last executing test programs: 6.413422164s ago: executing program 2 (id=992): sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000000)="95", 0x1}], 0x1}}], 0x1, 0x931766f6319eed40) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f00000020c0)=""/4130, &(0x7f0000000000)=0x1022) 6.08147595s ago: executing program 2 (id=994): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f0000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWSETELEM={0x50, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x24, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2df31ab3}]}, {0x4}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 5.971475165s ago: executing program 2 (id=995): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000200)={'gre0\x00', &(0x7f00000003c0)={'syztnl1\x00', 0x0, 0x80, 0x10, 0x0, 0xffffff7f, {{0x5, 0x4, 0x3, 0x7, 0x14, 0x66, 0x0, 0x3, 0x9dfffc051290cb52, 0x0, @private=0xa010102, @multicast1}}}}) 1.792198461s ago: executing program 2 (id=1027): r0 = socket$packet(0x11, 0x3, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x8, 0x1000000}, 0xfffffedf, 0x10, &(0x7f0000000040), 0xeafcf7e0, 0x0, 0xffffffffffffffff, 0xd}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200)=r1, 0x4) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa845942824251d7d17b5191584bcd4fbe40a23424d00", "bcfd56ea3b2222d70fbf31db5e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) 1.667817387s ago: executing program 2 (id=1029): r0 = memfd_create(&(0x7f0000000040)='\xb1Y\xf8\x90;\x7f\x00\x00\x00\xfd\xeb\xf60\xa8N\xc0\xfeR\x01\x95', 0x1) fallocate(r0, 0x0, 0x800657, 0x40000b7) fallocate(r0, 0x0, 0x800657, 0x40000b7) 1.357324113s ago: executing program 1 (id=1034): syz_read_part_table(0x1051, &(0x7f0000000000)="$eJzsz0EOwUAABdDfGlRE2yPYiBM5gntwHYezkliSUuICIpL3NvN/Mn+SCT+2eh6X49iv3b6ZpJkmi9RJyrb5uF0lYy1JDush1SVVSannyTKPTdtnU70m3TCZvV8439K3Y96dvv49AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgD9wAAAP//8nAHgQ==") 1.357047783s ago: executing program 3 (id=1035): sendmsg$inet6(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000000c0)='g9<\a', 0x4}], 0x1}, 0x4000000) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$kcm(0x23, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f00000000c0), 0x4) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000940)) 1.180032461s ago: executing program 3 (id=1037): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, &(0x7f0000000180)) 1.131222674s ago: executing program 3 (id=1038): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000240)="f2435f0100088000000000854305", 0xe, 0x1, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x14) 1.059743647s ago: executing program 1 (id=1039): r0 = socket(0x2b, 0x80801, 0x1) getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000040)) 895.383465ms ago: executing program 1 (id=1041): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, &(0x7f0000003940)) 895.059835ms ago: executing program 3 (id=1042): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file1\x00', 0x4, &(0x7f0000001180)={[{@fat=@discard}, {@fat=@nfs}, {@dots}, {}, {@fat=@fmask={'fmask', 0x3d, 0x10}}, {@nodots}, {@fat=@discard}, {@dots}]}, 0x1, 0x22d, &(0x7f0000000300)="$eJzs3b2KE1EYBuDP3exu2MatxWLAxiqodzDICuKAEJlCKwdWm10RZpvRKpfhNXhJXsZW6UbMhPwZbTQes/M8EOaFl8B3mpwU5yRv73+4vPh4/b799iWGwywGEZOYRpzFQRxG5878eTDLx7FqEgDAvhmPqzz1DOxWXefVUUSc/NSUX5MMBAAAAAAAAAAAwB9z/h8A+sf5/9uvrvPqdP79bZ3z/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA607a92/7mlXo+AODvs/8DQP/Y/wGgf+z/ANA/r16/eZEXxfk4y4YRN5OmbMru2fXPnhfnj7KZs+W7bpqmPFz0j7s+W++P4nTeP9naH8fDB13/o3v6stjoT+Ji98sHAAAAAAAAAAAAAAAAAACA/8IoW9h6v380+lXfpZXfB9i4vz+Ie4N/tgwAAAAAAAAAAAAAAAAAAADYa9efPl9WV1fvakEQhEVI/ckEAAAAAAAAAAAAAAAAAAD9s7z0m3oSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEhn+f//uwup1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w/cAAAD//wu+k9A=") syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0)) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000000), 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10882, 0x97) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 779.514531ms ago: executing program 0 (id=1043): fsopen(&(0x7f0000000180)='ext4\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000001900010000000000000000001c140000fe000001000000000800", @ANYRES64=r0], 0x24}}, 0x4000000) 748.629223ms ago: executing program 1 (id=1044): socket$inet_udplite(0x2, 0x2, 0x88) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) close_range(r0, 0xffffffffffffffff, 0x0) 647.879787ms ago: executing program 3 (id=1045): r0 = socket(0xa, 0x3, 0x3a) socket$igmp6(0xa, 0x3, 0x2) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14}, 0x94) getsockname$packet(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = msgget$private(0x0, 0x0) msgsnd(r2, 0x0, 0x0, 0xe800) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x2004c8c5}, 0x80) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$key(0xf, 0x3, 0x2) recvmmsg(r4, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, 0x0, 0x0) sendmsg$key(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="0208000002"], 0x10}}, 0x10) r5 = socket$inet6(0xa, 0x1, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) unshare(0x2c020400) connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r5, 0x29, 0x4e, 0x0, 0x0) ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(r3, 0x4048587b, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, 0x0, 0x0) 647.657548ms ago: executing program 0 (id=1046): r0 = socket(0x10, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000001000370400"/20, @ANYRES32=r1, @ANYBLOB="83040500000000002800128008000100677265001c00028006000e0006"], 0x48}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) 579.897651ms ago: executing program 1 (id=1047): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x3, 0x6361, 0x5, 0xfffffffd, 0xfffffff3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc04c001}, 0x20000804) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x19}, {0xb, 0xb}, {0xd, 0x7}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x9}, @TCA_FQ_LOW_RATE_THRESHOLD={0x8, 0xb, 0x1}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000050}, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 445.474518ms ago: executing program 0 (id=1048): sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)={0xfc, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_NAT={0x4}, @CTA_EXPECT_NAT={0x78, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}]}, @CTA_EXPECT_NAT_TUPLE={0x4c, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @local}}}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_NAT={0x6c, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x50, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x37}}}}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400}) 379.98267ms ago: executing program 3 (id=1049): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a546fc2b2, 0xffffffffffffffff, 0x10000000) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x0}) pread64(r0, &(0x7f0000000000)=""/65, 0x41, 0x7bdb) 274.969716ms ago: executing program 0 (id=1050): mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x8, 0x32, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0xf, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x48010000}, {0x85, 0x0, 0x0, 0xcb}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000080)='GPL\x00', 0x2, 0x1001, &(0x7f0000001cc0)=""/4097, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) 235.480418ms ago: executing program 1 (id=1051): getpeername$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000980)=0x14) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x574, &(0x7f00000003c0)="$eJzs3ctrG8cfAPDvylbev18cCKEtpRh6aEoaObb7SKGH9NyGBtp7KmzFBMtRsOQQu4Emh+ZcQi+lgdJ76bnH0H+gh/4NgTYQSjDtoReVlXcV2Zb8SORHqs8H1szsrDwzmp3RjEZCAQys0fRPIeLliPg6iTgeEUmWNhxZ4ujKdctPbk2lRxLN5qd/Jq3r0nj+v/LHHc0iL0XEL19FnCmsz7e+uDRbrlYr81l8rDF3fay+uHT26lx5pjJTuTYxOXn+ncmJ9997t291ffPS399+8mAoi524l8SFOJbFOuvxHG53RkZjNHtOinFhzYXjfchsP0m6nv1p18vB9gxl/bwY6RhwPIayXg/8930ZEU1gQCXb7v+/FXemJMDuyucB+dq+T+vgF8bjD1cWQOvrP7zy3kgcaq2Njiwnq1ZG6Xp3pA/5p3n8/Mf9e+kR/XsfAmBTt+9ExLnh4fXjX5KNf8/u3BauWZuH8Q92z4N0/vNWt/lPoT3/iS7zn6Nd+u6z2Lz/Fx71IZue0vnfB13nv+1Nq5GhLPa/1pyvmFy5Wq2kY9v/I+J0FA+m8Y32c84vP2z2Suuc/6VHmn8+F8zK8Wj44OrHTJcb5eepc6fHdyJe6Tr/Tdrtn3Rp//T5uLTFPE5V7r/WK23z+u+s5g8Rb3Rt/6c7WsnG+5NjrfthLL8r1vvr7qlfe+W/1/VP2//IxvUfSTr3a+vbz+P7Q/9Uor2fvNqq+sfW7/8DyWet8IHs3M1yozE/HnEg+bh9vpCfn3j62DyeX5/W//TrG49/3e7/wxHx+Rbrf/fkj6/2StsP7T/dtf3bq9s17d8zkN8w65IefvTFd1lac+1AuLXx7+1W6HR2Zivj34YlnX+euxkAAAAAAAD2r0JEHIukUGqHC4VSaeXzHSfjSKFaqzfOXKktXJuO1ndlR6JYyHe6j3d8HmI82zHM4xNr4pMRcSIivhk63IqXpmrV6b2uPAAAAAAAAAAAAAAAAAAAAOwTR3t8/z/1+9Belw7YcX7yGwbXpv2/H7/0BOxLXv9hcOn/MLi22f+TnSoHsPu8/sPg0v9hcOn/MLg6+v/sXpYD2H1e/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCvLl28mB7N5Se3ptL49I3FhdnajbPTlfpsaW5hqjRVm79emqnVZqqV0lRtbrP/V63Vro9PxMLNsUal3hirLy5dnqstXGtcvjpXnqlcrhR3pVYAAAAAAAAAAAAAAAAAAADwYqkvLs2Wq9XKvIDAMwWG90cxBPoc2OuRCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACe+jcAAP//iecx8A==") setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f0000000380)="30573472b621739984c336124406e8a5c812ca847e3bf1b82ec91d46ab", 0x1d, 0x1) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000940)=ANY=[@ANYRESDEC, @ANYRESHEX], 0xfe37, 0x0) 127.967193ms ago: executing program 0 (id=1052): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26) r2 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0x1}}, 0x2e) getsockopt(r2, 0x111, 0x80000002, 0x0, &(0x7f0000000080)) 127.055293ms ago: executing program 2 (id=1053): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendto(r0, &(0x7f0000000180)="5533ac8144211fb3047c16637de72a0492d12a26fd1dd9d56735aa348d118b3116caaf6176ca9fa8a00429a7a0fba135e77caff937c70a9d353d71b612a4fe7c2ad20bb2a483bc0c6c09beee51dfbfbf56f037f1bbc25bb197b0bfe6a0cb929deec19cccb987ec96e54902cacf8525b63f", 0x71, 0x10, &(0x7f0000000280)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @remote}, 0x1, 0x3, 0x0, 0x3}}, 0x80) 0s ago: executing program 0 (id=1054): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000004e00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000001f917568420100000002000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="0000000014"], 0x38, 0x8004}}], 0x1, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.161' (ED25519) to the list of known hosts. [ 81.548061][ T5756] cgroup: Unknown subsys name 'net' [ 81.682412][ T5756] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.399039][ T5756] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.094615][ T5777] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.105532][ T5777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.114034][ T5777] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.122153][ T5777] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.129725][ T5777] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.138298][ T5777] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.159755][ T5778] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.168926][ T5778] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.176205][ T5777] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.177983][ T5778] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.190654][ T5777] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.195729][ T5778] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.205693][ T5778] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.213658][ T5778] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.221743][ T5778] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.230370][ T5778] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.239624][ T5778] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.248923][ T5785] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.255626][ T5783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.259515][ T5785] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.267561][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.271560][ T5785] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.284202][ T5783] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.303903][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.698070][ T5768] chnl_net:caif_netlink_parms(): no params data found [ 85.881221][ T5767] chnl_net:caif_netlink_parms(): no params data found [ 85.948891][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 85.968285][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.976258][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.983581][ T5768] bridge_slave_0: entered allmulticast mode [ 85.991596][ T5768] bridge_slave_0: entered promiscuous mode [ 86.046252][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.053404][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.060798][ T5768] bridge_slave_1: entered allmulticast mode [ 86.068383][ T5768] bridge_slave_1: entered promiscuous mode [ 86.093488][ T5774] chnl_net:caif_netlink_parms(): no params data found [ 86.163132][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.176663][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.196899][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.204301][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.211466][ T5767] bridge_slave_0: entered allmulticast mode [ 86.219600][ T5767] bridge_slave_0: entered promiscuous mode [ 86.267979][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.278431][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.285815][ T5767] bridge_slave_1: entered allmulticast mode [ 86.292841][ T5767] bridge_slave_1: entered promiscuous mode [ 86.330756][ T5768] team0: Port device team_slave_0 added [ 86.375324][ T5768] team0: Port device team_slave_1 added [ 86.381578][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.391964][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.399403][ T5770] bridge_slave_0: entered allmulticast mode [ 86.407105][ T5770] bridge_slave_0: entered promiscuous mode [ 86.418037][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.461748][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.469557][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.477097][ T5770] bridge_slave_1: entered allmulticast mode [ 86.484712][ T5770] bridge_slave_1: entered promiscuous mode [ 86.493731][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.527188][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.534520][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.560780][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.573134][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.580887][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.588814][ T5774] bridge_slave_0: entered allmulticast mode [ 86.596298][ T5774] bridge_slave_0: entered promiscuous mode [ 86.614315][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.623611][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.631157][ T5774] bridge_slave_1: entered allmulticast mode [ 86.638869][ T5774] bridge_slave_1: entered promiscuous mode [ 86.659259][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.666445][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.692610][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.739956][ T5767] team0: Port device team_slave_0 added [ 86.750130][ T5767] team0: Port device team_slave_1 added [ 86.759252][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.772192][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.804240][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.858667][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.868642][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.879859][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.914067][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.927137][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.935325][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.961659][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.975984][ T5770] team0: Port device team_slave_0 added [ 86.998430][ T5768] hsr_slave_0: entered promiscuous mode [ 87.005221][ T5768] hsr_slave_1: entered promiscuous mode [ 87.041874][ T5774] team0: Port device team_slave_0 added [ 87.051067][ T5774] team0: Port device team_slave_1 added [ 87.066870][ T5770] team0: Port device team_slave_1 added [ 87.166118][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.173220][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.204577][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.261212][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.270530][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.297025][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.307002][ T5785] Bluetooth: hci0: command tx timeout [ 87.313684][ T5081] Bluetooth: hci3: command tx timeout [ 87.331344][ T5767] hsr_slave_0: entered promiscuous mode [ 87.338909][ T5767] hsr_slave_1: entered promiscuous mode [ 87.350297][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.358869][ T5767] Cannot create hsr debugfs directory [ 87.369746][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.377194][ T5785] Bluetooth: hci2: command tx timeout [ 87.377786][ T5081] Bluetooth: hci1: command tx timeout [ 87.383590][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.425900][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.513006][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.525514][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.557160][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.736919][ T5774] hsr_slave_0: entered promiscuous mode [ 87.743720][ T5774] hsr_slave_1: entered promiscuous mode [ 87.752857][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.760843][ T5774] Cannot create hsr debugfs directory [ 87.785935][ T5770] hsr_slave_0: entered promiscuous mode [ 87.792488][ T5770] hsr_slave_1: entered promiscuous mode [ 87.799664][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.807518][ T5770] Cannot create hsr debugfs directory [ 88.111667][ T5768] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 88.148642][ T5768] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 88.189704][ T5768] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 88.215465][ T5768] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.246059][ T5767] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 88.258399][ T5767] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.278860][ T5767] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.289537][ T5767] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.414131][ T5770] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.428973][ T5770] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.440597][ T5770] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.451610][ T5770] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.553575][ T5774] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.589500][ T5774] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.601371][ T5774] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.622489][ T5774] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.651236][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.735389][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.747657][ T5768] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.797450][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.808003][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.815417][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.832997][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.840191][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.875907][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.912753][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.919962][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.963567][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.980649][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.987837][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.020410][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.027802][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.087446][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.101323][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.108567][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.192621][ T5774] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.260538][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.267761][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.301833][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.309276][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.376809][ T5081] Bluetooth: hci3: command tx timeout [ 89.382287][ T5081] Bluetooth: hci0: command tx timeout [ 89.456166][ T5081] Bluetooth: hci1: command tx timeout [ 89.459647][ T5785] Bluetooth: hci2: command tx timeout [ 89.470578][ T5774] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 89.495298][ T5774] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.662330][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.739558][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.837322][ T5768] veth0_vlan: entered promiscuous mode [ 89.876866][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.900253][ T5768] veth1_vlan: entered promiscuous mode [ 89.918465][ T5767] veth0_vlan: entered promiscuous mode [ 89.967540][ T5767] veth1_vlan: entered promiscuous mode [ 90.047292][ T5768] veth0_macvtap: entered promiscuous mode [ 90.074142][ T5767] veth0_macvtap: entered promiscuous mode [ 90.086085][ T5770] veth0_vlan: entered promiscuous mode [ 90.092964][ T5768] veth1_macvtap: entered promiscuous mode [ 90.113290][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.141705][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.158218][ T5767] veth1_macvtap: entered promiscuous mode [ 90.182898][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.195200][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.208557][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.220589][ T5770] veth1_vlan: entered promiscuous mode [ 90.238941][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.250970][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.262125][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.271619][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.280711][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.309842][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.320889][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.333708][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.355764][ T5768] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.364866][ T5768] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.373611][ T5768] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.383043][ T5768] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.476526][ T5770] veth0_macvtap: entered promiscuous mode [ 90.518665][ T5770] veth1_macvtap: entered promiscuous mode [ 90.538170][ T5774] veth0_vlan: entered promiscuous mode [ 90.594942][ T5774] veth1_vlan: entered promiscuous mode [ 90.616782][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.629220][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.642737][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.652419][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.664310][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.675105][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.687891][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.713093][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.733537][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.745058][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.755673][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.767308][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.783672][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.797241][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.808691][ T5770] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.822372][ T5770] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.832099][ T5770] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.841221][ T5770] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.897751][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.906329][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.951110][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.973505][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.992261][ T5774] veth0_macvtap: entered promiscuous mode [ 91.047526][ T5774] veth1_macvtap: entered promiscuous mode [ 91.156523][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.172626][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.193878][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.209419][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.220029][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.236773][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.251146][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.261878][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.291553][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.340603][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.361458][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.372872][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.384886][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.395775][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.407012][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.419603][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.431643][ T5838] syzkaller0: entered promiscuous mode [ 91.440179][ T5838] syzkaller0: entered allmulticast mode [ 91.454755][ T5785] Bluetooth: hci0: command tx timeout [ 91.456714][ T5081] Bluetooth: hci3: command tx timeout [ 91.539240][ T5844] syz.3.4[5844]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 91.550351][ T5081] Bluetooth: hci2: command tx timeout [ 91.584110][ T5844] loop3: detected capacity change from 0 to 512 [ 91.615457][ T5785] Bluetooth: hci1: command tx timeout [ 91.684389][ T5844] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 91.693904][ T5844] System zones: 1-12 [ 91.777113][ T5844] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.4: corrupted in-inode xattr: e_value size too large [ 91.797753][ T5844] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.4: couldn't read orphan inode 15 (err -117) [ 91.823260][ T5844] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.115179][ T5844] capability: warning: `syz.3.4' uses deprecated v2 capabilities in a way that may be insecure [ 92.140854][ T28] audit: type=1326 audit(1774123613.712:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5841 comm="syz.3.4" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67639c799 code=0x0 [ 92.237500][ T23] cfg80211: failed to load regulatory.db [ 93.393829][ C1] sched: RT throttling activated [ 93.815693][ T5785] Bluetooth: hci0: command tx timeout [ 93.821175][ T5785] Bluetooth: hci2: command tx timeout [ 93.826708][ T5785] Bluetooth: hci1: command tx timeout [ 93.832658][ T5081] Bluetooth: hci3: command tx timeout [ 94.399170][ T5774] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.410713][ T5774] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.420109][ T5774] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.429983][ T5774] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.478181][ T3546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.519636][ T3546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.659290][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.770986][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.796606][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.869824][ T5852] loop0: detected capacity change from 0 to 512 [ 94.879495][ T5852] ======================================================= [ 94.879495][ T5852] WARNING: The mand mount option has been deprecated and [ 94.879495][ T5852] and is ignored by this kernel. Remove the mand [ 94.879495][ T5852] option from the mount to silence this warning. [ 94.879495][ T5852] ======================================================= [ 94.929644][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.945928][ T5850] syzkaller0: entered promiscuous mode [ 94.956631][ T5850] syzkaller0: entered allmulticast mode [ 94.962594][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.996291][ T5852] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.019311][ T5852] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.044100][ T5850] Zero length message leads to an empty skb [ 96.334977][ T28] audit: type=1800 audit(1774123617.342:3): pid=5859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 96.418833][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.555165][ T5864] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 96.750144][ T5861] loop2: detected capacity change from 0 to 512 [ 96.781846][ T5872] loop0: detected capacity change from 0 to 512 [ 