last executing test programs: 15.499990601s ago: executing program 2 (id=1757): socket$pppoe(0x18, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x404c080) 14.130106707s ago: executing program 0 (id=1760): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket$inet6_dccp(0xa, 0x6, 0x0) bind$inet6(r3, &(0x7f0000000340)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) listen(r3, 0x3) 13.084389621s ago: executing program 0 (id=1761): openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$kcm(0x10, 0x3, 0x10) openat$ocfs2_control(0xffffffffffffff9c, 0x0, 0x82, 0x0) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x2000) 11.970601971s ago: executing program 0 (id=1762): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r3 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8) 11.719514797s ago: executing program 1 (id=1763): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@ipv6_newrule={0x2c, 0x20, 0x2d2c6d60ea1da725, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0xcd, 0xff, 0x0, 0x0, 0x1, 0x10002}, [@FIB_RULE_POLICY=@FRA_PRIORITY={0x8}, @FIB_RULE_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x80a}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c0d1}, 0x0) 9.734253534s ago: executing program 0 (id=1765): syz_clone(0x21000011, 0x0, 0x0, 0x0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0xfffffffa) socket(0xa, 0x80002, 0x10006) prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0) syz_emit_vhci(0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, '|P3', 0x1}}}, 0xd) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2c, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e24, 0x4e24}}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0) 9.733328254s ago: executing program 1 (id=1766): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfffffffc, 0x1}, &(0x7f00000007c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x20, 0x6000, @fd_index, 0x7, 0x0, 0x0, 0x1e, 0x1}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) 8.709916215s ago: executing program 1 (id=1767): r0 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=0x0, @ANYRES64=0x0], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 7.85762516s ago: executing program 1 (id=1770): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioprio_set$uid(0x3, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x8c}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x80) 6.732178541s ago: executing program 1 (id=1771): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4) setsockopt$inet_tcp_int(r3, 0x6, 0x18, &(0x7f00000001c0), 0x4) 5.623096622s ago: executing program 1 (id=1772): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fsetxattr(0xffffffffffffffff, &(0x7f0000000040)=@known='trusted.overlay.impure\x00', 0x0, 0x0, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), r2) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0xa4, r3, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x58, 0x8, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000) 5.622941592s ago: executing program 3 (id=1773): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x7, 0x4, 0x8, 0xd27}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r4, 0x0, 0x0}, 0x20) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f00000000c0)}, 0x20) 4.560062567s ago: executing program 2 (id=1774): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) kexec_load(0x7, 0x1, &(0x7f0000003200)=[{0x0, 0x0, 0x8000, 0x8000}], 0x3e0000) 4.559804288s ago: executing program 3 (id=1775): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) r3 = syz_io_uring_setup(0xa1, &(0x7f0000000640)={0x0, 0xe8ce, 0x0, 0x20, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000020c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000400)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/211, 0xd3}], 0x1}) io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) ppoll(&(0x7f0000000300)=[{r2, 0x3328}, {r1, 0x4236}], 0x2, 0x0, 0x0, 0x0) close(r0) 3.503858753s ago: executing program 2 (id=1776): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$kcm(0x29, 0x2, 0x0) write$cgroup_pressure(r4, &(0x7f0000000140)={'full'}, 0xfffffdef) 3.22360574s ago: executing program 3 (id=1777): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket(0x15, 0x5, 0x0) getsockopt(r4, 0x200000000114, 0x2710, 0x0, &(0x7f0000000000)) 2.461339846s ago: executing program 0 (id=1778): seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) bind$inet6(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000001080)={'TPROXY\x00'}, 0x0) syz_usb_disconnect(0xffffffffffffffff) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='io.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x7b52e4aff0f1e2e3, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 2.460868626s ago: executing program 2 (id=1779): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfffffffc, 0x1}, &(0x7f00000007c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x20, 0x6000, @fd_index, 0x7, 0x0, 0x0, 0x1e, 0x1}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) 1.228792038s ago: executing program 3 (id=1780): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) socket(0x400000000010, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000000)={0x5, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27"}) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x80000001, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0xf4e0, 0x2}, 0x0, 0x0) 1.216891429s ago: executing program 2 (id=1781): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setreuid(0xffffffffffffffff, 0xee01) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000002040)='./file0\x00', 0x800800, &(0x7f0000000040)=ANY=[@ANYBLOB="6e6f6465636f6d1837baeb78706f73652c6e6f6c65636f6d70"], 0x1, 0x5f1, &(0x7f0000002340)="$eJzs3U9vHGcdB/DvbmxnN0DquEkbUCWsHnogItm1JZJyAUpBEapQJQ6cLeIkVjZpZW+R2wMKCImKU19COfgNII5FyoH2CKeeDT0icTcnVzM7693Y63916l23n480+zzPPDPP/OY3s7Mza1kb4Gvr/9s9t6+9sV60NzcWO5sbiw/79STnk9STRpJaMftvST5LHqc35dv9jqFyj08/atz75IOP3++1GtVULl87aL2j2YllthdrWT6r8RZOPN5gD+eTzFUljN12379Hdp/wfQkATLJacm7v3J1Zjeo5oHdX3LvHPtMejzsAAAAAOAXPbWUr67k47jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLKl+/79WTfV+fT61C9Xv/89U81LVz7Qn4w4AAAAAAAAAAJ6B725lK+u52G9v18q/+b9cNi6Xr9/IO1nLclZzPetZSjfdrKadZHZooJn1pW53tX2ENRdGrrlwOvsLAAAAAAAAAF9Rf8jtwd//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgEtSSc72inC7367OpTyVpJJkplnuc/KtfP8uejDsAAAAAOAXPbWUr67nYb2/Xymf+F8rn/kbeyaN0s5JuOlnOnfK7gN5Tf31zY7GzubH4sJj2jvuT/x0rjHLE9L57GL3lq+USzdzNSjnnen6Tt9LJndTLNQtX+/GMjuv3RUy1H1X2BtEYFdmdqiz2/Bdl+Z9vHWvXvjSzZUamdzLSqo5OkY1LB2fimEdn95baqe9883P5SDn/5n45H+lCVRb783pVTobdmVgYOvteODgTydyv/3zzfufRg/t3165Nzi59QbszsTiUiRe/VplolZm4stO+nZ/nV7mW+byZ1azkt1lKN8uZz+tlbak6n4vX2YMz9eOnWm8eFslMdVx6V9HjxfRyue7FrOSXeSt3yiPays3czEJ+kFfTeuoIXynjnc5B7/r6/lfaEQanwXSSn1XlZCjyemkor8PX3Nmyb3jOIEtzJ/s8GmXqO1WlyNdrE3dtvLTrU6KfiecPzsRftovXtc6jB6v3l94+4vZeqcoiAz+dqEwU58tccbDK1tNnR9H3/Mi+dtl3eaevOM+e/Kk3Yq/vyk7fYe/UmeoebjDS4BOr6HtxZF9vvatDfaPutwCYeBe+d2Gm+d/mP5sfNv/YvN98o/Ha+VvnX5rJ9D+mfzjVOvdK/aXaX/Nhfjd4/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL64tXffe7DU6SyvqhyjMp1k32WakxChisrJKuO+MgFfthvdh2/fWHv3ve+vPFy6t3xv+dGrrVu32u32zdaNuyud5ep13FECAM/S4Kb/kAXnTykgAAAAAAAAAAAAAABgj9P4d+Jx7yMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDVdvtapp6klnbreqtob24sdoqpXx8s2UhSKyp/T/JZ8ji9KbNDw9X2286nHzXuffLBx+8Pxmr0l68dtN7RPBVLfVdMe9SmjjXewmHjHWqwh/NJ5qoSxu7zAAAA//+SHgey") 866.818644ms ago: executing program 3 (id=1782): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@dev, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0xe8) r1 = socket$inet6(0xa, 0x2, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in=@multicast2, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0xe8) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0203100802"], 0x10}}, 0x0) sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0) sendmsg$key(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xa, 0x0, 0x9, 0x2}, 0x10}}, 0x0) recvmmsg(r2, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400}) 152.084625ms ago: executing program 2 (id=1783): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") setrlimit(0x1, 0x0) truncate(0x0, 0x20fffffffc) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = getpid() socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_pidfd_open(r1, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) setreuid(0xee01, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000340)={[{@utf8no}, {@shortname_winnt}, {@utf8no}, {@fat=@umask={'umask', 0x3d, 0x3945}}, {@utf8}, {@fat=@check_normal}, {@numtail}, {@fat=@nfs_nostale_ro}, {@fat=@discard}, {@shortname_mixed}, {@fat=@quiet}, {@shortname_lower}]}, 0x0, 0x29f, &(0x7f0000000580)="$eJzs3UFrE1sYxvGnSdukKW2yKBfuhct9uW50M7TxEwRpQQwotRF1IUztREPGpGRiJCK2O7d+juLSlYL6Bbpx517cFEFw04UYaZKxaRswra1Tzf8HYU7OOe/MmZyZ8M5AJlvXn94rFwOn6NYVS5pi0rq2pcxOqWuku4y1y+Pqta5zk5/f/Xv1xs1LuXx+ftFsIbd0Pmtm0/+9evDo2f9v6pPXnk+/TGgzc2vrU/b95l+bf299XQrXXpVcW65W6+6y79lKKSg7Zld8zw08K1UCr1a3nvaiX11dbZpbWZlKrda8IDC30rSy17R61eq1prl33FLFHMexqZSGTfzQEYWNxUU3dyKDQRQm+lXWajk33rexsPErBgUAAE6XqPL/u6XASoFVqnvy+4P5f0yHyP+loc7/D4/8fxjs5P+p7vm7F/k/AAAAAAAAAAAAAAAAAAAAAAC/g+1WK91qtdLhMnwlJCUlhe+jHidOBvM/3Hp+uJeU/CeNQqPQWXbac0WV5MvT7Jj0pX08dHXKCxfz87PWltFrf60bv9YoxJUI40OZ/vFznXjrjV/TmFK9288qrZn+8dk+8Y3CuM6eaSW6W/bkKK23t1WVr5X2cb0b/3jO7MLl/L74iXY/AAAAAAD+BI59d+D6vd3uWPjYkH3tncrd+wNK/+D+wL7r61H9MxrdfgMAAAAAMEyC5sOy6/tebQgK4f8fHMsKo//okoN2HpXUrXlxWuZikEJM0lHD4z83yx8l7amZiXy6j6Pw4X7nDBikc5TfSgAAAABOQpj0j0Q9EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhtigDw8L+x/l2WM9m4tHs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA6fAtAAD//2kbF4o=") syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00') setns(r2, 0x24020000) umount2(&(0x7f0000000040)='.\x00', 0x2) close_range(r0, 0xffffffffffffffff, 0x0) 148.911626ms ago: executing program 0 (id=1784): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0x9}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[], 0x1c}}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000740)=[{{&(0x7f0000000080)=@phonet={0x23, 0x7, 0x0, 0x3}, 0x80, 0x0}}], 0x1, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c8, 0x1004, 0x45c5, 0xc595, 0x200, 0x2, 0xffffffffffffffff, 0x0, 0x80000004000000, 0x200000000c], 0x80a0000, 0x2010d3}) write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000100)={0x20, 0x0, 0x0, {0x80, 0x4, 0x1, 0x9}}, 0x20) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 3 (id=1785): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) read$FUSE(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15) madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3) kernel console output (not intermixed with test programs): 6] 0 pages HighMem/MovableOnly [ 192.816407][ T7046] 416137 pages reserved [ 192.820669][ T7046] 0 pages cma reserved [ 192.910789][ T7056] FAT-fs (loop2): Directory bread(block 64) failed [ 192.933297][ T7056] FAT-fs (loop2): Directory bread(block 65) failed [ 192.957275][ T7056] FAT-fs (loop2): Directory bread(block 66) failed [ 193.008935][ T7056] FAT-fs (loop2): Directory bread(block 67) failed [ 193.015794][ T7056] FAT-fs (loop2): Directory bread(block 68) failed [ 193.047572][ T7056] FAT-fs (loop2): Directory bread(block 69) failed [ 193.065747][ T7056] FAT-fs (loop2): Directory bread(block 70) failed [ 193.091400][ T7056] FAT-fs (loop2): Directory bread(block 71) failed [ 193.127469][ T7056] FAT-fs (loop2): Directory bread(block 72) failed [ 193.134094][ T7056] FAT-fs (loop2): Directory bread(block 73) failed [ 193.150087][ T28] kauditd_printk_skb: 20 callbacks suppressed [ 193.150104][ T28] audit: type=1800 audit(1761589036.503:183): pid=7060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.341" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 194.783104][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.789798][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.292765][ T7084] loop0: detected capacity change from 0 to 1024 [ 196.308894][ T7084] EXT4-fs: Ignoring removed orlov option [ 196.314750][ T7084] EXT4-fs: Ignoring removed nomblk_io_submit option [ 196.383216][ T7084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.545272][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.101713][ T7107] loop0: detected capacity change from 0 to 16 [ 197.189602][ T7107] erofs: (device loop0): mounted with root inode @ nid 36. [ 198.011702][ T7111] syz.0.358: attempt to access beyond end of device [ 198.011702][ T7111] loop0: rw=524288, sector=34359738360, nr_sectors = 32 limit=16 [ 198.027349][ T7111] syz.0.358: attempt to access beyond end of device [ 198.027349][ T7111] loop0: rw=0, sector=34359738360, nr_sectors = 32 limit=16 [ 198.074598][ T28] audit: type=1800 audit(1761589041.393:184): pid=7111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.358" name="file1" dev="loop0" ino=86 res=0 errno=0 [ 198.969550][ T7122] sctp: [Deprecated]: syz.2.363 (pid 7122) Use of struct sctp_assoc_value in delayed_ack socket option. [ 198.969550][ T7122] Use struct sctp_sack_info instead [ 199.159756][ T7130] lo: entered allmulticast mode [ 199.240311][ T7133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.366'. [ 199.375621][ T7129] lo: left allmulticast mode [ 200.084964][ T7168] block nbd0: NBD_DISCONNECT [ 200.093491][ T7168] block nbd0: Disconnected due to user request. [ 200.104193][ T7168] block nbd0: shutting down sockets [ 200.122477][ T7170] netlink: 'syz.1.377': attribute type 12 has an invalid length. [ 200.561376][ T7182] loop0: detected capacity change from 0 to 1024 [ 201.456419][ T7187] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 201.759279][ T7202] netlink: 'syz.1.388': attribute type 2 has an invalid length. [ 201.768204][ T7202] netlink: 'syz.1.388': attribute type 3 has an invalid length. [ 201.775991][ T7202] netlink: 132 bytes leftover after parsing attributes in process `syz.1.388'. [ 203.407462][ T7218] capability: warning: `syz.3.389' uses deprecated v2 capabilities in a way that may be insecure [ 204.579553][ T7221] tipc: Enabled bearer , priority 10 [ 204.753188][ T7226] tipc: Started in network mode [ 204.758762][ T7226] tipc: Node identity ac1414aa, cluster identity 4711 [ 204.793741][ T7226] tipc: Enabled bearer , priority 