last executing test programs: 18m38.178193693s ago: executing program 32 (id=24): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @main=@item_4={0x3, 0x0, 0x9, "b2938f8d"}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @global=@item_4={0x3, 0x1, 0x5, "a90da1f6"}, @local=@item_4={0x3, 0x2, 0x0, "00000400"}]}}, 0x0}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 10m55.150553044s ago: executing program 33 (id=1399): r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4) sendmmsg(r0, &(0x7f0000000500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @mcast2, 0x4, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=[{0x28, 0x29, 0x2, "2e71961e4f3e556c0b71ac7ef24f48a2b1"}], 0x28}}], 0x1, 0x4000000) 9m42.807439823s ago: executing program 34 (id=1642): syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101041, 0x15) truncate(&(0x7f0000000940)='./file1\x00', 0x8da6) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) 7m17.390134575s ago: executing program 6 (id=2168): sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000000)=""/102, 0x365}, {&(0x7f0000000280)=""/76, 0x14c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/92, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x188}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 7m16.060098127s ago: executing program 6 (id=2172): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)={0x58, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r2}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x2404081c}, 0x24040840) 7m15.036799416s ago: executing program 6 (id=2176): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000480)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000440)="0900000000ffbabe0008000086dd", 0x5ea, 0x0, &(0x7f0000000000)={0x11, 0x4, r2, 0x1, 0x6, 0x6, @local}, 0x14) 7m14.308753504s ago: executing program 6 (id=2182): syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000840)='./file3\x00', 0x0, &(0x7f0000001040)=ANY=[], 0x1, 0xaf3, &(0x7f0000002400)="$eJzs3V2IXFcBAOBzd3c2u2lrJjWxaxrbpNW2/nTTbNb4EzQpCYKhKeJLofgS0rQGYwQrqKXQJE++2VJS8MkffOpLqSJYEAl98qVgA0XoUxX0oSFiwYcaTUayc87MnZOZnZnN7tz9+T44e+bcc+49587euXPn3nvuCcCGNbbwd35+pgjhwhsvH3n/gX9M35hysFWivvB3opSqhRCKmJ7IlvfeeDO+9sHzJ7rFRZhb+JvS4fErrXlvCyGcDbvCxVAPOy5ceumtuceOnTt6fvfbrx64vDJrDwAAG8s3Lh6Y3/7XP9+99epr9xwKm1rT0/F5PU2Yah73H4oH/un4fyx0potSKJvMyk3EMDbdWW68S7lyPbWs3ESP+iez+ms9ym0Ki9c/XprWbb1hLUvbcT0UY7MhhM2t9NjY7GzzN3lY+F0/WcyeOXX66Wcraiiw7P59bwhhVykcPt+ZXm3h4Cpow+ChVk43qm/P2gyHRlfX1UZT5es8otDYUvUeCKApv154k7P5mYVb01raxGD1X3l0rPv8sAxGvf0PVf9kxfUH9f/6nD0Oy2e9bk1pvdLn6PaYzq8j5PcvvfKHzvna8isdnVPz6xG1AdvZ6zrCWrm+0Kud4yNux1L1an++XaxXX4lxeh++2pF7b8fnJ/+frpX/MdDdh/n5f0EQVncIHenarSyrUfH+B1i98vvmGun6aJTf15fnb+qTP9Unf7pP/uY++bf1yYeN7Lc/+Gl4sWif78p/0w97PjydZ7sjxh8Zsj35+chh68/v+x3Wrdaf308Mq9nvjz9x8otPPXmpef9/0dr+r8ftPf3cqMfP1sVYIJ0vzM+rt+79r3fWM9aj3J1Ze+7oUn7h9bbOcsW29nJCaT9zUztmOufb0qvczs5y9azcdAxTWXvz45PN2Xzp+CPtV9P7NZGtby1bj8msHWm/sjXGeTtgKdL2mO7/b/cHaN7/n7bPmVArnj51+uQjMZ220z+N1zbdmL53xO0Glk+vz3/6/poJnf1/bm9Nr42V9wtb2tOL5n7h9bi8zulzrXpK00tfaul77tvj0wvlZ0987/RTK7DesJE9++PnvnP89OmT3/diyS++tjqaMcyL9LNltbRnBV+8EFd1tbRnmV7sWukqKtwpASOx54XmQcDDp757/JmTz5w8