96.905037][ T5872] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 96.960353][ T5872] System zones: 1-12 [ 96.994378][ T5872] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.8: corrupted in-inode xattr: e_value size too large [ 97.058026][ T5872] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.8: couldn't read orphan inode 15 (err -117) [ 97.136003][ T5872] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.297016][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.823383][ T5881] loop1: detected capacity change from 0 to 512 [ 97.872656][ T5881] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 97.881254][ T5881] System zones: 1-12 [ 97.910711][ T5881] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.10: corrupted in-inode xattr: e_value size too large [ 97.927639][ T5881] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.10: couldn't read orphan inode 15 (err -117) [ 97.956171][ T5881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.361017][ T5891] loop3: detected capacity change from 0 to 512 [ 102.487322][ T5891] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 102.487650][ T5891] EXT4-fs: failed to create workqueue [ 102.503562][ T5891] EXT4-fs (loop3): mount failed [ 102.639205][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.936678][ T5896] loop0: detected capacity change from 0 to 512 [ 103.058154][ T5896] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 103.067970][ T5896] System zones: 1-12 [ 103.081727][ T5896] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.13: corrupted in-inode xattr: e_value size too large [ 103.098802][ T5896] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.13: couldn't read orphan inode 15 (err -117) [ 103.127644][ T5896] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.319087][ T28] audit: type=1326 audit(1774123624.902:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5893 comm="syz.0.13" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f62a2f9c799 code=0x0 [ 104.042836][ T5902] loop3: detected capacity change from 0 to 512 [ 104.066215][ T5902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.079107][ T5902] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.658172][ T28] audit: type=1800 audit(1774123629.082:5): pid=5904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.15" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 107.702201][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.718340][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.976076][ T5917] loop3: detected capacity change from 0 to 512 [ 108.009066][ T5917] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 108.039012][ T5917] System zones: 1-12 [ 108.059752][ T5917] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.17: corrupted in-inode xattr: e_value size too large [ 108.121143][ T5917] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.17: couldn't read orphan inode 15 (err -117) [ 108.192459][ T5923] loop0: detected capacity change from 0 to 512 [ 108.327858][ T5923] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 108.336548][ T5923] System zones: 1-12 [ 108.343077][ T5923] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.16: corrupted in-inode xattr: e_value size too large [ 108.365078][ T5923] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.16: couldn't read orphan inode 15 (err -117) [ 108.391866][ T5923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.677787][ T28] audit: type=1326 audit(1774123630.182:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5920 comm="syz.0.16" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f62a2f9c799 code=0x0 [ 110.405784][ T5917] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.740279][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.763021][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.055211][ T5936] loop1: detected capacity change from 0 to 512 [ 112.435923][ T5943] loop0: detected capacity change from 0 to 512 [ 112.453506][ T5942] loop2: detected capacity change from 0 to 512 [ 115.731022][ T5943] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 115.731853][ T5943] EXT4-fs: failed to create workqueue [ 115.746947][ T5943] EXT4-fs (loop0): mount failed [ 115.806715][ T5942] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 115.807022][ T5942] EXT4-fs: failed to create workqueue [ 115.822149][ T5942] EXT4-fs (loop2): mount failed [ 116.077295][ T5936] EXT4-fs: error -4 creating inode table initialization thread [ 116.144479][ T5936] EXT4-fs (loop1): mount failed [ 116.320325][ T5950] loop3: detected capacity change from 0 to 512 [ 116.446526][ T5950] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.490802][ T5950] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.944979][ T28] audit: type=1800 audit(1774123639.402:7): pid=5954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.25" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 118.022723][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.117400][ T5959] loop2: detected capacity change from 0 to 512 [ 118.351471][ T5959] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 118.360279][ T5959] System zones: 1-12 [ 118.379624][ T5959] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.26: corrupted in-inode xattr: e_value size too large [ 118.396817][ T5959] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.26: couldn't read orphan inode 15 (err -117) [ 118.415321][ T5959] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.651016][ T28] audit: type=1326 audit(1774123640.212:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.2.26" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f59a1d9c799 code=0x0 [ 123.562780][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.805421][ T5986] loop0: detected capacity change from 0 to 512 [ 123.835621][ T5986] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 123.844416][ T5986] System zones: 1-12 [ 123.946172][ T5986] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.30: corrupted in-inode xattr: e_value size too large [ 123.980549][ T5986] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.30: couldn't read orphan inode 15 (err -117) [ 124.003157][ T5986] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.407287][ T5998] loop3: detected capacity change from 0 to 512 [ 125.505646][ T5998] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.571389][ T5998] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.858042][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.973507][ T28] audit: type=1800 audit(1774123650.552:9): pid=6009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.34" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 129.109882][ T6017] loop1: detected capacity change from 0 to 512 [ 129.214224][ T6017] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 129.222951][ T6017] System zones: 1-12 [ 129.285698][ T6017] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.38: corrupted in-inode xattr: e_value size too large [ 129.303712][ T6017] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.38: couldn't read orphan inode 15 (err -117) [ 129.324820][ T6017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.581914][ T28] audit: type=1326 audit(1774123651.102:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.1.38" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f930c39c799 code=0x0 [ 131.420989][ T6014] loop0: detected capacity change from 0 to 512 [ 131.422007][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.715140][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.903665][ T6033] loop3: detected capacity change from 0 to 512 [ 133.034645][ T6033] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 133.043389][ T6033] System zones: 1-12 [ 133.121658][ T6033] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.40: corrupted in-inode xattr: e_value size too large [ 133.146201][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.159278][ T6033] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.40: couldn't read orphan inode 15 (err -117) [ 133.202576][ T6033] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.298455][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.403263][ T28] audit: type=1326 audit(1774123654.982:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6029 comm="syz.3.40" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67639c799 code=0x0 [ 136.196516][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.448290][ T6056] loop1: detected capacity change from 0 to 512 [ 136.482440][ T6056] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 136.491216][ T6056] System zones: 1-12 [ 136.541978][ T6056] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.47: corrupted in-inode xattr: e_value size too large [ 136.563405][ T6056] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.47: couldn't read orphan inode 15 (err -117) [ 136.585093][ T6056] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.756497][ T28] audit: type=1326 audit(1774123658.322:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6051 comm="syz.1.47" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f930c39c799 code=0x0 [ 139.010294][ T6066] loop0: detected capacity change from 0 to 512 [ 140.872697][ T6066] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 140.873002][ T6066] EXT4-fs: failed to create workqueue [ 140.888230][ T6066] EXT4-fs (loop0): mount failed [ 140.936759][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.904553][ T6081] loop3: detected capacity change from 0 to 512 [ 142.960588][ T6079] hub 9-0:1.0: USB hub found [ 142.967233][ T6079] hub 9-0:1.0: 1 port detected [ 143.011626][ T6081] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.070381][ T6081] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.589894][ T6093] loop0: detected capacity change from 0 to 512 [ 145.012063][ T6097] loop1: detected capacity change from 0 to 512 [ 147.909839][ T6093] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 147.910177][ T6093] EXT4-fs: failed to create workqueue [ 147.925842][ T6093] EXT4-fs (loop0): mount failed [ 147.940974][ T6097] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 147.941305][ T6097] EXT4-fs: failed to create workqueue [ 147.956441][ T6097] EXT4-fs (loop1): mount failed [ 148.098247][ T28] audit: type=1800 audit(1774123669.552:13): pid=6095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.53" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 148.410097][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.275062][ T6115] loop3: detected capacity change from 0 to 512 [ 149.414587][ T6115] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 149.423336][ T6115] System zones: 1-12 [ 149.448256][ T6115] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.56: corrupted in-inode xattr: e_value size too large [ 149.478063][ T6115] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.56: couldn't read orphan inode 15 (err -117) [ 149.500001][ T6115] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 149.644044][ T28] audit: type=1326 audit(1774123671.172:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6110 comm="syz.3.56" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67639c799 code=0x0 [ 152.818899][ T6127] loop1: detected capacity change from 0 to 512 [ 152.958800][ T6128] loop0: detected capacity change from 0 to 512 [ 154.410481][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.147662][ T6127] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 156.149499][ T6127] EXT4-fs: failed to create workqueue [ 156.164705][ T6127] EXT4-fs (loop1): mount failed [ 156.226657][ T6128] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 156.235376][ T6128] System zones: 1-12 [ 156.265427][ T6128] EXT4-fs: error -4 creating inode table initialization thread [ 156.273464][ T6128] EXT4-fs (loop0): mount failed [ 157.200385][ T6137] loop1: detected capacity change from 0 to 512 [ 157.868273][ T6137] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 157.876950][ T6137] System zones: 1-12 [ 157.890195][ T6137] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.65: corrupted in-inode xattr: e_value size too large [ 157.908657][ T6137] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.65: couldn't read orphan inode 15 (err -117) [ 157.927413][ T6137] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.081697][ T6152] netlink: 16 bytes leftover after parsing attributes in process `syz.2.68'. [ 159.757532][ T6158] loop2: detected capacity change from 0 to 512 [ 159.823471][ T6159] loop3: detected capacity change from 0 to 512 [ 159.832988][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.844683][ T6158] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.861294][ T6161] loop0: detected capacity change from 0 to 512 [ 159.887690][ T6158] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.939783][ T6159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.073200][ T6159] ext4 filesystem being mounted at /15/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.209095][ T6167] loop1: detected capacity change from 0 to 512 [ 162.188750][ T28] audit: type=1800 audit(1774123683.652:15): pid=6169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.71" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 162.351641][ T6167] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 162.360458][ T6167] System zones: 1-12 [ 162.405974][ T6167] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.72: corrupted in-inode xattr: e_value size too large [ 162.421978][ T6167] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.72: couldn't read orphan inode 15 (err -117) [ 162.441728][ T6167] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 163.411022][ T28] audit: type=1326 audit(1774123684.222:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6164 comm="syz.1.72" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f930c39c799 code=0x0 [ 164.749853][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.761071][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.137111][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.448416][ T6186] loop2: detected capacity change from 0 to 512 [ 165.491029][ T6186] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 165.499629][ T6186] System zones: 1-12 [ 165.506266][ T6186] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.73: corrupted in-inode xattr: e_value size too large [ 165.524243][ T6186] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.73: couldn't read orphan inode 15 (err -117) [ 