type=1326 audit(1766429332.814:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f30ad38df90 code=0x7ffc0000 [ 294.732948][ T27] audit: type=1326 audit(1766429332.814:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10717 comm="syz.1.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 294.781195][ T2129] usb 6-1: ath9k_htc: USB layer deinitialized [ 295.783409][ T42] usb 6-1: USB disconnect, device number 6 [ 303.084360][T10839] Device name cannot be null; rc = [-22] [ 306.470539][T10896] fuse: Bad value for 'fd' [ 309.484992][T10956] overlay: Unknown parameter '/' [ 309.655537][T10959] overlayfs: failed to clone lowerpath [ 311.021008][T10972] batadv_slave_0: entered promiscuous mode [ 312.915007][T11002] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 313.202538][T11009] input: syz1 as /devices/virtual/input/input7 [ 314.563500][T11042] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1754'. [ 314.634697][ T5770] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 314.828111][ T5770] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 315.494600][ T5770] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBA, skipping [ 315.508074][ T5770] usb 6-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 315.527665][ T5770] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.594776][ T5770] usb 6-1: Product: syz [ 315.598995][ T5770] usb 6-1: Manufacturer: syz [ 315.603648][ T5770] usb 6-1: SerialNumber: syz [ 315.641048][ T5770] usb 6-1: config 0 descriptor?? [ 315.668575][T11030] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 315.684812][T11030] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 315.696047][ T5770] usb 6-1: ucan: probing device on interface #0 [ 315.710128][ T5770] usb 6-1: ucan: invalid EP count (1) [ 315.716141][ T5770] usb 6-1: ucan: probe failed; try to update the device firmware [ 317.355596][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.376431][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.843947][ T8] usb 6-1: USB disconnect, device number 7 [ 318.125123][T11082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1767'. [ 318.152146][T11082] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 318.173307][T11082] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1767'. [ 318.985157][T11090] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1770'. [ 318.994472][T11090] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1770'. [ 319.918400][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 320.176103][T11102] 9pnet: p9_errstr2errno: server reported unknown error [ 323.223308][T11129] overlayfs: failed to resolve './file0': -2 [ 335.118667][T11238] input: syz0 as /devices/virtual/input/input8 [ 337.671510][T11256] (null): rxe_set_mtu: Set mtu to 1024 [ 338.866772][T11256] infiniband syz0: set down [ 338.981972][T11256] infiniband syz0: added bond_slave_0 [ 339.109836][T11256] syz0: rxe_create_cq: returned err = -12 [ 339.223624][T11256] infiniband syz0: Couldn't create ib_mad CQ [ 339.352521][T11256] infiniband syz0: Couldn't open port 1 [ 339.618648][T11256] RDS/IB: syz0: added [ 339.684833][T11256] smc: adding ib device syz0 with port count 1 [ 339.691065][T11256] smc: ib device syz0 port 1 has pnetid [ 340.846448][ T27] kauditd_printk_skb: 19 callbacks suppressed [ 340.846463][ T27] audit: type=1326 audit(1766429379.234:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 340.986365][ T27] audit: type=1326 audit(1766429379.234:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 341.056794][ T27] audit: type=1326 audit(1766429379.234:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 341.216158][ T27] audit: type=1326 audit(1766429379.234:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 341.280520][ T27] audit: type=1326 audit(1766429379.244:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 341.454903][ T27] audit: type=1326 audit(1766429379.254:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 341.494964][ T27] audit: type=1326 audit(1766429379.254:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 341.628183][ T27] audit: type=1326 audit(1766429379.254:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 341.710943][ T27] audit: type=1326 audit(1766429379.304:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3fd21c2005 code=0x7ffc0000 [ 341.805937][ T27] audit: type=1326 audit(1766429379.304:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.3.1838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 343.741204][T11312] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1848'. [ 345.358606][T11333] input: syz0 as /devices/virtual/input/input9 [ 346.799597][T11332] overlayfs: upper fs does not support file handles, falling back to index=off. [ 347.594829][ T8] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 347.905516][ T8] usb 6-1: Using ep0 maxpacket: 16 [ 347.968779][ T8] usb 6-1: config 0 has an invalid interface number: 109 but max is 0 [ 348.112857][ T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 348.124625][ T8] usb 6-1: config 0 has no interface number 0 [ 348.161379][ T8] usb 6-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e [ 348.181502][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.190692][ T8] usb 6-1: Product: syz [ 348.201402][ T8] usb 6-1: Manufacturer: syz [ 348.211379][ T8] usb 6-1: SerialNumber: syz [ 348.223691][ T8] usb 6-1: config 0 