s2///n1zc/u/tG9+z8Jx/Z7y0X3Z2QpaCyyn9pd+1S0BAAAAAAAAAAAABvXDo0cuvfPmF95t9v9v9/9L/f/Tnb+p//9Psv7/eT/51A8+9QPc2iV/oUz2gNXJrFwtho9m7U2PAShit47t2Xwfi3FrHL/Y/z9Vlz/XNbXnrmx6rUcye5zATc9LmcyeQZKPF3hfjM/H+FcBKlRMd58c40Web118WNrW0/MpSl14G54PvHak/1v+/KLU/7vrc5269NdmbRlFj8Wq1xHo7p/r7fnfU4vl/6u94lW3U1gkTIy2vp9t3G2i0fMofdARbACWR9Xjf/49NOtN5z/P/PHrUzdCKnbl0c79Zf78UhjGX97pTK/28SdXuv583L5R11/1+o96/M/W+Hdx/5f2e733f9mIefWl1fufn19+t1Rt2DFo/fn6p+dAbxuu/qux/rQ2D4bB6m/8Mqs/vyA0oP9m9W8esP6b1n/n0ur/X6w/vW0P3T9o/c0WF2Od7ZjO1iNd/8vPGyfXsvVPz/ZcpP5vPtdt/Zc4UOP1WD9sZGtlnNlhZccRrYP2fuP/Dvv9f6vj/7Yam+3W8vswPh/TaUec7nPIxzsZtv3p/or0PbA9W37R5/vN+L9r25dj3O/zkMb/TdtjPX7ll9IL72VK17q8t+t1XwNr1Xvr7frfqgiXmz+Dljb/VPXtF5qh9I3Vu1xjfAnL3tR/uSMJjUZjZU9o9VFp5VT+/ld99bnq3yn3VVx/P/n4v/kxfD7+b56fj/+b5+fj/+b50/E/9H6P/Hz833x7zsf/zfPvypabjw880yf/413yi9DO39F9/tbP9rv7LH9nn/xP9Mnf3co/2FEi5d+z6Pztcr2Wf2ef/Pv75H8yhGuNRfI/1Wf+B/rkP1TKL48BnfI/nc1fZPnrXdr/9Hr/gPUr75/n8w8bR7r+0+vzv62dP1kuMtpWAivhldf2Hn7yN9+qN/v/T7bOh6TreIdiuhZ/G/0opvPr3qGUvpH3Zkz/Lcuv+nwT0JY/PyP//n+wTz6wdqX7vHy+YQMqprpPjnG/51b1Os5nbflMjD8b48/F+OEYz8Z4T4z3xnhuRO1jZRx+/XcHXizav/e3ZPmD3k+e9wfqeE5UCGHfgO3Jzw8Mez97/hy/Yd1q/UvsDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZsYW/8/MzRQgX3nj5yBPHTu25MeVgq0R94e9EKVVrzRfCIzEej/Ev4otrHzx/ohxfj3ER5kIRitb08PiVVk23hRDOhl3hYqiHHRcuvfTW3GPHzh09v/vtVw9cXrl3AAAAANa//wcAAP//yHMF9A==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x1c1) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x80086601, 0x0) 7m12.786352093s ago: executing program 6 (id=2189): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x45f, &(0x7f0000000ec0)="$eJzs3MtvG8UfAPDvrpO26eOX/Ep59AEECiLikTRpgR44AAKJA0hIXMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLxRORmvv1o/abpI6cag/H2mTmd1xZr6eHXt2p9sABtZ49iOJ2B0Rv0XEaC3bXGC89uvG9Utzf1+/NJdEpfLWn0m13F/XL80VRYvX7cozE2lE+mkSB9vUu3Th4pnZcnnhfJ6fWj773tTShYvPnD47e2rh1MK5mePHjx2dfv65mWd7Euf/s7Ye+HDx0P7X3r7yxtyJK+/89E1SxN8Sxx0bqf4c71bk8UqlZ9VtBXsa0slQHxvCmpQiIuuu4er4H41S1DtvNF79pK+NAzZUJdfh8EoFuIsl0e8WAP1RfNFn17/Ftnmzj/679lLtAiiL+0a+1Y4MRRq1C6PhluvbXhqPiBMr/3yZbdHr+xAAAG18l81/nm43/0vjvoZy/8vXhsbytZS9EXFPROyLiHsjqmXvj4gH1lh/6yLJrfOf9Oq6AlulbP73Qr621Tz/S4siY6U8t6eaGU5Oni4vHMnfk4kY3p7lp7vU8f0rv37e6Vjj/C/bsvqLuWDejqtD25tfMz+7PHsnMTe69nHEgaF28Sc3VwKSiNgfEQfWWcfpJ78+1OlYa/yVpNtferE524N1pspXEU/U+n8lWuIvJN3XJ6d2RHnhyFRxVtzq518uv9mp/tv3/8bK+n9n2/P/ZvxjSeN67dLa67j8+2cdr2km13X+13dsy39/MLu8fH46Ylvyeq3Rjftn6q8t8kX5LP6Jw+3H/96ovxMHIyI7iR+MiIci4uG87x6JiEcj4nCnAFcifnz5sXc7Hd4K/T/f0v9jzUVa+r+e2Bate9onSmd++Lb5L9aTq/v8O1ZNTeR7VvP5t5p2re9sBgAAgP+eNCJ2R5JO3kyn6eRk7d/w74udaXlxafmpk4vvn5uvPSMwFsNpcaerdj+4dj90Or+sL/IzLfmj+X3jL0oj1fzk3GJ5vt/Bw4Db1WH8Z/4o9bt1wIbzvBYMLuMfBpfxD4PL+IfB1Wb8j/SjHcDma/f9/1E9WRndzMYAm6pl/Fv2gwHi+h8Gl/EPg6tx/Hd9/h64myyNxO0fkpfYyokdRVdubu2RboHYe5VINngU7O53gI2J4v/+7F64zx9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPfJvAAAA//+Zfec0") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x1c1) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x80086601, 0x0) 7m10.841517841s ago: executing program 6 (id=2203): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x20, &(0x7f00000025c0)=[@in={0x2, 