165.557394][ T6186] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.742035][ T28] audit: type=1326 audit(1774123687.322:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6179 comm="syz.2.73" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f59a1d9c799 code=0x0 [ 166.748343][ T6192] loop0: detected capacity change from 0 to 512 [ 168.796686][ T6192] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 168.806511][ T6192] System zones: 1-12 [ 168.822688][ T6192] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.77: corrupted in-inode xattr: e_value size too large [ 168.839047][ T6192] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.77: couldn't read orphan inode 15 (err -117) [ 168.861911][ T6192] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.044001][ T28] audit: type=1326 audit(1774123690.612:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6189 comm="syz.0.77" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f62a2f9c799 code=0x0 [ 169.222622][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.662111][ T6203] syz.2.78 uses obsolete (PF_INET,SOCK_PACKET) [ 170.744614][ T6203] netlink: 20 bytes leftover after parsing attributes in process `syz.2.78'. [ 170.856145][ T6203] vlan2: entered promiscuous mode [ 170.882591][ T6203] team0: entered promiscuous mode [ 170.903022][ T6203] team_slave_0: entered promiscuous mode [ 170.924069][ T6203] team_slave_1: entered promiscuous mode [ 171.326618][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.008123][ T6209] loop0: detected capacity change from 0 to 512 [ 172.161170][ T6209] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.206160][ T6215] loop2: detected capacity change from 0 to 512 [ 172.300838][ T6215] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 172.309575][ T6215] System zones: 1-12 [ 172.318571][ T6215] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.85: corrupted in-inode xattr: e_value size too large [ 172.338042][ T6215] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.85: couldn't read orphan inode 15 (err -117) [ 172.360004][ T6215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 174.280846][ T6209] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.480905][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.745549][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.054921][ T6225] loop3: detected capacity change from 0 to 512 [ 176.242182][ T6226] loop0: detected capacity change from 0 to 512 [ 179.155937][ T6226] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 179.156269][ T6226] EXT4-fs: failed to create workqueue [ 179.172236][ T6226] EXT4-fs (loop0): mount failed [ 179.191249][ T6225] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 179.199478][ T6225] System zones: 1-12 [ 179.203945][ T6225] EXT4-fs: error -4 creating inode table initialization thread [ 179.211949][ T6225] EXT4-fs (loop3): mount failed [ 179.950184][ T6236] loop1: detected capacity change from 0 to 512 [ 181.133266][ T6236] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 181.141897][ T6236] System zones: 1-12 [ 181.160920][ T6236] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.89: corrupted in-inode xattr: e_value size too large [ 181.182393][ T6236] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.89: couldn't read orphan inode 15 (err -117) [ 181.209893][ T6236] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 183.869966][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.951750][ T6251] loop2: detected capacity change from 0 to 512 [ 184.000700][ T6251] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.059045][ T6251] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 184.664186][ T28] audit: type=1800 audit(1774123706.112:19): pid=6266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.93" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 185.331213][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.430960][ T6274] loop1: detected capacity change from 0 to 512 [ 185.458472][ T6274] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 185.467154][ T6274] System zones: 1-12 [ 185.474433][ T6274] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.97: corrupted in-inode xattr: e_value size too large [ 185.491247][ T6274] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.97: couldn't read orphan inode 15 (err -117) [ 185.516878][ T6274] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.145883][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.331695][ T6287] loop2: detected capacity change from 0 to 512 [ 188.494299][ T6287] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 188.502999][ T6287] System zones: 1-12 [ 188.511886][ T6287] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.100: corrupted in-inode xattr: e_value size too large [ 188.546316][ T6287] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.100: couldn't read orphan inode 15 (err -117) [ 188.598305][ T6287] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.964236][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.332011][ T6307] loop1: detected capacity change from 0 to 512 [ 191.452209][ T6307] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 191.461642][ T6307] System zones: 1-12 [ 191.494044][ T6307] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.105: corrupted in-inode xattr: e_value size too large [ 191.525998][ T6307] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.105: couldn't read orphan inode 15 (err -117) [ 191.602081][ T6307] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 193.010027][ T6317] loop3: detected capacity change from 0 to 512 [ 193.712504][ T6317] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 193.721751][ T6317] System zones: 1-12 [ 193.728767][ T6317] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.108: corrupted in-inode xattr: e_value size too large [ 193.746466][ T6317] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.108: couldn't read orphan inode 15 (err -117) [ 193.771079][ T6317] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 193.984025][ T28] audit: type=1326 audit(1774123715.542:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.3.108" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67639c799 code=0x0 [ 195.395487][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.401851][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.614659][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.880423][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.172998][ T6331] loop1: detected capacity change from 0 to 512 [ 197.264713][ T6331] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 197.274297][ T6331] System zones: 1-12 [ 197.289484][ T6331] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.109: corrupted in-inode xattr: e_value size too large [ 197.307117][ T6331] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.109: couldn't read orphan inode 15 (err -117) [ 197.326863][ T6331] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.480772][ T6340] loop3: detected capacity change from 0 to 512 [ 198.493636][ T6340] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.507752][ T6340] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 200.299899][ T6346] loop0: detected capacity change from 0 to 512 [ 200.729078][ T6344] overlayfs: failed to resolve './file0': -2 [ 201.137861][ T6346] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 201.146533][ T6346] System zones: 1-12 [ 201.153684][ T6346] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.114: corrupted in-inode xattr: e_value size too large [ 201.174576][ T6346] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.114: couldn't read orphan inode 15 (err -117) [ 201.205538][ T6346] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.413824][ T28] audit: type=1326 audit(1774123722.962:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6341 comm="syz.0.114" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f62a2f9c799 code=0x0 [ 203.850218][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.890309][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.136863][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.331199][ T6357] loop3: detected capacity change from 0 to 512 [ 204.410174][ T6357] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 204.419989][ T6357] System zones: 1-12 [ 204.530671][ T6357] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.117: corrupted in-inode xattr: e_value size too large [ 204.551757][ T6357] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.117: couldn't read orphan inode 15 (err -117) [ 204.573799][ T6357] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.744043][ T28] audit: type=1326 audit(1774123726.242:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6352 comm="syz.3.117" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67639c799 code=0x0 [ 205.391886][ T6364] netlink: 20 bytes leftover after parsing attributes in process `syz.0.118'. [ 205.445862][ T6364] vlan2: entered promiscuous mode [ 205.467925][ T6364] team0: entered promiscuous mode [ 205.478408][ T6364] team_slave_0: entered promiscuous mode [ 205.740263][ T6370] loop1: detected capacity change from 0 to 512 [ 206.399297][ T6364] team_slave_1: entered promiscuous mode [ 206.702767][ T6370] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002] [ 206.711384][ T6370] System zones: 1-12 [ 206.826316][ T6370] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.120: corrupted in-inode xattr: e_value size too large [ 206.844212][ T6370] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.120: couldn't read orphan inode 15 (err -117) [ 206.873179][ T6370] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.032912][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.754172][ T6382] syzkaller0: entered promiscuous mode [ 207.778329][ T6382] syzkaller0: entered allmulticast mode [ 208.076149][ T28] audit: type=1326 audit(1774123729.652:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6384 comm="syz.2.125" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f59a1d9c799 code=0x0 [ 208.641072][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.801790][ T6431] process 'syz.1.143' launched './file0' with NULL argv: empty string added [ 209.862527][ T28] audit: type=1326 audit(1774123731.442:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6433 comm="syz.3.144" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa67639c799 code=0x0 [ 210.230449][ T6444] ptrace attach of "./syz-executor exec"[6445] was attempted by "./syz-executor exec"[6444] [ 210.921753][ T6474] input: syz0 as /devices/virtual/input/input5 [ 211.012241][ T6475] kvm: emulating exchange as write [ 211.710518][ T6488] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000 [ 212.014118][ T5784] Bluetooth: hci2: command 0x0406 tx timeout [ 212.024235][ T5776] Bluetooth: hci0: command 0x0406 tx timeout [ 212.025396][ T5784] Bluetooth: hci3: command 0x0406 tx timeout [ 212.030522][ T5776] Bluetooth: hci1: command 0x0406 tx timeout [ 212.431318][ T2178] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 212.664414][ T2178] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 212.690325][ T2178] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 212.710180][ T2178] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 212.741374][ T2178] usb 2-1: config 220 has no interface number 2 [ 212.751575][ T2178] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 212.786534][ T2178] usb 2-1: config 220 interface 0 has no altsetting 0 [ 212.793362][ T2178] usb 2-1: config 220 interface 76 has no altsetting 0 [ 212.800452][ T5816] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 212.825944][ T2178] usb 2-1: config 220 interface 1 has no altsetting 0 [ 212.841929][ T2178] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 212.861148][ T2178] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.879248][ T2178] usb 2-1: Product: syz [ 212.893909][ T2178] usb 2-1: Manufacturer: syz [ 212.898561][ T2178] usb 2-1: SerialNumber: syz [ 213.017235][ T5816] usb 1-1: unable to get BOS descriptor or descriptor too short [ 213.038300][ T5816] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 213.060429][ T5816] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 213.087866][ T5816] usb 1-1: New USB device found, idVendor=0582, idProduct=000c, bcdDevice= 0.40 [ 213.113842][ T5816] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.132635][ T5816] usb 1-1: Product: syz [ 213.141878][ T5816] usb 1-1: Manufacturer: syz [ 213.163971][ T5816] usb 1-1: SerialNumber: syz [ 213.211479][ T2178] usb 2-1: selecting invalid altsetting 0 [ 213.226931][ T2178] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 213.233530][ T2178] usb 2-1: No valid video chain found. [ 213.252653][ T2178] usb 2-1: selecting invalid altsetting 0 [ 213.277912][ T2178] usbtest: probe of 2-1:220.1 failed with error -22 [ 213.308509][ T2178] usb 2-1: USB disconnect, device number 2 [ 213.439220][ T5816] usb 1-1: 1:1 : sample bitwidth 145 in over sample bytes 3 [ 213.450123][ T5816] usb 1-1: parse_audio_format_rates_v2v3(): unable to find clock source (clock -22) [ 213.474088][ T5816] usb 1-1: failed to enable PITCH for EP 0x1 [ 213.493904][ T5816] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 213.510164][ T5816] snd-usb-audio: probe of 1-1:1.0 failed with error -2 [ 213.533458][ T5816] usb 1-1: 1:1 : bogus bTerminalLink 5 [ 213.544242][ T5816] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 213.566501][ T5816] snd-usb-audio: probe of 1-1:1.1 failed with error -2 [ 213.584485][ T5816] usb 1-1: 1:1 : bogus bTerminalLink 5 [ 213.590417][ T5816] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 213.654430][ T5816] snd-usb-audio: probe of 1-1:1.2 failed with error -2 [ 213.677389][ T5816] usb 1-1: USB disconnect, device number 2 [ 213.734430][ T5786] udevd[5786]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 214.371331][ T5771] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 214.436466][ T6561] syzkaller0: entered promiscuous mode [ 214.442145][ T6561] syzkaller0: entered allmulticast mode [ 214.464299][ T5848] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 214.585902][ T5771] usb 2-1: Using ep0 maxpacket: 16 [ 214.607400][ T5771] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 214.644362][ T5771] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.679932][ T5771] usb 2-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 16 [ 214.693365][ T5848] usb 4-1: Using ep0 maxpacket: 8 [ 