10 [ 205.688126][ T7226] tipc: Enabled bearer , priority 0 [ 206.426170][ T7244] loop0: detected capacity change from 0 to 1024 [ 206.459081][ T7244] EXT4-fs: Ignoring removed oldalloc option [ 206.475197][ T7244] EXT4-fs: Ignoring removed bh option [ 206.543400][ T7244] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 206.715103][ T7244] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.757600][ T27] tipc: Node number set to 2886997162 [ 206.831534][ T7253] gtp0: entered promiscuous mode [ 207.545096][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.712555][ T7263] bridge: RTM_NEWNEIGH with invalid ether address [ 211.887887][ T7299] netlink: 'syz.3.414': attribute type 10 has an invalid length. [ 212.860222][ T5802] Bluetooth: hci0: command 0x0406 tx timeout [ 212.866360][ T5802] Bluetooth: hci2: command 0x0406 tx timeout [ 212.872617][ T5804] Bluetooth: hci3: command 0x0406 tx timeout [ 212.878794][ T5794] Bluetooth: hci1: command 0x0406 tx timeout [ 212.999414][ T7308] loop2: detected capacity change from 0 to 128 [ 213.090603][ T7308] FAT-fs (loop2): bogus number of FAT sectors [ 213.096844][ T7308] FAT-fs (loop2): Can't find a valid FAT filesystem [ 213.233303][ T7308] netlink: 20 bytes leftover after parsing attributes in process `syz.2.419'. [ 213.298079][ T7308] netlink: 16 bytes leftover after parsing attributes in process `syz.2.419'. [ 214.838997][ T7328] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 215.113928][ T7329] cgroup: fork rejected by pids controller in /syz1 [ 215.156833][ T7358] loop0: detected capacity change from 0 to 2048 [ 215.193552][ T7358] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 215.215858][ T7358] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 215.231083][ T7358] UDF-fs: Scanning with blocksize 512 failed [ 215.251269][ T7369] tipc: Enabling of bearer rejected, already enabled [ 215.281365][ T7358] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 218.654512][ T7415] batadv_slave_1: entered promiscuous mode [ 218.758664][ T7415] netlink: 16 bytes leftover after parsing attributes in process `syz.1.444'. [ 219.066005][ T7414] batadv_slave_1: left promiscuous mode [ 221.403243][ T7445] ipt_ECN: cannot use operation on non-tcp rule [ 223.523372][ T28] audit: type=1326 audit(1761589066.873:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 223.601819][ T28] audit: type=1326 audit(1761589066.873:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 223.653195][ T28] audit: type=1326 audit(1761589066.913:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 223.676800][ T7465] netlink: 'syz.3.460': attribute type 4 has an invalid length. [ 223.695750][ T28] audit: type=1326 audit(1761589066.913:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 223.757173][ T28] audit: type=1326 audit(1761589066.913:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 224.063052][ T28] audit: type=1326 audit(1761589066.923:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 224.107262][ T28] audit: type=1326 audit(1761589066.933:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 224.620690][ T28] audit: type=1326 audit(1761589066.933:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 224.818507][ T28] audit: type=1326 audit(1761589066.943:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 224.887424][ T28] audit: type=1326 audit(1761589066.943:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7460 comm="syz.2.458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 225.379592][ T7496] loop2: detected capacity change from 0 to 512 [ 225.449589][ T7496] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.471: invalid indirect mapped block 1024 (level 0) [ 225.560413][ T7496] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.471: bg 0: block 35: padding at end of block bitmap is not set [ 225.636226][ T7496] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 225.660914][ T7496] EXT4-fs (loop2): 1 truncate cleaned up [ 225.678126][ T7496] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.780150][ T7496] netlink: 124 bytes leftover after parsing attributes in process `syz.2.471'. [ 225.931238][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.639152][ T7520] netlink: 2384 bytes leftover after parsing attributes in process `syz.2.480'. [ 228.864630][ T7549] loop2: detected capacity change from 0 to 128 [ 229.070808][ T7549] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 229.122766][ T7549] ext4 filesystem being mounted at /109/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 229.526778][ T5790] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 231.267497][ T5805] Bluetooth: hci3: command 0x0406 tx timeout [ 231.511103][ T7595] loop0: detected capacity change from 0 to 128 [ 231.540023][ T7595] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 231.656610][ T7595] ext4 filesystem being mounted at /107/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 232.751098][ T5791] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 233.793558][ T7618] loop2: detected capacity change from 0 to 2048 [ 234.687152][ T5805] Bluetooth: hci3: command 0x0406 tx timeout [ 237.598533][ T7647] netlink: 16 bytes leftover after parsing attributes in process `syz.0.525'. [ 240.066721][ T7664] loop0: detected capacity change from 0 to 2048 [ 242.467492][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 242.467510][ T28] audit: type=1326 audit(1761589085.813:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 242.645795][ T28] audit: type=1326 audit(1761589085.813:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 242.787796][ T28] audit: type=1326 audit(1761589085.813:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 242.933800][ T28] audit: type=1326 audit(1761589085.813:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 243.147209][ T28] audit: type=1326 audit(1761589085.813:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 243.318871][ T28] audit: type=1326 audit(1761589085.813:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 243.362797][ T7726] loop2: detected capacity change from 0 to 1024 [ 243.403461][ T28] audit: type=1326 audit(1761589085.853:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 243.430455][ T7726] EXT4-fs: Ignoring removed nobh option [ 243.436099][ T7726] EXT4-fs: Ignoring removed bh option [ 243.470736][ T28] audit: type=1326 audit(1761589085.853:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 243.502614][ T7726] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 243.523963][ T28] audit: type=1326 audit(1761589085.863:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 243.563808][ T28] audit: type=1326 audit(1761589085.863:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7692 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 243.636284][ T7726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.693197][ T7726] netlink: 'syz.2.533': attribute type 4 has an invalid length. [ 243.701671][ T7726] netlink: 17 bytes leftover after parsing attributes in process `syz.2.533'. [ 244.763908][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.811303][ T7742] tipc: Enabling of bearer rejected, failed to enable media [ 244.869849][ T7746] 8021q: VLANs not supported on ip6gre0 [ 247.411132][ T7770] netlink: 4 bytes leftover after parsing attributes in process `syz.0.543'. [ 248.266697][ T7776] vlan3: entered promiscuous mode [ 248.272357][ T7776] vlan3: entered allmulticast mode [ 248.279984][ T7776] hsr_slave_1: entered allmulticast mode [ 248.299240][ T7776] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'. [ 248.835680][ T7778] loop2: detected capacity change from 0 to 32768 [ 248.891173][ T7778] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 249.068298][ T7778] XFS (loop2): Ending clean mount [ 249.109823][ T7778] XFS (loop2): Quotacheck needed: Please wait. [ 249.200899][ T7778] XFS (loop2): Quotacheck: Done. [ 249.701315][ T5790] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 250.840401][ T7807] netlink: 56 bytes leftover after parsing attributes in process `syz.0.552'. [ 251.612247][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 251.612263][ T28] audit: type=1326 audit(1761589094.963:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 251.651591][ T28] audit: type=1326 audit(1761589094.983:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 251.674576][ T28] audit: type=1326 audit(1761589094.993:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 251.711711][ T7813] loop2: detected capacity change from 0 to 1024 [ 251.718249][ T28] audit: type=1326 audit(1761589094.993:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 251.796688][ T28] audit: type=1326 audit(1761589094.993:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 251.888264][ T28] audit: type=1326 audit(1761589094.993:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 251.920659][ T6108] hfsplus: b-tree write err: -5, ino 3 [ 251.940024][ T28] audit: type=1326 audit(1761589095.023:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 251.963998][ T28] audit: type=1326 audit(1761589095.023:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 251.986664][ T28] audit: type=1326 audit(1761589095.023:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 252.009197][ T28] audit: type=1326 audit(1761589095.023:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7804 comm="syz.3.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 252.041912][ T7821] netlink: 'syz.3.559': attribute type 13 has an invalid length. [ 254.029351][ T7844] vlan2: entered promiscuous mode [ 254.037169][ T7844] vlan2: entered allmulticast mode [ 254.042464][ T7844] hsr_slave_1: entered allmulticast mode [ 254.095433][ T7844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.567'. [ 254.825247][ T7856] netlink: 'syz.0.572': attribute type 10 has an invalid length. [ 254.855537][ T7856] netlink: 40 bytes leftover after parsing attributes in process `syz.0.572'. [ 254.872421][ T5805] Bluetooth: hci0: unexpected event for opcode 0x200a [ 254.994303][ T7856] team0: Port device geneve0 added [ 255.427239][ T7873] overlayfs: failed to clone upperpath [ 256.288986][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.311638][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.850158][ T7890] vlan3: entered promiscuous mode [ 256.865854][ T7890] vlan3: entered allmulticast mode [ 256.875791][ T7890] hsr_slave_1: entered allmulticast mode [ 256.895916][ T7872] loop0: detected capacity change from 0 to 32768 [ 256.928382][ T7890] netlink: 4 bytes leftover after parsing attributes in process `syz.2.580'. [ 256.937742][ T7872] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.575 (7872) [ 257.111913][ T7872] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 257.125514][ T7872] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 257.160745][ T7872] BTRFS info (device loop0): force clearing of disk cache [ 257.183842][ T7872] BTRFS info (device loop0): disabling tree log [ 257.227100][ T7872] BTRFS info (device loop0): enabling disk space caching [ 257.242229][ T7872] BTRFS info (device loop0): turning on async discard [ 257.256521][ T7872] BTRFS info (device loop0): enabling auto defrag [ 257.269107][ T7872] BTRFS info (device loop0): max_inline at 0 [ 257.278363][ T7872] BTRFS info (device loop0): disk space caching is enabled [ 257.477265][ T7872] BTRFS info (device loop0): enabling ssd optimizations [ 257.555100][ T7872] BTRFS info (device loop0): rebuilding free space tree [ 257.794688][ T7872] BTRFS info (device loop0): disabling free space tree [ 257.843069][ T7872] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 257.877072][ T7872] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 258.272537][ T28] kauditd_printk_skb: 41 callbacks suppressed [ 258.272553][ T28] audit: type=1804 audit(1761589101.613:294): pid=7920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.575" name="/newroot/124/file0/bus" dev="loop0" ino=263 res=1 errno=0 [ 258.303251][ T7872] BTRFS info (device loop0): balance: start -d -m [ 258.357111][ T28] audit: type=1804 audit(1761589101.683:295): pid=7920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.575" name="/newroot/124/file0/bus" dev="loop0" ino=263 res=1 errno=0 [ 258.519060][ T7926] netlink: 44 bytes leftover after parsing attributes in process `syz.2.586'. [ 258.532884][ T7872] BTRFS info (device loop0): relocating block group 6881280 flags data|metadata [ 258.548183][ T7926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.586'. [ 258.571512][ T7926] netlink: 16 bytes leftover after parsing attributes in process `syz.2.586'. [ 258.816088][ T7930] loop2: detected capacity change from 0 to 128 [ 258.852188][ T7930] FAT-fs (loop2): Unrecognized mount option "" or missing value [ 258.942785][ T7930] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 259.067793][ T7872] BTRFS info (device loop0): relocating block group 5242880 flags data|metadata [ 259.119808][ T7872] BTRFS info (device loop0): balance: canceled [ 259.263308][ T5791] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 261.994842][ T7950] netlink: 56 bytes leftover after parsing attributes in process `syz.1.593'. [ 264.286806][ T7978] netlink: 34 bytes leftover after parsing attributes in process `syz.2.604'. [ 264.571483][ T7981] loop2: detected capacity change from 0 to 128 [ 264.586078][ T5805] Bluetooth: hci2: unexpected event for opcode 0x200a [ 264.817232][ T28] audit: type=1800 audit(1761589108.163:296): pid=7981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.614" name="file2" dev="loop2" ino=1048614 res=0 errno=0 [ 265.180370][ T7990] loop0: detected capacity change from 0 to 512 [ 265.189876][ T7990] EXT4-fs: Ignoring removed orlov option [ 265.200286][ T7990] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 265.213877][ T7990] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 269.059706][ T8015] 9pnet: Found fid 0 not clunked [ 270.515532][ T8036] loop0: detected capacity change from 0 to 128 [ 270.644331][ T28] audit: type=1800 audit(1761589113.993:297): pid=8036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.624" name="file2" dev="loop0" ino=1048616 res=0 errno=0 [ 270.725932][ T8036] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 