0x4e23, @private=0xa010101}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@assoc_value={r1, 0x7f}, 0x8) 7m8.549262526s ago: executing program 35 (id=2203): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x20, &(0x7f00000025c0)=[@in={0x2, 0x4e23, @private=0xa010101}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@assoc_value={r1, 0x7f}, 0x8) 4m54.590539625s ago: executing program 4 (id=2709): r0 = socket$tipc(0x1e, 0x2, 0x0) r1 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) sendto$inet(r2, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 4m53.70436366s ago: executing program 4 (id=2714): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffff"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x20, 0x4, &(0x7f0000000480)=@framed={{}, [@ldst={0x1, 0x1, 0x4, 0x0, 0x1, 0x6}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 4m52.609325001s ago: executing program 4 (id=2719): r0 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2) fcntl$addseals(r0, 0x409, 0x7) io_setup(0x66, &(0x7f0000000400)=0x0) io_submit(r1, 0x1, &(0x7f0000000100)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0xe, r0, &(0x7f0000000980)='-5', 0x2}]) 4m51.569065762s ago: executing program 4 (id=2724): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x10840, &(0x7f00000001c0)=ANY=[@ANYBLOB='iocharset=utf8,shortname=winnt,shortname=win95,uni_xlate=1,shortname=winnt,shortname=winnt,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c73686f72746e616d653d77696e6e742c000000000000009e5fcf6469722c73687865d2068a008e48488cc8642c6e66733d6e6f73"], 0x1, 0x274, &(0x7f00000005c0)="$eJzs3cFrk2ccB/Bf2nRJCyM5DMrGYO/YZafQduyeMjoYC2xs5KAni01RmlpooaCHtrfi/6D/gh69Ch7Eq/+ACFIFL9ZTD0IkvmlNahIbbRqxn8+lP5739+V5nrcveemhTy79uLqytLaxvL+/F/l8JrLlKMdBJooxFuOR2gkA4Gty0GjEq0Zq1GsBAM6G9z8AnD/93v+ZnaOxf89+ZQDAsHzW3/9jQ1kSADBk/1+4+Pd8pbLwX5LkI1Z3N6ub1fRnen1+Oa5GPWoxE4V4E9E4ktZ//lVZmEmanhcjv7o9lua3N6vjnfnZKESxe342SUW1mTvMT8RUK/9kKmoxF4X4rnt+rmv+m/j1l7b5S1GIx5djLeqxFM1sms9FxNZskvzxT+VYPveuDwAAAAAAAAAAAAAAAAAAAAAAhqGUHCl2nn+Tnt9TKvW6nubbzwea7Hc+UGP72Pk62fghO9q9AwAAAAAAAAAAAAAAAAAAwJdi4/qNlcV6vbber7j26M6DvVwa+Ghz/yLTmnew1G7fnsmT7eJY8e3Pz251u5SL3KD359OKiYhoH0laU97/aYiTnlbxcO/K979tTP/eqyey7SM3m1vt6OnxIGWHdcNfFiI6RyZat7ter+UHfiDbi7uHRfn1Bz2Hj1JtfXLUv7jp2+XFe1tPX5w01edDozF+2h9DAAAAAAAAAAAAAAAAAABAx/+3j3olAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA677//f9AiFx0j+Z7NmZ1RbxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHPvbQAAAP//Th2Rtg==") openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x2afc0, 0x1c1, 0x6}, 0x18) r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000008c0), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x9, 0x3a, '\xe2\xbf\xd9\xafk\xd3~a3\xd0\x94', 0x3a, '^', 0x3a, './file0', 0x3a, [0x4f, 0x4f, 0x50, 0x46, 0x50, 0x46, 0x46, 0x4f, 0x43, 0x43]}, 0x3d) 4m50.251446093s ago: executing program 4 (id=2731): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x8f, 0xf, @private2, 0xc33}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x40000002, 0x1, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c) 4m48.90543966s ago: executing program 4 (id=2736): socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x19, &(0x7f0000000280)={@empty, @remote, @val, {@llc={0x8100, {@llc={0xbc, 