last executing test programs: 11.840285492s ago: executing program 0 (id=1972): r0 = socket$kcm(0x11, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000580)=@xdp={0x2c, 0x8, r5, 0x3e}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x40084) 11.720782723s ago: executing program 0 (id=1973): socket$igmp6(0xa, 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r2, 0x400455c8, 0x4) 8.70889577s ago: executing program 0 (id=1979): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0xa0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 8.419535942s ago: executing program 0 (id=1983): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x800400, &(0x7f00000009c0)={[{@quota}]}, 0x1, 0x4f3, &(0x7f0000000a00)="$eJzs3c9rXFsdAPDvnSRt0uY5eeri+cD3iq+SFu1M0tg2uCgVxF1BrfsYkkkImWRCZtI2oZQU/wBBRBeuXLkR/AME6cZ9EQq6FxGl2FYXLtSRO3PHxnQmGV4nM+3k84HTe+6P3O/3dDq399x7yAng1LoQEbciYiQiLkdEPtuey0rsN0t63MsXD5bSkkS9fudvSSTZtta5kmx5Pvux8Yj4bnJgxwHV3b31xXK5tJ2tF2sbW8Xq7t6VtY3F1dJqaXNubvb6/I35a/MzPWvrzW/++Sc//MW3bv7mq/f+uPDXSw/TtCazfQfb0UvNpo81/i5aRiNi+ySCDcBI1p6xLo8/e8L5AABwtPQe/7MR8aXG/X8+Rhp3cwAAAMAwqScR/0oi6gAAAMDQyjXGwCa5QjYWYDJyuUKhOYb383EuV65Ua19ZqexsLjfHyk7FWG5lrVyaycYKT8VYkq7PNuqv1q8eWp+LiPcj4sf5iWTlbJQKS5Xy8qAffgAAAMApcf5Q//8f+Wb/HwAAABgyU4NOAAAAADhx+v8AAAAw/Dr2/xOTAQAAAMAQ+Pbt22mpt+a/Xr67u7NeuXtluVRdL2zsLBWWKttbhdVKZbVcKixVNo47X7lS2fpabO7cL9ZK1Vqxuru3sFHZ2awtNOb1Xih1O080AAAA0Dvvf/z4D0lE7H99olFSZ7J9+uow3HLHHzJxoJ6cZC5Af40MOgFgYD7dAF/DgmEYHNfHf16v9ykTYFCO69iPd9rxpPe5AAAAJ2P6C53f/wPDrYv3/23c6nkeQP95/w+nlzf5cHoZ4w+82ft/g4QAAOBdMNkoSa6QvQucjFyuUIh4rzEtwFiyslYuzUTEZyLi9/mxs+n67KCTBgAAAAAAAAAAAAAAAAAAAAAAAIB3TL2eRP2wM69vAgAAAN5dEbm/JNn8X9P5i5OHnw+cSf6Zbywj4t7P7vz0/mKttj2bbn+efzVrWLb9at8fXwAAAACp3/7/aquf3urHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAP1ZPmcunliwdL/Qz87BsRMRWRxm2V5p7RGG8sx2MsIs79PYnRAz+X5jvSg/j7jyLig3bxkzStmMqyOBw/FxETA45/vgfx4TR7nF5/brX7/uXiQmPZ/vs3mpU39exCp+tf7n/Xv5EO17/3uozx4dNfFTvGfxTx4Wj7608rftIh/iddxv/+9/b2Ou2r/zxiOtrHPxirWNvYKlZ3966sbSyullZLm3Nzs9fnb8xfm58prqyVS9mfbWP86Iu//s9R7T/XIf7UMe2/2GX7//30/ovPvbb14dVW/EuftP/8Pzgifvpv4svZ/wPp/ulWfb9ZP+ijX/7uo6Pav9yh/cd9/pe6bP/l7/zgT10eCgD0QXV3b32xXC5tH1l5Escf079K6z7kbcknvRdKKzf7F7T16KGXZ/44Pd+JJj8Rb8XnpdJNZYAXJQAA4ES8uukfdCYAAAAAAAAAAAAAAAAAAABwevXj14kNuo0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN34bwAAAP//tfDGOw==") unlink(&(0x7f0000000180)='./file1\x00') 8.313545532s ago: executing program 0 (id=1986): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000080) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x6, 0x8, 0x8, 0x40}, 0x50) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0) r1 = openat$comedi(0xffffff9c, &(0x7f0000000200)='/dev/comedi1\x00', 0x2000, 0x0) ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000140)={'dt2801\x00', [0x3c4, 0xd, 0x2, 0xa, 0x14000000, 0x0, 0xfffffffc, 0x2, 0xffd, 0x7ffe, 0x4, 0x723, 0x400, 0x7, 0x13, 0x4000100, 0xfeffffa7, 0xd, 0x59, 0x1, 0x3ff, 0x9, 0x1f7, 0xe2df, 0xaa14, 0x1, 0x6, 0xa, 0x7, 0x2, 0x6]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) mkdir(0x0, 0x3) mount(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x200c008, 0x0) chdir(&(0x7f0000000280)='./file1\x00') r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1812c1, 0x0) r3 = openat$dsp1(0xffffff9c, &(0x7f0000000040), 0x8002, 0x0) quotactl_fd$Q_GETFMT(r3, 0xffffffff80000401, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000001180)=0x2000000) mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r4, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r4, 0x5008, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r4, 0x800c5012, &(0x7f0000000200)) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000340)) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000080)={0xffffffffffffffff, 0x58, &(0x7f00000003c0)}, 0x10) 6.891404641s ago: executing program 2 (id=1991): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000200)="a242", 0x2}], 0x1) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061) setsockopt$sock_int(r0, 0x1, 0x21, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0) 6.864429461s ago: executing program 2 (id=1992): r0 = socket$kcm(0x11, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000580)=@xdp={0x2c, 0x8, r5, 0x3e}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x40084) 6.475622093s ago: executing program 2 (id=1995): socket$l2tp6(0xa, 0x2, 0x73) setrlimit(0x7, &(0x7f0000000000)={0x4, 0x6}) pipe2$9p(0x0, 0x0) 6.389344383s ago: executing program 2 (id=1997): ioctl$sock_netdev_private(0xffffffffffffffff, 0x89fb, &(0x7f0000000180)="6a920d2045e07b9998b2523aeb2eae5caeeabfb2e56da91eb91f7a8dc8298399106cf5eca01b61d59613d20db9380dc5a4deb8c9368e55a202f05aeb2ad3") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB="0c00990000000000000000000800a102ffff0000080026008d03000008009f"], 0x40}}, 0x0) 6.234406284s ago: executing program 2 (id=1998): socket$igmp6(0xa, 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x4) 5.864477536s ago: executing program 2 (id=1999): r0 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0) r1 = syz_io_uring_setup(0x313f, &(0x7f0000000080)={0x0, 0xfffffffd, 0x10100, 0x3, 0x17b}, &(0x7f0000000180)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0) r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nfc(0x0, r5) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r7], 0x1c}}, 0x0) write$nci(r4, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000500)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000600)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @loopback, 0x1}, {0xa, 0x0, 0x5, @mcast2}, r8}}, 0x48) 4.563012704s ago: executing program 3 (id=2003): r0 = socket$kcm(0x11, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r7, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000580)=@xdp={0x2c, 0x8, r5, 0x3e}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x40084) 4.208710926s ago: executing program 3 (id=2004): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/snmp6\x00') read$ptp(r3, &(0x7f0000000300)=""/212, 0xd4) 3.965141887s ago: executing program 1 (id=2006): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x4, &(0x7f0000000340)={[{@uid}, {@type={'type', 0x3d, "0142bc05"}}, {@barrier}, {@barrier}, {@part={'part', 0x3d, 0x7}}, {@force}, {@gid}, {@nls={'nls', 0x3d, 'koi8-ru'}}, {@nobarrier}, {@creator={'creator', 0x3d, "ef6a7415"}}]}, 0xfc, 0x6e0, &(0x7f0000001480)="$eJzs3c1vHGcdB/Dv7K7fUtE4bdIWVImoEQURkfhFKQQJJSCEfKhQBAckbiZxGiubtLJdcCME4f3aQ/+A9pAbJyTuQeUMFwRHi1MlRC+cfFs0s7Prje111nESx/D5VLPzzDzvv52Z3dnUmgD/txbOpnU/RRbOvrlebm/cm29v3JufqLPbScp0I2l1VyluJ8XHyeV0l3y23FmXL4b188Hyxe/9/T8bn3S3WvVSlW/srPfzTpIvjD6Lu/WS00ma9XqnsW3bE8nkw9u7OrS9fit9u8+/6OeUATvTCxwcts4Od/dTfej5DhwdRb7xmd32TyfH0v2YrD7n6qtD4+mO7vHb11UOAAAADtnCv0/N7af8VL0+vpnNrB/523gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qoqk2V1VS6OXPp2i9/z/8Xpf6vSRdv+wBwAAAAAAAAAAO4w9sDWeZKK3cWn3Gp/fzGbW83xvu1NU/+b/WrVxsnp9Lu9mNUtZybmsZzFrWctKZpNMD3a2vri2tjI7Qs25XWvOPTiu5mgTnhytGAAAAAAAAAD8z/tlFrb+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4FRdLsrqrlZC89nUYryWSS8bLc3eSvvfQRUey28/7THwcAAAAcyOQj1Dm+mc2s5/nedqeo7vlfqu6XJ/Nubmcty1lLO0u5Vt9Dl3f9jY178+2Ne/O3yuXAQ69aTPe3h917fqUqMZXrWa72nMvVajDX0qhqlv6Z5FZvTDvH9YtPy7Yvdf1kxJFdq9dlZ+/3fkWYOPCEH4PppNXIWD8iM9XYugfBicEo7IzENz8d1ujl7qq1vacM9jSbRv+Xn5PdHsrkQ2N+acSZHavX5Xx+O+yXm8dtcqvTu0ML9SPRSBWJuYGj76W9Y5588Y+/f/9G+/bNG9dXzz6VKT1J24+J+YFIvDxCJH7wzEaitXd2Y/uOmWrnqd7mR88l+X7O5nSuZCXL+XEWs5alFPVMF+vjuXyd3jtSlx/YujJkAH3j9fvSrMv1x5SFfGfXMZ3Ot6vUYl6r6j6f5RR5O9eylDeq/+Yym6/mQi7k4sA7fGrouKu5VWd9Y39n/Zkv1YmpJL+r14ete1Eo43piIK6D19zpKm9rz9hAlF7Y+93deW18+JRbn6sTZR+/2vNoeNq2R2J2IBIv7h2Jjzrl62r79s2VG4vv7PLp2inGqvXfziSdTnff63VeecT95uFff/500Pk9xMB1rDxeXshkfSU5kbHu0Jq9vBf7V5kqXuOD9U728x78xB3PZHk+N7o9dc/U7w49U8fr73A7W5qr8l7eNW++yntlIG/w+1bydtr970MAPMOOffnY+NS/pv4y9eHUr6duTL05+a2Jr028Op6xP499vTXTfL3xavGHfJifbd3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj271vTs3F9vtpZXdE43m0KwhiXTu3FzsPcln1FpZLeon6eyrr8NK9B/584yM54kkih17yhk/ni56Tz7aX62ZnUfU5cMM1D/2WyuTA1NuDi18rE50jnejtK8uprcfmcmQwhPdYDaHnKf1W/QoDxcFjoTza7feOb/63p2vLN9afGvpraXbYxcuXJy5eOGN+fPXl9tLM93Xwx4l8CRsfW8HAAAAAAAAAAAAjooR/67gyg9/VP0fgo/09xKHPUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgaFs4m9b9FJmdOTdTbm/cm2+XSy+9VbKVpNFIip8mxcfJ5XSXTA80Vwzr54Pli80kn2y11eqVb+xRrzMx0izu1ktOJ2nW6wN4oL2rB26v6M+wDNiZXuDgsP03AAD//9ev6fg=") syz_create_resource$binfmt(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000340)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) listen(0xffffffffffffffff, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10) sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0) 2.975991363s ago: executing program 1 (id=2007): r0 = gettid() r1 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f0000000080)=ANY=[], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==") socket$phonet_pipe(0x23, 0x5, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) shutdown(0xffffffffffffffff, 0x0) r5 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r5, &(0x7f0000000200), 0x10) sendmsg$can_bcm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="01000000d7fe85a02520f6bc94da57473b224fcc13e463734c5e8a1596fd032c2f0470b5a2b02ebe113076f41d3400863cad8ca6ed"], 0x20000600}}, 0x0) r6 = socket$rds(0x15, 0x5, 0x0) ptrace$ARCH_GET_GS(0x1e, 0x0, &(0x7f00000000c0), 0x1004) setsockopt$SO_RDS_TRANSPORT(r6, 0x114, 0x8, &(0x7f0000000380), 0x4) setsockopt$RDS_FREE_MR(r6, 0x114, 0x3, &(0x7f0000000040)={{}, 0x6e}, 0x10) sendmsg$sock(r5, 0x0, 0x0) futimesat(r1, &(0x7f0000000000)='./file1\x00', 0x0) ioctl$FBIOPUTCMAP(0xffffffffffffffff, 0x4605, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61123c00000000006113500000000000bf200000000000001500000008ffffffbd03010000000000cf000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0) acct(&(0x7f0000000140)='./file0\x00') 1.947035959s ago: executing program 1 (id=2008): r0 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0) r1 = syz_io_uring_setup(0x313f, &(0x7f0000000080)={0x0, 0xfffffffd, 0x10100, 0x3, 0x17b}, &(0x7f0000000180)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0) r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nfc(0x0, r5) ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r7], 0x1c}}, 0x0) write$nci(r4, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000500)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000600)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @loopback, 0x1}, {0xa, 0x0, 0x5, @mcast2}, r8}}, 0x48) 1.946311609s ago: executing program 3 (id=2009): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000200)="a242", 0x2}], 0x1) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000300)=0xc, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0) sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0) 1.877168939s ago: executing program 3 (id=2010): socket$igmp6(0xa, 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x4) 1.76547181s ago: executing program 1 (id=2011): r0 = socket$kcm(0x11, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, 0x0, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000580)=@xdp={0x2c, 0x8, r5, 0x3e}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x40084) 1.479631252s ago: executing program 3 (id=2012): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0, 0x4}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x14, 0x2, 0x1, 0xc5, 0x9, 0x28, 0x2, 0x1, 0x95, 0xb, 0x8, 0x8e, 0x7}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.330478262s ago: executing program 1 (id=2013): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000040)={0x2, 0x6e27, @multicast1}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000180)=0x1f5, 0x4) setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000080)=0xd0, 0x4) recvmmsg(r0, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}, 0x800005}], 0x1, 0x2203, 0x0) 1.223026243s ago: executing program 3 (id=2014): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmmsg(r4, 0x0, 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) setresgid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) write(r5, &(0x7f0000000000)="14000000140005b7ffccca38b9000000010860eb", 0x14) bpf$TOKEN_CREATE(0x24, &(0x7f0000000340)={0x0, r3}, 0x8) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="120000000400000004000000090000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50) writev(0xffffffffffffffff, 0x0, 0x0) 687.092676ms ago: executing program 1 (id=2015): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x48c}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1}) mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil) 0s ago: executing program 0 (id=2016): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) rt_sigqueueinfo(0x0, 0x11, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x9, 0x8c000) r2 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@dev, 0x0, 0xfffd, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x5}, {0x0, 0x4, 0x1, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x2, 0x7, 0x0, 0x5}}, 0xe8) sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0) kernel console output (not intermixed with test programs): o) comm="syz.3.375" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 118.520319][ T6954] Driver unsupported XDP return value 0 on prog (id 142) dev N/A, expect packet loss! [ 118.537827][ T27] audit: type=1804 audit(1762605998.506:524): pid=6954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.375" name="/newroot/94/bus/bus" dev="loop3" ino=18 res=1 errno=0 [ 118.657821][ T27] audit: type=1326 audit(1762605998.536:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6953 comm="syz.3.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 118.759012][ T6954] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 118.798517][ T27] audit: type=1326 audit(1762605998.536:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6953 comm="syz.3.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 118.919966][ T27] audit: type=1326 audit(1762605998.546:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6953 comm="syz.3.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 119.051534][ T27] audit: type=1326 audit(1762605998.546:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6953 comm="syz.3.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 119.174757][ T27] audit: type=1326 audit(1762605998.546:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6953 comm="syz.3.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 119.258233][ T27] audit: type=1326 audit(1762605998.546:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6953 comm="syz.3.