270.753080][ T8036] FAT-fs (loop0): Filesystem has been set read-only [ 270.796634][ T8036] syz.0.624: attempt to access beyond end of device [ 270.796634][ T8036] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 270.862550][ T8036] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 270.898158][ T8036] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 274.991233][ T5968] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 275.702282][ T5968] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 275.713851][ T5968] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 275.724751][ T5968] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.748395][ T5968] usb 3-1: config 0 descriptor?? [ 275.780532][ T5968] pwc: Askey VC010 type 2 USB webcam detected. [ 276.848747][ T5968] pwc: recv_control_msg error -32 req 02 val 2b00 [ 276.890863][ T5968] pwc: recv_control_msg error -32 req 02 val 2700 [ 276.923718][ T5968] pwc: recv_control_msg error -32 req 02 val 2c00 [ 276.937595][ T5968] pwc: recv_control_msg error -32 req 04 val 1000 [ 276.946245][ T5968] pwc: recv_control_msg error -32 req 04 val 1300 [ 276.971376][ T5968] pwc: recv_control_msg error -32 req 04 val 1400 [ 276.990407][ T5968] pwc: recv_control_msg error -32 req 02 val 2000 [ 276.991753][ T8104] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.637'. [ 277.010727][ T5968] pwc: recv_control_msg error -32 req 02 val 2100 [ 277.028789][ T5968] pwc: recv_control_msg error -32 req 04 val 1500 [ 277.249011][ T5968] pwc: recv_control_msg error -71 req 02 val 2400 [ 277.263065][ T5968] pwc: recv_control_msg error -71 req 02 val 2600 [ 277.282960][ T5968] pwc: recv_control_msg error -71 req 02 val 2900 [ 277.304356][ T5968] pwc: recv_control_msg error -71 req 02 val 2800 [ 277.325520][ T5968] pwc: recv_control_msg error -71 req 04 val 1100 [ 277.353487][ T5968] pwc: recv_control_msg error -71 req 04 val 1200 [ 277.401487][ T5968] pwc: Registered as video103. [ 277.421789][ T5968] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input5 [ 277.518511][ T5968] usb 3-1: USB disconnect, device number 2 [ 284.585608][ T8177] syz.0.655: attempt to access beyond end of device [ 284.585608][ T8177] loop0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 284.600400][ T8177] isofs_fill_super: bread failed, dev=loop0, iso_blknum=16, block=32 [ 285.722377][ T8188] loop0: detected capacity change from 0 to 512 [ 285.752288][ T8188] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 285.787208][ T8188] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 285.834756][ T8191] bond0: entered promiscuous mode [ 285.847756][ T8188] EXT4-fs (loop0): 1 truncate cleaned up [ 285.868496][ T8188] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.050745][ T8188] EXT4-fs error (device loop0): __ext4_get_inode_loc:4489: comm syz.0.668: Invalid inode table block 624567643 in block_group 0 [ 287.309394][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.977195][ T5968] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 290.167354][ T5968] usb 1-1: Using ep0 maxpacket: 16 [ 290.233923][ T5968] usb 1-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config [ 290.264929][ T5968] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 290.353835][ T5968] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 290.488588][ T5968] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.663434][ T5968] usb 1-1: Product: syz [ 290.747900][ T5968] usb 1-1: Manufacturer: syz [ 290.898454][ T5968] usb 1-1: SerialNumber: syz [ 290.979448][ T8251] netlink: 'syz.3.674': attribute type 10 has an invalid length. [ 291.021789][ T8251] 8021q: adding VLAN 0 to HW filter on device team0 [ 291.030980][ T8251] bond0: (slave team0): Enslaving as an active interface with an up link [ 291.047622][ T8251] netlink: 'syz.3.674': attribute type 10 has an invalid length. [ 291.059179][ T8251] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 291.162139][ T8251] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 291.177613][ T5968] usb 1-1: 0:2 : does not exist [ 291.210589][ T5968] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 291.239627][ T8251] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 291.303489][ T5968] usb 1-1: USB disconnect, device number 4 [ 291.436343][ T5801] udevd[5801]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 296.819593][ T8306] loop0: detected capacity change from 0 to 32768 [ 299.030512][ T8336] netlink: 'syz.0.694': attribute type 1 has an invalid length. [ 300.064630][ T8340] bond1: (slave bridge3): making interface the new active one [ 300.100858][ T8340] bond1: (slave bridge3): Enslaving as an active interface with an up link [ 300.130542][ T8341] macvlan2: entered promiscuous mode [ 300.137422][ T8341] macvlan2: entered allmulticast mode [ 300.148589][ T8341] bond1: entered promiscuous mode [ 300.153722][ T8341] bridge3: entered promiscuous mode [ 300.168149][ T8341] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 300.182331][ T8341] bond1: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 300.208363][ T28] audit: type=1326 audit(1761589143.563:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.3.697" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x0 [ 300.245437][ T8341] bond1: left promiscuous mode [ 300.251063][ T8341] bridge3: left promiscuous mode [ 300.349107][ T8345] netlink: 'syz.2.698': attribute type 10 has an invalid length. [ 300.392233][ T8345] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 302.151318][ T5802] Bluetooth: hci1: ACL packet too small [ 302.264381][ T5805] Bluetooth: Unexpected continuation frame (len 10) [ 302.332567][ T8365] loop0: detected capacity change from 0 to 256 [ 302.362065][ T8365] exfat: Deprecated parameter 'namecase' [ 302.398720][ T8365] exfat: Unknown parameter 'obj_user' [ 302.568773][ T8365] loop0: detected capacity change from 0 to 1764 [ 302.827631][ T8375] netlink: 36 bytes leftover after parsing attributes in process `syz.0.707'. [ 305.060917][ T8397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.712'. [ 306.221248][ T8409] netlink: 'syz.3.719': attribute type 1 has an invalid length. [ 306.276708][ T8409] bond1: entered promiscuous mode [ 306.282082][ T8409] bond1: entered allmulticast mode [ 306.297407][ T8406] kvm: emulating exchange as write [ 306.335810][ T8413] netlink: 8 bytes leftover after parsing attributes in process `syz.3.719'. [ 306.390161][ T8413] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 306.441404][ T8413] bond1: (slave bridge0): making interface the new active one [ 306.507723][ T8413] bridge0: entered promiscuous mode [ 306.516636][ T8413] bridge0: entered allmulticast mode [ 306.530667][ T8413] bond1: (slave bridge0): Enslaving as an active interface with an up link [ 306.561184][ T8409] netlink: 24 bytes leftover after parsing attributes in process `syz.3.719'. [ 306.824690][ T8409] 8021q: adding VLAN 0 to HW filter on device bond1 [ 306.854682][ T8421] netlink: 'syz.0.722': attribute type 1 has an invalid length. [ 307.604263][ T8421] 8021q: adding VLAN 0 to HW filter on device bond2 [ 307.724094][ T8424] 8021q: adding VLAN 0 to HW filter on device bond2 [ 307.740555][ T8424] bond2: (slave vti0): The slave device specified does not support setting the MAC address [ 307.766168][ T8424] bond2: (slave vti0): Error -95 calling set_mac_address [ 309.916301][ T8456] syzkaller0: entered promiscuous mode [ 309.926368][ T8456] syzkaller0: entered allmulticast mode [ 311.435813][ T8462] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -14123, delta: 1 [ 311.877829][ T8462] ref_ctr increment failed for inode: 0x3a4 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888024f55580 [ 312.215155][ T8466] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -14123, delta: -1 [ 312.239401][ T8466] ref_ctr decrement failed for inode: 0x3a4 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888024f55580 [ 314.630913][ T8490] loop2: detected capacity change from 0 to 512 [ 314.642258][ T8490] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 314.847907][ T8490] EXT4-fs (loop2): 1 truncate cleaned up [ 314.868107][ T8490] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 316.023190][ T8490] EXT4-fs error (device loop2): __ext4_get_inode_loc:4489: comm syz.2.740: Invalid inode table block 624567643 in block_group 0 [ 316.206175][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.592749][ T8514] mmap: syz.1.747 (8514) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 316.996299][ T8508] loop0: detected capacity change from 0 to 32768 [ 317.042416][ T8508] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 317.397294][ T8508] XFS (loop0): Ending clean mount [ 317.422346][ T8508] XFS (loop0): Quotacheck needed: Please wait. [ 317.534500][ T8508] XFS (loop0): Quotacheck: Done. [ 317.667340][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.673769][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.151462][ T28] audit: type=1804 audit(1761589161.503:299): pid=8508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.746" name="/newroot/163/file0/bus" dev="loop0" ino=9291 res=1 errno=0 [ 318.463255][ T8531] team0: Port device vlan0 removed [ 318.588365][ T34] tipc: Resetting bearer [ 318.684024][ T5791] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 320.496076][ T8562] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 320.522809][ T8562] CIFS: Unable to determine destination address [ 324.557601][ T8594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.772'. [ 324.593951][ T8595] loop0: detected capacity change from 0 to 512 [ 324.679267][ T8594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.772'. [ 324.744560][ T8602] netlink: 'syz.3.772': attribute type 10 has an invalid length. [ 324.755561][ T8602] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 324.776158][ T8595] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002] [ 324.797280][ T8595] System zones: 0-7 [ 324.813287][ T8595] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 326.085812][ T8614] netlink: 'syz.3.776': attribute type 11 has an invalid length. [ 326.100658][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.071190][ T8630] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 327.708680][ T8635] netlink: 24 bytes leftover after parsing attributes in process `syz.2.783'. [ 328.921616][ T28] audit: type=1804 audit(1761589172.263:300): pid=8649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.786" name="/newroot/186/file1" dev="fuse" ino=1 res=1 errno=0 [ 328.992906][ T28] audit: type=1800 audit(1761589172.293:301): pid=8649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.786" name="/" dev="fuse" ino=1 res=0 errno=0 [ 329.064638][ T28] audit: type=1800 audit(1761589172.303:302): pid=8649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.786" name="/" dev="fuse" ino=1 res=0 errno=0 [ 329.221164][ T8658] netlink: 'syz.0.789': attribute type 10 has an invalid length. [ 329.237772][ T8658] syz_tun: entered promiscuous mode [ 329.260076][ T8658] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 329.273555][ T8660] netlink: 9 bytes leftover after parsing attributes in process `syz.1.796'. [ 329.301504][ T8660] gretap0: entered promiscuous mode [ 329.499767][ T8664] sch_tbf: burst 1023 is lower than device lo mtu (65550) ! [ 330.840577][ T8691] loop2: detected capacity change from 0 to 8 [ 331.024438][ T8691] SQUASHFS error: xz decompression failed, data probably corrupt [ 331.032938][ T8691] SQUASHFS error: Failed to read block 0x108: -5 [ 331.039433][ T8691] SQUASHFS error: Unable to read metadata cache entry [106] [ 331.046872][ T8691] SQUASHFS error: Unable to read inode 0x101f [ 333.413461][ T8721] SET target dimension over the limit! [ 335.647566][ T8736] Unsupported ieee802154 address type: 0 [ 336.187642][ T28] audit: type=1804 audit(1761589179.533:303): pid=8741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.817" name="bus" dev="ramfs" ino=15013 res=1 errno=0 [ 336.211520][ T8743] loop2: detected capacity change from 0 to 1024 [ 336.232124][ T8743] EXT4-fs: Ignoring removed bh option [ 336.254358][ T8743] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 336.269813][ T28] audit: type=1804 audit(1761589179.573:304): pid=8741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.817" name="bus" dev="ramfs" ino=15013 res=1 errno=0 [ 336.352938][ T8743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.599114][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.782880][ T28] audit: type=1326 audit(1761589180.133:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8748 comm="syz.0.818" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa29d38efc9 code=0x0 [ 338.029866][ T8759] loop2: detected capacity change from 0 to 512 [ 338.108534][ T8759] ext4: Unknown parameter 'uid<00000000000000000000' [ 338.197360][ T8763] netlink: 24 bytes leftover after parsing attributes in process `syz.0.821'. [ 338.222506][ T5801] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 338.362449][ T8763] netlink: 4 bytes leftover after parsing attributes in process `syz.0.821'. [ 338.581166][ T8773] loop2: detected capacity change from 0 to 512 [ 338.663290][ T8776] syzkaller0: entered promiscuous mode [ 338.690564][ T8773] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002] [ 338.707354][ T8776] syzkaller0: entered allmulticast mode [ 338.778341][ T8773] System zones: 0-7 [ 338.783960][ T8773] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 338.941986][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.957416][ T28] audit: type=1326 audit(1761589182.303:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8783 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 338.982671][ T28] audit: type=1326 audit(1761589182.313:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8783 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 339.066117][ T28] audit: type=1326 audit(1761589182.333:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8783 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 339.112984][ T28] audit: type=1326 audit(1761589182.333:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8783 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 339.139905][ T8780] netlink: 