descriptor?? [ 349.371131][ T8] usb 6-1: bad CDC descriptors [ 349.420310][ T8] usb 6-1: bad CDC descriptors [ 349.438711][ T8] usb 6-1: USB disconnect, device number 8 [ 349.593620][T11366] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1867'. [ 351.014731][ T786] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 351.502548][ T786] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 351.548054][ T786] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.886074][ T51] Bluetooth: hci3: SCO packet for unknown connection handle 200 [ 351.964840][ T786] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 351.982578][ T786] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 352.013493][ T786] usb 6-1: config 0 descriptor?? [ 352.144808][T11410] Can't find ip_set type ha [ 353.218868][ T786] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor [ 353.295185][ T786] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0001/input/input10 [ 353.318238][T11424] loop7: detected capacity change from 0 to 16384 [ 353.524864][T11428] loop7: detected capacity change from 16384 to 0 [ 353.552153][ T786] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0 [ 354.184571][ T786] usb 6-1: USB disconnect, device number 9 [ 354.419462][T11431] fido_id[11431]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 355.699219][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 355.699233][ T27] audit: type=1326 audit(1766429394.084:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 355.742168][T11442] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1893'. [ 355.752002][ T27] audit: type=1326 audit(1766429394.084:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 355.774937][ T27] audit: type=1326 audit(1766429394.114:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 355.825167][ T27] audit: type=1326 audit(1766429394.114:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 355.863852][T11442] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1893'. [ 355.913760][ T27] audit: type=1326 audit(1766429394.124:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 355.982386][ T27] audit: type=1326 audit(1766429394.124:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 356.028708][ T27] audit: type=1326 audit(1766429394.124:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 357.333264][ T27] audit: type=1326 audit(1766429394.124:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ff2d8df90 code=0x7ffc0000 [ 357.379146][ T27] audit: type=1326 audit(1766429394.124:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ff2d8df90 code=0x7ffc0000 [ 357.502498][ T27] audit: type=1326 audit(1766429394.124:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11439 comm="syz.5.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 361.056646][T11496] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1910'. [ 363.159400][T11537] overlayfs: failed to clone lowerpath [ 363.192413][T11537] overlayfs: failed to clone lowerpath [ 365.028610][T11558] bridge3: entered promiscuous mode [ 365.034783][T11558] bridge3: entered allmulticast mode [ 367.863233][T11593] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 368.044431][T11598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1941'. [ 368.250844][T11598] gretap0: entered promiscuous mode [ 368.357425][T11598] macvtap1: entered promiscuous mode [ 368.431126][T11598] macvtap1: entered allmulticast mode [ 368.498873][T11598] gretap0: entered allmulticast mode [ 368.908426][T11590] warning: `syz.2.1937' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 369.302864][T11611] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 371.352593][T11638] overlayfs: failed to clone upperpath [ 379.486385][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.492836][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.955790][ T27] kauditd_printk_skb: 12 callbacks suppressed [ 382.955804][ T27] audit: type=1326 audit(1766429421.344:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 383.894678][ T27] audit: type=1326 audit(1766429421.374:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 384.028766][ T27] audit: type=1326 audit(1766429421.374:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 384.219790][ T27] audit: type=1326 audit(1766429421.374:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 384.243598][ T27] audit: type=1326 audit(1766429421.374:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 384.314787][ T27] audit: type=1326 audit(1766429421.374:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 385.634624][ T27] audit: type=1326 audit(1766429421.374:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 385.657959][ T27] audit: type=1326 audit(1766429421.374:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 385.682131][ T27] audit: type=1326 audit(1766429421.374:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 385.705704][ T27] audit: type=1326 audit(1766429421.384:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11758 comm="syz.3.1991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fd218f749 code=0x7ffc0000 [ 385.824953][ T5851] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 386.914589][ T5851] usb 2-1: Using ep0 maxpacket: 8 [ 387.864030][ T5851] usb 2-1: device descriptor read/all, error -71 [ 393.351407][T11849] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2020'. [ 394.352285][T11875] ip6gre1: entered allmulticast mode [ 395.368160][T11902] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2032'. [ 408.737401][T12036] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2066'. [ 410.924853][ T27] kauditd_printk_skb: 22 callbacks suppressed [ 410.924869][ T27] audit: type=1326 audit(1766429449.304:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 410.962771][ T27] audit: type=1326 audit(1766429449.304:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 410.987503][ T27] audit: type=1326 audit(1766429449.304:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 411.016921][ T27] audit: type=1326 audit(1766429449.304:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad38f749 code=0x7ffc0000 [ 411.179402][T12084] syz.1.2080: attempt to access beyond end of device [ 411.179402][T12084] nbd1: rw=0, sector=2, nr_sectors = 1 limit=0 [ 411.233245][T12078] nvme_fabrics: missing parameter 'transport=%s' [ 411.273538][T12078] nvme_fabrics: missing parameter 'nqn=%s' [ 412.592858][T12112] sctp: failed to load transform for md5: -2 [ 418.124851][ T786] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 418.344772][ T786] usb 2-1: Using ep0 maxpacket: 16 [ 418.353086][ T786] usb 2-1: config 0 has an invalid interface number: 132 but max is 0 [ 418.374613][ T786] usb 2-1: config 0 has no interface number 0 [ 418.411536][ T786] usb 2-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 418.453468][ T786] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.463591][ T786] usb 2-1: Product: syz [ 418.477404][ T786] usb 2-1: Manufacturer: syz [ 418.482610][ T786] usb 2-1: SerialNumber: syz [ 418.512503][ T786] usb 2-1: config 0 descriptor?? [ 418.545258][ T786] hub 2-1:0.132: bad descriptor, ignoring hub [ 418.569614][ T786] hub: probe of 2-1:0.132 failed with error -5 [ 418.609323][ T786] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.132/input/input11 [ 419.007862][T11541] usb 2-1: USB disconnect, device number 9 [ 419.302020][T12232] Device name cannot be null; rc = [-22] [ 419.312859][T12232] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2113'. [ 422.861203][ T51] Bluetooth: hci0: Malformed LE Event: 0x0b [ 425.487383][T12281] comedi comedi3: comedi_test: 38 microvolt, 2047 microsecond waveform attached [ 426.629719][T12302] overlayfs: failed to clone lowerpath [ 429.733767][ T5830] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 430.463884][ T5830] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 430.502067][ T5830] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 430.534023][ T5830] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 430.549111][ T5830] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 430.560192][ T5830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.583171][ T5830] usb 6-1: config 0 descriptor?? [ 434.413875][ T5830] usbhid 6-1:0.0: can't add hid device: -71 [ 434.468675][ T5830] usbhid: probe of 6-1:0.0 failed with error -71 [ 434.538942][ T5830] usb 6-1: USB disconnect, device number 10 [ 435.933885][ T5768] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 435.948645][ T5768] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 435.958360][ T5768] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 435.983520][ T5768] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 435.993260][ T5768] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 436.008665][ T5768] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 436.403864][T12434] IPVS: Error connecting to the multicast addr [ 437.990252][T12417] chnl_net:caif_netlink_parms(): no params data found [ 438.164747][ T51] Bluetooth: hci3: command tx timeout [ 438.535637][T12417] bridge0: port 1(bridge_slave_0) entered blocking state [ 438.543874][T12417] bridge0: port 1(bridge_slave_0) entered disabled state [ 438.555012][T12417] bridge_slave_0: entered allmulticast mode [ 438.563262][T12417] bridge_slave_0: entered promiscuous mode [ 438.572722][T12417] bridge0: port 2(bridge_slave_1) entered blocking state [ 438.580507][T12417] bridge0: port 2(bridge_slave_1) entered disabled state [ 438.588370][T12417] bridge_slave_1: entered allmulticast mode [ 438.598422][T12417] bridge_slave_1: entered promiscuous mode [ 438.749638][T12417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 438.770975][T12417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 439.903520][T12417] team0: Port device team_slave_0 added [ 439.915627][T12417] team0: Port device team_slave_1 added [ 439.977297][T12417] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 440.013551][T12417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 440.054361][T12417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 440.073434][T12417] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 440.081016][T12417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 440.108587][T12417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 440.227352][ T51] Bluetooth: hci3: command tx timeout [ 440.229760][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.240069][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.350335][T12417] hsr_slave_0: entered promiscuous mode [ 440.373333][T12417] hsr_slave_1: entered promiscuous mode [ 440.394151][T12417] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 440.412478][T12417] Cannot create hsr debugfs directory [ 441.101083][T12417] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 