214.719915][ T5771] usb 2-1: config 0 interface 0 has no altsetting 0 [ 214.728617][ T5848] usb 4-1: unable to get BOS descriptor or descriptor too short [ 214.742734][ T5771] usb 2-1: New USB device found, idVendor=046d, idProduct=c29b, bcdDevice= 0.00 [ 214.753414][ T5848] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 1 [ 214.767238][ T5848] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 214.777182][ T5771] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.789289][ T5848] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 65535, setting to 1024 [ 214.802236][ T5848] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024 [ 214.812926][ T5848] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 214.834796][ T5771] usb 2-1: config 0 descriptor?? [ 214.846712][ T5848] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 214.879717][ T5848] usb 4-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 214.914714][ T5848] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.961676][ T5848] usb 4-1: Product: syz [ 214.973164][ T5848] usb 4-1: Manufacturer: syz [ 214.983836][ T5848] usb 4-1: SerialNumber: syz [ 215.001624][ T5848] usb 4-1: config 0 descriptor?? [ 215.011030][ T6554] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 215.084243][ T6554] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 215.268342][ T5848] usb 4-1: Quirk or no altest; falling back to MIDI 1.0 [ 215.557474][ T5848] usb 4-1: USB disconnect, device number 2 [ 215.574393][ T5775] udevd[5775]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 215.637977][ T5771] usbhid 2-1:0.0: can't add hid device: -71 [ 215.652969][ T5771] usbhid: probe of 2-1:0.0 failed with error -71 [ 215.715421][ T5771] usb 2-1: USB disconnect, device number 3 [ 215.832923][ T6580] devpts: called with bogus options [ 216.644040][ T5816] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 216.843987][ T5816] usb 1-1: Using ep0 maxpacket: 16 [ 216.851228][ T5816] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.862360][ T5816] usb 1-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 25 [ 216.875321][ T5816] usb 1-1: config 0 interface 0 has no altsetting 0 [ 216.881962][ T5816] usb 1-1: New USB device found, idVendor=04b3, idProduct=3100, bcdDevice= 0.00 [ 216.896141][ T5816] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.906782][ T5816] usb 1-1: config 0 descriptor?? [ 217.335812][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.343991][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.351092][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.358817][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.366217][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.373383][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.393684][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.401859][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.409325][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.417348][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.424805][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.431821][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.463658][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.480609][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.489731][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.498156][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.509255][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.516405][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.526912][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.537242][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.545303][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.552399][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.559463][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.567557][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.574633][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.582778][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.590706][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.600298][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.607599][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.615817][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.622831][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.629905][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.637018][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.644266][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.653055][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.660143][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.667173][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.674578][ T5816] lenovo 0003:04B3:3100.0001: unknown main item tag 0x0 [ 217.694235][ T5816] lenovo 0003:04B3:3100.0001: hidraw0: USB HID v0.08 Device [HID 04b3:3100] on usb-dummy_hcd.0-1/input0 [ 217.733880][ T5816] usb 1-1: USB disconnect, device number 3 [ 217.853330][ T6612] fido_id[6612]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 218.033951][ T5848] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 218.214058][ T5848] usb 2-1: Using ep0 maxpacket: 16 [ 218.225960][ T5848] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 218.241163][ T5848] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 218.256929][ T5848] usb 2-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 218.268326][ T5848] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.282580][ T5848] usb 2-1: config 0 descriptor?? [ 218.709478][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.720132][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.729056][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.744385][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.751512][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.783984][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.801456][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.814041][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.821158][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.858944][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.868436][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.877573][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.885358][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.892587][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.902270][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.914977][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.922247][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.930688][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.938284][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.954747][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 218.983399][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.014405][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.021523][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.043903][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.051016][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.074010][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.082647][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.134084][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.141267][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.151669][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.159535][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.170874][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.178067][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.193021][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.200414][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.212632][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.220064][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.230494][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.237794][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.244978][ T5848] uclogic 0003:5543:0064.0002: unknown main item tag 0x0 [ 219.253215][ T5848] uclogic 0003:5543:0064.0002: No inputs registered, leaving [ 219.268389][ T5848] uclogic 0003:5543:0064.0002: hidraw0: USB HID v0.00 Device [HID 5543:0064] on usb-dummy_hcd.1-1/input0 [ 219.307682][ T5848] usb 2-1: USB disconnect, device number 4 [ 219.401791][ T6641] fido_id[6641]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 219.803879][ T2178] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 220.014425][ T2178] usb 1-1: Using ep0 maxpacket: 16 [ 220.043053][ T2178] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 220.055387][ T2178] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 220.096318][ T2178] usb 1-1: config 0 has no interface number 0 [ 220.102495][ T2178] usb 1-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 220.151621][ T2178] usb 1-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d [ 220.166677][ T2178] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.192702][ T2178] usb 1-1: Product: syz [ 220.197365][ T2178] usb 1-1: Manufacturer: syz [ 220.202792][ T2178] usb 1-1: SerialNumber: syz [ 220.213165][ T2178] usb 1-1: config 0 descriptor?? [ 220.248268][ T2178] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 220.284043][ T2178] snd-usb-audio: probe of 1-1:0.1 failed with error -2 [ 220.344996][ T6576] udevd[6576]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 220.511739][ T5771] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 220.696667][ T5848] usb 1-1: USB disconnect, device number 4 [ 220.723839][ T5771] usb 4-1: Using ep0 maxpacket: 32 [ 220.756541][ T5771] usb 4-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 17, changing to 8 [ 220.774522][ T5771] usb 4-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 220.794797][ T5771] usb 4-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 220.834633][ T5771] usb 4-1: config 0 interface 0 has no altsetting 0 [ 220.841346][ T5771] usb 4-1: New USB device found, idVendor=17ef, idProduct=60a4, bcdDevice= 0.00 [ 220.873846][ T5771] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.896434][ T5771] usb 4-1: config 0 descriptor?? [ 221.332925][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.358080][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.383874][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.390907][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.424528][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.431575][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.467427][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.484965][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.491997][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.501364][ T6691] input: syz1 as /devices/virtual/input/input6 [ 221.523028][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.550563][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.569819][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.588579][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.598213][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.606245][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.613264][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.625974][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.633035][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.642474][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.650123][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.659379][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.692764][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.703540][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.712397][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.723079][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.732337][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.746317][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.753376][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.773072][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.796840][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.809335][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.816673][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.823701][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.835509][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.842537][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.859751][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.870064][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.891372][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.902206][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.919331][ T5771] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0 [ 221.971588][ T5771] lenovo 0003:17EF:60A4.0003: hidraw0: USB HID v0.00 Device [HID 17ef:60a4] on usb-dummy_hcd.3-1/input0 [ 222.040629][ T5771] usb 4-1: USB disconnect, device number 3 [ 222.199392][ T6698] fido_id[6698]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 222.556377][ T6713] overlayfs: workdir and upperdir must be separate subtrees [ 222.976598][ T6727] netlink: 36 bytes leftover after parsing attributes in process `syz.3.257'. [ 223.166643][ T6735] netlink: 364 bytes leftover after parsing attributes in process `syz.0.258'. [ 223.245029][ T6730] syz.0.258 (6730) used greatest stack depth: 16968 bytes left [ 223.310267][ T2131] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 223.368916][ T6742] 9p: Unknown uid 00000000004294967295 [ 223.523618][ T2131] usb 4-1: Using ep0 maxpacket: 16 [ 223.532264][ T2131] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 223.554179][ T2131] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 223.567686][ T2178] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 223.579296][ T2131] usb 4-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00 [ 223.589324][ T2131] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.606299][ T2131] usb 4-1: config 0 descriptor?? [ 223.780057][ T2178] usb 2-1: Using ep0 maxpacket: 16 [ 223.787898][ T2178] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 223.796125][ T2178] usb 2-1: config 0 has no interface number 0 [ 223.802491][ T2178] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 223.813528][ T2178] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 223.823834][ T2178] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 223.832986][ T2178] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.848880][ T2178] usb 2-1: config 0 descriptor?? [ 224.067835][ T2131] elecom 0003:056E:010C.0004: unbalanced collection at