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 119.259057][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.282988][ T27] audit: type=1326 audit(1762605998.566:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6953 comm="syz.3.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 119.314737][ T27] audit: type=1326 audit(1762605998.566:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6953 comm="syz.3.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 119.451892][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.094491][ T7001] loop1: detected capacity change from 0 to 1024 [ 122.108975][ T7001] EXT4-fs: Ignoring removed nobh option [ 122.151401][ T7001] EXT4-fs: Ignoring removed bh option [ 122.163338][ T7001] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 122.229941][ T7001] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.994018][ T7015] loop0: detected capacity change from 0 to 2048 [ 123.001520][ T7015] EXT4-fs: Ignoring removed mblk_io_submit option [ 123.009314][ T7015] EXT4-fs: Ignoring removed i_version option [ 123.095000][ T7015] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.225931][ T7021] loop3: detected capacity change from 0 to 1024 [ 123.240290][ T7021] EXT4-fs: Invalid want_extra_isize 2 [ 123.276851][ T6373] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 123.335237][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.338011][ T7000] delete_channel: no stack [ 123.522305][ T7001] syz.1.393 (7001) used greatest stack depth: 20528 bytes left [ 123.540489][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.625647][ T27] kauditd_printk_skb: 46 callbacks suppressed [ 123.625660][ T27] audit: type=1326 audit(1762606003.706:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 123.712708][ T27] audit: type=1326 audit(1762606003.746:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 123.756749][ T27] audit: type=1326 audit(1762606003.746:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 123.791480][ T27] audit: type=1326 audit(1762606003.746:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 123.856067][ T27] audit: type=1326 audit(1762606003.746:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 123.961592][ T27] audit: type=1326 audit(1762606003.746:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 123.999169][ T27] audit: type=1326 audit(1762606003.746:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 124.022061][ T27] audit: type=1326 audit(1762606003.746:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 124.045442][ T27] audit: type=1326 audit(1762606003.746:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 124.067700][ T27] audit: type=1326 audit(1762606003.746:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7029 comm="syz.2.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 124.555097][ T7045] loop3: detected capacity change from 0 to 512 [ 124.562984][ T7045] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 126.298865][ T7065] netlink: 12 bytes leftover after parsing attributes in process `syz.1.414'. [ 126.507242][ T7069] loop1: detected capacity change from 0 to 512 [ 126.528579][ T7069] EXT4-fs: Ignoring removed bh option [ 126.759252][ T7069] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.798686][ T7069] ext4 filesystem being mounted at /104/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 126.977819][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.425733][ T7094] netlink: 'syz.1.425': attribute type 1 has an invalid length. [ 127.602175][ T7098] bridge0: entered promiscuous mode [ 127.625679][ T7098] macsec1: entered promiscuous mode [ 127.632378][ T7098] bridge0: port 1(macsec1) entered blocking state [ 127.641230][ T7098] bridge0: port 1(macsec1) entered disabled state [ 127.650046][ T7098] macsec1: entered allmulticast mode [ 127.660887][ T7098] bridge0: entered allmulticast mode [ 127.668582][ T7098] macsec1: left allmulticast mode [ 127.682079][ T7098] bridge0: left allmulticast mode [ 127.708614][ T7098] bridge0: left promiscuous mode [ 128.323891][ T7101] loop1: detected capacity change from 0 to 512 [ 128.349765][ T7101] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 128.399613][ T7101] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 128.442923][ T7101] EXT4-fs (loop1): 1 truncate cleaned up [ 128.449828][ T7101] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.977399][ T7118] loop3: detected capacity change from 0 to 512 [ 129.003957][ T7118] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002] [ 129.012258][ T7118] EXT4-fs (loop3): orphan cleanup on readonly fs [ 129.022221][ T7118] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 129.040518][ T7118] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 129.052529][ T7118] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.436: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 129.087215][ T7118] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.436: couldn't read orphan inode 13 (err -117) [ 129.114620][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.147097][ T7118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 129.333005][ T7118] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 129.363614][ T7118] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002] [ 129.371679][ T7118] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 8 [ 129.494072][ T7126] loop1: detected capacity change from 0 to 512 [ 129.501824][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.533642][ T7126] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.645933][ T7027] Set syz1 is full, maxelem 65536 reached [ 129.764222][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.967347][ T27] kauditd_printk_skb: 95 callbacks suppressed [ 129.967360][ T27] audit: type=1326 audit(1762606010.046:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.3.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 129.979725][ T7141] loop1: detected capacity change from 0 to 2048 [ 130.017445][ T7141] EXT4-fs: Ignoring removed mblk_io_submit option [ 130.028312][ T27] audit: type=1326 audit(1762606010.076:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.3.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 130.042671][ T7141] EXT4-fs: Ignoring removed i_version option [ 130.078113][ T27] audit: type=1326 audit(1762606010.076:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.3.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 130.081787][ T7141] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.105012][ T27] audit: type=1326 audit(1762606010.076:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.3.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 130.135100][ T27] audit: type=1326 audit(1762606010.086:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.3.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 130.157692][ T27] audit: type=1326 audit(1762606010.086:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.3.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 130.180970][ T27] audit: type=1326 audit(1762606010.186:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 130.203899][ T27] audit: type=1326 audit(1762606010.186:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 130.226294][ T27] audit: type=1326 audit(1762606010.186:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 130.248839][ T27] audit: type=1326 audit(1762606010.186:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 130.279011][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.389247][ T7156] 9pnet_fd: Insufficient options for proto=fd [ 130.771121][ T7179] loop3: detected capacity change from 0 to 1024 [ 130.780963][ T7179] EXT4-fs: Ignoring removed nobh option [ 130.787164][ T7179] EXT4-fs: Ignoring removed bh option [ 130.809145][ T7179] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 130.853786][ T7179] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.210031][ T7196] netlink: 268 bytes leftover after parsing attributes in process `syz.0.464'. [ 131.222196][ T7196] unsupported nla_type 65024 [ 131.519306][ T7206] syz.2.467[7206] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 131.519535][ T7206] syz.2.467[7206] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 131.598364][ T7178] delete_channel: no stack [ 131.751337][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.830532][ T7213] vlan2: entered allmulticast mode [ 132.096543][ T7227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.476'. [ 132.253778][ T7234] tipc: Started in network mode [ 132.258700][ T7234] tipc: Node identity baeaab001cfe, cluster identity 4711 [ 132.283237][ T7234] tipc: Enabled bearer , priority 0 [ 132.299172][ T7234] syzkaller0: entered promiscuous mode [ 132.312733][ T7234] syzkaller0: entered allmulticast mode [ 132.356898][ T7234] tipc: Resetting bearer [ 132.372052][ T7233] tipc: Resetting bearer [ 132.399057][ T7233] tipc: Disabling bearer [ 132.916742][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.955137][ T7264] Set syz1 is full, maxelem 65536 reached [ 134.683246][ T7334] tmpfs: Unknown parameter 'mpo' [ 135.359997][ T7350] syz.1.529[7350] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 135.360124][ T7350] syz.1.529[7350] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 135.547191][ T7356] loop1: detected capacity change from 0 to 256 [ 135.758675][ T7366] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 135.779717][ T7366] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 135.816417][ T7372] wg1 speed is unknown, defaulting to 1000 [ 135.852518][ T7372] wg1 speed is unknown, defaulting to 1000 [ 135.870298][ T7374] netlink: 36 bytes leftover after parsing attributes in process `syz.2.539'. [ 135.887793][ T7372] wg1 speed is unknown, defaulting to 1000 [ 135.916034][ T7372] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 135.926643][ T7376] loop3: detected capacity change from 0 to 1024 [ 135.956533][ T7372] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 135.977694][ T7376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.997957][ T7372] wg1 speed is unknown, defaulting to 1000 [ 136.006729][ T7372] wg1 speed is unknown, defaulting to 1000 [ 136.017563][ T7372] wg1 speed is unknown, defaulting to 1000 [ 136.025049][ T7372] wg1 speed is unknown, defaulting to 1000 [ 136.041216][ T27] kauditd_printk_skb: 137 callbacks suppressed [ 136.041227][ T27] audit: type=1326 audit(136.002:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7380 comm="syz.2.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 136.101221][ T27] audit: type=1326 audit(136.002:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7380 comm="syz.2.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 136.101259][ T27] audit: type=1326 audit(136.002:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7380 comm="syz.2.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 136.101294][ T27] audit: type=1326 audit(136.002:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7380 comm="syz.2.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 136.106887][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.646351][ T27] audit: type=1326 audit(136.602:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7405 comm="syz.3.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 136.646402][ T27] audit: type=1326 audit(136.602:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7405 comm="syz.3.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 136.646438][ T27] audit: type=1326 audit(136.602:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7405 comm="syz.3.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 136.646472][ T27] audit: type=1326 audit(136.602:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7405 comm="syz.3.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 136.646504][ T27] audit: type=1326 audit(136.602:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7405 comm="syz.3.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 136.646538][ T27] audit: type=1326 audit(136.602:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7405 comm="syz.3.550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 137.094276][ T7426] loop3: detected capacity change from 0 to 2048 [ 137.163592][ T7426] EXT4-fs: Ignoring removed mblk_io_submit option [ 137.170062][ T7426] EXT4-fs: Ignoring removed i_version option [ 137.218572][ T7426] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.289058][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.293403][ T7432] netlink: 24 bytes leftover after parsing attributes in process `syz.2.560'. [ 137.585985][ T7448] loop3: detected capacity change from 0 to 2048 [ 137.606900][ T7448] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.684031][ T7456] loop1: detected capacity change from 0 to 2048 [ 137.691189][ T7456] EXT4-fs: Ignoring removed mblk_io_submit option [ 137.693370][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.697763][ T7456] EXT4-fs: Ignoring removed i_version option [ 137.756688][ T7456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.881331][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.486897][ T7484] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 139.641453][ T7522] netlink: 332 bytes leftover after parsing attributes in process `syz.2.599'. [ 139.672073][ T7529] random: crng reseeded on system resumption [ 140.007555][ T7540] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 140.193507][ T7544] loop1: detected capacity change from 0 to 2048 [ 140.194345][ T7544] EXT4-fs: Ignoring removed mblk_io_submit option [ 140.194364][ T7544] EXT4-fs: Ignoring removed i_version option [ 140.234323][ T7544] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.329415][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.559476][ T7554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.610'. [ 140.575822][ T7554] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 141.062279][ T7573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.625'. [ 141.211969][ T7579] syzkaller1: entered promiscuous mode [ 141.219833][ T7579] syzkaller1: entered allmulticast mode [ 141.547848][ T7598] xt_connbytes: Forcing CT accounting to be enabled [ 141.563807][ T7598] set match dimension is over the limit! [ 141.599148][ T27] kauditd_printk_skb: 59 callbacks suppressed [ 141.599160][ T27] audit: type=1326 audit(141.562:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7602 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 141.659854][ T27] audit: type=1326 audit(141.562:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7602 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 141.707275][ T27] audit: type=1326 audit(141.592:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7602 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 141.738832][ T27] audit: type=1326 audit(141.592:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7602 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 141.843052][ T7615] hub 9-0:1.0: USB hub found [ 141.848140][ T7615] hub 9-0:1.0: 1 port detected [ 141.983199][ T5792] usb 1-1: new low-speed USB device number 2 using dummy_hcd [ 142.142849][ T5792] usb 1-1: device descriptor read/64, error -71 [ 142.422773][ T5792] usb 1-1: new low-speed USB device number 3 using dummy_hcd [ 142.594463][ T5792] usb 1-1: device descriptor read/64, error -71 [ 142.713162][ T5792] usb usb1-port1: attempt power cycle [ 142.767909][ T7643] loop3: detected capacity change from 0 to 2048 [ 142.806658][ T7643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.848695][ T27] audit: type=1800 audit(142.812:904): pid=7643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.647" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 142.916184][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.026421][ T27] audit: type=1326 audit(142.992:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.1.