0xf8, 'J'}}}}}, 0x0) 4m46.215548823s ago: executing program 36 (id=2736): socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x19, &(0x7f0000000280)={@empty, @remote, @val, {@llc={0x8100, {@llc={0xbc, 0xf8, 'J'}}}}}, 0x0) 3m33.443009802s ago: executing program 9 (id=3008): r0 = socket(0x28, 0x801, 0x0) connect$vsock_stream(r0, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10) shutdown(r0, 0x2) write$binfmt_misc(r0, 0x0, 0x0) 3m32.763685087s ago: executing program 9 (id=3010): r0 = mq_open(&(0x7f0000000000)='batadv_slave_1\x00', 0x8c2, 0x30, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) mq_notify(r0, &(0x7f0000000100)={0x0, 0x17}) mq_timedsend(r0, 0x0, 0x0, 0x5, 0x0) 3m32.067526362s ago: executing program 9 (id=3013): ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000040)={'ip6tnl0\x00', {0x2, 0x4e22, @private=0xa010100}}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r0, 0x8b2c, &(0x7f0000000040)) 3m31.050616593s ago: executing program 9 (id=3016): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x8000, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xec, 0x21, 0x1, 0x0, 0x4, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x9c, 0x11, [{@in6=@remote, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6=@rand_addr=' \x01\x00', @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2b, 0x2, 0x0, 0x3501, 0x2, 0x2}, {@in6=@private1={0xfc, 0x1, '\x00', 0x3}, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, @in=@local, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}]}, 0xec}}, 0x0) 3m30.050278355s ago: executing program 9 (id=3020): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x30) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) 3m29.184787028s ago: executing program 9 (id=3025): socket$nl_generic(0x10, 0x3, 0x10) syz_80211_inject_frame(0x0, 0x0, 0x20) r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'wlan1\x00'}) 3m13.66193817s ago: executing program 37 (id=3025): socket$nl_generic(0x10, 0x3, 0x10) syz_80211_inject_frame(0x0, 0x0, 0x20) r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'wlan1\x00'}) 2m9.456610033s ago: executing program 1 (id=3316): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x10) 2m8.260829885s ago: executing program 1 (id=3319): r0 = socket(0x10, 0x80002, 0x0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0x9}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010001fff00000568000800a8792d7200", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140011"], 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 2m7.888539051s ago: executing program 0 (id=3332): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x220408a, &(0x7f0000000340)=ANY=[@ANYBLOB="756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c696f636861727365743d6b6f69382d752c636f6465706167653d3933322c696f636861727365743d6575632d6a702c747a3d5554432c73686f72746e616d653d6d697865642c726f6469722c73686f72746e616d653d6c6f7765722c757466383d312c756e695f786c6174653d312c6e66732c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c00416786a537fd"], 0x1, 