'syz.3.826': attribute type 10 has an invalid length. [ 339.167587][ T8780] syz_tun: entered promiscuous mode [ 339.217110][ T28] audit: type=1326 audit(1761589182.333:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8783 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 339.276234][ T28] audit: type=1326 audit(1761589182.333:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8783 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 339.408689][ T28] audit: type=1326 audit(1761589182.333:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8783 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 339.600122][ T8793] SET target dimension over the limit! [ 342.231605][ T8830] SET target dimension over the limit! [ 345.178635][ T8850] __vm_enough_memory: pid: 8850, comm: syz.0.845, not enough memory for the allocation [ 346.387217][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 346.387233][ T28] audit: type=1326 audit(1761589189.493:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.1.846" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x0 [ 346.691183][ T8858] loop0: detected capacity change from 0 to 8 [ 346.856806][ T8858] SQUASHFS error: xz decompression failed, data probably corrupt [ 346.864881][ T8858] SQUASHFS error: Failed to read block 0x108: -5 [ 346.871446][ T8858] SQUASHFS error: Unable to read metadata cache entry [106] [ 346.878893][ T8858] SQUASHFS error: Unable to read inode 0x101f [ 347.709340][ T5847] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 347.833674][ T28] audit: type=1326 audit(1761589191.183:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 347.879937][ T28] audit: type=1326 audit(1761589191.213:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 347.908325][ T28] audit: type=1326 audit(1761589191.213:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 347.951536][ T8870] overlayfs: failed to clone upperpath [ 347.961084][ T5847] usb 3-1: Using ep0 maxpacket: 32 [ 347.966844][ T28] audit: type=1326 audit(1761589191.213:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 347.994081][ T28] audit: type=1326 audit(1761589191.213:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 348.011073][ T5847] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 348.017796][ T28] audit: type=1326 audit(1761589191.213:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 348.067810][ T5847] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 348.084302][ T5847] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 348.091997][ T28] audit: type=1326 audit(1761589191.213:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 348.094535][ T5847] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 348.167546][ T28] audit: type=1326 audit(1761589191.213:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 348.413472][ T5847] usb 3-1: config 0 descriptor?? [ 348.678957][ T28] audit: type=1326 audit(1761589191.213:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.3.850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 348.854269][ T5847] usbhid 3-1:0.0: can't add hid device: -71 [ 348.862852][ T5847] usbhid: probe of 3-1:0.0 failed with error -71 [ 348.887120][ T5847] usb 3-1: USB disconnect, device number 3 [ 349.944223][ T8888] tc_dump_action: action bad kind [ 349.964270][ T8888] loop0: detected capacity change from 0 to 256 [ 350.101544][ T8891] loop2: detected capacity change from 0 to 1024 [ 350.190396][ T8888] FAT-fs (loop0): IO charset cp8 not found [ 351.380407][ T8904] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 351.388475][ T8904] IPv6: NLM_F_CREATE should be set when creating new route [ 351.423159][ T8904] lo: entered allmulticast mode [ 351.464212][ T8904] tunl0: entered allmulticast mode [ 351.483021][ T8904] gre0: entered allmulticast mode [ 351.527386][ T8904] gretap0: entered allmulticast mode [ 351.555701][ T8904] erspan0: entered allmulticast mode [ 351.615013][ T8904] ip_vti0: entered allmulticast mode [ 351.635383][ T8904] ip6_vti0: entered allmulticast mode [ 351.672510][ T8904] sit0: entered allmulticast mode [ 351.791981][ T8904] ip6tnl0: entered allmulticast mode [ 351.910205][ T8904] ip6gre0: entered allmulticast mode [ 351.961297][ T8904] ip6gretap0: entered allmulticast mode [ 352.096663][ T8904] vcan0: entered allmulticast mode [ 352.119242][ T8904] bond0: entered allmulticast mode [ 352.137439][ T8904] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 352.179690][ T8904] tipc: Resetting bearer [ 352.207935][ T8904] team0: entered allmulticast mode [ 352.433628][ T8904] dummy0: entered allmulticast mode [ 353.033015][ T8904] nlmon0: entered allmulticast mode [ 353.055567][ T8904] caif0: entered allmulticast mode [ 353.099312][ T8904] batadv0: entered allmulticast mode [ 353.155414][ T8904] vxcan0: entered allmulticast mode [ 353.172474][ T8904] vxcan1: entered allmulticast mode [ 353.205627][ T8904] veth0: entered allmulticast mode [ 353.250018][ T8904] veth1: entered allmulticast mode [ 353.308710][ T8904] wg1: entered allmulticast mode [ 353.362903][ T8904] wg2: entered allmulticast mode [ 353.437904][ T8904] veth0_to_bridge: entered allmulticast mode [ 353.473987][ T8904] bridge_slave_0: entered allmulticast mode [ 353.973236][ T8904] veth1_to_bridge: entered allmulticast mode [ 354.442541][ T8904] bridge_slave_1: entered allmulticast mode [ 354.489669][ T8948] cgroup: fork rejected by pids controller in /syz0 [ 354.545325][ T8904] veth0_to_bond: entered allmulticast mode [ 354.577763][ T8904] bond_slave_0: entered allmulticast mode [ 354.637726][ T8904] veth1_to_bond: entered allmulticast mode [ 354.659878][ T8904] bond_slave_1: entered allmulticast mode [ 354.687403][ T8904] veth0_to_team: entered allmulticast mode [ 354.703386][ T8904] team_slave_0: entered allmulticast mode [ 354.737358][ T8904] veth1_to_team: entered allmulticast mode [ 354.755048][ T8904] team_slave_1: entered allmulticast mode [ 354.778138][ T8904] veth0_to_batadv: entered allmulticast mode [ 354.789801][ T8904] batadv_slave_0: entered allmulticast mode [ 354.839686][ T8904] veth1_to_batadv: entered allmulticast mode [ 354.895156][ T8904] batadv_slave_1: entered allmulticast mode [ 354.923008][ T8904] xfrm0: entered allmulticast mode [ 354.936929][ T8904] veth0_to_hsr: entered allmulticast mode [ 354.977945][ T8904] hsr_slave_0: entered allmulticast mode [ 354.988816][ T8904] hsr0: entered allmulticast mode [ 354.999904][ T8904] veth1_virt_wifi: entered allmulticast mode [ 355.011205][ T8904] veth0_virt_wifi: entered allmulticast mode [ 355.026769][ T8904] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 355.040780][ T8904] veth1_macvtap: entered allmulticast mode [ 355.061715][ T8904] veth0_macvtap: entered allmulticast mode [ 355.078193][ T8904] macvtap0: entered allmulticast mode [ 355.090438][ T8904] macsec0: entered allmulticast mode [ 355.112022][ T8904] geneve0: entered allmulticast mode [ 355.127831][ T8904] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.137178][ T8904] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.146153][ T8904] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.155393][ T8904] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.164705][ T8904] geneve1: entered allmulticast mode [ 355.175904][ T8904] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 355.189823][ T8904] netdevsim netdevsim2 netdevsim1: entered allmulticast mode [ 355.205212][ T8904] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 355.220842][ T8904] netdevsim netdevsim2 netdevsim3: entered allmulticast mode [ 355.254923][ T8904] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 355.285662][ T8904] ~: entered allmulticast mode [ 355.295651][ T8904] vlan2: left promiscuous mode [ 355.301331][ T8904] bridge0: left promiscuous mode [ 355.306793][ T8904] gretap1: entered allmulticast mode [ 355.319483][ T8904] ipvlan2: entered allmulticast mode [ 355.330143][ T8904] veth2: entered allmulticast mode [ 355.339092][ T8904] veth3: entered allmulticast mode [ 355.500067][ T8227] bond0: (slave syz_tun): Releasing backup interface [ 357.817714][ T8980] openvswitch: netlink: Message has 4 unknown bytes. [ 359.059150][ T8984] netem: change failed [ 359.441374][ T8992] loop2: detected capacity change from 0 to 256 [ 359.499105][ T8992] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 359.527489][ T8992] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 359.582045][ T8992] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d) [ 359.668984][ T5802] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 359.680864][ T5802] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 359.689907][ T5802] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 359.700482][ T5802] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 359.711592][ T5802] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 359.721259][ T5802] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 359.920168][ T8995] chnl_net:caif_netlink_parms(): no params data found [ 360.000665][ T8995] bridge0: port 1(bridge_slave_0) entered blocking state [ 360.008572][ T8995] bridge0: port 1(bridge_slave_0) entered disabled state [ 360.015823][ T8995] bridge_slave_0: entered allmulticast mode [ 360.023654][ T8995] bridge_slave_0: entered promiscuous mode [ 360.032659][ T8995] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.040448][ T8995] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.047789][ T8995] bridge_slave_1: entered allmulticast mode [ 360.054959][ T8995] bridge_slave_1: entered promiscuous mode [ 360.095889][ T8995] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 360.120153][ T8995] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 360.211269][ T8995] team0: Port device team_slave_0 added [ 360.231354][ T8995] team0: Port device team_slave_1 added [ 360.368239][ T8995] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 360.383971][ T8995] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 360.453269][ T8995] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 360.477231][ T9008] netlink: 4 bytes leftover after parsing attributes in process `syz.1.888'. [ 360.609392][ T8995] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 360.642802][ T8995] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 360.738564][ T8995] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 361.165694][ T9016] vlan4: entered promiscuous mode [ 361.262351][ T8995] hsr_slave_0: entered promiscuous mode [ 361.314355][ T8995] hsr_slave_1: entered promiscuous mode [ 361.344883][ T8995] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 361.369202][ T8995] Cannot create hsr debugfs directory [ 361.817233][ T5805] Bluetooth: hci1: command tx timeout [ 361.827982][ T8995] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.979474][ T8995] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.142963][ T8995] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.173974][ T8995] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.235251][ T9039] netlink: 'syz.1.901': attribute type 1 has an invalid length. [ 363.291320][ T9042] netlink: 28 bytes leftover after parsing attributes in process `syz.1.901'. [ 363.306251][ T9042] 8021q: adding VLAN 0 to HW filter on device bond1 [ 363.355843][ T9039] 8021q: adding VLAN 0 to HW filter on device bond1 [ 363.398508][ T9039] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0 [ 363.421583][ T9039] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0 [ 363.435977][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 363.435993][ T28] audit: type=1326 audit(1761589206.783:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.442601][ T9039] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0 [ 363.492656][ T9039] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0 [ 363.506539][ T9039] bond1: (slave geneve2): making interface the new active one [ 363.514781][ T28] audit: type=1326 audit(1761589206.783:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.522653][ T9039] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 363.566639][ T9039] syz.1.901 (9039) used greatest stack depth: 19568 bytes left [ 363.580237][ T28] audit: type=1326 audit(1761589206.833:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.607920][ T28] audit: type=1326 audit(1761589206.833:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.649834][ T28] audit: type=1326 audit(1761589206.833:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.680488][ T28] audit: type=1326 audit(1761589206.833:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.739484][ T28] audit: type=1326 audit(1761589206.833:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.802078][ T28] audit: type=1326 audit(1761589206.833:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.854205][ T28] audit: type=1326 audit(1761589206.833:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.889202][ T28] audit: type=1326 audit(1761589206.833:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.2.