441.275716][T12417] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.256322][T12417] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.304725][ T51] Bluetooth: hci3: command tx timeout [ 442.496145][T12417] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.962571][T11541] kernel write not supported for file bpf-prog (pid: 11541 comm: kworker/0:6) [ 443.709274][T12417] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 443.721092][T12417] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 443.760013][T12417] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 443.788237][T12417] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 444.394826][ T51] Bluetooth: hci3: command tx timeout [ 444.450103][T12417] 8021q: adding VLAN 0 to HW filter on device bond0 [ 444.547269][T12417] 8021q: adding VLAN 0 to HW filter on device team0 [ 444.577306][ T3517] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.585054][ T3517] bridge0: port 1(bridge_slave_0) entered forwarding state [ 444.615812][ T3517] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.622960][ T3517] bridge0: port 2(bridge_slave_1) entered forwarding state [ 444.753046][T12417] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 444.801498][T12417] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 446.207855][T12417] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 446.255172][T12919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2204'. [ 446.393641][T12417] veth0_vlan: entered promiscuous mode [ 446.400250][ T27] audit: type=1326 audit(1766429484.774:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 446.444406][T12417] veth1_vlan: entered promiscuous mode [ 446.457591][T12926] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2206'. [ 446.471113][ T27] audit: type=1326 audit(1766429484.774:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 446.550578][ T27] audit: type=1326 audit(1766429484.774:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 446.623605][ T27] audit: type=1326 audit(1766429484.774:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 446.664692][T12926] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2206'. [ 446.687359][ T27] audit: type=1326 audit(1766429484.814:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 446.853264][ T27] audit: type=1326 audit(1766429484.814:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 446.902862][ T27] audit: type=1326 audit(1766429484.814:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ff2d8df90 code=0x7ffc0000 [ 446.908947][T12417] veth0_macvtap: entered promiscuous mode [ 447.145375][T12417] veth1_macvtap: entered promiscuous mode [ 447.274381][ T27] audit: type=1326 audit(1766429484.814:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ff2d8df90 code=0x7ffc0000 [ 447.305376][ T27] audit: type=1326 audit(1766429484.814:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 447.347473][ T27] audit: type=1326 audit(1766429484.824:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.5.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5ff2d8f749 code=0x7ffc0000 [ 447.387254][T12417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 447.428781][T12417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.543759][T12417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 447.564798][T12417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.619237][T12417] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 447.682197][T12417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 447.706649][T12417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.760119][T12417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 447.782801][T12417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.805340][T12417] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 447.846974][T12417] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.884795][T12417] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.893553][T12417] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.929534][T12417] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 449.621278][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 449.667567][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.801108][ T2929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 449.841412][ T2929] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 452.043846][ T5768] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 452.065792][ T5768] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 452.085487][ T5768] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 452.095832][ T5768] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 452.120213][ T5768] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 452.128501][ T5768] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 454.414709][ T5768] Bluetooth: hci4: command tx timeout [ 454.818142][T12987] chnl_net:caif_netlink_parms(): no params data found [ 455.725635][T12987] bridge0: port 1(bridge_slave_0) entered blocking state [ 455.753584][T12987] bridge0: port 1(bridge_slave_0) entered disabled state [ 455.776927][T12987] bridge_slave_0: entered allmulticast mode [ 455.794804][T12987] bridge_slave_0: entered promiscuous mode [ 455.803843][T12987] bridge0: port 2(bridge_slave_1) entered blocking state [ 455.815130][T12987] bridge0: port 2(bridge_slave_1) entered disabled state [ 455.822567][T12987] bridge_slave_1: entered allmulticast mode [ 455.845489][T12987] bridge_slave_1: entered promiscuous mode [ 455.984864][ T5753] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 456.205840][ T5753] usb 4-1: Using ep0 maxpacket: 8 [ 456.228301][ T5753] usb 4-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 456.260488][ T5753] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 456.282023][T12987] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 456.343490][ T5753] usb 4-1: Product: syz [ 456.352389][ T5753] usb 4-1: Manufacturer: syz [ 456.362300][ T5753] usb 4-1: SerialNumber: syz [ 456.431555][ T5753] usb 4-1: config 0 descriptor?? [ 456.463218][ T5753] radio-usb-si4713 4-1:0.0: Si4713 development board discovered: (10C4:8244) [ 456.465327][ T51] Bluetooth: hci4: command tx timeout [ 456.577429][T12987] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 456.676744][ T5753] radio-usb-si4713: probe of 4-1:0.0 failed with error -71 [ 456.694607][ T5753] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 456.715317][ T5753] usb 4-1: USB disconnect, device number 2 [ 457.829117][T12987] team0: Port device team_slave_0 added [ 457.966003][T12987] team0: Port device team_slave_1 added [ 458.254768][T12987] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 458.291331][T12987] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 458.336000][T12987] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 458.460142][T12987] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 458.528693][T12987] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 458.571980][ T51] Bluetooth: hci4: command tx timeout [ 458.633630][T12987] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 460.717386][T13363] syz.3.2242 (13363): drop_caches: 2 [ 460.910282][ T51] Bluetooth: hci4: command tx timeout [ 461.304784][ T5753] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 461.514647][ T5753] usb 2-1: Using ep0 maxpacket: 8 [ 461.540499][ T5753] usb 2-1: unable to get BOS descriptor or descriptor too short [ 461.559517][ T5753] usb 2-1: config 4 interface 0 has no altsetting 0 [ 461.578926][ T5753] usb 2-1: string descriptor 0 read error: -22 [ 461.601253][ T5753] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 461.627706][ T5753] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.725572][ T5753] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 461.840670][ T5753] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 461.885397][ T5753] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 463.136336][T13367] usb 2-1: dvb_usb_au6610: wlen=0, aborting [ 463.194716][ T5753] usb 2-1: media controller created [ 463.280560][ T5753] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 463.371007][T12987] hsr_slave_0: entered promiscuous mode [ 463.411227][T12987] hsr_slave_1: entered promiscuous mode [ 463.438366][T12987] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 463.456770][T12987] Cannot create hsr debugfs directory [ 464.351144][ T5753] zl10353_read_register: readreg error (reg=127, ret==0) [ 464.473312][ T5753] usb 2-1: USB disconnect, device number 10 [ 465.293615][T13534] random: crng reseeded on system resumption [ 465.404628][T13538] loop6: detected capacity change from 0 to 7 [ 466.724846][T13538] Dev loop6: unable to read RDB block 7 [ 466.764486][T13538] loop6: unable to read partition table [ 466.778245][T13538] loop6: partition table beyond EOD, truncated [ 466.784584][T13538] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5) [ 466.824528][ T5138] Dev loop6: unable to read RDB block 7 [ 466.830154][ T5138] loop6: unable to read partition table [ 466.864849][ T5138] loop6: partition table beyond EOD, truncated [ 467.028083][ T41] hsr_slave_0: left promiscuous mode [ 467.061042][ T41] hsr_slave_1: left promiscuous mode [ 467.075397][ T41] batman_adv: batadv0: Removing interface: dummy0 [ 467.095186][ T41] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 467.113165][T13571] fuse: Bad value for 'fd' [ 467.132126][ T41] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 467.146228][ T41] bridge_slave_1: left allmulticast mode [ 467.151913][ T41] bridge_slave_1: left promiscuous mode [ 467.174676][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.195262][ T41] bridge_slave_0: left allmulticast mode [ 467.200967][ T41] bridge_slave_0: left promiscuous mode [ 467.214777][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 468.285296][ T41] team0 (unregistering): Port device team_slave_1 removed [ 468.352067][ T41] team0 (unregistering): Port device team_slave_0 removed [ 468.414968][ T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 468.478614][ T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 468.490049][ T1124] smc: removing ib device syz0 [ 469.614834][ T41] bond0 (unregistering): Released all slaves [ 469.745492][T13585] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2260'. [ 469.764986][T13589] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2255'. [ 471.305571][T13621] loop5: detected capacity change from 0 to 7 [ 471.328175][T13621] Dev loop5: unable to read RDB block 7 [ 471.333994][T13621] loop5: AHDI p1 [ 471.338213][T13621] loop5: partition table partially beyond EOD, truncated [ 471.561796][T12987] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 471.566740][T13638] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2266'. [ 