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 143.050974][ T27] audit: type=1326 audit(142.992:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.1.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 143.075577][ T27] audit: type=1326 audit(142.992:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.1.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 143.122062][ T27] audit: type=1326 audit(142.992:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.1.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 143.147336][ T5792] usb 1-1: new low-speed USB device number 4 using dummy_hcd [ 143.182127][ T27] audit: type=1326 audit(142.992:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.1.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 143.208233][ T5792] usb 1-1: device descriptor read/8, error -71 [ 143.471401][ T7664] netlink: 60 bytes leftover after parsing attributes in process `syz.3.654'. [ 143.493776][ T5792] usb 1-1: new low-speed USB device number 5 using dummy_hcd [ 143.547453][ T7664] netlink: 60 bytes leftover after parsing attributes in process `syz.3.654'. [ 143.554756][ T5792] usb 1-1: device descriptor read/8, error -71 [ 143.685078][ T5792] usb usb1-port1: unable to enumerate USB device [ 143.701313][ T7664] netlink: 60 bytes leftover after parsing attributes in process `syz.3.654'. [ 143.952939][ T7687] loop1: detected capacity change from 0 to 512 [ 143.980613][ T7687] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.043088][ T7687] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 144.068589][ T7687] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 144.069039][ T7693] loop3: detected capacity change from 0 to 8192 [ 144.135825][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.349136][ T7703] loop1: detected capacity change from 0 to 2048 [ 144.373090][ T7708] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 144.406036][ T7703] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.519852][ T7716] loop3: detected capacity change from 0 to 2048 [ 144.554324][ T7716] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.644907][ T5787] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 144.677092][ T7702] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 144.693821][ T5787] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 144.706977][ T7702] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 192 with max blocks 2 with error 28 [ 144.748243][ T7702] EXT4-fs (loop1): This should not happen!! Data will be lost [ 144.748243][ T7702] [ 144.769153][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.778259][ T7702] EXT4-fs (loop1): Total free blocks count 0 [ 144.789667][ T7702] EXT4-fs (loop1): Free/Dirty block details [ 144.808506][ T7702] EXT4-fs (loop1): free_blocks=2415919504 [ 144.834718][ T7702] EXT4-fs (loop1): dirty_blocks=16 [ 144.840303][ T7702] EXT4-fs (loop1): Block reservation details [ 144.853014][ T7702] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 144.912086][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.957551][ T7733] netlink: 'syz.0.675': attribute type 7 has an invalid length. [ 144.982733][ T7733] netlink: 8 bytes leftover after parsing attributes in process `syz.0.675'. [ 145.323886][ T7753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.684'. [ 145.897626][ T7775] syzkaller0: entered promiscuous mode [ 145.904991][ T7775] syzkaller0: entered allmulticast mode [ 145.942811][ T1189] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 146.173689][ T1189] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 146.181312][ T1189] usb 2-1: can't read configurations, error -61 [ 146.365978][ T1189] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 146.597979][ T1189] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 146.606446][ T1189] usb 2-1: can't read configurations, error -61 [ 146.613635][ T1189] usb usb2-port1: attempt power cycle [ 147.025158][ T1189] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 147.085113][ T1189] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 147.094164][ T1189] usb 2-1: can't read configurations, error -61 [ 147.253982][ T1189] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 147.302253][ T1189] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 147.309948][ T1189] usb 2-1: can't read configurations, error -61 [ 147.317274][ T1189] usb usb2-port1: unable to enumerate USB device [ 147.633802][ T27] kauditd_printk_skb: 74 callbacks suppressed [ 147.633817][ T27] audit: type=1326 audit(147.592:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.661986][ T27] audit: type=1326 audit(147.592:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.684181][ T27] audit: type=1326 audit(147.602:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.739972][ T27] audit: type=1326 audit(147.602:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.787939][ T27] audit: type=1326 audit(147.602:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.834824][ T27] audit: type=1326 audit(147.602:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.859877][ T27] audit: type=1326 audit(147.602:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.884329][ T27] audit: type=1326 audit(147.602:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.907579][ T27] audit: type=1326 audit(147.602:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 147.930639][ T27] audit: type=1326 audit(147.602:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7806 comm="syz.2.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 148.255230][ T7832] loop3: detected capacity change from 0 to 2048 [ 148.265586][ T7832] EXT4-fs: Ignoring removed mblk_io_submit option [ 148.292306][ T7832] EXT4-fs: Ignoring removed i_version option [ 148.315130][ T7832] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.377484][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.454775][ T7844] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 148.535193][ T7848] netlink: 60 bytes leftover after parsing attributes in process `syz.3.721'. [ 148.546627][ T7848] unsupported nlmsg_type 40 [ 148.832093][ T7862] netlink: 4 bytes leftover after parsing attributes in process `syz.0.724'. [ 148.871844][ T7861] loop3: detected capacity change from 0 to 2048 [ 148.879307][ T7861] EXT4-fs: Ignoring removed mblk_io_submit option [ 148.886195][ T7861] EXT4-fs: Ignoring removed i_version option [ 148.908001][ T7861] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 149.045200][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.144631][ T7878] netlink: 16 bytes leftover after parsing attributes in process `syz.0.732'. [ 149.230935][ T7885] netlink: 'syz.0.732': attribute type 4 has an invalid length. [ 150.693784][ T7914] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096 [ 151.958951][ T5852] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 152.122737][ T5852] usb 1-1: device descriptor read/64, error -71 [ 152.392694][ T5852] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 152.562841][ T5852] usb 1-1: device descriptor read/64, error -71 [ 152.683109][ T5852] usb usb1-port1: attempt power cycle [ 153.142779][ T5852] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 153.193466][ T5852] usb 1-1: device descriptor read/8, error -71 [ 153.492800][ T5852] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 153.524221][ T5852] usb 1-1: device descriptor read/8, error -71 [ 153.663848][ T5852] usb usb1-port1: unable to enumerate USB device [ 154.333297][ T7884] Set syz1 is full, maxelem 65536 reached [ 154.446434][ T27] kauditd_printk_skb: 24 callbacks suppressed [ 154.446447][ T27] audit: type=1326 audit(154.412:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 154.573211][ T27] audit: type=1326 audit(154.442:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 154.615202][ T27] audit: type=1326 audit(154.442:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 154.652706][ T27] audit: type=1326 audit(154.442:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 154.772659][ T7948] netlink: 996 bytes leftover after parsing attributes in process `syz.2.757'. [ 154.795686][ T27] audit: type=1326 audit(154.442:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 155.091003][ T27] audit: type=1326 audit(154.442:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 155.361097][ T27] audit: type=1326 audit(154.442:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 155.446114][ T7925] Set syz1 is full, maxelem 65536 reached [ 155.477750][ T27] audit: type=1326 audit(154.442:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 155.543200][ T7954] tipc: Started in network mode [ 155.552081][ T7954] tipc: Node identity ac1414aa, cluster identity 4711 [ 155.592543][ T27] audit: type=1326 audit(154.442:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 155.619294][ T7954] tipc: Enabled bearer , priority 10 [ 155.698587][ T27] audit: type=1326 audit(154.442:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7941 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 155.818515][ T7956] loop3: detected capacity change from 0 to 512 [ 155.848645][ T7956] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 155.934721][ T7956] EXT4-fs (loop3): 1 orphan inode deleted [ 155.950739][ T7956] EXT4-fs (loop3): 1 truncate cleaned up [ 155.973936][ T7956] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.021333][ T7956] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.336359][ T7970] netlink: 4 bytes leftover after parsing attributes in process `syz.1.768'. [ 156.372618][ C1] sched: RT throttling activated [ 156.739132][ T9] tipc: Node number set to 2886997162 [ 156.844255][ T7986] loop3: detected capacity change from 0 to 128 [ 157.400469][ T8006] netlink: 8 bytes leftover after parsing attributes in process `syz.2.780'. [ 157.500989][ T8008] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 157.500989][ T8008] program syz.0.782 not setting count and/or reply_len properly [ 159.047699][ T8079] loop3: detected capacity change from 0 to 512 [ 159.055168][ T8079] EXT4-fs: Ignoring removed oldalloc option [ 159.068011][ T8079] EXT4-fs (loop3): Test dummy encryption mode enabled [ 159.082947][ T8079] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 159.108990][ T8085] netlink: 'syz.1.811': attribute type 10 has an invalid length. [ 159.117126][ T8079] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.808: bad orphan inode 131083 [ 159.134329][ T8079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.154696][ T8085] veth1_macvtap: left promiscuous mode [ 159.176350][ T8079] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.425003][ T8099] IPv6: NLM_F_CREATE should be specified when creating new route [ 160.010986][ T8117] netlink: 4 bytes leftover after parsing attributes in process `syz.2.821'. [ 160.473619][ T8126] syz.0.824[8126] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 160.473733][ T8126] syz.0.824[8126] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 160.837094][ T8138] loop3: detected capacity change from 0 to 256 [ 161.058208][ T27] kauditd_printk_skb: 87 callbacks suppressed [ 161.058222][ T27] audit: type=1326 audit(161.022:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8142 comm="syz.2.833" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb1eb58f6c9 code=0x0 [ 162.115524][ T8178] netlink: 660 bytes leftover after parsing attributes in process `syz.3.845'. [ 162.159713][ T8178] loop3: detected capacity change from 0 to 512 [ 162.208365][ T8178] EXT4-fs warning (device loop3): ext4_xattr_inode_get:563: inode #11: comm syz.3.845: EA inode hash validation failed [ 162.227108][ T8178] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #15: comm syz.3.845: corrupted inode contents [ 162.250691][ T8178] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #15: comm syz.3.845: mark_inode_dirty error [ 162.275562][ T8178] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #15: comm syz.3.845: corrupted inode contents [ 162.291900][ T8178] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3017: inode #15: comm syz.3.845: mark_inode_dirty error [ 162.314607][ T8178] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3020: inode #15: comm syz.3.845: mark inode dirty (error -117) [ 162.337085][ T8178] EXT4-fs warning (device loop3): ext4_evict_inode:272: xattr delete (err -117) [ 162.350936][ T8178] EXT4-fs (loop3): 1 orphan inode deleted [ 162.406634][ T8178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.467411][ T8178] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.507225][ T27] audit: type=1326 audit(162.472:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 162.507267][ T27] audit: type=1326 audit(162.472:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 162.507302][ T27] audit: type=1326 audit(162.472:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8200 comm="syz.0.