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 363.913895][ T5805] Bluetooth: hci1: command tx timeout [ 364.017169][ T8995] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 364.090408][ T8995] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 364.129328][ T8995] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 364.152236][ T8995] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 365.149166][ T8995] 8021q: adding VLAN 0 to HW filter on device bond0 [ 365.176586][ T8995] 8021q: adding VLAN 0 to HW filter on device team0 [ 365.194743][ T6097] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.202083][ T6097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 365.278804][ T6097] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.286039][ T6097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 365.978335][ T5805] Bluetooth: hci1: command tx timeout [ 366.713270][ T8995] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 367.030475][ T8995] veth0_vlan: entered promiscuous mode [ 367.414612][ T8995] veth1_vlan: entered promiscuous mode [ 367.581346][ T8995] veth0_macvtap: entered promiscuous mode [ 367.610439][ T8995] veth1_macvtap: entered promiscuous mode [ 367.896670][ T8995] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.202813][ T5805] Bluetooth: hci1: command tx timeout [ 368.319166][ T8995] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.400948][ T8995] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 368.524687][ T8995] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 368.569083][ T8995] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.586367][ T8995] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 368.598943][ T8995] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.607892][ T8995] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.616644][ T8995] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.644443][ T8995] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 368.860157][ T6073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 368.900174][ T6073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 368.934185][ T786] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 368.961682][ T9127] netlink: 4 bytes leftover after parsing attributes in process `syz.3.926'. [ 368.987628][ T786] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 369.542122][ T6096] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 369.638445][ T6096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 369.785089][ T9130] fido_id[9130]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 371.396200][ T28] kauditd_printk_skb: 19 callbacks suppressed [ 371.396218][ T28] audit: type=1326 audit(1761589214.743:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.486237][ T28] audit: type=1326 audit(1761589214.743:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.533656][ T28] audit: type=1326 audit(1761589214.783:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.564248][ T28] audit: type=1326 audit(1761589214.783:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.617565][ T28] audit: type=1326 audit(1761589214.783:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.684231][ T28] audit: type=1326 audit(1761589214.783:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.725209][ T28] audit: type=1326 audit(1761589214.783:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.755742][ T28] audit: type=1326 audit(1761589214.783:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.791877][ T28] audit: type=1326 audit(1761589214.783:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 371.839950][ T28] audit: type=1326 audit(1761589214.783:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 372.010065][ T9171] kvm: pic: level sensitive irq not supported [ 372.017295][ T9171] kvm: pic: level sensitive irq not supported [ 372.024627][ T9171] kvm: pic: level sensitive irq not supported [ 372.039781][ T9171] kvm: pic: level sensitive irq not supported [ 373.093496][ T9184] 8021q: adding VLAN 0 to HW filter on device bond0 [ 373.134758][ T9184] team0: Port device bond0 added [ 375.131890][ T9208] syzkaller0: entered promiscuous mode [ 375.138075][ T9208] syzkaller0: entered allmulticast mode [ 375.560566][ T9215] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 379.102922][ T28] kauditd_printk_skb: 7 callbacks suppressed [ 379.102941][ T28] audit: type=1326 audit(1761589222.443:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 379.108780][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.197309][ T28] audit: type=1326 audit(1761589222.443:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 379.333946][ T28] audit: type=1326 audit(1761589222.493:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 379.356470][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.367626][ T28] audit: type=1326 audit(1761589222.493:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 379.398751][ T28] audit: type=1326 audit(1761589222.493:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 380.015777][ T28] audit: type=1326 audit(1761589222.663:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 380.129781][ T28] audit: type=1326 audit(1761589222.673:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 380.217056][ T28] audit: type=1326 audit(1761589222.673:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 380.308197][ T28] audit: type=1326 audit(1761589222.723:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 380.360084][ T9260] netlink: 'syz.2.965': attribute type 1 has an invalid length. [ 380.368369][ T28] audit: type=1326 audit(1761589222.743:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 380.595791][ T9263] netlink: 28 bytes leftover after parsing attributes in process `syz.2.965'. [ 380.628526][ T9263] 8021q: adding VLAN 0 to HW filter on device bond1 [ 381.231307][ T9265] 8021q: adding VLAN 0 to HW filter on device bond1 [ 381.335936][ T9265] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20004 - 0 [ 381.404302][ T9265] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20004 - 0 [ 381.413317][ T9265] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20004 - 0 [ 381.422422][ T9265] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20004 - 0 [ 381.449247][ T9265] bond1: (slave geneve2): making interface the new active one [ 381.498954][ T9265] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 385.130669][ T9302] siw: device registration error -23 [ 385.321011][ T28] kauditd_printk_skb: 24 callbacks suppressed [ 385.321026][ T28] audit: type=1326 audit(1761589228.673:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4aa58efc9 code=0x7ffc0000 [ 385.364953][ T28] audit: type=1326 audit(1761589228.673:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa4aa58efc9 code=0x7ffc0000 [ 389.037126][ T28] audit: type=1326 audit(1761589228.673:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4aa58efc9 code=0x7ffc0000 [ 389.134821][ T28] audit: type=1326 audit(1761589228.673:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa4aa58efc9 code=0x7ffc0000 [ 389.179317][ T28] audit: type=1326 audit(1761589228.673:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4aa58efc9 code=0x7ffc0000 [ 389.242491][ T28] audit: type=1326 audit(1761589228.673:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fa4aa58efc9 code=0x7ffc0000 [ 389.265336][ T28] audit: type=1326 audit(1761589228.673:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.978" exe="/root/syz-executor" sig=0 arch=40000003 syscall=247 compat=1 ip=0x200000000006 code=0x7ffc0000 [ 389.312247][ T28] audit: type=1326 audit(1761589228.673:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4aa58efc9 code=0x7ffc0000 [ 393.270185][ T9349] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org. [ 397.364285][ T9400] xt_recent: Unsupported userspace flags (000000de) [ 397.450361][ T9403] netlink: 'syz.1.1007': attribute type 1 has an invalid length. [ 397.564768][ T9403] 8021q: adding VLAN 0 to HW filter on device bond2 [ 398.364628][ T9404] veth9: entered promiscuous mode [ 398.410541][ T9404] bond2: (slave veth9): Enslaving as an active interface with a down link [ 398.542075][ T9403] veth11: entered promiscuous mode [ 398.555783][ T9403] bond2: (slave veth11): Enslaving as an active interface with a down link [ 399.372300][ T9421] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1010'. [ 404.528229][ T9486] netlink: 'syz.0.1029': attribute type 10 has an invalid length. [ 404.717126][ T9486] team0: Device ipvlan1 failed to register rx_handler [ 406.063029][ T9495] 9pnet: Could not find request transport: 0xffffffffffffffff [ 406.086319][ T9501] 9pnet_fd: Insufficient options for proto=fd [ 407.299147][ T9513] syzkaller0: entered promiscuous mode [ 407.324861][ T9513] syzkaller0: entered allmulticast mode [ 408.399008][ T9519] xt_recent: Unsupported userspace flags (000000de) [ 408.494852][ T9521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1043'. [ 408.523730][ T9521] netdevsim netdevsim0 netdevsim3: entered promiscuous mode [ 408.548451][ T9521] netdevsim netdevsim0 netdevsim3: entered allmulticast mode [ 409.799832][ T9536] xt_TCPMSS: Only works on TCP SYN packets [ 410.562781][ T28] audit: type=1326 audit(1761589253.873:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 410.637097][ T28] audit: type=1326 audit(1761589253.873:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 410.707111][ T28] audit: type=1326 audit(1761589253.883:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 410.769839][ T28] audit: type=1326 audit(1761589253.883:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 410.837903][ T28] audit: type=1326 audit(1761589253.883:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 410.922435][ T28] audit: type=1326 audit(1761589253.883:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 411.002429][ T28] audit: type=1326 audit(1761589253.883:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 411.122261][ T28] audit: type=1326 audit(1761589253.883:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 411.173567][ T28] audit: type=1326 audit(1761589253.883:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 411.248738][ T28] audit: type=1326 audit(1761589253.883:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9540 comm="syz.2.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 414.013957][ T9580] vlan0: entered promiscuous mode [ 414.038733][ T9580] team0: entered promiscuous mode [ 415.224836][ T9589] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1063'. [ 415.382446][ T9593] netlink: 'syz.2.1064': attribute type 5 has an invalid length. [ 415.678510][ T9597] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1065'. [ 415.709816][ T9597] syz_tun: entered promiscuous mode [ 415.727074][ T9597] macvtap1: entered promiscuous mode [ 415.744612][ T9597] macvtap1: entered allmulticast mode [ 415.765321][ T9597] syz_tun: entered allmulticast mode [ 415.845232][ T9598] syz_tun: left allmulticast mode [ 415.850872][ T9598] syz_tun: left promiscuous mode [ 418.693187][ T9634] syzkaller0: entered promiscuous mode [ 418.709272][ T9634] syzkaller0: entered allmulticast mode [ 418.951300][ T9635] x_tables: unsorted underflow at hook 3 [ 419.123833][ T9642] loop0: detected capacity change from 0 to 1024 [ 419.163281][ T9642] EXT4-fs: Ignoring removed orlov option [ 419.209566][ T9642] EXT4-fs (loop0): Test dummy encryption mode enabled [ 419.232793][ T9642] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 419.313111][ T9642] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 420.295921][ T9642] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 420.323731][ T9658] vlan0: entered promiscuous mode [ 420.347226][ T9658] bond0: entered promiscuous mode [ 420.352360][ T9658] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode [ 420.378583][ T9658] vlan0: entered allmulticast mode [ 424.652835][ T8995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 426.170523][ T9714] syz.0.1099 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 428.528146][ T9739] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1103'. [ 430.347625][ T9761] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1109'. [ 430.445330][ T9765] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1109'. [ 430.667272][ T5861] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 430.859757][ T5861] usb 3-1: config 0 has an invalid interface number: 204 but max is 0 [ 430.875262][ T5861] usb 3-1: config 0 has no interface number 0 [ 430.899616][ T5861] usb 3-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=29.3d [ 430.929550][ T5861] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.957157][ T5861] usb 3-1: Product: syz [ 430.967024][ T5861] usb 3-1: Manufacturer: syz [ 430.977090][ T5861] usb 3-1: SerialNumber: syz [ 430.993015][ T5861] usb 3-1: config 0 descriptor?? [ 431.010908][ T5861] ems_usb 3-1:0.204 (unnamed net_device) (uninitialized): couldn't initialize controller: -22 [ 431.047814][ T5861] ems_usb: probe of 3-1:0.204 failed with error -22 [ 431.345332][ T5861] usb 3-1: USB disconnect, device number 4 [ 431.736825][ T9781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1116'. [ 431.781840][ T9781] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 432.082128][ T9781] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 435.911079][ T9823] loop2: detected capacity change from 0 to 512 [ 436.071935][ T9823] __quota_error: 23 callbacks suppressed [ 436.071955][ T9823] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 436.141876][ T9823] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 436.262580][ T9823] EXT4-fs (loop2): mount failed [ 437.187864][ T9847] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1135'. [ 437.550247][ T9847] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1135'. [ 438.545165][ T9868] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 438.568473][ T9868] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 440.660676][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.667354][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 442.528492][ T9891] loop2: detected capacity change from 0 to 1024 [ 442.555779][ T9891] EXT4-fs: Ignoring removed orlov option [ 442.588682][ T9891] EXT4-fs (loop2): Test dummy encryption mode enabled [ 442.603709][ T9891] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 443.121104][ T9891] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 444.764688][ T9916] bridge1: entered allmulticast mode [ 445.678409][ T9925] netlink: 'syz.0.1158': attribute type 1 has an invalid length. [ 445.859884][ T9929] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 445.900197][ T9929] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 445.965790][ T9929] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 445.975528][ T9929] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 445.986682][ T9929] bond1: (slave geneve2): making interface the new active one [ 445.995758][ T9929] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 446.015508][ T9932] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1158'. [ 446.039357][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.062563][ T9932] 8021q: adding VLAN 0 to HW filter on device bond1 [ 448.393349][ T9944] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2 [ 448.404509][ T9944] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0/file1 [ 449.448558][ T9963] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1166'. [ 451.599652][ T9987] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1176'. [ 451.610545][ T9987] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 455.823062][T10016] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1187'. [ 455.849257][T10017] syzkaller0: entered promiscuous mode [ 455.855006][T10017] syzkaller0: entered allmulticast mode [ 455.925705][T10016] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1187'. [ 458.196392][T10041] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1195'. [ 458.437416][T10043] gre1: entered promiscuous mode [ 458.443006][T10043] bond2: (slave gre1): The slave device specified does not support setting the MAC address [ 458.492785][T10043] bond2: (slave gre1): Error -95 calling set_mac_address [ 458.573165][T10044] macvlan0: entered promiscuous mode [ 458.599778][T10044] macvlan0: entered allmulticast mode [ 458.633745][T10044] bond2: (slave macvlan0): Error -99 calling set_mac_address [ 459.874281][T10072] overlayfs: failed to clone upperpath [ 463.056166][T10103] netlink: 'syz.1.1213': attribute type 1 has an invalid length. [ 463.184017][T10105] netdevsim netdevsim1 netdevsim0: set [1, 2] type 2 family 0 port 20000 - 0 [ 463.256639][T10105] netdevsim netdevsim1 netdevsim1: set [1, 2] type 2 family 0 port 20000 - 0 [ 463.315795][T10105] netdevsim netdevsim1 netdevsim2: set [1, 2] type 2 family 0 port 20000 - 0 [ 463.357835][T10105] netdevsim netdevsim1 netdevsim3: set [1, 2] type 2 family 0 port 20000 - 0 [ 463.375377][T10105] bond3: (slave geneve3): making interface the new active one [ 463.394536][T10105] bond3: (slave geneve3): Enslaving as an active interface with an up link [ 463.405483][T10107] tipc: New replicast peer: 255.255.255.83 [ 463.415212][T10107] tipc: Enabled bearer , priority 10 [ 463.455597][T10103] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1213'. [ 463.520156][T10103] 8021q: adding VLAN 0 to HW filter on device bond3 [ 463.570577][T10111] netlink: 'syz.3.1216': attribute type 9 has an invalid length. [ 463.760093][T10120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1218'. [ 463.800235][T10116] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1217'. [ 464.128395][T10132] dvmrp0: entered allmulticast mode [ 464.178182][T10127] dvmrp0: left allmulticast mode [ 468.559576][T10156] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1229'. [ 468.918966][T10156] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1229'. [ 470.056646][T10178] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2 [ 470.068092][T10178] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0/file1 [ 473.000660][T10199] overlayfs: statfs failed on './file0' [ 475.812594][T10200] nvme_fabrics: missing parameter 'transport=%s' [ 475.837616][T10200] nvme_fabrics: missing parameter 'nqn=%s' [ 476.678630][T10219] netdevsim netdevsim0: Direct firmware load for ./file0/file1 failed with error -2 [ 476.688950][T10219] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0/file1 [ 477.706343][T10226] tipc: Started in network mode [ 477.713254][T10226] tipc: Node identity 767db154e7d8, cluster identity 4711 [ 477.721021][T10226] tipc: Enabled bearer , priority 0 [ 477.785256][T10226] syzkaller0: entered promiscuous mode [ 477.793396][T10226] syzkaller0: entered allmulticast mode [ 477.800376][T10226] tipc: Resetting bearer [ 477.887213][T10225] tipc: Resetting bearer [ 478.747173][ T5974] tipc: Node number set to 2443555156 [ 482.067525][T10225] tipc: Disabling bearer [ 482.587382][ T5838] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 482.602849][T10246] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1251'. [ 482.613604][T10246] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 483.577075][ T5805] Bluetooth: hci1: command 0x0406 tx timeout [ 484.495726][ T5838] usb 1-1: Using ep0 maxpacket: 16 [ 484.512531][ T5838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 484.537802][ T5838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 484.548197][ T5838] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 484.567385][ T5838] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 484.577124][ T5838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.608403][ T5838] usb 1-1: config 0 descriptor?? [ 485.555679][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 485.669863][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 485.686059][ T28] audit: type=1326 audit(1761589329.033:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 485.718627][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 485.725947][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 485.734905][ T28] audit: type=1326 audit(1761589329.033:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 485.770773][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 485.792635][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 485.808817][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 485.827197][ T28] audit: type=1326 audit(1761589329.063:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 485.897298][ T28] audit: type=1326 audit(1761589329.063:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 486.005058][ T28] audit: type=1326 audit(1761589329.063:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 486.049407][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 486.062884][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 486.074244][ T5838] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 486.088590][ T28] audit: type=1326 audit(1761589329.063:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 486.791482][ T5838] microsoft 0003:045E:07DA.0003: No inputs registered, leaving [ 487.007361][ T5838] microsoft 0003:045E:07DA.0003: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 487.074054][T10275] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1258'. [ 487.085461][T10275] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1258'. [ 487.483119][ T28] audit: type=1326 audit(1761589329.063:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 487.555237][ T5838] microsoft 0003:045E:07DA.0003: no inputs found [ 487.570955][ T5838] microsoft 0003:045E:07DA.0003: could not initialize ff, continuing anyway [ 487.606349][ T28] audit: type=1326 audit(1761589329.063:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 487.667108][ T5838] usb 1-1: USB disconnect, device number 5 [ 487.678625][ T28] audit: type=1326 audit(1761589329.063:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 487.759345][ T28] audit: type=1326 audit(1761589329.063:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10262 comm="syz.1.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 490.455021][T10308] netlink: 'syz.2.1267': attribute type 1 has an invalid length. [ 490.491749][T10308] netlink: 'syz.2.1267': attribute type 4 has an invalid length. [ 490.658612][T10308] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.1267'. [ 490.758476][T10312] ecryptfs_parse_options: eCryptfs: unrecognized option [(] [ 490.766070][T10312] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)] [ 490.773844][T10312] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 490.789618][T10312] Error parsing options; rc = [-22] [ 491.116090][T10314] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1270'. [ 491.125429][T10314] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 491.540608][T10319] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1271'. [ 491.860967][T10325] gre1: entered promiscuous mode [ 491.866513][T10325] bond2: (slave gre1): The slave device specified does not support setting the MAC address [ 491.878239][T10325] bond2: (slave gre1): Error -95 calling set_mac_address [ 491.919489][T10327] macvlan3: entered promiscuous mode [ 491.924966][T10327] macvlan3: entered allmulticast mode [ 491.931439][T10327] bond2: (slave macvlan3): Error -99 calling set_mac_address [ 493.290564][T10332] loop2: detected capacity change from 0 to 32768 [ 493.470410][T10342] bond0: (slave wlan1): Releasing backup interface [ 493.904841][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 493.918095][ T28] audit: type=1800 audit(1761589337.253:480): pid=10332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1275" name="file1" dev="loop2" ino=4 res=0 errno=0 [ 496.503054][T10371] af_packet: tpacket_rcv: packet too big, clamped from 42 to 4294967286. macoff=82 [ 496.564499][T10372] 8021q: adding VLAN 0 to HW filter on device bond0 [ 496.614876][T10372] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 498.817456][T10384] loop0: detected capacity change from 0 to 32768 [ 500.750925][T10395] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1293'. [ 500.762370][T10395] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1293'. [ 502.003664][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.025185][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 504.801478][T10434] netlink: 'syz.1.1300': attribute type 1 has an invalid length. [ 504.827035][T10434] netlink: 'syz.1.1300': attribute type 4 has an invalid length. [ 504.880996][T10434] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.1300'. [ 504.936162][T10438] syzkaller0: entered promiscuous mode [ 504.950527][T10438] syzkaller0: entered allmulticast mode [ 504.984349][T10438] netem: change failed [ 511.211732][T10502] syz.0.1321: attempt to access beyond end of device [ 511.211732][T10502] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 511.255325][T10502] syz.0.1321: attempt to access beyond end of device [ 511.255325][T10502] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0 [ 511.277417][T10502] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 511.327872][T10502] syz.0.1321: attempt to access beyond end of device [ 511.327872][T10502] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 511.345943][T10502] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 511.516952][T10502] syz.0.1321: attempt to access beyond end of device [ 511.516952][T10502] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0 [ 511.551976][T10502] syz.0.1321: attempt to access beyond end of device [ 511.551976][T10502] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 511.565426][T10502] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 511.610337][T10502] syz.0.1321: attempt to access beyond end of device [ 511.610337][T10502] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 511.625282][T10502] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 511.646966][T10502] syz.0.1321: attempt to access beyond end of device [ 511.646966][T10502] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 511.667518][T10502] syz.0.1321: attempt to access beyond end of device [ 511.667518][T10502] nbd0: rw=0, sector=2048, nr_sectors = 8 limit=0 [ 511.682633][T10502] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 511.695318][T10502] syz.0.1321: attempt to access beyond end of device [ 511.695318][T10502] nbd0: rw=0, sector=4096, nr_sectors = 8 limit=0 [ 511.710103][T10502] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 511.720130][T10502] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1) [ 512.427554][T10513] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1323'. [ 512.438661][T10513] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1323'. [ 513.144053][T10514] netlink: 'syz.3.1324': attribute type 1 has an invalid length. [ 513.152021][T10514] netlink: 'syz.3.1324': attribute type 4 has an invalid length. [ 513.159921][T10514] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.1324'. [ 513.276082][T10516] loop0: detected capacity change from 0 to 256 [ 513.284025][T10516] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 513.313299][T10516] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 517.607548][T10549] netlink: 'syz.2.1333': attribute type 1 has an invalid length. [ 517.674852][T10549] loop2: detected capacity change from 0 to 512 [ 517.762384][T10549] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 517.843285][T10559] Cannot find add_set index 65532 as target [ 517.872642][T10549] EXT4-fs (loop2): 1 truncate cleaned up [ 517.939054][T10549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 518.225855][T10549] ext4: Unknown parameter 'YڄyFmZ1(O[ [ 518.225855][T10549] ^+E]0rQ#{̎cp6;:PrflIG>?