471.618429][T12987] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 471.637475][T12987] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 471.678875][T12987] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 472.030683][T12987] 8021q: adding VLAN 0 to HW filter on device bond0 [ 472.072711][T12987] 8021q: adding VLAN 0 to HW filter on device team0 [ 472.118294][ T1124] bridge0: port 1(bridge_slave_0) entered blocking state [ 472.125507][ T1124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 472.193281][T11931] bridge0: port 2(bridge_slave_1) entered blocking state [ 472.200499][T11931] bridge0: port 2(bridge_slave_1) entered forwarding state [ 473.690916][T12987] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 474.277903][T12987] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.456867][T12987] veth0_vlan: entered promiscuous mode [ 474.539547][T12987] veth1_vlan: entered promiscuous mode [ 474.557895][T13697] loop9: detected capacity change from 0 to 7 [ 474.599137][T12065] Dev loop9: unable to read RDB block 7 [ 474.613808][T12065] loop9: unable to read partition table [ 474.654580][T12065] loop9: partition table beyond EOD, truncated [ 474.695758][T13697] Dev loop9: unable to read RDB block 7 [ 474.705066][T12987] veth0_macvtap: entered promiscuous mode [ 474.709261][T13697] loop9: unable to read partition table [ 474.727524][T12987] veth1_macvtap: entered promiscuous mode [ 474.733941][T13697] loop9: partition table beyond EOD, truncated [ 474.763473][T13697] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 474.769356][T12987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.820852][T12987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.859701][T12987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.921385][T12987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.953434][T12987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.979158][T12987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.999945][T13711] overlayfs: missing 'lowerdir' [ 475.005991][T12987] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 475.055663][T12987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.070462][T12987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.099236][T12987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.112382][T12987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.127517][T12987] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.143055][T12987] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.234541][ T5753] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 475.235744][T12987] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 475.499883][T12987] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.582903][T12987] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.658511][T12987] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.774034][T12987] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.167442][ T5753] usb 4-1: Using ep0 maxpacket: 8 [ 476.212694][ T5753] usb 4-1: unable to get BOS descriptor or descriptor too short [ 476.252339][ T5753] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 476.281440][ T5753] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 476.307800][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 476.324332][ T5753] usb 4-1: config 1 interface 1 has no altsetting 0 [ 476.338245][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 476.366789][ T5753] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 476.391183][ T5753] usb 4-1: New USB device strings: Mfr=1, Product=3, SerialNumber=3 [ 476.418126][ T5753] usb 4-1: Product: syz [ 476.430563][ T5753] usb 4-1: Manufacturer: syz [ 476.432452][ T3492] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 476.443595][ T3492] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 476.446591][ T5753] usb 4-1: SerialNumber: syz [ 476.700935][ T5753] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 476.728700][ T5753] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 476.832971][ T5753] usb 4-1: USB disconnect, device number 3 [ 476.924352][ T786] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 476.942473][T12065] udevd[12065]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 477.356420][ T786] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 477.568246][ T786] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 477.617584][ T786] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 477.818960][ T786] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 477.835670][ T786] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 477.853992][ T786] usb 3-1: Manufacturer: syz [ 477.883197][ T786] usb 3-1: config 0 descriptor?? [ 477.907095][ T786] igorplugusb 3-1:0.0: incorrect number of endpoints [ 478.144578][ T5830] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 478.312466][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.321303][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.329840][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.339104][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.351468][ T5830] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 478.363011][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.371582][ T5830] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 478.386328][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.401317][ T5830] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.413784][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.432186][ T5830] usb 4-1: config 0 descriptor?? [ 478.448753][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.457801][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.473385][T13826] netlink: 'syz.5.2288': attribute type 2 has an invalid length. [ 478.692563][ T5830] usbhid 4-1:0.0: can't add hid device: -71 [ 478.790064][ T5830] usbhid: probe of 4-1:0.0 failed with error -71 [ 478.809864][ T5830] usb 4-1: USB disconnect, device number 4 [ 479.680887][ T42] usb 3-1: USB disconnect, device number 2 [ 479.896084][T13861] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2292'. [ 479.920597][T13861] dummy0: entered promiscuous mode [ 479.931808][T13861] macvtap1: entered promiscuous mode [ 479.945073][ T5830] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 479.953008][T13861] macvtap1: entered allmulticast mode [ 479.969902][T13861] dummy0: entered allmulticast mode [ 480.154359][ T5830] usb 4-1: Using ep0 maxpacket: 32 [ 480.170706][ T5830] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 480.204548][ T5830] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 480.223998][ T5830] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 480.262230][ T5830] usb 4-1: config 0 descriptor?? [ 480.347333][ T5830] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 480.470230][ T5830] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 480.787637][T11541] usb 4-1: USB disconnect, device number 5 [ 480.840239][T11541] ldusb 4-1:0.0: LD USB Device #0 now disconnected [ 480.900452][T13876] i2c i2c-0: Invalid block write size 34 [ 481.073643][ T42] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 481.201220][T13912] binder: 13911:13912 ioctl 40046205 0 returned -22 [ 481.274352][ T42] usb 6-1: Using ep0 maxpacket: 32 [ 481.293071][ T42] usb 6-1: config 32 has an invalid interface number: 85 but max is 0 [ 481.301636][ T42] usb 6-1: config 32 has no interface number 0 [ 481.331468][ T42] usb 6-1: config 32 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 481.348195][ T42] usb 6-1: config 32 interface 85 has no altsetting 0 [ 481.376954][ T42] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 481.392845][ T42] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 481.409389][ T42] usb 6-1: Product: syz [ 481.420168][ T42] usb 6-1: Manufacturer: syz [ 481.427922][ T42] usb 6-1: SerialNumber: syz [ 483.028128][ T42] appletouch 6-1:32.85: Failed to read mode from device. [ 483.036430][ T42] appletouch: probe of 6-1:32.85 failed with error -5 [ 483.052163][ T42] usb 6-1: USB disconnect, device number 11 [ 483.561216][T13949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2306'. [ 483.832444][T13962] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2309'. [ 484.757683][ T5830] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 484.803569][T13971] validate_nla: 42 callbacks suppressed [ 484.803584][T13971] netlink: 'syz.3.2310': attribute type 10 has an invalid length. [ 484.910753][T13971] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 484.932035][T13969] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 484.954351][ T5830] usb 3-1: Using ep0 maxpacket: 16 [ 484.962724][ T5830] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 485.021015][ T5830] usb 3-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47 [ 485.033668][ T5830] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 485.042664][ T5830] usb 3-1: Product: syz [ 485.048055][ T5830] usb 3-1: Manufacturer: syz [ 485.053234][ T5830] usb 3-1: SerialNumber: syz [ 485.079039][ T5830] usb 3-1: config 0 descriptor?? [ 485.086844][ T5830] mcba_usb 3-1:0.0: Can't find endpoints [ 485.254924][T13983] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 485.319444][ T5830] usb 3-1: USB disconnect, device number 3 [ 485.543773][T13994] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2315'. [ 485.560977][T13994] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2315'. [ 485.585093][T13994] bridge0: entered promiscuous mode [ 485.596186][T13994] ip6gretap0: entered promiscuous mode [ 485.845376][T11541] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 486.040176][T11541] usb 4-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36 [ 486.121412][T11541] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.771568][T11541] usb 4-1: config 0 descriptor?? [ 487.028016][T11541] kaweth 4-1:0.0: Firmware present in device. [ 487.199718][T11541] kaweth 4-1:0.0: Error reading configuration (-32), no net device created [ 487.245009][T11541] kaweth: probe of 4-1:0.0 failed with error -5 [ 488.875866][ T5753] usb 4-1: USB disconnect, device number 6 [ 489.243833][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 489.243847][ T27] audit: type=1326 audit(1766429527.625:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.322375][ T27] audit: type=1326 audit(1766429527.625:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.416917][ T27] audit: type=1326 audit(1766429527.665:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.482628][ T27] audit: type=1326 audit(1766429527.665:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.524547][ T27] audit: type=1326 audit(1766429527.665:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.554461][ T27] audit: type=1326 audit(1766429527.675:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.578495][ T27] audit: type=1326 audit(1766429527.675:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.601633][ T27] audit: type=1326 audit(1766429527.675:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.626238][ T27] audit: type=1326 audit(1766429527.675:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 489.649546][ T27] audit: type=1326 audit(1766429527.685:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.3.