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 162.817003][ T27] audit: type=1326 audit(162.782:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 162.817048][ T27] audit: type=1326 audit(162.782:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 162.817084][ T27] audit: type=1326 audit(162.782:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 162.817480][ T27] audit: type=1326 audit(162.782:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8208 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 163.116431][ T8218] loop3: detected capacity change from 0 to 128 [ 163.121337][ T8218] FAT-fs (loop3): Directory bread(block 162) failed [ 163.132796][ T8218] FAT-fs (loop3): Directory bread(block 163) failed [ 163.132825][ T8218] FAT-fs (loop3): Directory bread(block 164) failed [ 163.132850][ T8218] FAT-fs (loop3): Directory bread(block 165) failed [ 163.132875][ T8218] FAT-fs (loop3): Directory bread(block 166) failed [ 163.132899][ T8218] FAT-fs (loop3): Directory bread(block 167) failed [ 163.132989][ T8218] FAT-fs (loop3): Directory bread(block 168) failed [ 163.133016][ T8218] FAT-fs (loop3): Directory bread(block 169) failed [ 163.149718][ T8218] FAT-fs (loop3): Directory bread(block 162) failed [ 163.149825][ T8218] FAT-fs (loop3): Directory bread(block 163) failed [ 163.151624][ T8218] syz.3.860: attempt to access beyond end of device [ 163.151624][ T8218] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 163.151773][ T8218] syz.3.860: attempt to access beyond end of device [ 163.151773][ T8218] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 163.669540][ T8233] wg1 speed is unknown, defaulting to 1000 [ 163.731251][ T27] audit: type=1326 audit(163.692:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8221 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 163.856226][ T27] audit: type=1326 audit(163.692:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8221 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 164.016020][ T8240] netlink: 64 bytes leftover after parsing attributes in process `syz.0.867'. [ 165.534541][ T8278] loop3: detected capacity change from 0 to 512 [ 165.776719][ T8278] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2822: inode #11: comm syz.3.877: corrupted xattr block 95: invalid header [ 165.807915][ T8278] EXT4-fs (loop3): Remounting filesystem read-only [ 165.814602][ T8278] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 165.825853][ T8278] EXT4-fs (loop3): 1 orphan inode deleted [ 165.837629][ T8278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.955473][ T8278] netlink: 996 bytes leftover after parsing attributes in process `syz.3.877'. [ 167.166460][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 167.166474][ T27] audit: type=1326 audit(167.122:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8284 comm="syz.2.881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 167.197287][ T27] audit: type=1326 audit(167.122:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8284 comm="syz.2.881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 167.225512][ T27] audit: type=1326 audit(167.122:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8284 comm="syz.2.881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 167.254603][ T27] audit: type=1326 audit(167.122:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8284 comm="syz.2.881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 167.278919][ T27] audit: type=1326 audit(167.122:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8284 comm="syz.2.881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 167.544163][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.659011][ T27] audit: type=1326 audit(167.612:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.0.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 167.709817][ T27] audit: type=1326 audit(167.612:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.0.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 167.751224][ T27] audit: type=1326 audit(167.612:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.0.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 167.776116][ T27] audit: type=1326 audit(167.612:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.0.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 167.938066][ T27] audit: type=1326 audit(167.902:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8315 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 168.239603][ T8328] netlink: 28 bytes leftover after parsing attributes in process `syz.2.890'. [ 169.328777][ T8341] loop1: detected capacity change from 0 to 512 [ 169.364842][ T8341] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 169.401077][ T8343] wg1 speed is unknown, defaulting to 1000 [ 169.403995][ T8341] EXT4-fs (loop1): 1 truncate cleaned up [ 169.434040][ T8341] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.517609][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.211660][ T8406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.924'. [ 172.282486][ T27] kauditd_printk_skb: 33 callbacks suppressed [ 172.282499][ T27] audit: type=1326 audit(172.242:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8403 comm="syz.3.922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 172.462214][ T8416] IPv4: Oversized IP packet from 127.202.26.0 [ 172.610644][ T8418] loop1: detected capacity change from 0 to 4096 [ 172.647247][ T8418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.474472][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.554878][ T27] audit: type=1326 audit(173.522:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.599547][ T27] audit: type=1326 audit(173.542:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.662708][ T27] audit: type=1326 audit(173.542:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.698602][ T27] audit: type=1326 audit(173.542:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.723651][ T27] audit: type=1326 audit(173.552:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.763382][ T27] audit: type=1326 audit(173.552:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.822708][ T27] audit: type=1326 audit(173.552:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.822751][ T27] audit: type=1326 audit(173.552:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.822795][ T27] audit: type=1326 audit(173.552:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8451 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 173.844905][ T23] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 173.992799][ T23] usb 1-1: device descriptor read/64, error -71 [ 174.077775][ T8472] loop3: detected capacity change from 0 to 512 [ 174.078635][ T8472] EXT4-fs: Ignoring removed nomblk_io_submit option [ 174.088777][ T8472] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 174.101401][ T8472] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 174.142111][ T8472] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.951: Allocating blocks 41-42 which overlap fs metadata [ 174.145162][ T8472] EXT4-fs (loop3): Remounting filesystem read-only [ 174.145826][ T8472] EXT4-fs (loop3): 1 truncate cleaned up [ 174.147039][ T8472] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.221432][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.264364][ T23] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 174.423889][ T23] usb 1-1: device descriptor read/64, error -71 [ 174.543516][ T23] usb usb1-port1: attempt power cycle [ 174.703918][ T8503] syz.3.959[8503] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.704050][ T8503] syz.3.959[8503] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.786992][ T8501] 9pnet: Could not find request transport: fd½¸ìº [ 174.952755][ T23] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 175.008622][ T23] usb 1-1: device descriptor read/8, error -71 [ 175.153469][ T8524] loop1: detected capacity change from 0 to 1024 [ 175.170096][ T8524] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 175.219491][ T8524] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.284044][ T23] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 175.291629][ T8524] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 175.323829][ T23] usb 1-1: device descriptor read/8, error -71 [ 175.374097][ T8534] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1600 with error 28 [ 175.386801][ T8534] EXT4-fs (loop1): This should not happen!! Data will be lost [ 175.386801][ T8534] [ 175.397217][ T8534] EXT4-fs (loop1): Total free blocks count 0 [ 175.403512][ T8534] EXT4-fs (loop1): Free/Dirty block details [ 175.409429][ T8534] EXT4-fs (loop1): free_blocks=20480 [ 175.415109][ T8534] EXT4-fs (loop1): dirty_blocks=2432 [ 175.420418][ T8534] EXT4-fs (loop1): Block reservation details [ 175.428777][ T8534] EXT4-fs (loop1): i_reserved_data_blocks=167 [ 175.444099][ T23] usb usb1-port1: unable to enumerate USB device [ 175.758926][ T59] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 175.966658][ T8524] syz.1.969 (8524) used greatest stack depth: 20400 bytes left [ 178.357073][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1000'. [ 178.945070][ T27] kauditd_printk_skb: 46 callbacks suppressed [ 178.945084][ T27] audit: type=1326 audit(178.902:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 178.991186][ T8612] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1004'. [ 179.026156][ T27] audit: type=1326 audit(178.942:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.054089][ T27] audit: type=1326 audit(178.942:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.103778][ T27] audit: type=1326 audit(178.942:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.153261][ T27] audit: type=1326 audit(178.942:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.190704][ T27] audit: type=1326 audit(178.942:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.217418][ T27] audit: type=1326 audit(178.942:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.276061][ T27] audit: type=1326 audit(178.942:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.276103][ T27] audit: type=1326 audit(178.942:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.276139][ T27] audit: type=1326 audit(178.942:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8610 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 179.404613][ T8625] serio: Serial port ttyS3 [ 180.651505][ T8661] netlink: 332 bytes leftover after parsing attributes in process `+}[@'. [ 180.887265][ T8670] loop3: detected capacity change from 0 to 1024 [ 180.889061][ T8670] EXT4-fs (loop3): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 180.925839][ T8670] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 180.982475][ T8671] wg1 speed is unknown, defaulting to 1000 [ 181.047238][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.122360][ T8681] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1031'. [ 181.122394][ T8681] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1031'. [ 181.556097][ T8694] vlan2: entered allmulticast mode [ 183.386416][ T8749] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 183.426291][ T8751] loop3: detected capacity change from 0 to 1764 [ 183.450974][ T8753] syzkaller0: entered promiscuous mode [ 183.457635][ T8753] syzkaller0: entered allmulticast mode [ 183.461151][ T8754] netlink: 332 bytes leftover after parsing attributes in process `+}[@'. [ 183.633137][ T8762] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 183.685771][ T8764] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1058'. [ 184.514094][ T8780] macvtap0: entered promiscuous mode [ 184.522164][ T8780] macvtap0: left promiscuous mode [ 184.792134][ T8784] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1066'. [ 184.811520][ T8786] loop3: detected capacity change from 0 to 512 [ 184.830870][ T8784] team0: entered promiscuous mode [ 184.854898][ T8784] team0: entered allmulticast mode [ 184.870550][ T8786] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.976659][ T8794] syz.1.1069[8794] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 184.976778][ T8794] syz.1.1069[8794] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 185.025256][ T8794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1069'. [ 185.173281][ T8786] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 185.244661][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.219548][ T5793] Bluetooth: hci1: command 0x0406 tx timeout [ 186.225797][ T5793] Bluetooth: hci3: command 0x0406 tx timeout [ 186.232224][ T5793] Bluetooth: hci0: command 0x0406 tx timeout [ 186.241460][ T5793] Bluetooth: hci2: command 0x0406 tx timeout [ 186.904780][ T8835] netlink: 'syz.2.1083': attribute type 10 has an invalid length. [ 186.923510][ T8835] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1083'. [ 188.040402][ T27] kauditd_printk_skb: 531 callbacks suppressed [ 188.040415][ T27] audit: type=1326 audit(187.999:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.111883][ T27] audit: type=1326 audit(188.049:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.149777][ T27] audit: type=1326 audit(188.049:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.218864][ T27] audit: type=1326 audit(188.049:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.266648][ T27] audit: type=1326 audit(188.049:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.289139][ T27] audit: type=1326 audit(188.049:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.310913][ T27] audit: type=1326 audit(188.049:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.332776][ T27] audit: type=1326 audit(188.049:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.371117][ T27] audit: type=1326 audit(188.049:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 188.396298][ T27] audit: type=1326 audit(188.049:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz.0.