υ-H"&F)!I|.z' [ 518.527056][ T27] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 518.759595][ T27] usb 3-1: unable to get BOS descriptor or descriptor too short [ 518.801406][ T27] usb 3-1: not running at top speed; connect to a high speed hub [ 518.851744][ T27] usb 3-1: config 1 has an invalid descriptor of length 3, skipping remainder of the config [ 518.862450][T10558] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 518.897567][ T27] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 147, changing to 4 [ 518.948346][T10558] EXT4-fs (loop2): Remounting filesystem read-only [ 518.949733][ T27] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 518.985427][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 519.015287][ T27] usb 3-1: Product: syz [ 519.035454][ T27] usb 3-1: Manufacturer: syz [ 519.057001][ T27] usb 3-1: SerialNumber: syz [ 519.312196][ T27] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 519.332396][ T27] usb 3-1: unit 5 not found! [ 519.417793][ T27] usb 3-1: USB disconnect, device number 5 [ 519.521777][T10567] udevd[10567]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 521.788122][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 522.566618][T10589] ecryptfs_parse_options: eCryptfs: unrecognized option [(] [ 522.574210][T10589] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)] [ 522.581956][T10589] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 522.595593][T10589] Error parsing options; rc = [-22] [ 528.639720][T10648] netlink: 'syz.0.1360': attribute type 1 has an invalid length. [ 528.786718][T10648] 8021q: adding VLAN 0 to HW filter on device bond2 [ 529.032587][T10652] bond2: entered allmulticast mode [ 529.101679][T10648] bond2: (slave ip6gretap1): making interface the new active one [ 529.126642][T10648] ip6gretap1: entered allmulticast mode [ 529.477111][T10648] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 529.487129][T10654] netlink: 'syz.1.1363': attribute type 1 has an invalid length. [ 529.725414][T10654] 8021q: adding VLAN 0 to HW filter on device bond4 [ 529.907175][T10656] gretap2: entered promiscuous mode [ 529.944872][T10656] bond4: (slave gretap2): making interface the new active one [ 529.999148][T10656] bond4: (slave gretap2): Enslaving as an active interface with an up link [ 532.916453][T10692] ecryptfs_parse_options: eCryptfs: unrecognized option [(] [ 532.924144][T10692] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)] [ 532.931830][T10692] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 532.945341][T10692] Error parsing options; rc = [-22] [ 534.916331][T10695] loop0: detected capacity change from 0 to 4096 [ 536.759746][T10725] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1383'. [ 536.807731][T10725] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1383'. [ 539.298328][T10742] xt_hashlimit: max too large, truncated to 1048576 [ 539.305433][T10742] xt_hashlimit: overflow, try lower: 3/0 [ 539.454548][T10726] loop0: detected capacity change from 0 to 32768 [ 540.001748][T10726] non-latin1 character 0x365 found in JFS file name [ 540.012178][T10726] mount with iocharset=utf8 to access [ 540.777573][T10758] loop2: detected capacity change from 0 to 256 [ 540.784980][T10758] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 540.857556][T10758] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 541.554854][T10764] sit0: left promiscuous mode [ 541.641633][ T28] audit: type=1326 audit(1761589384.983:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 541.698971][T10764] syz_tun: left promiscuous mode [ 541.750255][ T28] audit: type=1326 audit(1761589384.983:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 541.783427][T10764] 8021q: adding VLAN 0 to HW filter on device bond0 [ 541.795557][ T28] audit: type=1326 audit(1761589385.023:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 541.825058][ T28] audit: type=1326 audit(1761589385.023:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 541.853290][ T28] audit: type=1326 audit(1761589385.023:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 541.876516][T10764] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 541.964436][ T28] audit: type=1326 audit(1761589385.043:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 542.029908][ T28] audit: type=1326 audit(1761589385.043:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 542.060984][ T28] audit: type=1326 audit(1761589385.043:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 542.097543][ T28] audit: type=1326 audit(1761589385.053:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 542.142675][ T28] audit: type=1326 audit(1761589385.053:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10766 comm="syz.1.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x7ffc0000 [ 542.637643][T10781] ecryptfs_parse_options: eCryptfs: unrecognized option [(] [ 542.645349][T10781] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)] [ 542.653150][T10781] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 542.667103][T10781] Error parsing options; rc = [-22] [ 543.083197][T10784] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1400'. [ 543.170513][T10784] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1400'. [ 544.127250][T10803] netlink: 'syz.1.1406': attribute type 1 has an invalid length. [ 544.220523][T10803] 8021q: adding VLAN 0 to HW filter on device bond5 [ 544.322751][T10805] bond5: entered allmulticast mode [ 544.541175][T10811] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1408'. [ 544.640310][T10803] bond5: (slave ip6gretap1): making interface the new active one [ 544.683874][T10803] ip6gretap1: entered allmulticast mode [ 544.716089][T10803] bond5: (slave ip6gretap1): Enslaving as an active interface with an up link [ 544.785116][T10813] Cannot find add_set index 65532 as target [ 545.013060][T10815] loop2: detected capacity change from 0 to 4096 [ 545.367925][T10820] ecryptfs_parse_options: eCryptfs: unrecognized option [(] [ 545.375482][T10820] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)] [ 545.384320][T10820] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 545.397745][T10820] Error parsing options; rc = [-22] [ 551.796961][ T28] kauditd_printk_skb: 28 callbacks suppressed [ 551.796978][ T28] audit: type=1326 audit(1761589395.123:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 551.841550][T10862] netlink: 'syz.1.1422': attribute type 1 has an invalid length. [ 551.879824][T10867] netlink: 'syz.0.1424': attribute type 1 has an invalid length. [ 551.887606][ T28] audit: type=1326 audit(1761589395.133:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 551.887662][ T28] audit: type=1326 audit(1761589395.133:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 551.887706][ T28] audit: type=1326 audit(1761589395.133:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 551.887749][ T28] audit: type=1326 audit(1761589395.133:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 551.887794][ T28] audit: type=1326 audit(1761589395.133:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 551.887840][ T28] audit: type=1326 audit(1761589395.133:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 552.023962][ T28] audit: type=1326 audit(1761589395.133:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 552.056934][ T28] audit: type=1326 audit(1761589395.133:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 552.098129][ T28] audit: type=1326 audit(1761589395.133:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10860 comm="syz.3.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 552.130666][T10862] 8021q: adding VLAN 0 to HW filter on device bond6 [ 552.394248][T10866] serio: Serial port ptm0 [ 552.541478][T10880] Cannot find add_set index 65532 as target [ 552.940525][T10891] xt_TCPMSS: Only works on TCP SYN packets [ 554.192618][T10894] Bluetooth: MGMT ver 1.22 [ 554.651698][T10901] loop2: detected capacity change from 0 to 1024 [ 555.520511][T10901] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 557.996166][T10923] xt_TCPMSS: Only works on TCP SYN packets [ 558.505662][T10908] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 558.945103][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.990577][T10936] netlink: 'syz.2.1443': attribute type 10 has an invalid length. [ 559.999274][T10936] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1443'. [ 560.009056][T10936] net veth1_virt_wifi virt_wifi0: left allmulticast mode [ 560.019284][T10936] batman_adv: batadv0: Adding interface: virt_wifi0 [ 560.025941][T10936] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 560.056459][T10936] batman_adv: batadv0: Interface activated: virt_wifi0 [ 560.163794][T10939] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1445'. [ 560.459216][ T8912] IPVS: starting estimator thread 0... [ 560.567486][T10949] IPVS: using max 16 ests per chain, 38400 per kthread [ 561.628054][T10970] loop2: detected capacity change from 0 to 512 [ 562.198187][T10970] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1458: inode has both inline data and extents flags [ 562.287955][T10970] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1458: couldn't read orphan inode 15 (err -117) [ 562.338768][T10970] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.424411][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.437782][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.512556][T10994] loop0: detected capacity change from 0 to 2048 [ 563.618099][T10994] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 564.036072][T11004] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1465'. [ 564.846605][ T6097] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 564.858454][T10975] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 564.913710][ T6097] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 450 with error 28 [ 564.946957][ T6097] EXT4-fs (loop0): This should not happen!! Data will be lost [ 564.946957][ T6097] [ 564.956812][ T6097] EXT4-fs (loop0): Total free blocks count 0 [ 564.962943][ T6097] EXT4-fs (loop0): Free/Dirty block details [ 564.969328][ T6097] EXT4-fs (loop0): free_blocks=2415919504 [ 564.975456][ T6097] EXT4-fs (loop0): dirty_blocks=464 [ 564.987007][ T6097] EXT4-fs (loop0): Block reservation details [ 564.994386][ T6097] EXT4-fs (loop0): i_reserved_data_blocks=29 [ 565.025298][ T8995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 565.186172][T11014] bridge0: port 2(bridge_slave_1) entered disabled state [ 565.193971][T11014] bridge0: port 1(bridge_slave_0) entered disabled state [ 565.712692][T11014] bridge0: entered allmulticast mode [ 566.138239][T11014] bridge_slave_1: left allmulticast mode [ 566.169696][T11014] bridge_slave_1: left promiscuous mode [ 566.175707][T11014] bridge0: port 2(bridge_slave_1) entered disabled state [ 566.190697][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.231245][T11014] bridge_slave_0: left allmulticast mode [ 566.240990][T11014] bridge_slave_0: left promiscuous mode [ 566.246835][T11014] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.912479][T11038] netlink: 'syz.2.1472': attribute type 29 has an invalid length. [ 567.924573][T11038] netlink: 'syz.2.1472': attribute type 29 has an invalid length. [ 571.447189][ T786] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 571.595439][ T5802] Bluetooth: hci1: Malformed Event: 0x02 [ 571.697593][ T786] usb 3-1: Using ep0 maxpacket: 32 [ 571.719825][ T786] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 571.751376][ T786] usb 3-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 571.777804][ T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 571.802390][ T786] usb 3-1: Product: syz [ 571.807035][ T786] usb 3-1: Manufacturer: syz [ 571.811795][ T786] usb 3-1: SerialNumber: syz [ 571.824405][ T786] usb 3-1: config 0 descriptor?? [ 571.855598][T11046] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 571.891404][ T786] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 572.292574][ T5838] usb 3-1: USB disconnect, device number 6 [ 572.954077][T11092] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1485'. [ 574.226098][T11108] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 575.526758][T11120] loop0: detected capacity change from 0 to 512 [ 575.560380][T11120] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 575.575395][T11120] EXT4-fs (loop0): Test dummy encryption mode enabled [ 575.609026][T11120] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.1494: inode has both inline data and extents flags [ 575.626067][T11120] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.1494: couldn't read orphan inode 15 (err -117) [ 575.640322][T11120] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 575.766138][T11120] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 575.902214][ T8995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.806019][T11145] bond1: (slave bridge0): Releasing active interface [ 576.820779][T11145] bridge0 (unregistering): left promiscuous mode [ 578.827828][T11165] (null): rxe_set_mtu: Set mtu to 1024 [ 578.844312][T11167] netlink: 'syz.1.1505': attribute type 2 has an invalid length. [ 579.441173][T11165] infiniband syz0: set active [ 579.458557][T11165] infiniband syz0: added bond0 [ 579.585055][T11165] RDS/IB: syz0: added [ 579.598590][T11165] smc: adding ib device syz0 with port count 1 [ 579.605138][T11165] smc: ib device syz0 port 1 has pnetid [ 581.766172][T11200] netlink: 'syz.1.1514': attribute type 11 has an invalid length. [ 585.898047][T11243] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1528'. [ 586.204262][T11243] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1528'. [ 586.877656][T11252] random: crng reseeded on system resumption [ 587.691296][T11261] loop0: detected capacity change from 0 to 32768 [ 588.162889][T11267] ptrace attach of "./syz-executor exec"[11268] was attempted by "./syz-executor exec"[11267] [ 588.926029][ T5802] Bluetooth: hci0: command 0x0406 tx timeout [ 589.773543][T11275] 9pnet_fd: p9_fd_create_tcp (11275): problem connecting socket to 127.0.0.1 [ 590.968066][T11287] loop0: detected capacity change from 0 to 512 [ 590.999284][T11287] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 591.028106][T11287] EXT4-fs (loop0): orphan cleanup on readonly fs [ 591.052370][T11287] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 591.104716][T11287] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 591.133211][T11287] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.1540: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 591.187403][T11287] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.1540: couldn't read orphan inode 13 (err -117) [ 591.208853][T11287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 591.388134][ T8995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.578062][T11327] Invalid ELF header magic: != ELF [ 593.817109][ T27] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 594.030635][ T27] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 594.062712][ T27] usb 1-1: config 220 has 1 interface, different from the descriptor's value: 3 [ 594.084762][ T27] usb 1-1: config 220 interface 0 has no altsetting 0 [ 594.104548][ T27] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 594.118818][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 594.129137][ T27] usb 1-1: Product: syz [ 594.133372][ T27] usb 1-1: Manufacturer: syz [ 594.144902][ T27] usb 1-1: SerialNumber: syz [ 594.527219][ T27] usb 1-1: Found UVC 0.00 device syz (8086:0b07) [ 594.533764][ T27] usb 1-1: No valid video chain found. [ 594.545159][ T27] usb 1-1: USB disconnect, device number 6 [ 595.501344][T11348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1559'. [ 597.242221][T11351] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 597.277017][T11269] Bluetooth: hci1: command 0x0406 tx timeout [ 597.776737][T11358] loop0: detected capacity change from 0 to 1024 [ 597.784558][T11358] EXT4-fs: Ignoring removed nomblk_io_submit option [ 598.074664][T11358] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 598.223316][ T8995] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 599.657244][T11377] bridge1: entered allmulticast mode [ 600.094876][ T28] kauditd_printk_skb: 