0x376, &(0x7f00000007c0)="$eJzs3U1oHOUbAPBnO0k2Ke0/e/hD0dPqTZDSRDzoKaFUKOaglaV+XFxs6kd2LWRxIYLZ7EUpngQvgj1560GPPYsHEW8evFpBquLFgodCgyOzO/u96Qe4seLvdyhP3+d59n1ndsjMhuTNq63YujAfF2/evBGLi4WYWzu9FrcKUYojkUTXXkz14cL0cQDgAXcrTeP3tOuuxUtxtBe69wPAv1fn/v/68cFA8Y7laTL8v8vHZrYuAGB27vHz/3NTRy/NbFkAwAxN3P8fHUmPfZt/LkY+/8fS7BcIAPztXnjp5WfXNyLOlcuLEfUPmpVmJZ4e5NcvxptRi804FcuxH9F9UOg+LWT/PnN248ypcubnUlSyjmYlot5qVrpPCutJp78YK7Ecpbw/7fcnWf9Kp78cEXutzvxRLzQr850fNsjm/+FobMZqLMf/J/ojzm6cWS3nL1Cp9/pbEe1Y7B1Etv6TsRzfvRaXohYXIusdrH93pVw+nW6M9DevFjt1AAAAAAAAAAAAAAAAAAAAAAAwCyfLfaU4lu9/k9ZbzffPjReURvbHqXTT+f5A7e7+QGmxmO/OczkZ3x9odH+eZmUujvyjRw4AAAAAAAAAAAAAAAAAAAAPjsbOQlRrtc3txs67W8NBa2jk7W8+/2opeqm5vPWtZNAV+eDI6/QKh145if4Uab89TUZq8iCJ6BXvVa9e6694uKbYP4qJ9iwoTqQK+ZqqtdrxR376dFrXn1mw1xlJYuK0jAaFfP6hVP1/2cBiROwf1HVwsHqXmutpmmbBfD7vcM3uJ+Nd+VYMrftexnhQ2JtIfX3jjYeeaJx4sjPyZT7TY48vn7/+8We/blVr0e6tcGG7sZ/eeYq0FbEThYjJVDJ0/RTy81yYciVMD9qDkfZ2Y6eafP/biw9/9O1YcTL9+kmHR96ZOsV7V/44X/tiPLXQDQoRpcm3aTKYn3LxTw9eud2/eu//rTxxZa16bffHX6bVZGd0vGvoi4SNOgAAAAAAAAAAAAAAAAAA4FAMful3LJGmaevArqeen/nCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAQDf7+/1DQnhi5l+B2KyZTxc3txoGTLx3qoQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8B/2VwAAAP//rnh3Vw==") bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xe, 0x29, &(0x7f0000000900)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9a276b0, 0x0, 0x0, 0x0, 0x10001}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xd0}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx={0x18, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x25, '\x00', 0x0, @fallback=0x2e}, 0x94) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000a40)='memory.swap.current\x00', 0x275a, 0x0) 2m6.797186591s ago: executing program 1 (id=3322): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) listen(r0, 0x3) r1 = socket$netlink(0x10, 0x3, 0x4) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600004e22590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 2m6.426594783s ago: executing program 0 (id=3324): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000340)=0xfffffffd, 0x4) 2m5.918417422s ago: executing program 1 (id=3325): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='c 1:1\t\n.'], 0xa) 2m5.43699572s ago: executing program 0 (id=3330): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) r2 = syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/net\x00') sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30) 2m4.992514306s ago: executing program 1 (id=3331): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x30) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) 2m4.114395388s ago: executing program 1 (id=3335): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x880) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x0) 1m48.671145536s ago: executing program 38 (id=3335): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x880) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x0) 1m48.316101207s ago: executing program 0 (id=3341): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_emit_vhci(0x0, 0xfffffffffffffe9f) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e0402030c"], 0x7) fsopen(0x0, 