end of report description [ 224.080386][ T2131] elecom: probe of 0003:056E:010C.0004 failed with error -22 [ 224.303870][ T5771] usb 4-1: USB disconnect, device number 4 [ 224.534239][ T2178] uclogic 0003:28BD:0071.0005: pen parameters not found [ 224.542142][ T2178] uclogic 0003:28BD:0071.0005: interface is invalid, ignoring [ 224.555072][ T2178] usb 2-1: USB disconnect, device number 5 [ 225.189691][ T6778] syzkaller1: entered promiscuous mode [ 225.202806][ T6778] syzkaller1: entered allmulticast mode [ 225.474288][ T2178] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 225.688468][ T2178] usb 1-1: Using ep0 maxpacket: 16 [ 225.696648][ T2178] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 225.717573][ T2178] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 225.735243][ T2178] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 225.746953][ T5848] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 225.753348][ T2178] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 225.765100][ T2178] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.777016][ T2178] usb 1-1: config 0 descriptor?? [ 225.963021][ T5848] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 225.973530][ T5848] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 225.985437][ T5848] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 225.995320][ T5848] usb 2-1: New USB device found, idVendor=056a, idProduct=0010, bcdDevice= 0.00 [ 226.004734][ T5848] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.021276][ T5848] usb 2-1: config 0 descriptor?? [ 226.205895][ T5771] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 226.253776][ T2178] microsoft 0003:045E:07DA.0006: ignoring exceeding usage max [ 226.284044][ T2178] microsoft 0003:045E:07DA.0006: ignoring exceeding usage max [ 226.398339][ T5771] usb 4-1: Using ep0 maxpacket: 16 [ 226.420862][ T5771] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 226.432221][ T5771] usb 4-1: config 0 has no interfaces? [ 226.437833][ T5771] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 226.451396][ T5771] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.469220][ T2178] microsoft 0003:045E:07DA.0006: No inputs registered, leaving [ 226.478876][ T5771] usb 4-1: config 0 descriptor?? [ 226.519449][ T5848] wacom 0003:056A:0010.0007: ignoring exceeding usage max [ 226.522854][ T2178] microsoft 0003:045E:07DA.0006: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 226.547446][ T5848] wacom 0003:056A:0010.0007: Unknown device_type for 'HID 056a:0010'. Assuming pen. [ 226.562389][ T2178] microsoft 0003:045E:07DA.0006: no inputs found [ 226.568816][ T2178] microsoft 0003:045E:07DA.0006: could not initialize ff, continuing anyway [ 226.595217][ T5848] wacom 0003:056A:0010.0007: hidraw1: USB HID v0.00 Device [HID 056a:0010] on usb-dummy_hcd.1-1/input0 [ 226.639358][ T5848] input: Wacom Graphire Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0010.0007/input/input9 [ 226.798212][ T5848] usb 2-1: USB disconnect, device number 6 [ 226.861062][ T2178] usb 1-1: USB disconnect, device number 5 [ 227.430636][ T6816] tipc: Started in network mode [ 227.438968][ T6816] tipc: Node identity , cluster identity 4711 [ 227.445151][ T6816] tipc: Failed to set node id, please configure manually [ 227.484815][ T6816] tipc: Enabling of bearer rejected, failed to enable media [ 228.311405][ T6850] netlink: 'syz.2.305': attribute type 4 has an invalid length. [ 228.404094][ T6853] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 229.101911][ T5771] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 229.330224][ T5771] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 229.369750][ T5771] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 229.378998][ T5771] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 229.395076][ T5771] usb 2-1: Product: syz [ 229.399380][ T5771] usb 2-1: Manufacturer: syz [ 229.405421][ T5771] usb 2-1: SerialNumber: syz [ 229.664301][ T5771] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 230.039640][ T6885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 230.065739][ T2178] usb 2-1: USB disconnect, device number 7 [ 230.079510][ T6885] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 230.112788][ T2178] usblp0: removed [ 230.159965][ T6888] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 230.743419][ T6897] wireguard: wg2: Could not create IPv4 socket [ 230.779877][ T2178] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 230.984939][ T2178] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30 [ 231.015275][ T2178] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.025680][ T2178] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196 [ 231.039436][ T2178] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 231.054233][ T2178] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.072066][ T2178] usb 2-1: config 0 descriptor?? [ 231.536486][ T2178] holtek_kbd 0003:04D9:A055.0008: item fetching failed at offset 5/7 [ 231.549228][ T2178] holtek_kbd: probe of 0003:04D9:A055.0008 failed with error -22 [ 231.691322][ T6922] 9pnet: p9_errstr2errno: server reported unknown error 0x00000 [ 231.780960][ T2178] usb 2-1: USB disconnect, device number 8 [ 231.888931][ T6929] syzkaller1: entered promiscuous mode [ 231.894889][ T6929] syzkaller1: entered allmulticast mode [ 232.382424][ T23] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 232.617550][ T23] usb 1-1: Using ep0 maxpacket: 32 [ 232.651757][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.683691][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 232.703413][ T23] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 232.726514][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.758800][ T23] usb 1-1: config 0 descriptor?? [ 232.929606][ T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 232.972016][ T9] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 233.241320][ T23] savu 0003:1E7D:2D5A.000A: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 233.510297][ T23] usb 1-1: USB disconnect, device number 6 [ 234.235874][ T6973] fuse: Bad value for 'fd' [ 234.607643][ T6979] overlayfs: failed to clone upperpath [ 235.224981][ T5780] Bluetooth: hci1: command 0x0406 tx timeout [ 235.231280][ T6948] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 236.074195][ T6948] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 236.088464][ T6948] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 236.096273][ T6948] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 236.105315][ T6948] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 236.111452][ T6948] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 236.121588][ T6948] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 236.127955][ T6948] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 236.289064][ T23] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 236.317924][ T23] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 237.084672][ T7012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 237.106055][ T7012] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 237.358508][ T7015] overlayfs: failed to clone upperpath [ 237.487568][ T5780] Bluetooth: hci1: command 0x0406 tx timeout [ 238.036539][ T23] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 238.152487][ T5816] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 238.279334][ T23] usb 2-1: unable to get BOS descriptor or descriptor too short [ 238.304066][ T23] usb 2-1: not running at top speed; connect to a high speed hub [ 238.318315][ T5780] Bluetooth: hci2: command 0x0406 tx timeout [ 238.320142][ T5785] Bluetooth: hci3: command 0x0406 tx timeout [ 238.324586][ T5780] Bluetooth: hci0: command 0x0406 tx timeout [ 238.343457][ T23] usb 2-1: config 3 has an invalid interface number: 155 but max is 0 [ 238.352413][ T23] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config [ 238.363182][ T23] usb 2-1: config 3 has no interface number 0 [ 238.369430][ T5816] usb 1-1: Using ep0 maxpacket: 32 [ 238.374921][ T23] usb 2-1: config 3 interface 155 altsetting 15 endpoint 0x4 has invalid maxpacket 512, setting to 64 [ 238.386598][ T23] usb 2-1: config 3 interface 155 altsetting 15 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 238.399374][ T23] usb 2-1: config 3 interface 155 altsetting 15 endpoint 0x87 has invalid wMaxPacketSize 0 [ 238.410052][ T5816] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 238.421971][ T5816] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 238.432023][ T23] usb 2-1: config 3 interface 155 altsetting 15 has 2 endpoint descriptors, different from the interface descriptor's value: 4 [ 238.445344][ T5816] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 238.454615][ T23] usb 2-1: config 3 interface 155 has no altsetting 0 [ 238.463748][ T5816] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.478117][ T23] usb 2-1: New USB device found, idVendor=05ac, idProduct=022b, bcdDevice=8e.39 [ 238.492394][ T23] usb 2-1: New USB device strings: Mfr=3, Product=2, SerialNumber=3 [ 238.501912][ T5816] usb 1-1: config 0 descriptor?? [ 238.510107][ T5816] hub 1-1:0.0: USB hub found [ 238.519311][ T23] usb 2-1: Product: syz [ 238.523555][ T23] usb 2-1: Manufacturer: syz [ 238.532648][ T23] usb 2-1: SerialNumber: syz [ 238.630453][ T7053] 9pnet_fd: Insufficient options for proto=fd [ 238.734367][ T7057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 238.745476][ T7057] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 238.753668][ T5816] hub 1-1:0.0: config failed, can't read hub descriptor (err -22) [ 238.794913][ T23] appletouch 2-1:3.155: Failed to read mode from device. [ 238.802353][ T23] appletouch: probe of 2-1:3.155 failed with error -5 [ 238.819121][ T23] usb 2-1: USB disconnect, device number 9 [ 238.990674][ T5816] hid-generic 0003:046D:C31C.000C: item fetching failed at offset 0/1 [ 239.000156][ T5816] hid-generic: probe of 0003:046D:C31C.000C failed with error -22 [ 239.328509][ T5816] usb 1-1: USB disconnect, device number 7 [ 239.556904][ T7065] tipc: Started in network mode [ 239.561924][ T7065] tipc: Node identity 5273ab5ba177, cluster identity 4711 [ 239.572072][ T7065] tipc: Enabled bearer , priority 0 [ 239.618265][ T7065] syzkaller0: entered promiscuous mode [ 239.624973][ T7065] syzkaller0: entered allmulticast mode [ 239.632124][ T7065] tipc: Resetting bearer [ 239.677361][ T7064] tipc: Resetting bearer [ 240.129735][ T5848] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 240.362635][ T5848] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 240.382749][ T5848] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.414404][ T5848] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 240.441062][ T7090] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 240.449560][ T5848] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 240.468601][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.501721][ T5848] usb 1-1: config 0 descriptor?? [ 240.519330][ T5785] Bluetooth: hci3: command 0x0406 tx timeout [ 240.526125][ T5081] Bluetooth: hci0: command 0x0406 tx timeout [ 240.532325][ T5081] Bluetooth: hci2: command 0x0406 tx timeout [ 240.997152][ T5848] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x4 [ 241.018503][ T5848] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 241.136903][ T5848] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 241.439869][ T2178] usb 1-1: USB disconnect, device number 8 [ 241.441669][ T7073] usb 1-1: string descriptor 0 read error: -19 [ 243.434334][ T7136] overlayfs: failed to resolve './cgroup': -2 [ 243.637162][ T7064] tipc: Disabling bearer [ 243.682250][ T5816] tipc: Node number set to 4077169499 [ 244.308030][ T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 244.510953][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 244.523521][ T9] usb 2-1: config 0 has an invalid interface number: 196 but max is 0 [ 244.542804][ T9] usb 2-1: config 0 has no interface number 0 [ 244.561303][ T9] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 244.582431][ T9] usb 2-1: config 0 interface 196 has no altsetting 0 [ 244.601125][ T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a [ 244.611865][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.629911][ T9] usb 2-1: Product: syz [ 244.635046][ T9] usb 2-1: Manufacturer: syz [ 244.640455][ T9] usb 2-1: SerialNumber: syz [ 244.652553][ T9] usb 2-1: config 0 descriptor?? [ 244.677019][ T7151] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 245.312470][ T23] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 245.543495][ T23] usb 1-1: Using ep0 maxpacket: 32 [ 245.553163][ T23] usb 1-1: config 0 has an invalid interface number: 188 but max is 0 [ 245.565876][ T23] usb 1-1: config 0 has no interface number 0 [ 245.572501][ T23] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 245.589510][ T23] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 245.598719][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.611618][ T23] usb 1-1: Product: syz [ 245.615856][ T23] usb 1-1: Manufacturer: syz [ 245.620491][ T23] usb 1-1: SerialNumber: syz [ 245.629689][ T23] usb 1-1: config 0 descriptor?? [ 245.646819][ T7165] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 245.898520][ T7165] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 245.930856][ T9] ipheth 2-1:0.196: ipheth_enable_ncm: usb_control_msg: -110 [ 246.011234][ T9] ipheth 2-1:0.196: Apple iPhone USB Ethernet device attached [ 246.234592][ T7185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 246.243881][ T7185] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 247.075848][ T5816] usb 2-1: USB disconnect, device number 10 [ 247.290299][ T5816] ipheth 2-1:0.196: Apple iPhone USB Ethernet now disconnected [ 248.318623][ T23] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71 [ 248.358603][ T23] asix: probe of 1-1:0.188 failed with error -71 [ 248.393557][ T23] usb 1-1: USB disconnect, device number 9 [ 249.362420][ T9] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 249.588285][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 249.610820][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 249.640917][ T9] usb 1-1: config 1 has no interface number 0 [ 249.661621][ T9] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 249.725742][ T9] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 249.768737][ T9] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 249.803232][ T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 