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 492.599743][T14157] syz.5.2352[14157] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 492.599872][T14157] syz.5.2352[14157] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 492.661383][T14163] binder_alloc: 14161: binder_alloc_buf, no vma [ 495.214171][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 495.214185][ T27] audit: type=1326 audit(1766429533.595:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14212 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 495.214795][T14213] syz.3.2369[14213] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 495.243639][ T27] audit: type=1326 audit(1766429533.595:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14212 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 495.310621][T14213] syz.3.2369[14213] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 495.356698][ T27] audit: type=1326 audit(1766429533.605:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14212 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 495.471839][ T27] audit: type=1326 audit(1766429533.695:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14212 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 495.546713][ T27] audit: type=1326 audit(1766429533.695:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14212 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 495.607407][T14223] tmpfs: Bad value for 'nr_inodes' [ 496.884203][ T27] audit: type=1326 audit(1766429533.715:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14212 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 496.988835][ T27] audit: type=1326 audit(1766429533.715:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14212 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f568b98f749 code=0x7ffc0000 [ 499.739324][T14236] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 500.055002][T14236] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 500.389227][T14236] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 500.593536][T14236] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.123568][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.133997][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.269795][T14236] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.293030][T14236] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.357191][T14236] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.429071][T14236] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.955574][T14275] fuse: Bad value for 'fd' [ 505.384177][ T5829] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 505.966516][ T5829] usb 6-1: Using ep0 maxpacket: 32 [ 505.977623][ T5829] usb 6-1: unable to get BOS descriptor or descriptor too short [ 505.994188][ T5829] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 506.016458][ T5829] usb 6-1: can't read configurations, error -71 [ 507.261635][T14341] futex_wake_op: syz.1.2392 tries to shift op by 36; fix this program [ 507.932743][T14343] autofs4:pid:14343:autofs_fill_super: called with bogus options [ 508.158574][T14340] block device autoloading is deprecated and will be removed. [ 508.273223][T14340] syz.1.2392: attempt to access beyond end of device [ 508.273223][T14340] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 513.660397][T14402] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2408'. Stopping sshd: [ 513.704079][T14402] bridge_slave_1: left allmulticast mode [ 513.733898][T14402] bridge_slave_1: left promiscuous mode [ 513.744605][T14402] bridge0: port 2(bridge_slave_1) entered disabled state [ 513.862890][T14402] bridge_slave_0: left allmulticast mode [ 513.888129][T14402] bridge_slave_0: left promiscuous mode [ 513.930361][T14402] bridge0: port 1(bridge_slave_0) entered disabled state stopped /usr/sbin/sshd (pid 5525) OK Stopping crond: [ 515.065124][T14421] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2410'. stopped /usr/sbin/crond (pid 5507) OK Stopping dhcpcd... stopped /sbin/dhcpcd (pid 5432) [ 517.609348][T14457] tmpfs: Bad value for 'nr_inodes' Stopping network: [ 520.523922][T14515] "syz.5.2431" (14515) uses obsolete ecb(arc4) skcipher OK Stopping iptables: OK Stopping system message bus: done [ 529.816642][T14691] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2451'. [ 530.934528][T14714] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2456'. Stopping klogd: [ 532.473952][T11541] IPVS: starting estimator thread 0... [ 532.564424][T14749] IPVS: using max 23 ests per chain, 55200 per kthread OK Stopping acpid: [ 533.629210][T14773] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2472'. [ 533.660960][T14773] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2472'. [ 534.951801][T14798] sctp: [Deprecated]: syz.5.2479 (pid 14798) Use of struct sctp_assoc_value in delayed_ack socket option. [ 534.951801][T14798] Use struct sctp_sack_info instead serialport: VM disconnected.