0x0) 1m47.420536388s ago: executing program 0 (id=3346): syz_mount_image$hfsplus(&(0x7f00000002c0), &(0x7f0000000140)='./file1\x00', 0x3000c00, &(0x7f0000000200)=ANY=[], 0xff, 0x654, &(0x7f0000000a40)="$eJzs3c9vHGf9B/D3rje2N99+UzdN2hRVitVIgLBI/EMumAsBIeRDhapy4GwlTmNlkxbbRW6FqMvPaw/5A8rBN05I3COVCxe49epjJQSXXjCnRTM7a29tr38Ux2uX1yuafZ6ZZ+Z5Ps9nZ3Z214o2wP+s+Yk0nqSW+YnX1or1zY2Z1ubGzMNuPclIknrS6BSp/avdbn+c3E5nyUvFxqq7Wr9xHi/NvfHJZ5ufdtYa1VLuXz/ouKNZr5aMJxmqypPq785h/Y0e1l1te4ZFwm50EweDdiFJu/SPx50tP/3LM9stPZr7HX3omQ+cA7XOfXOPseRidaEX7wM6d8XOPftcWx90AAAAAHAKnt3KVtZyadBxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHlS/f5/rVrq3fp4at3f/x+utqWqny3Xj7f7k6cVBwAAAAAAAACcoutb2cpaLnXX27Xyb/6vlCtXysf/yztZyWKWczNrWchqVrOcqSRjPR0Nry2sri5PHeHI6X2PnD4k0JGqbJ7MvAEAAAAAAADgS+aXmd/5+z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJwFtWSoU5TLlW59LPVGktEkw8V+68nfuvXz7MmgAwAAAIBT8OxWtrKWS931dq38zP9C+bl/NO/kUVazlNW0spi75XcBnU/99c2NmdbmxszDYtnb7/f+eawwyh7T+e5h/5GvlXs0cy9L5ZabuZO30srd1MsjC9e68ewf1wdFTLXvVo4Y2d2qLGb+YVXu8f6xJtvPMb9MGSszcmE7I5NVbEU2njs4E8d8dnaPNJX6drBXdo20axJfKOcXq7KYz2/75Xwgdmdiuufse+HgnCdf+9MffnK/9ejB/XsrE2dnSgdbr8qhqmyXj829mZjpycSLX8ZM9DVZZuLq9vp8fpgfZyLjeT3LWcrPspDVLGY8PyhrC9X5XOu55Ptk6vbn1l4/LJLh6gztPFnHi+mV8thLWcqP8lbuZjGvlv+mM5VvZTazmet5hq8e4ZW23ueqb///vsHf+HpVaSb5XVWeDUVen+vJa+9r7ljZ1rtlJ0uXT/5+1PhKVSnG+FVVng27MzHVk4nnD87E78uXlZXWowfL9xfePtpwlz+sKsV19JszdZcozpfLxZNVrn3+7Cjant+3bapsu7LdVt/TdnW7rXOlrve9Uoer93B7e5ou217ct22mbLvW07bf+y0AzryL37g43Px786/Nj5q/bt5vvjb6/ZFvj7w8nAt/vvCdxuTQV+sv1/6Yj/KLnc//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF7fy7nsPFlqtxeVdlXa7/X6fpvNc6f6c2SkO+tIzyaCmPJzkbGT+3+12u9pSOwvxHFxpF0bSfupjNZLs13S9d8sHAzl/BvzCBDx1t1Yfvn1r5d33vrn0cOHNxTcXH83Nzs5Nzs2+OnPr3lJrcbLzOOgogadh56Y/6EgAAAAAAAAAAACAozqZ/zPQTNJ/n/6jj57mVAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBzan4ijSepZWry5mSxvrkx0yqWbn1nz0aSepLaz5Pax8ntdJaM9XRX6zfO46W5Nz75bPPTnb4a3f3rBx13NOvVkvEkQ1V5Uv3d+a/7q23PsEjYjW7iYND+EwAA//9nMgTf") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) statx(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x2000, 0x20, &(0x7f0000000240)) 1m45.869389617s ago: executing program 0 (id=3352): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x40000c4) 1m30.544446132s ago: executing program 39 (id=3352): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000047}, 0x40000c4) 8.877814292s ago: executing program 2 (id=3648): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000104c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x3, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x80}, 0x1, 0x0, 0x0, 0x10}, 0x10) 8.242140976s ago: executing program 3 (id=3650): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) unshare(0x26000400) r0 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x3, 0x1, 0x2, {0xa, 0x4e23, 0x1, @empty, 0xe}}}, 0x3a) 7.849861983s ago: executing program 5 (id=3652): syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000040)='./file0\x00', 0x2000800, &(0x7f0000000080)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRES64=0x0], 0x1, 