249.829928][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.849178][ T9] usb 1-1: Product: syz [ 249.853438][ T9] usb 1-1: Manufacturer: syz [ 249.876364][ T9] usb 1-1: SerialNumber: syz [ 249.909776][ T7258] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 250.389250][ T7258] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 250.632283][ T9] cdc_ncm 1-1:1.1: failed GET_NTB_PARAMETERS [ 250.640866][ T9] cdc_ncm 1-1:1.1: bind() failure [ 250.700666][ T9] usb 1-1: USB disconnect, device number 10 [ 250.834135][ T7309] overlayfs: failed to resolve './cgroup': -2 [ 254.157992][ T7436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 254.168272][ T7436] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 254.214273][ T5848] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 254.406199][ T5848] usb 1-1: Using ep0 maxpacket: 8 [ 254.422519][ T5848] usb 1-1: unable to get BOS descriptor or descriptor too short [ 254.431951][ T5848] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 254.438635][ T5816] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 254.440241][ T5848] usb 1-1: can't read configurations, error -71 [ 254.652116][ T5816] usb 2-1: Using ep0 maxpacket: 32 [ 254.659139][ T5816] usb 2-1: config index 0 descriptor too short (expected 164, got 36) [ 254.667603][ T5816] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 254.678548][ T5816] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 254.688389][ T5816] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 254.697648][ T5816] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.712621][ T5816] usb 2-1: config 0 descriptor?? [ 254.913680][ T7444] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 254.928202][ T7444] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 254.950097][ T7444] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 254.965184][ T7444] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 255.196460][ T5816] logitech 0003:046D:C29C.000E: unknown main item tag 0x0 [ 255.218700][ T5816] logitech 0003:046D:C29C.000E: unknown main item tag 0x0 [ 255.225916][ T5816] logitech 0003:046D:C29C.000E: unknown main item tag 0x0 [ 255.261105][ T5816] logitech 0003:046D:C29C.000E: unknown main item tag 0x0 [ 255.282562][ T5816] logitech 0003:046D:C29C.000E: unknown main item tag 0x0 [ 255.304507][ T5816] logitech 0003:046D:C29C.000E: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.1-1/input0 [ 255.626372][ T5816] logitech 0003:046D:C29C.000E: no inputs found [ 255.689008][ T5816] usb 2-1: USB disconnect, device number 11 [ 256.383246][ T28] audit: type=1326 audit(1774123775.804:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7473 comm="syz.3.530" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa67639c799 code=0x0 [ 256.540551][ T7482] autofs4:pid:7482:autofs_fill_super: called with bogus options [ 256.942763][ T7499] loop1: detected capacity change from 0 to 764 [ 256.963247][ T7499] netlink: 220 bytes leftover after parsing attributes in process `syz.1.541'. [ 256.973252][ T7499] netlink: 8 bytes leftover after parsing attributes in process `syz.1.541'. [ 257.028527][ T7502] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 257.462023][ T7512] loop3: detected capacity change from 0 to 1024 [ 257.495321][ T7512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.526047][ T7512] EXT4-fs error (device loop3): ext4_empty_dir:3166: inode #11: block 623: comm syz.3.546: Attempting to read directory block (623) that is past i_size (638464) [ 257.594873][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.662448][ T7517] loop3: detected capacity change from 0 to 512 [ 257.713821][ T7517] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 257.726816][ T7517] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.792488][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.300286][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 258.313642][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.277880][ T7562] loop1: detected capacity change from 0 to 512 [ 259.362920][ T7562] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.433512][ T7562] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.650485][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.951618][ T7581] loop0: detected capacity change from 0 to 1024 [ 259.960808][ T7581] EXT4-fs: Ignoring removed mblk_io_submit option [ 260.010145][ T7581] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 260.199569][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.398564][ T7593] loop0: detected capacity change from 0 to 512 [ 260.420433][ T7593] EXT4-fs (loop0): 1 truncate cleaned up [ 260.430758][ T7593] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 260.457203][ T7593] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.0.580: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 260.555160][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.772438][ T7603] loop0: detected capacity change from 0 to 256 [ 260.786249][ T7605] netlink: 'syz.1.585': attribute type 21 has an invalid length. [ 260.807234][ T7605] netlink: 156 bytes leftover after parsing attributes in process `syz.1.585'. [ 260.822592][ T7603] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 260.946942][ T7603] FAT-fs (loop0): Directory bread(block 64) failed [ 260.953563][ T7603] FAT-fs (loop0): Directory bread(block 65) failed [ 260.974280][ T7603] FAT-fs (loop0): Directory bread(block 66) failed [ 260.985042][ T7603] FAT-fs (loop0): Directory bread(block 67) failed [ 261.018622][ T7603] FAT-fs (loop0): Directory bread(block 68) failed [ 261.053167][ T7603] FAT-fs (loop0): Directory bread(block 69) failed [ 261.059884][ T7603] FAT-fs (loop0): Directory bread(block 70) failed [ 261.076951][ T7603] FAT-fs (loop0): Directory bread(block 71) failed [ 261.083673][ T7603] FAT-fs (loop0): Directory bread(block 72) failed [ 261.103283][ T7603] FAT-fs (loop0): Directory bread(block 73) failed [ 261.267960][ T28] audit: type=1800 audit(1774123780.371:26): pid=7603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.584" name="file1" dev="loop0" ino=1048592 res=0 errno=0 [ 261.295864][ T7617] loop1: detected capacity change from 0 to 1024 [ 261.337721][ T7617] EXT4-fs: Ignoring removed nomblk_io_submit option [ 261.382829][ T7620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.593'. [ 261.413725][ T7617] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.669812][ T7631] netlink: 8 bytes leftover after parsing attributes in process `syz.0.595'. [ 261.690291][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.566741][ T7654] loop3: detected capacity change from 0 to 512 [ 262.583954][ T7654] EXT4-fs: Ignoring removed nomblk_io_submit option [ 262.631203][ T7654] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #15: comm syz.3.607: corrupted inode contents [ 262.662037][ T7654] EXT4-fs (loop3): Remounting filesystem read-only [ 262.669975][ T7654] EXT4-fs (loop3): 1 orphan inode deleted [ 262.677103][ T7654] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 262.726706][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.881436][ T7663] IPVS: sync thread started: state = MASTER, mcast_ifn = vcan0, syncid = 0, id = 0 [ 263.057870][ T7667] loop0: detected capacity change from 0 to 1024 [ 263.066292][ T7667] EXT4-fs: Ignoring removed nomblk_io_submit option [ 263.197970][ T7667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 264.244986][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.729080][ T7734] netlink: 'syz.2.635': attribute type 11 has an invalid length. [ 265.738206][ T7734] netlink: 44 bytes leftover after parsing attributes in process `syz.2.635'. [ 266.034626][ T7751] loop1: detected capacity change from 0 to 1024 [ 266.124297][ T7751] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 266.195641][ T7751] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 266.313933][ T7751] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: comm syz.1.647: lblock 0 mapped to illegal pblock 0 (length 1) [ 266.467197][ T7751] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: comm syz.1.647: lblock 0 mapped to illegal pblock 0 (length 1) [ 266.518955][ T7751] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 266.535096][ T7751] EXT4-fs (loop1): This should not happen!! Data will be lost [ 266.535096][ T7751] [ 266.664938][ T11] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm kworker/u4:0: bg 0: block 112: padding at end of block bitmap is not set [ 266.730644][ T11] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 117 [ 266.812825][ T11] EXT4-fs (loop1): This should not happen!! Data will be lost [ 266.812825][ T11] [ 266.836020][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 267.274557][ T7779] IPv6: NLM_F_REPLACE set, but no existing node found! [ 267.417044][ T7786] loop1: detected capacity change from 0 to 512 [ 267.444101][ T7786] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 267.465337][ T7786] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 267.505859][ T7786] EXT4-fs (loop1): 1 orphan inode deleted [ 267.518333][ T7786] EXT4-fs (loop1): 1 truncate cleaned up [ 267.538104][ T7786] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.659748][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.829499][ T7800] netlink: 12 bytes leftover after parsing attributes in process `syz.1.666'. [ 267.944621][ T7804] netlink: 180 bytes leftover after parsing attributes in process `syz.1.669'. [ 268.284595][ T7813] loop0: detected capacity change from 0 to 512 [ 268.316542][ T7813] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 268.388301][ T7813] EXT4-fs (loop0): 1 truncate cleaned up [ 268.438521][ T7813] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 268.610637][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.814113][ T7833] netlink: 48 bytes leftover after parsing attributes in process `syz.3.683'. [ 268.843186][ T7833] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 268.850511][ T7833] IPv6: NLM_F_CREATE should be set when creating new route [ 268.857940][ T7833] IPv6: NLM_F_CREATE should be set when creating new route [ 269.024550][ T7839] loop1: detected capacity change from 0 to 512 [ 269.070475][ T7839] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 269.137585][ T7839] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 269.188071][ T7839] ext4 filesystem being mounted at /149/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 269.487418][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.113694][ T7877] loop0: detected capacity change from 0 to 512 [ 270.169843][ T7877] FAT-fs (loop0): IO charset utfѾh$#ww9C= Y撳t EŒ&y3_@rRhB&5dxpO߁up@HX[曖[7VG1 y{vX)P1u&-@=6 not found [ 272.360608][ T7924] loop0: detected capacity change from 0 to 128 [ 272.480761][ T7929] syz.0.722: attempt to access beyond end of device [ 272.480761][ T7929] loop0: rw=2049, sector=145, nr_sectors = 408 limit=128 [ 272.577081][ T7933] capability: warning: `syz.1.726' uses 32-bit capabilities (legacy support in use) [ 272.602848][ T7933] program syz.1.726 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 272.642982][ T56] kworker/u4:4: attempt to access beyond end of device [ 272.642982][ T56] loop0: rw=1, sector=553, nr_sectors = 488 limit=128 [ 272.846514][ T28] audit: type=1326 audit(1774123791.207:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7940 comm="syz.0.728" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f62a2f9c799 code=0x0 [ 273.080814][ T9] IPVS: starting estimator thread 0... [ 273.198633][ T7947] IPVS: using max 19 ests per chain, 45600 per kthread [ 273.282223][ T7956] loop1: detected capacity change from 0 to 1024 [ 273.321938][ T7956] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.387435][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.544684][ T7966] netlink: 12 bytes leftover after parsing attributes in process `syz.1.737'. [ 273.770768][ T7970] vxcan1: MTU too low for tipc bearer [ 273.776244][ T7970] tipc: Enabling of bearer rejected, failed to enable media [ 274.431584][ T7994] loop0: detected capacity change from 0 to 512 [ 274.494243][ T7994] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 274.536309][ T7994] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 274.547373][ T7994] System zones: 1-12 [ 274.554852][ T7997] 9pnet_fd: Insufficient options for proto=fd [ 274.573147][ T7994] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.751: corrupted in-inode xattr: e_value size too large [ 274.593865][ T7994] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.751: couldn't read orphan inode 15 (err -117) [ 274.608842][ T7994] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.699088][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.846112][ T8023] loop0: detected capacity change from 0 to 256 [ 275.866387][ T8023] FAT-fs (loop0): Unrecognized mount option "utf8=2, priority 0 [ 305.063947][ T8583] syz.0.990: attempt to access beyond end of device [ 305.063947][ T8583] md185: rw=0, sector=2, nr_sectors = 2 limit=0 [ 305.111614][ T8583] EXT4-fs (loop0): couldn't read superblock of external journal [ 305.153422][ T8592] syzkaller0: entered promiscuous mode [ 305.159149][ T8592] syzkaller0: entered allmulticast mode [ 305.166545][ T8592] tipc: Resetting bearer [ 305.200248][ T8590] tipc: Resetting bearer [ 305.734632][ T8603] loop0: detected capacity change from 0 to 256 [ 305.784031][ T8603] FAT-fs (loop0): Directory bread(block 64) failed [ 305.798145][ T8603] FAT-fs (loop0): Directory bread(block 65) failed [ 305.812304][ T8603] FAT-fs (loop0): Directory bread(block 66) failed [ 305.829328][ T8603] FAT-fs (loop0): Directory bread(block 67) failed [ 305.851141][ T8603] FAT-fs (loop0): Directory bread(block 68) failed [ 305.868294][ T8603] FAT-fs (loop0): Directory bread(block 69) failed [ 305.886798][ T8603] FAT-fs (loop0): Directory bread(block 70) failed [ 305.906018][ T8603] FAT-fs (loop0): Directory bread(block 71) failed [ 305.921779][ T8603] FAT-fs (loop0): Directory bread(block 72) failed [ 305.932803][ T8603] FAT-fs (loop0): Directory bread(block 73) failed [ 306.346826][ T8607] loop0: detected capacity change from 0 to 256 [ 306.710234][ T8614] loop0: detected capacity change from 0 to 512 [ 306.748530][ T8614] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.783775][ T8614] ext4 filesystem being mounted at /198/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 306.849467][ T8614] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.1003: corrupted inode