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 189.689567][ T8898] netlink: 'syz.3.1109': attribute type 10 has an invalid length. [ 189.703441][ T8898] bond0: (slave bond_slave_0): Releasing backup interface [ 190.027847][ T8896] capability: warning: `syz.2.1108' uses deprecated v2 capabilities in a way that may be insecure [ 190.306832][ T8919] syz.2.1119[8919] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.306949][ T8919] syz.2.1119[8919] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 190.482109][ T8923] siw: device registration error -23 [ 191.096689][ T8944] syzkaller0: entered promiscuous mode [ 191.102196][ T8944] syzkaller0: entered allmulticast mode [ 191.916032][ T8978] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1142'. [ 192.027393][ T8983] syzkaller0: entered promiscuous mode [ 192.035641][ T8983] syzkaller0: entered allmulticast mode [ 192.991973][ T9025] syzkaller0: entered promiscuous mode [ 193.006106][ T9025] syzkaller0: entered allmulticast mode [ 193.291507][ T27] kauditd_printk_skb: 65 callbacks suppressed [ 193.291521][ T27] audit: type=1326 audit(193.249:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.300842][ T9032] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1160'. [ 193.361707][ T27] audit: type=1326 audit(193.249:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.418578][ T27] audit: type=1326 audit(193.249:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.493862][ T27] audit: type=1326 audit(193.249:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.551951][ T27] audit: type=1326 audit(193.249:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.554173][ T9037] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1162'. [ 193.589646][ T27] audit: type=1326 audit(193.249:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.614848][ T27] audit: type=1326 audit(193.249:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.632737][ T9037] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1162'. [ 193.651529][ T27] audit: type=1326 audit(193.249:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.672686][ T9037] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1162'. [ 193.677534][ T27] audit: type=1326 audit(193.249:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.743019][ T27] audit: type=1326 audit(193.249:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz.1.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 193.798918][ T9042] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1164'. [ 194.210344][ T9058] random: crng reseeded on system resumption [ 194.374857][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.594843][ T9068] smc: net device bond0 applied user defined pnetid SYZ0 [ 194.605719][ T9068] smc: net device bond0 erased user defined pnetid SYZ0 [ 195.485380][ T9093] tipc: New replicast peer: 255.255.255.255 [ 195.506763][ T9093] tipc: Enabled bearer , priority 10 [ 195.564079][ T9095] syzkaller0: entered promiscuous mode [ 195.579289][ T9095] syzkaller0: entered allmulticast mode [ 196.141399][ T9096] delete_channel: no stack [ 196.605122][ T23] tipc: Node number set to 2786372352 [ 197.610610][ T9136] wg1 speed is unknown, defaulting to 1000 [ 198.045723][ T9147] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 198.991003][ T9184] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 199.047233][ T9191] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 199.127836][ T9193] syzkaller0: entered promiscuous mode [ 199.133699][ T9193] syzkaller0: entered allmulticast mode [ 199.718235][ T9206] capability: warning: `syz.0.1229' uses 32-bit capabilities (legacy support in use) [ 199.875874][ T9208] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1230'. [ 200.146885][ T9212] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.371871][ T9212] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.546986][ T9212] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.709318][ T9212] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.917653][ T9212] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.934340][ T9233] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1239'. [ 200.942332][ T9212] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.960660][ T9233] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1239'. [ 200.962036][ T9212] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.008025][ T9212] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.332022][ T9255] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 201.898192][ T9281] 9pnet: Could not find request transport: rd [ 203.210299][ T27] kauditd_printk_skb: 210 callbacks suppressed [ 203.210313][ T27] audit: type=1326 audit(203.169:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.242413][ T9307] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1267'. [ 203.271888][ T27] audit: type=1326 audit(203.209:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.272071][ T9307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1267'. [ 203.304606][ T27] audit: type=1326 audit(203.209:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.342178][ T27] audit: type=1326 audit(203.209:2063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.373953][ T27] audit: type=1326 audit(203.209:2064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.399606][ T27] audit: type=1326 audit(203.209:2065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.459037][ T27] audit: type=1326 audit(203.209:2066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.494273][ T9314] syz.0.1271[9314] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 203.494497][ T9314] syz.0.1271[9314] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 203.520693][ T27] audit: type=1326 audit(203.209:2067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.578362][ T27] audit: type=1326 audit(203.209:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.604663][ T27] audit: type=1326 audit(203.209:2069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9309 comm="syz.0.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fb23e98f6c9 code=0x7ffc0000 [ 203.901933][ T9341] syz.1.1282[9341] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 203.902093][ T9341] syz.1.1282[9341] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 205.113420][ T9376] syz.2.1295[9376] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 205.160223][ T9376] syz.2.1295[9376] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 207.253945][ T9507] wg1 speed is unknown, defaulting to 1000 [ 207.524831][ T9509] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 207.737324][ T9530] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1334'. [ 208.286282][ T9530] syz.2.1334 (9530) used greatest stack depth: 16776 bytes left [ 208.573197][ T27] kauditd_printk_skb: 300 callbacks suppressed [ 208.573212][ T27] audit: type=1326 audit(208.529:2370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.612782][ T9546] syz.2.1344[9546] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 208.612910][ T9546] syz.2.1344[9546] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 208.636777][ T27] audit: type=1326 audit(208.529:2371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.712704][ T27] audit: type=1326 audit(208.569:2372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.760019][ T27] audit: type=1326 audit(208.599:2373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.782573][ T27] audit: type=1326 audit(208.599:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.812838][ T27] audit: type=1326 audit(208.609:2375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.837424][ T27] audit: type=1326 audit(208.649:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.859775][ T27] audit: type=1326 audit(208.669:2377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.900284][ T27] audit: type=1326 audit(208.669:2378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 208.958349][ T27] audit: type=1326 audit(208.669:2379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9545 comm="syz.2.1344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1eb58f6c9 code=0x7ffc0000 [ 209.005715][ T9544] netlink: 87 bytes leftover after parsing attributes in process `syz.3.1343'. [ 209.428261][ T9569] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 209.495505][ T9578] wireguard0: entered promiscuous mode [ 209.515440][ T9578] wireguard0: entered allmulticast mode [ 209.719154][ T9583] (null): rxe_set_mtu: Set mtu to 4096 [ 209.734668][ T9583] lo speed is unknown, defaulting to 1000 [ 209.740580][ T9585] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1359'. [ 209.754960][ T9585] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1359'. [ 209.764504][ T9585] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1359'. [ 209.780824][ T9583] lo speed is unknown, defaulting to 1000 [ 209.793482][ T9583] lo speed is unknown, defaulting to 1000 [ 209.900128][ T9590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 209.941511][ T9590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.993788][ T9590] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 210.021648][ T9590] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 210.090072][ T9596] wg1 speed is unknown, defaulting to 1000 [ 210.138016][ T9597] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1362'. [ 210.156646][ T9597] bridge0: entered promiscuous mode [ 210.165648][ T9597] macsec1: entered allmulticast mode [ 210.171714][ T9597] bridge0: entered allmulticast mode [ 210.178873][ T9597] bridge0: port 3(macsec1) entered blocking state [ 210.186734][ T9597] bridge0: port 3(macsec1) entered disabled state [ 210.207318][ T9597] bridge0: left allmulticast mode [ 210.219275][ T9597] bridge0: left promiscuous mode [ 210.285428][ T9583] infiniband sz1: set active [ 210.296124][ T9583] infiniband sz1: added lo [ 210.311750][ T8] lo speed is unknown, defaulting to 1000 [ 210.390318][ T9583] RDS/IB: sz1: added [ 210.395319][ T9583] smc: adding ib device sz1 with port count 1 [ 210.401729][ T9583] smc: ib device sz1 port 1 has pnetid [ 210.412093][ T8] lo speed is unknown, defaulting to 1000 [ 210.424945][ T9583] lo speed is unknown, defaulting to 1000 [ 210.651227][ T9597] smc: net device bond0 applied user defined pnetid SYZ0 [ 210.677113][ T9597] smc: net device bond0 erased user defined pnetid SYZ0 [ 210.682255][ T9583] lo speed is unknown, defaulting to 1000 [ 210.970977][ T9583] lo speed is unknown, defaulting to 1000 [ 211.992851][ T9583] lo speed is unknown, defaulting to 1000 [ 212.282696][ T9627] netlink: 332 bytes leftover after parsing attributes in process `syz.0.1372'. [ 212.311982][ T9583] lo speed is unknown, defaulting to 1000 [ 213.089501][ T9634] syzkaller0: entered promiscuous mode [ 213.101107][ T9634] syzkaller0: entered allmulticast mode [ 215.761756][ T9667] syzkaller0: entered promiscuous mode [ 215.777708][ T9667] syzkaller0: entered allmulticast mode [ 216.022308][ T9651] syz.0.1381: vmalloc error: size 538968064, failed to allocated page array size 1052672, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 216.049394][ T9651] CPU: 1 PID: 9651 Comm: syz.0.1381 Not tainted syzkaller #0 [ 216.056793][ T9651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 216.066860][ T9651] Call Trace: [ 216.070141][ T9651] [ 216.073082][ T9651] dump_stack_lvl+0x16c/0x230 [ 216.077784][ T9651] ? show_regs_print_info+0x20/0x20 [ 216.082994][ T9651] ? load_image+0x3b0/0x3b0 [ 216.087509][ T9651] ? __rcu_read_unlock+0x7c/0xd0 [ 216.092461][ T9651] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 216.098910][ T9651] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 216.105432][ T9651] warn_alloc+0x210/0x300 [ 216.109796][ T9651] ? zone_watermark_ok_safe+0x230/0x230 [ 216.115356][ T9651] ? _raw_spin_unlock+0x28/0x40 [ 216.120193][ T9651] ? __kasan_kmalloc+0x8f/0xa0 [ 216.124955][ T9651] __vmalloc_node_range+0x662/0x1320 [ 216.130263][ T9651] ? __asan_memset+0x22/0x40 [ 216.134881][ T9651] ? free_vm_area+0x50/0x50 [ 216.139370][ T9651] ? kvmalloc_node+0x70/0x180 [ 216.144042][ T9651] ? rcu_is_watching+0x15/0xb0 [ 216.148825][ T9651] ? kvmalloc_node+0x70/0x180 [ 216.153517][ T9651] ? trace_kmalloc+0x1f/0xa0 [ 216.158133][ T9651] kvmalloc_node+0x13f/0x180 [ 216.162744][ T9651] ? hash_netiface_create+0x361/0xff0 [ 216.168146][ T9651] hash_netiface_create+0x361/0xff0 [ 216.173366][ T9651] ? __lock_acquire+0x7c80/0x7c80 [ 216.178414][ T9651] ? __nla_parse+0x40/0x50 [ 216.182857][ T9651] ? hash_netport6_gc+0x570/0x570 [ 216.187904][ T9651] ip_set_create+0xa87/0x18e0 [ 216.192611][ T9651] ? ip_set_create+0x4b2/0x18e0 [ 216.197504][ T9651] ? ip_set_protocol+0x5d0/0x5d0 [ 216.202472][ T9651] ? trace_contention_end+0x39/0xe0 [ 216.207728][ T9651] nfnetlink_rcv_msg+0xb49/0x1130 [ 216.212769][ T9651] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 216.218855][ T9651] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 216.224100][ T9651] ? nfnetlink_unbind+0x160/0x160 [ 216.229167][ T9651] ? __dev_queue_xmit+0x1a64/0x35a0 [ 216.234380][ T9651] ? __netlink_deliver_tap+0x5ab/0x830 [ 216.239859][ T9651] ? netlink_deliver_tap+0x19c/0x1b0 [ 216.245166][ T9651] ? netlink_unicast+0x72c/0x8d0 [ 216.250124][ T9651] ? netlink_sendmsg+0x8c1/0xbe0 [ 216.255090][ T9651] ? ____sys_sendmsg+0x5bf/0x950 [ 216.260054][ T9651] ? ___sys_sendmsg+0x220/0x290 [ 216.264924][ T9651] ? __se_sys_sendmsg+0x1a5/0x270 [ 216.269965][ T9651] ? do_syscall_64+0x55/0xb0 [ 216.274593][ T9651] netlink_rcv_skb+0x216/0x480 [ 216.279384][ T9651] ? nfnetlink_unbind+0x160/0x160 [ 216.284438][ T9651] ? netlink_ack+0x1110/0x1110 [ 216.289240][ T9651] ? apparmor_capable+0x137/0x1a0 [ 216.294284][ T9651] ? bpf_lsm_capable+0x9/0x10 [ 216.298981][ T9651] ? security_capable+0x89/0xb0 [ 216.303862][ T9651] nfnetlink_rcv+0x274/0x2180 [ 216.308571][ T9651] ? __local_bh_enable_ip+0x12e/0x1c0 [ 216.313964][ T9651] ? lockdep_hardirqs_on+0x98/0x150 [ 216.319178][ T9651] ? __local_bh_enable_ip+0x12e/0x1c0 [ 216.324566][ T9651] ? _local_bh_enable+0xa0/0xa0 [ 216.329441][ T9651] ? __dev_queue_xmit+0x245/0x35a0 [ 216.330197][ T27] kauditd_printk_skb: 314 callbacks suppressed [ 216.330208][ T27] audit: type=1326 audit(216.289:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.334561][ T9651] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 216.334632][ T9651] ? __dev_queue_xmit+0x245/0x35a0 [ 216.353070][ T27] audit: type=1326 audit(216.309:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.362444][ T9651] ? ref_tracker_free+0x634/0x7d0 [ 216.362473][ T9651] ? __copy_skb_header+0xa7/0x550 [ 216.404790][ T9651] ? refcount_inc+0x70/0x70 [ 216.409291][ T9651] ? __skb_clone+0x63/0x790 [ 216.413796][ T9651] ? __skb_clone+0x480/0x790 [ 216.418395][ T9651] ? __netlink_deliver_tap+0x7e8/0x830 [ 216.423849][ T9651] ? netlink_deliver_tap+0x2e/0x1b0 [ 216.429041][ T9651] ? __lock_acquire+0x7c80/0x7c80 [ 216.434062][ T9651] ? netlink_deliver_tap+0x2e/0x1b0 [ 216.439260][ T9651] netlink_unicast+0x751/0x8d0 [ 216.444027][ T9651] netlink_sendmsg+0x8c1/0xbe0 [ 216.448795][ T9651] ? netlink_getsockopt+0x580/0x580 [ 216.453991][ T9651] ? aa_sock_msg_perm+0x94/0x150 [ 216.458921][ T9651] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 216.464198][ T9651] ? security_socket_sendmsg+0x80/0xa0 [ 216.469649][ T9651] ? netlink_getsockopt+0x580/0x580 [ 216.474842][ T9651] ____sys_sendmsg+0x5bf/0x950 [ 216.479608][ T9651] ? __asan_memset+0x22/0x40 [ 216.484194][ T9651] ? __sys_sendmsg_sock+0x30/0x30 [ 216.489212][ T9651] ? __import_iovec+0x5f2/0x860 [ 216.494068][ T9651] ? import_iovec+0x73/0xa0 [ 216.498569][ T9651] ___sys_sendmsg+0x220/0x290 [ 216.503251][ T9651] ? __sys_sendmsg+0x270/0x270 [ 216.508063][ T9651] __se_sys_sendmsg+0x1a5/0x270 [ 216.512919][ T9651] ? __x64_sys_sendmsg+0x80/0x80 [ 216.517869][ T9651] ? lockdep_hardirqs_on+0x98/0x150 [ 216.523063][ T9651] do_syscall_64+0x55/0xb0 [ 216.527473][ T9651] ? clear_bhb_loop+0x40/0x90 [ 216.532140][ T9651] ? clear_bhb_loop+0x40/0x90 [ 216.536807][ T9651] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 216.542690][ T9651] RIP: 0033:0x7fb23e98f6c9 [ 216.547107][ T9651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.566703][ T9651] RSP: 002b:00007fb23f839038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 216.575111][ T9651] RAX: ffffffffffffffda RBX: 00007fb23ebe5fa0 RCX: 00007fb23e98f6c9 [ 216.583076][ T9651] RDX: 0000000000008000 RSI: 0000200000000100 RDI: 0000000000000005 [ 216.591050][ T9651] RBP: 00007fb23ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 216.599018][ T9651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.606985][ T9651] R13: 00007fb23ebe6038 R14: 00007fb23ebe5fa0 R15: 00007fff09fdbc08 [ 216.614968][ T9651] [ 216.620528][ T27] audit: type=1326 audit(216.309:2696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.624068][ T9651] Mem-Info: [ 216.642887][ T27] audit: type=1326 audit(216.309:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.654269][ T9651] active_anon:22418 inactive_anon:0 isolated_anon:0 [ 216.654269][ T9651] active_file:10339 inactive_file:40373 isolated_file:0 [ 216.654269][ T9651] unevictable:768 dirty:66 writeback:0 [ 216.654269][ T9651] slab_reclaimable:10657 slab_unreclaimable:131458 [ 216.654269][ T9651] mapped:24035 shmem:17746 pagetables:529 [ 216.654269][ T9651] sec_pagetables:0 bounce:0 [ 216.654269][ T9651] kernel_misc_reclaimable:0 [ 216.654269][ T9651] free:1228054 free_pcp:14769 free_cma:0 [ 216.712807][ T27] audit: type=1326 audit(216.309:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.712849][ T27] audit: type=1326 audit(216.309:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.712885][ T27] audit: type=1326 audit(216.309:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.712921][ T27] audit: type=1326 audit(216.309:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.712959][ T27] audit: type=1326 audit(216.339:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.712995][ T27] audit: type=1326 audit(216.339:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9676 comm="syz.3.1391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 216.850644][ T9651] Node 0 active_anon:89672kB inactive_anon:0kB active_file:41356kB inactive_file:161292kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96140kB dirty:260kB writeback:0kB shmem:69448kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13008kB pagetables:2116kB sec_pagetables:0kB all_unreclaimable? no [ 216.883838][ T9651] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 216.915218][ T9651] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 216.942521][ T9651] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 216.948379][ T9651] Node 0 DMA32 free:997980kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:89720kB inactive_anon:0kB active_file:41356kB inactive_file:159972kB unevictable:1536kB writepending:260kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:35628kB local_pcp:19288kB free_cma:0kB [ 217.001113][ T9651] lowmem_reserve[]: 0 0 1 1 1 [ 217.008505][ T9651] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 217.037860][ T9651] lowmem_reserve[]: 0 0 0 0 0 [ 217.042966][ T9651] Node 1 Normal free:3898856kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:22948kB local_pcp:13252kB free_cma:0kB [ 217.075683][ T9651] lowmem_reserve[]: 0 0 0 0 0 [ 217.080507][ T9651] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 217.093555][ T9651] Node 0 DMA32: 581*4kB (ME) 157*8kB (UME) 134*16kB (UME) 39*32kB (UME) 53*64kB (UME) 28*128kB (UME) 9*256kB (UME) 9*512kB (UME) 8*1024kB (ME) 8*2048kB (UM) 232*4096kB (M) = 995708kB [ 217.112037][ T9651] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 217.125174][ T9651] Node 1 Normal: 220*4kB (UME) 57*8kB (UME) 47*16kB (UME) 46*32kB (UME) 18*64kB (UME) 7*128kB (UME) 2*256kB (UM) 1*512kB (U) 1*1024kB (U) 0*2048kB 950*4096kB (ME) = 3898856kB [ 217.145066][ T9651] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 217.168791][ T9651] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 217.178602][ T9651] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 217.190739][ T9651] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 217.201077][ T9651] 69259 total pagecache pages [ 217.208351][ T9651] 0 pages in swap cache [ 217.214672][ T9651] Free swap = 124652kB [ 217.218904][ T9651] Total swap = 124996kB [ 217.227891][ T9651] 2097051 pages RAM [ 217.231769][ T9651] 0 pages HighMem/MovableOnly [ 217.237129][ T9651] 416137 pages reserved [ 217.241403][ T9651] 0 pages cma reserved [ 218.027521][ T9691] syzkaller0: entered promiscuous mode [ 218.052664][ T9691] syzkaller0: entered allmulticast mode [ 218.337449][ T9693] syzkaller0: entered promiscuous mode [ 218.352711][ T9693] syzkaller0: entered allmulticast mode [ 218.845979][ T9708] syzkaller0: entered promiscuous mode [ 218.851493][ T9708] syzkaller0: entered allmulticast mode [ 219.091545][ T9723] ALSA: seq fatal error: cannot create timer (-19) [ 219.203337][ T9732] IPv4: Oversized IP packet from 127.202.26.0 [ 219.316283][ T9737] geneve2: entered promiscuous mode [ 219.321533][ T9737] geneve2: entered allmulticast mode [ 219.346707][ T9739] pim6reg1: entered promiscuous mode [ 219.352255][ T9739] pim6reg1: entered allmulticast mode [ 219.365989][ T9741] wg1 speed is unknown, defaulting to 1000 [ 219.398832][ T9741] lo speed is unknown, defaulting to 1000 [ 219.514541][ T9745] syz.1.1420[9745] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 219.514668][ T9745] syz.1.1420[9745] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 219.922763][ T5792] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 220.142837][ T5792] usb 4-1: Using ep0 maxpacket: 16 [ 220.218472][ T5792] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 220.345586][ T5792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.493968][ T5792] usb 4-1: Product: syz [ 220.557009][ T5792] usb 4-1: Manufacturer: syz [ 220.639903][ T5792] usb 4-1: SerialNumber: syz [ 220.716589][ T5792] usb 4-1: config 0 descriptor?? [ 220.755792][ T5792] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 221.147642][ T5792] ssu100: probe of 4-1:0.0 failed with error -71 [ 221.161245][ T5792] usb 4-1: USB disconnect, device number 2 [ 222.045882][ T9771] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 223.159766][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 223.168517][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 225.273050][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 225.281625][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 225.290414][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 225.412352][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 225.421005][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 225.617155][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 225.625772][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 225.719621][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 226.160026][ T9805] Bluetooth: hci4: Frame reassembly failed (-84) [ 226.171045][ T9402] Bluetooth: hci4: Frame reassembly failed (-84) [ 226.659546][ T9814] netlink: 'syz.2.1444': attribute type 1 has an invalid length. [ 226.667428][ T9814] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1444'. [ 227.384862][ T9829] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1450'. [ 227.398262][ T9829] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1450'. [ 227.480083][ T9831] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1451'. [ 229.686201][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 229.739569][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 230.265440][ T28] IPVS: starting estimator thread 0... [ 230.371481][ T5852] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 230.454268][ T9859] IPVS: using max 20 ests per chain, 48000 per kthread [ 230.580029][ T9396] Bluetooth: hci4: Frame reassembly failed (-84) [ 230.602683][ T5852] usb 2-1: Using ep0 maxpacket: 32 [ 230.702192][ T5852] usb 2-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 230.730206][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.748085][ T5852] usb 2-1: config 0 descriptor?? [ 230.786456][ T5852] as10x_usb: device has been detected [ 230.874908][ T5852] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 231.013114][ T5852] usb 2-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 231.184882][ T5852] as10x_usb: error during firmware upload part1 [ 231.323138][ T5852] Registered device nBox DVB-T Dongle [ 231.392964][ T5852] usb 2-1: USB disconnect, device number 6 [ 231.611273][ T5852] Unregistered device nBox DVB-T Dongle [ 231.627980][ T5852] as10x_usb: device has been disconnected [ 232.594829][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 232.601955][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 234.345054][ T9894] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1471'. [ 241.472751][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 241.705988][ T9396] Bluetooth: hci4: Frame reassembly failed (-84) [ 241.738120][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 241.756442][ T9] usb 4-1: config 0 has an invalid interface number: 72 but max is 16 [ 241.770625][ T9] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 17 [ 241.793711][ T9] usb 4-1: config 0 has no interface number 0 [ 241.822234][ T9] usb 4-1: config 0 interface 72 has no altsetting 0 [ 241.837500][ T9] usb 4-1: New USB device found, idVendor=6069, idProduct=0f39, bcdDevice=e8.f9 [ 241.847991][ T9] usb 4-1: New USB device strings: Mfr=3, Product=2, SerialNumber=3 [ 241.874588][ T9] usb 4-1: Product: syz [ 241.901059][ T9] usb 4-1: Manufacturer: syz [ 241.950621][ T9] usb 4-1: SerialNumber: syz [ 242.007283][ T9] usb 4-1: config 0 descriptor?? [ 242.446165][ T9] usb 4-1: Quirk or no altest; falling back to MIDI 1.0 [ 242.456224][ T9] usb 4-1: MIDIStreaming interface descriptor not found [ 243.712874][ T5795] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 244.161448][ T9] usb 4-1: USB disconnect, device number 3 [ 244.433790][ T9979] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1497'. [ 247.281889][ T28] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 247.655557][ T28] usb 1-1: Using ep0 maxpacket: 8 [ 247.666066][ T28] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 247.680240][ T28] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 247.691054][ T28] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 247.714768][ T28] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 247.732341][ T28] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 247.817490][ T28] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 247.926713][ T28] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.782763][ T5778] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 248.982704][ T5778] usb 2-1: Using ep0 maxpacket: 32 [ 249.009225][ T5778] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 249.028515][ T5778] usb 2-1: config 0 has no interface number 0 [ 249.054393][ T5778] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 249.082700][ T5778] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.092662][ T5778] usb 2-1: Product: syz [ 249.096885][ T5778] usb 2-1: Manufacturer: syz [ 249.111714][ T5778] usb 2-1: SerialNumber: syz [ 249.119161][ T5778] usb 2-1: config 0 descriptor?? [ 249.154615][ T5778] smsc95xx v2.0.0 [ 249.158275][ T5778] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 249.183449][ T5778] smsc95xx: probe of 2-1:0.67 failed with error -22 [ 249.400003][ T28] usb 2-1: USB disconnect, device number 7 [ 249.749694][T10045] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1522'. [ 251.205278][ T28] usb 1-1: USB disconnect, device number 14 [ 251.518150][T10068] netlink: 'syz.3.1528': attribute type 1 has an invalid length. [ 252.223047][ T51] Bluetooth: hci2: unknown advertising packet type: 0x65 [ 252.223138][ T51] Bluetooth: hci2: Dropping invalid advertising data [ 252.238621][ T51] Bluetooth: hci2: Malformed LE Event: 0x02 [ 252.559409][T10082] overlayfs: failed to resolve './file0': -2 [ 252.805998][T10090] warning: `syz.0.1538' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 255.033862][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 255.040489][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 255.796632][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.986035][T10137] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 256.756345][ T5795] Bluetooth: hci4: sending frame failed (-49) [ 256.765443][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 257.133680][T10147] xt_socket: unknown flags 0x50 [ 258.146286][T10143] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 263.793667][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 263.802017][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 268.138672][ T27] kauditd_printk_skb: 43 callbacks suppressed [ 268.138683][ T27] audit: type=1326 audit(268.099:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10267 comm="syz.1.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 268.203794][ T27] audit: type=1326 audit(268.099:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10267 comm="syz.1.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 268.227914][ T27] audit: type=1326 audit(268.139:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10267 comm="syz.1.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 268.251298][ T27] audit: type=1326 audit(268.139:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10267 comm="syz.1.