0x297, &(0x7f0000000380)="$eJzs3bFqU1EYB/CvadrELgnoJB0uuLgYmr5BkApiQIhkqFOCbUGaUEghoIPt5rs4+Q6+gY/hLJihEElvNImJpaj1avL7QTgfnPuHczLknOGc3NZ29/jg5PRo//anKBaTyEecv7+IiMjFeqQefEjbjYhYi82Ydh4AwP+m0WjXsh4DN6vXq7VHe7fCXE/zXSYDAgAAAAAAAAAA4Le1tgtz5/9jEFGeOv+/Nm5zzv8DwFJw/n/59Xq19tZ4/zbL+X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO4PhsDS84pP1+ACAP8/6DwCrx/oPAKtnMLPWr4X1HwCW37P9509q9fpeI0mKEd23/Wa/mbZpf+0oXkYnDmMnSnERo/3BWFo/elzf20kulaPVPRvnz/rN9dl8NUpRXpyvpvlkNr8RW9P53SjFncX53YX5zbh/LyL3baKVKMXHF3ESnTiIUXaSf1NNkodP6z/kC5fPAQAAAAAAAAAAAAAAAAAAwN9QSb5beH+/UvlZf5q/5v8DfJ6/n5+Pu/ls5w4AAAAAAAAAAAAAAAAAAAD/itNXr4/bnc5hb2HxZXyX/6pnFJPi1rW+1V8r8hGR+QQVK1Nk/MMEAAAAAAAAAAAAAAAAAAAraHLpN+uRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB2Ju//v7ki6zkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAq+FrAAAA//+yrOtG") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x80, 0x0) open_by_handle_at(r0, &(0x7f0000000000)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0x4, 0x7}, 0x5, 0x800}}, 0x10100) fanotify_mark(0xffffffffffffffff, 0x39, 0x1a, r0, 0x0) 7.710993327s ago: executing program 2 (id=3653): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="380000005400e50100000000fdffffff07000000", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="010101007f"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) 7.169217747s ago: executing program 3 (id=3655): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x2) syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0) 6.828093919s ago: executing program 7 (id=3656): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x70bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x2c}}, 0x18) 6.709818628s ago: executing program 2 (id=3657): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x237a, 0x4) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000700)=0xebb4, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x22d6, 0x4) 6.218666901s ago: executing program 5 (id=3658): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x800, &(0x7f0000000100)=ANY=[@ANYBLOB='iocharset=iso8859-9,utf8,dmask=00000000000000000000011,utf8,errors=remount-ro,utf8,fmask=00000000000000000000001,errors=remount-ro,iocharset=iso8859-5,gid=', @ANYRESHEX=0x0, @ANYBLOB="0002"], 0x1, 0x1548, &(0x7f0000000380)="$eJzs3AuYTdX7OPD3XWvtMSSdJrkMa613c5LLMkmSS5JckiRJktwSkib5SkJiyC1pSEJyGZLLEJLLxKRxv98vCU2SJklCckvW/1H8fftVv++lvl/P85v38zz7sd6z9rv22vOeM2fvdZz5psvQmo1rVWtIRPCn4C//JAFALAAMBIBrACAAgHJx5eIu9OeUmPTnDsL+Wg+lXukZsCuJ65+9cf2zN65/9sb1z964/tkb1z974/pnb1x/xrKzzdMLXstb9t14/T874/f//0OySo/9Ym3p67sCxPyzKVz/7I3r/39W8M/sxPXP3rj+2VXslZ4A+yvN/vfS+PWfHeT4wx6uf/bG9WcsO/t5HTgnXPF16Cu1QSR7fwZypZ9/jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayh9P+MgUAl9pXel6MMcYYY4wxxhj76/gcV3oGjDHGGGOMMcYY+89DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+W/lvwA94EXoCb0gCXpDH3gJ+kI/6A8DYCC8DIPgFRgMr0IyDIGh8BoMg9dhOLwBI2AkjII3YTS8BWNgLIyD8ZACE2AivA2T4B2YDFNgKkyDVJgOM+BdmAmzYDa8B3PgfZgL82A+LIA0+AAWwiJIhw9hMXwEGbAElsIyWA4rYCWsgtWwBtbCuh/7wgbYCJtgM2yBrbANtsMO2Akfwy74BHbDntfnAUAmfPZH+bD+d/NPXcqHvfApZEJXBAQUKFChwhiMwViMxVyYC3NjbsyDeTCCEYzDOMyLeTEf5sMCWADjMR4LY2E0aJCQsAgWwShGsRgWw+JYHEtiSXToMAETsAzejGWxLJbDclgey2MFrIgVsTJWxipYBatiVayG1bA6VseaWBPvxruxN9bBOlgX62I9rHdpeQobYkNshI2wMTbGJtgEm2JTbI