contents [ 306.879193][ T8614] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #2: comm syz.0.1003: mark_inode_dirty error [ 306.927802][ T8614] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.1003: corrupted inode contents [ 306.963914][ T8614] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.1003: mark_inode_dirty error [ 307.169703][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.304053][ T8637] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1011'. [ 307.549255][ T8643] loop0: detected capacity change from 0 to 1024 [ 307.632440][ T8643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 307.678081][ T8643] EXT4-fs error (device loop0): ext4_read_inline_dir:1583: inode #12: block 7: comm syz.0.1015: path /201/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=327694, rec_len=0, size=80 fake=0 [ 307.804115][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.058019][ T8658] loop0: detected capacity change from 0 to 512 [ 308.098224][ T8658] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.130638][ T8658] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 308.357742][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.531085][ T8663] Process accounting resumed [ 309.303679][ T8590] tipc: Disabling bearer [ 309.314415][ T5836] tipc: Node number set to 2384755727 [ 309.318685][ T8652] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1019'. [ 309.589748][ T8684] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1030'. [ 309.927086][ T8694] loop1: detected capacity change from 0 to 8192 [ 310.607494][ T8715] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1046'. [ 310.664588][ T8718] tipc: Enabled bearer , priority 0 [ 310.673074][ T8718] syzkaller0: entered promiscuous mode [ 310.678631][ T8718] syzkaller0: entered allmulticast mode [ 310.726787][ T8718] tipc: Resetting bearer [ 310.737373][ T8717] tipc: Resetting bearer [ 310.825811][ T8717] tipc: Disabling bearer [ 311.034473][ T8727] loop1: detected capacity change from 0 to 1024 [ 311.084553][ T8727] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.166146][ T8727] ================================================================== [ 311.174282][ T8727] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 311.182115][ T8727] Read of size 18446744073709551588 at addr ffff888079cb9040 by task syz.1.1051/8727 [ 311.191697][ T8727] [ 311.194081][ T8727] CPU: 1 PID: 8727 Comm: syz.1.1051 Not tainted syzkaller #0 [ 311.201501][ T8727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 311.211609][ T8727] Call Trace: [ 311.214945][ T8727] [ 311.217913][ T8727] dump_stack_lvl+0x18c/0x250 [ 311.222639][ T8727] ? read_lock_is_recursive+0x20/0x20 [ 311.228058][ T8727] ? show_regs_print_info+0x20/0x20 [ 311.233332][ T8727] ? load_image+0x400/0x400 [ 311.237888][ T8727] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 311.243395][ T8727] ? __virt_addr_valid+0x18c/0x540 [ 311.248701][ T8727] ? __virt_addr_valid+0x469/0x540 [ 311.253890][ T8727] print_report+0xa8/0x210 [ 311.258355][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 311.263858][ T8727] kasan_report+0x117/0x150 [ 311.268412][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 311.273937][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 311.279444][ T8727] kasan_check_range+0x241/0x290 [ 311.284447][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 311.289965][ T8727] __asan_memmove+0x29/0x70 [ 311.294534][ T8727] ext4_xattr_set_entry+0x94b/0x1e90 [ 311.299875][ T8727] ext4_xattr_block_set+0xae8/0x32b0 [ 311.305208][ T8727] ? ext4_destroy_inode+0x200/0x200 [ 311.310454][ T8727] ? proc_nr_inodes+0x230/0x230 [ 311.315341][ T8727] ? do_raw_spin_unlock+0x121/0x230 [ 311.320595][ T8727] ? _raw_spin_unlock+0x28/0x40 [ 311.325484][ T8727] ? ext4_xattr_block_find+0x350/0x350 [ 311.331007][ T8727] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 311.336432][ T8727] ext4_xattr_set_handle+0x1280/0x14c0 [ 311.341963][ T8727] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 311.347995][ T8727] ? __ext4_journal_start_sb+0x259/0x560 [ 311.353683][ T8727] ext4_xattr_set+0x252/0x340 [ 311.358414][ T8727] ? end_current_label_crit_section+0x170/0x170 [ 311.364877][ T8727] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 311.370474][ T8727] ? posix_xattr_acl+0x93/0xb0 [ 311.375275][ T8727] ? ext4_xattr_trusted_get+0x40/0x40 [ 311.380690][ T8727] __vfs_setxattr+0x431/0x470 [ 311.385419][ T8727] __vfs_setxattr_noperm+0x12d/0x5e0 [ 311.390757][ T8727] vfs_setxattr+0x16b/0x2f0 [ 311.395318][ T8727] ? xattr_permission+0x470/0x470 [ 311.400378][ T8727] ? __mnt_want_write+0x223/0x2a0 [ 311.405461][ T8727] ? path_setxattr+0x3a1/0x5d0 [ 311.410293][ T8727] path_setxattr+0x3f3/0x5d0 [ 311.414939][ T8727] ? simple_xattrs_free+0x150/0x150 [ 311.420202][ T8727] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 311.426259][ T8727] ? lock_chain_count+0x20/0x20 [ 311.431171][ T8727] __x64_sys_lsetxattr+0xb8/0xd0 [ 311.436166][ T8727] do_syscall_64+0x55/0xa0 [ 311.440630][ T8727] ? clear_bhb_loop+0x40/0x90 [ 311.445353][ T8727] ? clear_bhb_loop+0x40/0x90 [ 311.450090][ T8727] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 311.456028][ T8727] RIP: 0033:0x7f930c39c799 [ 311.460490][ T8727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 311.480149][ T8727] RSP: 002b:00007f930d200028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 311.488601][ T8727] RAX: ffffffffffffffda RBX: 00007f930c615fa0 RCX: 00007f930c39c799 [ 311.496611][ T8727] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0 [ 311.504630][ T8727] RBP: 00007f930c432c99 R08: 0000000000000000 R09: 0000000000000000 [ 311.512640][ T8727] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 311.520645][ T8727] R13: 00007f930c616038 R14: 00007f930c615fa0 R15: 00007ffcf52f2ab8 [ 311.528666][ T8727] [ 311.531719][ T8727] [ 311.534075][ T8727] Allocated by task 8727: [ 311.538422][ T8727] kasan_set_track+0x4e/0x70 [ 311.543050][ T8727] __kasan_kmalloc+0x8f/0xa0 [ 311.547681][ T8727] __kmalloc_node_track_caller+0xb2/0x230 [ 311.553448][ T8727] kmemdup+0x2b/0x70 [ 311.557387][ T8727] ext4_xattr_block_set+0x9ea/0x32b0 [ 311.562722][ T8727] ext4_xattr_set_handle+0x1280/0x14c0 [ 311.568236][ T8727] ext4_xattr_set+0x252/0x340 [ 311.572966][ T8727] __vfs_setxattr+0x431/0x470 [ 311.577714][ T8727] __vfs_setxattr_noperm+0x12d/0x5e0 [ 311.583038][ T8727] vfs_setxattr+0x16b/0x2f0 [ 311.587584][ T8727] path_setxattr+0x3f3/0x5d0 [ 311.592217][ T8727] __x64_sys_lsetxattr+0xb8/0xd0 [ 311.597205][ T8727] do_syscall_64+0x55/0xa0 [ 311.601670][ T8727] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 311.607613][ T8727] [ 311.609973][ T8727] Last potentially related work creation: [ 311.615731][ T8727] kasan_save_stack+0x3e/0x60 [ 311.620447][ T8727] __kasan_record_aux_stack+0xaf/0xc0 [ 311.625863][ T8727] kvfree_call_rcu+0xee/0x790 [ 311.630590][ T8727] neigh_periodic_work+0x3f7/0xd70 [ 311.635749][ T8727] process_scheduled_works+0xa5d/0x15d0 [ 311.641334][ T8727] worker_thread+0xa55/0xfc0 [ 311.645981][ T8727] kthread+0x2fa/0x390 [ 311.650095][ T8727] ret_from_fork+0x48/0x80 [ 311.654556][ T8727] ret_from_fork_asm+0x11/0x20 [ 311.659367][ T8727] [ 311.661722][ T8727] The buggy address belongs to the object at ffff888079cb9000 [ 311.661722][ T8727] which belongs to the cache kmalloc-1k of size 1024 [ 311.675811][ T8727] The buggy address is located 64 bytes inside of [ 311.675811][ T8727] 1024-byte region [ffff888079cb9000, ffff888079cb9400) [ 311.689117][ T8727] [ 311.691476][ T8727] The buggy address belongs to the physical page: [ 311.697923][ T8727] page:ffffea0001e72e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x79cb8 [ 311.708112][ T8727] head:ffffea0001e72e00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 311.717089][ T8727] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 311.725116][ T8727] page_type: 0xffffffff() [ 311.729488][ T8727] raw: 00fff00000000840 ffff888017c41dc0 dead000000000100 dead000000000122 [ 311.738146][ T8727] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 311.746755][ T8727] page dumped because: kasan: bad access detected [ 311.753215][ T8727] page_owner tracks the page as allocated [ 311.756429][ T8738] loop0: detected capacity change from 0 to 1024 [ 311.758942][ T8727] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8, tgid 8 (kworker/0:0), ts 89201013346, free_ts 89165580655 [ 311.758979][ T8727] post_alloc_hook+0x1c1/0x200 [ 311.759012][ T8727] get_page_from_freelist+0x1951/0x19e0 [ 311.759030][ T8727] __alloc_pages+0x1f0/0x460 [ 311.759046][ T8727] alloc_slab_page+0x5d/0x160 [ 311.759063][ T8727] new_slab+0x87/0x2d0 [ 311.759090][ T8727] ___slab_alloc+0xc5d/0x12f0 [ 311.759118][ T8727] __kmem_cache_alloc_node+0x19e/0x250 [ 311.759145][ T8727] __kmalloc+0xa4/0x230 [ 311.759170][ T8727] ___neigh_create+0x6d2/0x2440 [ 311.821341][ T8738] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 311.822647][ T8727] ip6_finish_output2+0x1581/0x1630 [ 311.822697][ T8727] NF_HOOK+0x167/0x4a0 [ 311.822724][ T8727] mld_sendpack+0x7f5/0xd50 [ 311.822750][ T8727] mld_ifc_work+0x835/0xb40 [ 311.822773][ T8727] process_scheduled_works+0xa5d/0x15d0 [ 311.822798][ T8727] worker_thread+0xa55/0xfc0 [ 311.822819][ T8727] kthread+0x2fa/0x390 [ 311.822837][ T8727] page last free stack trace: [ 311.822843][ T8727] free_unref_page_prepare+0x7b2/0x8c0 [ 311.822871][ T8727] free_unref_page+0x32/0x2e0 [ 311.822896][ T8727] __slab_free+0x35a/0x400 [ 311.822913][ T8727] qlist_free_all+0x75/0xd0 [ 311.822935][ T8727] kasan_quarantine_reduce+0x143/0x160 [ 311.822959][ T8727] __kasan_slab_alloc+0x22/0x80 [ 311.822976][ T8727] slab_post_alloc_hook+0x6e/0x4b0 [ 311.823003][ T8727] kmem_cache_alloc_node+0x14c/0x320 [ 311.823030][ T8727] __alloc_skb+0x103/0x2c0 [ 311.823058][ T8727] netlink_sendmsg+0x66a/0xbf0 [ 311.823085][ T8727] __sys_sendto+0x4a9/0x6b0 [ 311.823112][ T8727] __x64_sys_sendto+0xde/0xf0 [ 311.823140][ T8727] do_syscall_64+0x55/0xa0 [ 311.939440][ T8727] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 311.945380][ T8727] [ 311.947734][ T8727] Memory state around the buggy address: [ 311.953397][ T8727] ffff888079cb8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 311.961589][ T8727] ffff888079cb8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 311.969698][ T8727] >ffff888079cb9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 311.977790][ T8727] ^ [ 311.983975][ T8727] ffff888079cb9080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 311.992072][ T8727] ffff888079cb9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 312.000188][ T8727] ================================================================== [ 312.008371][ C1] vkms_vblank_simulate: vblank timer overrun [ 312.022782][ T8727] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 312.030146][ T8727] CPU: 1 PID: 8727 Comm: syz.1.1051 Not tainted syzkaller #0 [ 312.037557][ T8727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 312.047644][ T8727] Call Trace: [ 312.050949][ T8727] [ 312.053895][ T8727] dump_stack_lvl+0x18c/0x250 [ 312.058601][ T8727] ? show_regs_print_info+0x20/0x20 [ 312.063839][ T8727] ? load_image+0x400/0x400 [ 312.068373][ T8727] panic+0x2dc/0x730 [ 312.072297][ T8727] ? bpf_jit_dump+0xd0/0xd0 [ 312.076845][ T8727] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 312.082525][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 312.088024][ T8727] ? check_panic_on_warn+0x70/0xa0 [ 312.093167][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 312.098672][ T8727] check_panic_on_warn+0x84/0xa0 [ 312.103649][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 312.109141][ T8727] end_report+0x6f/0x130 [ 312.113406][ T8727] kasan_report+0x128/0x150 [ 312.117938][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 312.123420][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 312.128907][ T8727] kasan_check_range+0x241/0x290 [ 312.133873][ T8727] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 312.139444][ T8727] __asan_memmove+0x29/0x70 [ 312.144064][ T8727] ext4_xattr_set_entry+0x94b/0x1e90 [ 312.149392][ T8727] ext4_xattr_block_set+0xae8/0x32b0 [ 312.154726][ T8727] ? ext4_destroy_inode+0x200/0x200 [ 312.160036][ T8727] ? proc_nr_inodes+0x230/0x230 [ 312.164904][ T8727] ? do_raw_spin_unlock+0x121/0x230 [ 312.170149][ T8727] ? _raw_spin_unlock+0x28/0x40 [ 312.175037][ T8727] ? ext4_xattr_block_find+0x350/0x350 [ 312.180519][ T8727] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 312.185921][ T8727] ext4_xattr_set_handle+0x1280/0x14c0 [ 312.191502][ T8727] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 312.197514][ T8727] ? __ext4_journal_start_sb+0x259/0x560 [ 312.203179][ T8727] ext4_xattr_set+0x252/0x340 [ 312.207885][ T8727] ? end_current_label_crit_section+0x170/0x170 [ 312.214157][ T8727] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 312.219733][ T8727] ? posix_xattr_acl+0x93/0xb0 [ 312.224531][ T8727] ? ext4_xattr_trusted_get+0x40/0x40 [ 312.229946][ T8727] __vfs_setxattr+0x431/0x470 [ 312.234675][ T8727] __vfs_setxattr_noperm+0x12d/0x5e0 [ 312.240077][ T8727] vfs_setxattr+0x16b/0x2f0 [ 312.244623][ T8727] ? xattr_permission+0x470/0x470 [ 312.249673][ T8727] ? __mnt_want_write+0x223/0x2a0 [ 312.254734][ T8727] ? path_setxattr+0x3a1/0x5d0 [ 312.259525][ T8727] path_setxattr+0x3f3/0x5d0 [ 312.264140][ T8727] ? simple_xattrs_free+0x150/0x150 [ 312.269374][ T8727] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 312.275374][ T8727] ? lock_chain_count+0x20/0x20 [ 312.280257][ T8727] __x64_sys_lsetxattr+0xb8/0xd0 [ 312.285232][ T8727] do_syscall_64+0x55/0xa0 [ 312.289695][ T8727] ? clear_bhb_loop+0x40/0x90 [ 312.294400][ T8727] ? clear_bhb_loop+0x40/0x90 [ 312.299104][ T8727] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 312.305029][ T8727] RIP: 0033:0x7f930c39c799 [ 312.309460][ T8727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 312.329097][ T8727] RSP: 002b:00007f930d200028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 312.337532][ T8727] RAX: ffffffffffffffda RBX: 00007f930c615fa0 RCX: 00007f930c39c799 [ 312.345534][ T8727] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0 [ 312.353533][ T8727] RBP: 00007f930c432c99 R08: 0000000000000000 R09: 0000000000000000 [ 312.361621][ T8727] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 312.369622][ T8727] R13: 00007f930c616038 R14: 00007f930c615fa0 R15: 00007ffcf52f2ab8 [ 312.377628][ T8727] [ 312.381250][ T8727] Kernel Offset: disabled [ 312.385613][ T8727] Rebooting in 86400 seconds..