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff02e98f6c9 code=0x7ffc0000 [ 269.941916][T10310] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1609'. [ 271.375133][T10344] overlayfs: failed to clone upperpath [ 271.525883][ T5778] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 271.599155][T10357] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1625'. [ 271.610189][T10357] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1625'. [ 271.714770][ T5778] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 271.725449][ T5778] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 271.735777][ T5778] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.756719][ T5778] usb 4-1: config 0 descriptor?? [ 271.773775][ T5778] pwc: Askey VC010 type 2 USB webcam detected. [ 272.325466][ T5778] pwc: recv_control_msg error -32 req 02 val 2b00 [ 272.341636][ T5778] pwc: recv_control_msg error -32 req 02 val 2700 [ 272.354664][ T5778] pwc: recv_control_msg error -32 req 02 val 2c00 [ 272.383797][ T5778] pwc: recv_control_msg error -32 req 04 val 1000 [ 272.409971][ T5778] pwc: recv_control_msg error -32 req 04 val 1300 [ 272.421848][ T5778] pwc: recv_control_msg error -32 req 04 val 1400 [ 272.459593][ T5778] pwc: recv_control_msg error -32 req 02 val 2000 [ 272.484026][ T5778] pwc: recv_control_msg error -32 req 02 val 2100 [ 272.511805][ T5778] pwc: recv_control_msg error -32 req 04 val 1500 [ 272.540978][ T5778] pwc: recv_control_msg error -32 req 02 val 2500 [ 272.580566][ T5778] pwc: recv_control_msg error -32 req 02 val 2400 [ 272.634914][ T5778] pwc: recv_control_msg error -32 req 02 val 2600 [ 272.659346][ T5778] pwc: recv_control_msg error -32 req 02 val 2900 [ 273.014774][ T5778] pwc: recv_control_msg error -71 req 04 val 1100 [ 273.021735][ T5778] pwc: recv_control_msg error -71 req 04 val 1200 [ 273.058869][ T5778] pwc: Registered as video103. [ 273.062785][T10384] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1633'. [ 273.079821][ T5778] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input5 [ 273.132245][ T5778] usb 4-1: USB disconnect, device number 4 [ 274.322988][ T5778] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 274.552806][ T5778] usb 4-1: Using ep0 maxpacket: 16 [ 274.566625][ T5778] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 274.580982][ T5778] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 274.597329][ T5778] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.612191][ T5778] usb 4-1: config 0 descriptor?? [ 274.625654][ T5778] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input6 [ 274.822503][ T5148] bcm5974 4-1:0.0: could not read from device [ 274.839896][ T5148] bcm5974 4-1:0.0: could not read from device [ 274.851889][ T5778] bcm5974 4-1:0.0: could not read from device [ 274.876627][ T5778] input: failed to attach handler mousedev to device input6, error: -5 [ 274.904259][ T5778] usb 4-1: USB disconnect, device number 5 [ 275.364158][ T28] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 275.492150][T10444] binder: 10443:10444 unknown command 0 [ 275.507317][T10444] binder: 10443:10444 ioctl c0306201 200000000080 returned -22 [ 275.526666][T10444] binder_alloc: 10443: binder_alloc_buf, no vma [ 275.553121][ T28] usb 1-1: Using ep0 maxpacket: 32 [ 275.597430][ T28] usb 1-1: config 0 has an invalid interface number: 85 but max is 0 [ 275.632658][ T28] usb 1-1: config 0 has no interface number 0 [ 275.661791][ T28] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 275.673299][ T28] usb 1-1: config 0 interface 85 has no altsetting 0 [ 275.694794][ T28] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 275.706993][ T28] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.733617][ T28] usb 1-1: Product: syz [ 275.741249][ T28] usb 1-1: Manufacturer: syz [ 275.749015][ T28] usb 1-1: SerialNumber: syz [ 275.767745][ T28] usb 1-1: config 0 descriptor?? [ 276.615918][ T28] appletouch 1-1:0.85: Geyser mode initialized. [ 276.679037][ T28] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input7 [ 276.862541][ C1] appletouch 1-1:0.85: atp_complete: usb_submit_urb failed with result -1 [ 277.187515][ T28] usb 1-1: USB disconnect, device number 15 [ 277.230396][ T28] appletouch 1-1:0.85: input: appletouch disconnected [ 278.925920][T10479] syzkaller0: entered promiscuous mode [ 278.931760][T10479] syzkaller0: entered allmulticast mode [ 279.496410][T10491] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1665'. [ 279.528899][T10491] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1665'. [ 282.585346][T10519] syzkaller0: entered promiscuous mode [ 282.602842][T10519] syzkaller0: entered allmulticast mode [ 283.910497][T10548] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.981756][T10548] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.080996][T10548] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.161334][T10548] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.302172][T10548] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.338670][T10548] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.374306][T10548] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.392478][T10548] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.526678][T10566] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1690'. [ 284.581226][T10566] bond0: entered promiscuous mode [ 284.619013][T10566] bond_slave_0: entered promiscuous mode [ 284.641224][T10566] bond_slave_1: entered promiscuous mode [ 284.649126][T10566] bond0: left promiscuous mode [ 284.654150][T10566] bond_slave_0: left promiscuous mode [ 284.660672][T10566] bond_slave_1: left promiscuous mode [ 284.836058][T10568] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1690'. [ 285.148761][T10568] bond0: entered promiscuous mode [ 285.243928][T10568] bond_slave_0: entered promiscuous mode [ 285.256950][T10568] bond_slave_1: entered promiscuous mode [ 285.268802][T10568] bond0: left promiscuous mode [ 285.275155][T10568] bond_slave_0: left promiscuous mode [ 285.281281][T10568] bond_slave_1: left promiscuous mode [ 285.451526][ T9393] Bluetooth: hci4: Frame reassembly failed (-84) [ 286.226676][T10602] netlink: 'syz.3.1699': attribute type 79 has an invalid length. [ 287.472832][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 287.480058][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 289.728940][T10657] netlink: 'syz.3.1713': attribute type 1 has an invalid length. [ 289.829051][T10660] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 292.515414][T10700] ptrace attach of "./syz-executor exec"[5786] was attempted by ""[10700] [ 293.485221][T10760] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1740'. [ 293.981962][T10769] netlink: 'syz.3.1742': attribute type 4 has an invalid length. [ 293.994783][T10769] sz1: rxe_set_mtu: Set mtu to 256 [ 294.027900][T10769] infiniband sz1: set down [ 294.033851][ T5792] lo speed is unknown, defaulting to 1000 [ 294.040782][ T5792] lo speed is unknown, defaulting to 1000 [ 294.448918][T10772] netlink: 'syz.3.1742': attribute type 4 has an invalid length. [ 294.477985][T10772] sz1: rxe_set_mtu: Set mtu to 4096 [ 294.508140][T10772] infiniband sz1: set active [ 294.514321][ T8] lo speed is unknown, defaulting to 1000 [ 294.520079][ T8] lo speed is unknown, defaulting to 1000 [ 295.612242][T10776] Bluetooth: MGMT ver 1.22 [ 297.681755][T10844] overlayfs: failed to clone upperpath [ 298.860365][T10859] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1 [ 298.882711][T10859] ref_ctr increment failed for inode: 0x85b offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888078631300 [ 298.910375][T10859] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1 [ 298.921614][T10859] ref_ctr decrement failed for inode: 0x85b offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888078631300 [ 299.442588][ T9402] Bluetooth: hci4: Frame reassembly failed (-84) [ 299.676019][T10891] netlink: 'syz.0.1778': attribute type 5 has an invalid length. [ 299.765206][T10894] sctp: [Deprecated]: syz.0.1779 (pid 10894) Use of struct sctp_assoc_value in delayed_ack socket option. [ 299.765206][T10894] Use struct sctp_sack_info instead [ 299.790668][T10894] sctp: [Deprecated]: syz.0.1779 (pid 10894) Use of struct sctp_assoc_value in delayed_ack socket option. [ 299.790668][T10894] Use struct sctp_sack_info instead [ 301.477958][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 301.501505][T10915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1785'. [ 301.510579][T10915] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1785'. [ 302.839943][T10928] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1789'. [ 302.872995][T10928] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1789'. [ 304.219974][ T9402] Bluetooth: hci4: Frame reassembly failed (-84) [ 304.236276][T10965] fuse: Bad value for 'fd' [ 305.900988][T10975] mac80211_hwsim hwsim9 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 306.106581][T10998] netlink: 592 bytes leftover after parsing attributes in process `syz.3.1814'. [ 306.272907][ T51] Bluetooth: hci4: command 0x1003 tx timeout [ 306.280897][ T5795] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 308.818624][ T9402] wlan1: Trigger new scan to find an IBSS to join [ 311.023216][T11032] fuse: Bad value for 'fd' [ 314.215357][ T9393] wlan1: Trigger new scan to find an IBSS to join [ 314.405554][T11068] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1837'. [ 316.092785][ T5778] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 316.191701][T11091] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1847'. [ 316.325162][ T5778] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 316.340983][ T5778] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 316.357733][ T5778] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 316.367506][ T5778] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 316.383627][ T5778] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 316.394855][ T5778] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 316.403396][ T5778] usb 2-1: Product: syz [ 316.407877][ T9402] wlan1: Creating new IBSS network, BSSID 5a:7d:21:34:9e:f8 [ 316.415375][ T5778] usb 2-1: Manufacturer: syz [ 316.427779][ T5778] cdc_wdm 2-1:1.0: skipping garbage [ 316.433139][ T5778] cdc_wdm 2-1:1.0: skipping garbage [ 316.440458][ T5778] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 316.448483][ T5778] cdc_wdm 2-1:1.0: Unknown control protocol [ 316.638338][ T5792] usb 2-1: USB disconnect, device number 8 [ 317.254131][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.911524][T11129] syzkaller0: entered promiscuous mode [ 317.917536][T11129] syzkaller0: entered allmulticast mode [ 318.044714][ T9393] Bluetooth: hci4: Frame reassembly failed (-84) [ 320.112827][ T5795] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 323.531335][ T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 323.541231][ T51] CPU: 0 PID: 51 Comm: kworker/u5:0 Not tainted syzkaller #0 [ 323.548620][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 323.558695][ T51] Workqueue: hci1 hci_rx_work [ 323.563428][ T51] Call Trace: [ 323.566720][ T51] [ 323.569662][ T51] dump_stack_lvl+0x16c/0x230 [ 323.574367][ T51] ? show_regs_print_info+0x20/0x20 [ 323.579587][ T51] ? load_image+0x3b0/0x3b0 [ 323.584129][ T51] sysfs_create_dir_ns+0x256/0x280 [ 323.589283][ T51] ? hci_rx_work+0x43a/0xd80 [ 323.593898][ T51] ? sysfs_warn_dup+0xa0/0xa0 [ 323.598602][ T51] ? do_raw_spin_unlock+0x121/0x230 [ 323.603827][ T51] kobject_add_internal+0x6b8/0xc70 [ 323.609054][ T51] kobject_add+0x156/0x220 [ 323.613487][ T51] ? __rwlock_init+0x150/0x150 [ 323.618262][ T51] ? kobject_init+0x1e0/0x1e0 [ 323.622927][ T51] ? _raw_spin_unlock+0x28/0x40 [ 323.627782][ T51] ? get_device_parent+0x366/0x390 [ 323.632928][ T51] device_add+0x408/0xc20 [ 323.637290][ T51] hci_conn_add_sysfs+0xd5/0x1e0 [ 323.642261][ T51] le_conn_complete_evt+0xf36/0x1500 [ 323.647570][ T51] ? hci_event_packet+0x4a7/0x1210 [ 323.652714][ T51] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 323.658986][ T51] ? __copy_skb_header+0xa7/0x550 [ 323.664049][ T51] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 323.669712][ T51] ? skb_pull_data+0xfb/0x200 [ 323.674410][ T51] hci_le_enh_conn_complete_evt+0x189/0x460 [ 323.680335][ T51] ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0 [ 323.686779][ T51] ? hci_remote_host_features_evt+0x160/0x160 [ 323.692872][ T51] hci_event_packet+0x795/0x1210 [ 323.697839][ T51] ? bis_list+0x290/0x290 [ 323.699045][T11238] syzkaller0: entered promiscuous mode [ 323.702176][ T51] ? lockdep_hardirqs_on+0x98/0x150 [ 323.707966][T11238] syzkaller0: entered allmulticast mode [ 323.712865][ T51] ? hci_send_to_monitor+0xd7/0x4f0 [ 323.712903][ T51] hci_rx_work+0x43a/0xd80 [ 323.712941][ T51] ? process_scheduled_works+0x957/0x15b0 [ 323.712965][ T51] process_scheduled_works+0xa45/0x15b0 [ 323.739508][ T51] ? assign_work+0x400/0x400 [ 323.744118][ T51] ? assign_work+0x39e/0x400 [ 323.748721][ T51] worker_thread+0xa55/0xfc0 [ 323.753317][ T51] kthread+0x2fa/0x390 [ 323.757369][ T51] ? pr_cont_work+0x560/0x560 [ 323.762039][ T51] ? kthread_blkcg+0xd0/0xd0 [ 323.766618][ T51] ret_from_fork+0x48/0x80 [ 323.771022][ T51] ? kthread_blkcg+0xd0/0xd0 [ 323.775598][ T51] ret_from_fork_asm+0x11/0x20 [ 323.780366][ T51] [ 324.029021][ T51] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 324.046207][ T51] Bluetooth: hci1: failed to register connection device [ 324.718733][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 326.842792][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 326.850381][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 330.180618][ T9402] Bluetooth: hci4: Frame reassembly failed (-84) [ 330.436479][T11337] syzkaller0: entered promiscuous mode [ 330.450575][T11337] syzkaller0: entered allmulticast mode [ 331.506048][T11376] overlayfs: failed to resolve './file0': -2 [ 332.204148][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 332.204285][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 333.055778][T11394] syzkaller0: entered promiscuous mode [ 333.061289][T11394] syzkaller0: entered allmulticast mode [ 333.126068][T11396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1938'. [ 333.139513][T11396] wg1 speed is unknown, defaulting to 1000 [ 333.411755][T11403] tipc: Enabled bearer , priority 0 [ 333.421792][T11403] tipc: Disabling bearer [ 333.629335][ T11] Bluetooth: hci4: Frame reassembly failed (-84) [ 334.593996][ T27] audit: type=1326 audit(334.549:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 334.619341][ T27] audit: type=1326 audit(334.549:2752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 334.673453][ T5795] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11 [ 334.704531][ T27] audit: type=1326 audit(334.579:2753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 334.751452][ T27] audit: type=1326 audit(334.579:2754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 334.781347][T11429] syzkaller0: entered promiscuous mode [ 334.787088][T11429] syzkaller0: entered allmulticast mode [ 334.798285][ T27] audit: type=1326 audit(334.579:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 334.820625][ T27] audit: type=1326 audit(334.579:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 334.843867][ T27] audit: type=1326 audit(334.599:2757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 335.197655][T11441] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 335.204813][T11441] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 335.213520][T11441] vhci_hcd vhci_hcd.0: Device attached [ 335.227929][T11444] vhci_hcd: connection closed [ 335.238494][ T9393] vhci_hcd: stop threads [ 335.260526][ T9393] vhci_hcd: release socket [ 335.271199][ T9393] vhci_hcd: disconnect device [ 335.632819][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 336.554268][T11473] kvm: apic: phys broadcast and lowest prio [ 336.801784][T11479] wg1 speed is unknown, defaulting to 1000 [ 336.810321][T11479] lo speed is unknown, defaulting to 1000 [ 338.075374][T11497] syzkaller0: entered promiscuous mode [ 338.080848][T11497] syzkaller0: entered allmulticast mode [ 338.670756][ T3520] Bluetooth: hci4: Frame reassembly failed (-84) [ 340.672972][ T5795] Bluetooth: hci4: command 0x1003 tx timeout [ 340.679820][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 341.284191][T11516] syzkaller0: entered promiscuous mode [ 341.293943][T11516] syzkaller0: entered allmulticast mode [ 341.296877][T11514] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 341.325907][T11514] overlayfs: failed to set xattr on upper [ 341.333954][T11514] overlayfs: ...falling back to redirect_dir=nofollow. [ 341.341155][T11514] overlayfs: ...falling back to index=off. [ 341.348479][T11514] overlayfs: ...falling back to uuid=null. [ 341.548305][T11526] netlink: 'syz.3.1984': attribute type 5 has an invalid length. [ 341.572749][T11526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1984'. [ 343.231259][ T27] audit: type=1326 audit(343.193:2758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.279568][ T27] audit: type=1326 audit(343.193:2759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.345338][ T27] audit: type=1326 audit(343.223:2760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.409779][ T27] audit: type=1326 audit(343.223:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.433113][ T27] audit: type=1326 audit(343.223:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.467567][ T27] audit: type=1326 audit(343.223:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.523584][ T27] audit: type=1326 audit(343.223:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.567539][ T27] audit: type=1326 audit(343.223:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.612828][ T27] audit: type=1326 audit(343.223:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 343.667178][ T27] audit: type=1326 audit(343.223:2767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.3.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fa7b378f6c9 code=0x7ffc0000 [ 344.086407][T11573] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 345.373992][T11585] syzkaller0: entered promiscuous mode [ 345.379515][T11585] syzkaller0: entered allmulticast mode [ 345.441453][ T5795] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 345.512219][ T5795] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 345.527924][ T5795] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 345.553807][ T5795] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 345.564109][ T5795] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 345.571411][ T5795] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 345.637536][T11586] wg1 speed is unknown, defaulting to 1000 [ 345.645243][T11586] lo speed is unknown, defaulting to 1000 [ 346.202111][T11586] chnl_net:caif_netlink_parms(): no params data found [ 346.292728][T11598] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2006'. [ 346.850182][ T9402] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.930415][T11586] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.949858][T11586] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.957486][T11586] bridge_slave_0: entered allmulticast mode [ 346.965899][T11586] bridge_slave_0: entered promiscuous mode [ 346.996556][ T9402] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.010321][T11586] bridge0: port 2(bridge_slave_1) entered blocking state [ 347.017658][T11586] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.025704][T11586] bridge_slave_1: entered allmulticast mode [ 347.033064][T11586] bridge_slave_1: entered promiscuous mode [ 347.076883][T11586] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 347.116536][T11586] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 347.216215][T11586] team0: Port device team_slave_0 added [ 347.308709][ T9402] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.356638][T11586] team0: Port device team_slave_1 added [ 347.472196][ T9402] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.510483][T11586] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 347.528549][T11586] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.600242][T11586] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 347.613538][T11586] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 347.620496][T11586] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.647085][T11586] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 347.653175][ T5795] Bluetooth: hci4: command tx timeout [ 347.706367][T11586] hsr_slave_0: entered promiscuous mode [ 347.713768][T11586] hsr_slave_1: entered promiscuous mode [ 347.720066][T11586] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 347.728644][T11586] Cannot create hsr debugfs directory [ 348.059679][ T9402] tipc: Disabling bearer [ 348.079647][ T9402] tipc: Left network mode [ 348.315422][T11619] syzkaller0: entered promiscuous mode [ 348.320961][T11619] syzkaller0: entered allmulticast mode [ 348.512600][T11622] kvm: pic: level sensitive irq not supported [ 349.057036][T11586] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 349.152245][T11586] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 349.182138][T11586] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 349.232560][T11586] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 349.419325][T11586] 8021q: adding VLAN 0 to HW filter on device bond0 [ 349.464907][T11586] 8021q: adding VLAN 0 to HW filter on device team0 [ 349.513133][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.520402][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.617837][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.625553][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.712757][ T5795] Bluetooth: hci4: command tx timeout [ 349.791900][ T9402] bridge_slave_1: left allmulticast mode [ 349.800796][ T9402] bridge_slave_1: left promiscuous mode [ 349.816907][ T9402] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.831026][ T9402] bridge_slave_0: left promiscuous mode [ 349.837028][ T9402] bridge0: port 1(bridge_slave_0) entered disabled state [ 349.884960][ T9402] veth1_macvtap: left promiscuous mode [ 349.891052][ T9402] veth0_macvtap: left promiscuous mode [ 349.898563][ T9402] veth1_vlan: left promiscuous mode [ 349.904234][ T9402] veth0_vlan: left promiscuous mode [ 350.080295][ T9444] ------------[ cut here ]------------ [ 350.086338][ T9444] wlan1: Dropped data frame as no usable bitrate found while scanning and associated. Target station: 08:02:11:00:00:00 on 5 GHz band [ 350.101518][ T9444] WARNING: CPU: 0 PID: 9444 at net/mac80211/tx.c:769 ieee80211_tx_h_rate_ctrl+0xc7e/0x1770 [ 350.111658][ T9444] Modules linked in: [ 350.115665][ T9444] CPU: 0 PID: 9444 Comm: kworker/u4:64 Not tainted syzkaller #0 [ 350.123387][ T9444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 350.133587][ T9444] Workqueue: events_unbound cfg80211_wiphy_work [ 350.139950][ T9444] RIP: 0010:ieee80211_tx_h_rate_ctrl+0xc7e/0x1770 [ 350.146462][ T9444] Code: 8b 36 45 31 f6 83 e6 07 41 0f 95 c6 31 ff e8 29 8e 97 f7 43 8d 4c 76 02 48 c7 c7 e0 d3 be 8b 48 89 de 4c 89 fa e8 c2 07 62 f7 <0f> 0b 41 bf 01 00 00 00 e9 eb 02 00 00 e8 50 8a 97 f7 e9 70 fa ff [ 350.166188][ T9444] RSP: 0000:ffffc900035974e0 EFLAGS: 00010246 [ 350.172346][ T9444] RAX: 204819b83b7a8600 RBX: ffff88805bac95b0 RCX: ffff88802b7a1e00 [ 350.180433][ T9444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 350.188524][ T9444] RBP: ffffc90003597650 R08: ffffc900035970e7 R09: 1ffff920006b2e1c [ 350.196610][ T9444] R10: dffffc0000000000 R11: fffff520006b2e1d R12: dffffc0000000000 [ 350.204704][ T9444] R13: ffffc90003597808 R14: 0000000000000001 R15: ffff888037bb8f44 [ 350.212757][ T9444] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 350.221705][ T9444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 350.228390][ T9444] CR2: 000000110c2485b3 CR3: 000000006114c000 CR4: 00000000003506f0 [ 350.236466][ T9444] Call Trace: [ 350.239784][ T9444] [ 350.242899][ T9444] ? ieee80211_tx_h_select_key+0x19e0/0x19e0 [ 350.248932][ T9444] ? ieee80211_is_bufferable_mmpdu+0xfb/0x1f0 [ 350.255137][ T9444] invoke_tx_handlers_late+0xb6/0x1810 [ 350.260666][ T9444] ? invoke_tx_handlers_early+0xa11/0x1cf0 [ 350.266595][ T9444] ieee80211_tx+0x2ad/0x420 [ 350.271146][ T9444] ? ieee80211_skb_resize+0x630/0x630 [ 350.276667][ T9444] ? ieee80211_set_qos_hdr+0x1ca/0x510 [ 350.282170][ T9444] ? __bpf_trace_tasklet+0x140/0x140 [ 350.287589][ T9444] ? ieee80211_xmit+0x310/0x3f0 [ 350.292491][ T9444] ? __ieee80211_tx_skb_tid_band+0x490/0x610 [ 350.298587][ T9444] __ieee80211_tx_skb_tid_band+0x4d5/0x610 [ 350.304512][ T9444] ? ieee80211_scan_state_send_probe+0x4b4/0x930 [ 350.310880][ T9444] ieee80211_scan_state_send_probe+0x560/0x930 [ 350.317214][ T9444] ieee80211_scan_work+0x4e8/0x1c30 [ 350.322544][ T9444] cfg80211_wiphy_work+0x225/0x260 [ 350.327740][ T9444] ? process_scheduled_works+0x957/0x15b0 [ 350.333559][ T9444] process_scheduled_works+0xa45/0x15b0 [ 350.339207][ T9444] ? assign_work+0x400/0x400 [ 350.343954][ T9444] ? assign_work+0x39e/0x400 [ 350.348592][ T9444] worker_thread+0xa55/0xfc0 [ 350.353277][ T9444] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 350.359205][ T9444] ? _raw_spin_unlock+0x40/0x40 [ 350.364163][ T9444] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 350.370137][ T9444] kthread+0x2fa/0x390 [ 350.374294][ T9444] ? pr_cont_work+0x560/0x560 [ 350.379006][ T9444] ? kthread_blkcg+0xd0/0xd0 [ 350.383692][ T9444] ret_from_fork+0x48/0x80 [ 350.388146][ T9444] ? kthread_blkcg+0xd0/0xd0 [ 350.392852][ T9444] ret_from_fork_asm+0x11/0x20 [ 350.397693][ T9444] [ 350.400748][ T9444] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 350.408014][ T9444] CPU: 0 PID: 9444 Comm: kworker/u4:64 Not tainted syzkaller #0 [ 350.415617][ T9444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 350.425652][ T9444] Workqueue: events_unbound cfg80211_wiphy_work [ 350.431876][ T9444] Call Trace: [ 350.435134][ T9444] [ 350.438042][ T9444] dump_stack_lvl+0x16c/0x230 [ 350.442705][ T9444] ? show_regs_print_info+0x20/0x20 [ 350.447883][ T9444] ? load_image+0x3b0/0x3b0 [ 350.452367][ T9444] panic+0x2c0/0x710 [ 350.456245][ T9444] ? bpf_jit_dump+0xd0/0xd0 [ 350.460727][ T9444] ? ret_from_fork_asm+0x11/0x20 [ 350.465647][ T9444] __warn+0x2e0/0x470 [ 350.469606][ T9444] ? ieee80211_tx_h_rate_ctrl+0xc7e/0x1770 [ 350.475387][ T9444] ? ieee80211_tx_h_rate_ctrl+0xc7e/0x1770 [ 350.481166][ T9444] report_bug+0x2be/0x4f0 [ 350.485476][ T9444] ? ieee80211_tx_h_rate_ctrl+0xc7e/0x1770 [ 350.491256][ T9444] ? ieee80211_tx_h_rate_ctrl+0xc7e/0x1770 [ 350.497037][ T9444] ? ieee80211_tx_h_rate_ctrl+0xc80/0x1770 [ 350.502833][ T9444] handle_bug+0xcf/0x120 [ 350.507074][ T9444] exc_invalid_op+0x1a/0x50 [ 350.511556][ T9444] asm_exc_invalid_op+0x1a/0x20 [ 350.516385][ T9444] RIP: 0010:ieee80211_tx_h_rate_ctrl+0xc7e/0x1770 [ 350.522777][ T9444] Code: 8b 36 45 31 f6 83 e6 07 41 0f 95 c6 31 ff e8 29 8e 97 f7 43 8d 4c 76 02 48 c7 c7 e0 d3 be 8b 48 89 de 4c 89 fa e8 c2 07 62 f7 <0f> 0b 41 bf 01 00 00 00 e9 eb 02 00 00 e8 50 8a 97 f7 e9 70 fa ff [ 350.542358][ T9444] RSP: 0000:ffffc900035974e0 EFLAGS: 00010246 [ 350.548416][ T9444] RAX: 204819b83b7a8600 RBX: ffff88805bac95b0 RCX: ffff88802b7a1e00 [ 350.556380][ T9444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 350.564340][ T9444] RBP: ffffc90003597650 R08: ffffc900035970e7 R09: 1ffff920006b2e1c [ 350.572292][ T9444] R10: dffffc0000000000 R11: fffff520006b2e1d R12: dffffc0000000000 [ 350.580243][ T9444] R13: ffffc90003597808 R14: 0000000000000001 R15: ffff888037bb8f44 [ 350.588225][ T9444] ? ieee80211_tx_h_select_key+0x19e0/0x19e0 [ 350.594193][ T9444] ? ieee80211_is_bufferable_mmpdu+0xfb/0x1f0 [ 350.600246][ T9444] invoke_tx_handlers_late+0xb6/0x1810 [ 350.605692][ T9444] ? invoke_tx_handlers_early+0xa11/0x1cf0 [ 350.611502][ T9444] ieee80211_tx+0x2ad/0x420 [ 350.615992][ T9444] ? ieee80211_skb_resize+0x630/0x630 [ 350.621351][ T9444] ? ieee80211_set_qos_hdr+0x1ca/0x510 [ 350.626791][ T9444] ? __bpf_trace_tasklet+0x140/0x140 [ 350.632057][ T9444] ? ieee80211_xmit+0x310/0x3f0 [ 350.636890][ T9444] ? __ieee80211_tx_skb_tid_band+0x490/0x610 [ 350.642849][ T9444] __ieee80211_tx_skb_tid_band+0x4d5/0x610 [ 350.648643][ T9444] ? ieee80211_scan_state_send_probe+0x4b4/0x930 [ 350.654962][ T9444] ieee80211_scan_state_send_probe+0x560/0x930 [ 350.661159][ T9444] ieee80211_scan_work+0x4e8/0x1c30 [ 350.666399][ T9444] cfg80211_wiphy_work+0x225/0x260 [ 350.671521][ T9444] ? process_scheduled_works+0x957/0x15b0 [ 350.677238][ T9444] process_scheduled_works+0xa45/0x15b0 [ 350.682790][ T9444] ? assign_work+0x400/0x400 [ 350.687373][ T9444] ? assign_work+0x39e/0x400 [ 350.691951][ T9444] worker_thread+0xa55/0xfc0 [ 350.696525][ T9444] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 350.702407][ T9444] ? _raw_spin_unlock+0x40/0x40 [ 350.707240][ T9444] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 350.713133][ T9444] kthread+0x2fa/0x390 [ 350.717184][ T9444] ? pr_cont_work+0x560/0x560 [ 350.721847][ T9444] ? kthread_blkcg+0xd0/0xd0 [ 350.726423][ T9444] ret_from_fork+0x48/0x80 [ 350.730826][ T9444] ? kthread_blkcg+0xd0/0xd0 [ 350.735401][ T9444] ret_from_fork_asm+0x11/0x20 [ 350.740165][ T9444] [ 350.743391][ T9444] Kernel Offset: disabled [ 350.747792][ T9444] Rebooting in 86400 seconds..