20 callbacks suppressed [ 600.094895][ T28] audit: type=1326 audit(1761589443.423:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11382 comm="syz.1.1569" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa58f38efc9 code=0x0 [ 601.728423][T11394] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 601.736997][T11394] openvswitch: netlink: Actions may not be safe on all matching packets [ 602.674307][ T28] audit: type=1326 audit(1761589446.023:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 602.861799][ T28] audit: type=1326 audit(1761589446.023:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 602.907561][ T28] audit: type=1326 audit(1761589446.023:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 603.006984][T11405] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1575'. [ 603.933440][ T28] audit: type=1326 audit(1761589446.023:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 603.956036][ T28] audit: type=1326 audit(1761589446.053:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 603.978483][ T28] audit: type=1326 audit(1761589446.053:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 604.001064][ T28] audit: type=1326 audit(1761589446.053:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 604.087033][ T28] audit: type=1326 audit(1761589446.053:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 604.146133][ T28] audit: type=1326 audit(1761589446.053:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11400 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f414a78efc9 code=0x7ffc0000 [ 606.055593][T11439] loop2: detected capacity change from 0 to 256 [ 606.088227][T11439] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 606.102834][T11439] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 606.125156][T11439] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 606.167348][T11439] exfat filesystem being mounted at /373/file0 supports timestamps until 2107-12-31 (0x10391447f) [ 606.450468][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 606.450488][ T28] audit: type=1800 audit(3909073097.794:574): pid=11439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1584" name="file1" dev="loop2" ino=1048638 res=0 errno=0 [ 610.949343][T11496] loop2: detected capacity change from 0 to 1764 [ 612.620962][T11515] rdma_op ffff88807b3a41f0 conn xmit_rdma 0000000000000000 [ 615.202291][T11546] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1612'. [ 616.900228][T11552] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1614'. [ 620.094818][T11576] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 620.128104][T11576] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 623.793158][T11269] Bluetooth: hci0: unexpected event for opcode 0x0000 [ 625.655993][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.680640][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 627.821588][T11269] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 627.831183][T11269] Bluetooth: hci0: Injecting HCI hardware error event [ 627.847898][ T5805] Bluetooth: hci0: hardware error 0x00 [ 630.107222][ T5805] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 633.166976][T11660] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1641'. [ 636.621978][T11702] loop2: detected capacity change from 0 to 512 [ 636.654446][T11702] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 636.684058][T11702] EXT4-fs (loop2): 1 truncate cleaned up [ 636.692307][T11702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 638.057828][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 643.201396][T11758] loop2: detected capacity change from 0 to 1024 [ 649.448458][T11819] netlink: 'syz.0.1686': attribute type 1 has an invalid length. [ 650.786654][T11826] 8021q: adding VLAN 0 to HW filter on device bond3 [ 651.268108][T11832] loop2: detected capacity change from 0 to 1024 [ 656.014344][T11876] serio: Serial port ptm0 [ 660.740198][ T5974] IPVS: starting estimator thread 0... [ 660.916395][T11926] IPVS: using max 18 ests per chain, 43200 per kthread [ 662.990784][T11941] loop0: detected capacity change from 0 to 128 [ 663.031039][T11941] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 663.102111][T11941] ext4 filesystem being mounted at /168/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 664.534140][ T8995] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 665.812012][T11971] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1726'. [ 666.371613][T11973] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1736'. [ 671.602102][T12024] loop2: detected capacity change from 0 to 2048 [ 671.628977][T12023] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1743'. [ 671.676679][T12024] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 671.686009][ T28] audit: type=1326 audit(3909073163.024:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.3.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 671.770368][ T28] audit: type=1326 audit(3909073163.024:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.3.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 671.848884][ T28] audit: type=1326 audit(3909073163.064:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.3.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 671.884956][ T28] audit: type=1326 audit(3909073163.074:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.3.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 671.922484][ T28] audit: type=1326 audit(3909073163.074:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.3.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 671.959184][ T28] audit: type=1326 audit(3909073163.084:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.3.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f08fd78efc9 code=0x7ffc0000 [ 672.209018][ T28] audit: type=1326 audit(3909073163.084:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12026 comm="syz.3.1745" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f08fd78efc9 code=0x0 [ 672.347899][ T5974] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 672.557732][ T5974] usb 1-1: Using ep0 maxpacket: 16 [ 672.842504][ T5974] usb 1-1: config 0 has an invalid descriptor of length 100, skipping remainder of the config [ 672.867699][ T5974] usb 1-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00 [ 672.915851][ T5974] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 672.969129][ T5974] usb 1-1: config 0 descriptor?? [ 672.990706][ T5974] gspca_main: spca501-2.14.0 probing 0000:0000 [ 673.523373][ T5974] gspca_spca501: reg write: error -71 [ 674.188806][ T5974] spca501 1-1:0.0: Reg write failed for 0x02,0xa048,0x00 [ 674.196015][ T5974] spca501: probe of 1-1:0.0 failed with error -22 [ 674.254958][ T5974] usb 1-1: USB disconnect, device number 7 [ 674.601844][T12056] loop2: detected capacity change from 0 to 2048 [ 674.674879][T12056] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 677.432969][T12061] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 677.652016][ T6122] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 678.388449][ T6122] EXT4-fs (loop2): This should not happen!! Data will be lost [ 678.388449][ T6122] [ 678.398722][ T6122] EXT4-fs (loop2): Total free blocks count 0 [ 678.404864][ T6122] EXT4-fs (loop2): Free/Dirty block details [ 678.411746][ T6122] EXT4-fs (loop2): free_blocks=2415919504 [ 678.417914][ T6122] EXT4-fs (loop2): dirty_blocks=8192 [ 678.423372][ T6122] EXT4-fs (loop2): Block reservation details [ 678.429728][ T6122] EXT4-fs (loop2): i_reserved_data_blocks=512 [ 678.481489][ T6122] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 680.158485][ T5790] EXT4-fs: 7 callbacks suppressed [ 680.158504][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 680.360013][T12084] netlink: 'syz.0.1761': attribute type 9 has an invalid length. [ 680.368540][T12084] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1761'. [ 683.178184][T12097] netlink: 'syz.2.1757': attribute type 10 has an invalid length. [ 685.214511][T12104] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 685.226395][T12104] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 685.252661][T12104] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 685.259778][T12104] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 686.218116][T12104] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 686.224289][T12104] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 686.234822][T12104] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 686.303053][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.309569][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.277389][T11269] Bluetooth: hci3: command 0x0406 tx timeout [ 687.284510][T11269] Bluetooth: hci2: command 0x0406 tx timeout [ 688.327042][T12127] Bluetooth: hci1: command 0x0406 tx timeout [ 688.335017][ T5805] Bluetooth: hci1: Opcode 0x206c failed: -110 [ 689.337492][T12127] Bluetooth: hci2: command 0x0406 tx timeout [ 689.343628][T12127] Bluetooth: hci3: command 0x0406 tx timeout [ 690.379618][T12127] Bluetooth: hci1: command 0x0406 tx timeout [ 690.386313][ T5805] Bluetooth: hci1: Opcode 0x2046 failed: -110 [ 692.538771][T12127] Bluetooth: hci1: command 0x0406 tx timeout [ 692.933845][T12171] loop2: detected capacity change from 0 to 2048 [ 692.968240][T12171] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 693.403651][ T49] ------------[ cut here ]------------ [ 693.410488][ T49] WARNING: CPU: 0 PID: 49 at io_uring/io_uring.c:3214 io_ring_exit_work+0x39e/0x7e0 [ 693.420212][ T49] Modules linked in: [ 693.424150][ T49] CPU: 0 PID: 49 Comm: kworker/u4:3 Not tainted syzkaller #0 [ 693.431641][ T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 693.441858][ T49] Workqueue: iou_exit io_ring_exit_work [ 693.447514][ T49] RIP: 0010:io_ring_exit_work+0x39e/0x7e0 [ 693.453272][ T49] Code: e8 f7 37 1f f7 48 89 df 48 c7 c6 a0 4a 66 8a 4c 8b 24 24 4c 89 e2 b9 01 00 00 00 e8 0c be b4 f9 e9 64 ff ff ff e8 d2 37 1f f7 <0f> 0b b8 70 17 00 00 48 89 44 24 08 eb a6 89 d9 80 e1 07 80 c1 03 [ 693.473066][ T49] RSP: 0018:ffffc90000ba7a40 EFLAGS: 00010293 [ 693.479255][ T49] RAX: ffffffff8a6657ae RBX: 00000001000098c6 RCX: ffff88801baf8000 [ 693.487307][ T49] RDX: 0000000000000000 RSI: fffffffffffffff7 RDI: 0000000000000000 [ 693.495317][ T49] RBP: ffffc90000ba7bb0 R08: ffffc90000ba79c7 R09: 1ffff92000174f38 [ 693.503435][ T49] R10: dffffc0000000000 R11: fffff52000174f39 R12: 00000001000098bd [ 693.511939][ T49] R13: ffff88802e916288 R14: ffff88802e916510 R15: dffffc0000000000 [ 693.520098][ T49] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 693.529136][ T49] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 693.535750][ T49] CR2: 00007f08fe6b5f98 CR3: 000000002b7b5000 CR4: 00000000003506f0 [ 693.543803][ T49] Call Trace: [ 693.547189][ T49] [ 693.550167][ T49] ? io_ring_ctx_wait_and_kill+0x2a0/0x2a0 [ 693.556032][ T49] ? _raw_spin_unlock_irq+0x23/0x50 [ 693.561410][ T49] ? process_scheduled_works+0x957/0x15b0 [ 693.567237][ T49] ? process_scheduled_works+0x957/0x15b0 [ 693.572999][ T49] process_scheduled_works+0xa45/0x15b0 [ 693.578695][ T49] ? assign_work+0x400/0x400 [ 693.583342][ T49] ? assign_work+0x39e/0x400 [ 693.588044][ T49] worker_thread+0xa55/0xfc0 [ 693.592709][ T49] kthread+0x2fa/0x390 [ 693.596854][ T49] ? pr_cont_work+0x560/0x560 [ 693.601575][ T49] ? kthread_blkcg+0xd0/0xd0 [ 693.606202][ T49] ret_from_fork+0x48/0x80 [ 693.610712][ T49] ? kthread_blkcg+0xd0/0xd0 [ 693.615741][ T49] ret_from_fork_asm+0x11/0x20 [ 693.620701][ T49] [ 693.623753][ T49] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 693.631060][ T49] CPU: 0 PID: 49 Comm: kworker/u4:3 Not tainted syzkaller #0 [ 693.638462][ T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 693.648551][ T49] Workqueue: iou_exit io_ring_exit_work [ 693.654135][ T49] Call Trace: [ 693.657440][ T49] [ 693.660395][ T49] dump_stack_lvl+0x16c/0x230 [ 693.665113][ T49] ? show_regs_print_info+0x20/0x20 [ 693.670355][ T49] ? load_image+0x3b0/0x3b0 [ 693.674902][ T49] panic+0x2c0/0x710 [ 693.678834][ T49] ? bpf_jit_dump+0xd0/0xd0 [ 693.683383][ T49] ? ret_from_fork_asm+0x11/0x20 [ 693.688367][ T49] __warn+0x2e0/0x470 [ 693.692375][ T49] ? io_ring_exit_work+0x39e/0x7e0 [ 693.697517][ T49] ? io_ring_exit_work+0x39e/0x7e0 [ 693.702655][ T49] report_bug+0x2be/0x4f0 [ 693.707023][ T49] ? io_ring_exit_work+0x39e/0x7e0 [ 693.712202][ T49] ? io_ring_exit_work+0x39e/0x7e0 [ 693.717349][ T49] ? io_ring_exit_work+0x3a0/0x7e0 [ 693.722494][ T49] handle_bug+0xcf/0x120 [ 693.726775][ T49] exc_invalid_op+0x1a/0x50 [ 693.731318][ T49] asm_exc_invalid_op+0x1a/0x20 [ 693.736212][ T49] RIP: 0010:io_ring_exit_work+0x39e/0x7e0 [ 693.742010][ T49] Code: e8 f7 37 1f f7 48 89 df 48 c7 c6 a0 4a 66 8a 4c 8b 24 24 4c 89 e2 b9 01 00 00 00 e8 0c be b4 f9 e9 64 ff ff ff e8 d2 37 1f f7 <0f> 0b b8 70 17 00 00 48 89 44 24 08 eb a6 89 d9 80 e1 07 80 c1 03 [ 693.761661][ T49] RSP: 0018:ffffc90000ba7a40 EFLAGS: 00010293 [ 693.767766][ T49] RAX: ffffffff8a6657ae RBX: 00000001000098c6 RCX: ffff88801baf8000 [ 693.775769][ T49] RDX: 0000000000000000 RSI: fffffffffffffff7 RDI: 0000000000000000 [ 693.783777][ T49] RBP: ffffc90000ba7bb0 R08: ffffc90000ba79c7 R09: 1ffff92000174f38 [ 693.791778][ T49] R10: dffffc0000000000 R11: fffff52000174f39 R12: 00000001000098bd [ 693.799755][ T49] R13: ffff88802e916288 R14: ffff88802e916510 R15: dffffc0000000000 [ 693.807744][ T49] ? io_ring_exit_work+0x39e/0x7e0 [ 693.812879][ T49] ? io_ring_ctx_wait_and_kill+0x2a0/0x2a0 [ 693.818707][ T49] ? _raw_spin_unlock_irq+0x23/0x50 [ 693.823935][ T49] ? process_scheduled_works+0x957/0x15b0 [ 693.829669][ T49] ? process_scheduled_works+0x957/0x15b0 [ 693.835401][ T49] process_scheduled_works+0xa45/0x15b0 [ 693.840978][ T49] ? assign_work+0x400/0x400 [ 693.845585][ T49] ? assign_work+0x39e/0x400 [ 693.850204][ T49] worker_thread+0xa55/0xfc0 [ 693.854836][ T49] kthread+0x2fa/0x390 [ 693.858996][ T49] ? pr_cont_work+0x560/0x560 [ 693.863683][ T49] ? kthread_blkcg+0xd0/0xd0 [ 693.868286][ T49] ret_from_fork+0x48/0x80 [ 693.872707][ T49] ? kthread_blkcg+0xd0/0xd0 [ 693.877315][ T49] ret_from_fork_asm+0x11/0x20 [ 693.882148][ T49] [ 693.885493][ T49] Kernel Offset: disabled [ 693.889940][ T49] Rebooting in 86400 seconds..