7NsSW2xFbYCltja2yLbbEdtsP22B4TMRE7YAfsiB2xE3bCztgZu2AX7IrdsFvWCzkAX8QXsRdWF72xD/bBvpicoz8OwAH4Mg7CV/AVfBWTcQgOxdfwNXwdh+NJHIEjcRSOwiriLRyDY5HEeEzBFJyIE3ESTsLJOAWn4DRMxek4A2fgTJyFs/A9nIPv4/s4D+fhAkzDNFyIizAd03ExnsIMXIJLcRkuxxW4HFfhalyFa3EdrsUNuAE34SbcgltwG27DHbgDP0YFgJ/gHtyDyZiJmbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fC7+q0Yfl1iTDOICJZSIETEiVsSKXCKXyC1yizwij4iIiIgTcSKvyCvyiXyigCgg4kW8KCwKCyOMIBHGAICIiqgoJoqJ4qK4KClKCiecSBAJoowoI8qKsqKcuFWUF7eJCqKiaOMqi8qiimjrqoo7RTVRTVQXNURNUUvUErVFbVFH1BF1RV1RT9QT9cUDooHojf3xIXGhMo3FEGwihmJT0UzIi7/BWonh2Fq0EW3FE2IkjsD2opVLFE+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo7XqKXmIy9hZ9xDTsK/qJ/mKAmIk1xHs4J2dN8apIFkPEUPGaWICvi+HiDTFCjBSjxJtitHhLjBFjxTgxXqSICWKieFtMEu+IyWKKmCqmiVQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJNfCAWikUiXXwoFouPRIZYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lORKT4T+8TnYr/4QhwQX4os8ZU4KL4Wh8Q34rD4VhwR34mj4pg4Lr4XJ8QP4qQ4JU6LM+Ks+FGcEz+J88ILkCiFlFLJQMbIHDJW5pS55FUytwwu/nSvlXHyOplXXi/zyfyygCwo42UhWVhqaaSVJENZRBaVUXmDLCZvlMVlCVlSlpJOlpYJ8iZZRt4sy8pbZDl5qywvb5MVZEVZSVaWt8sq8g4JkV+OUV3WkDVlLXm3TIJ7ZB15r6wr75P15P2yvnxANpAPyobyIdlIPiwby0dkE/mobCqbyeayhWwpH5Ot5OOytWwj28onZDv5pGwvn5KJ8mnZQfqLT5FnZWf5nOwin5ddZTfZXf4kz0sve8peEnqD7CNfkn1lP9lfDpAD5ctykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZTpFT5TSZKqfL/hdHmi3lP8x/+3fyB/989E1ys9wit8ptcrvcIXfKj+UuuUvulrvlXrlXZspMuU/uk/vlfnlAHpBZMkselAflIXlIHpaH5RF5RB6Vx+QZ+b08IX+QJ+UpeUqekWflWXnu4s8AFCqhpFIqUDEqh4pVOVUudZXKra5WedQ1KqKuVXHqOpVXXa/yqfyqgCqo4lUhVVhpZZRVpEJVRBVVUXUDXnzCqJKqlHKqtEpQN/0r+aqYulEVVyV+lX9pfkl/ML+WqqVqpVqp1qq1aqvaqnaqnWqv2qtElag6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKkklqT7qJdVX9VP91QA1UL2sBqlBarAarJJVshqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKUSlqopqoJqlJarKarKaqqSpVpaoZaoaaqWaq2Wq2mqPmqLlqrpqv5qs0laYWqoUqXaWrxWqxylBL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVoTarzWqr2qq2q+1qp9qpdqldarfarfaqvSpTZap9ap/ar/arA+qAylJZ6qA6qA6pQ+qwOqyOqCPqqDqqjqvj6oQ6oU6qk+q0Oq3OqrPqnDqnzqvzFy77AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhAXix4NbgiKBTcGxYMSQcmgVOCC0kFCzMXO4JagXHBrUD64LagQVAwqBZWD24MqwR1B1eDOoFpwV1A9qBHUDGoFdwe1g3uCOsG9Qd3gvqBecH9QP3ggaBA8GDQMHgoaBQ8HjYNHgibBo0HToFnQPGgRtAxuDsr+ZeN7fzL/466n7qWTdG/dR7+k++p+ur8eoAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erKeoqfqaTpVT9cz9Lt6pp6lZ+v39Bz9vp6r5+n5eoFO0x/ohXqRTtcf6sX6I52hl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536J36Y71Lf6J36z16r/5UZ+rP9D79ud6vv9AH9Jc6S3+lD+qv9SH9jT6sv9VH9Hf6qD6mj+vv9Qn9gz6pT+nT+ow+q3/U5/RP+rz2Fy7uL7y9G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emr8lr8pl8poApYOJNvClsCpsLyJApYoqYqImaYqaYKW6Km5KmpHHGmQSTYMqYMqasKWvKmXKmvClvKpgKppKpZG43t5s7zB3mTnOnucvcZWqYGqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqapqa5aW5ampamlWllWpvWpq1pa9qZdqa9aW8STaLpYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6miSTZPqYPqav6Wv6m/5moBloBplBZrAZbJJNshlqhpphZpgZboabEWakGXXhQtW8ZcaYsWacGW9STIqZaCaaSWaSmWwmm6lmqkk1qWaGmWFmmplmtplt5pg5Zq6Za+ab+SbNpJmFZqFJN+lmsVlsMkyGWWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNLrPL7Da7zV6z12SaTLPP7DP7zX5zwBwwWSbLHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81Zk//i+6U3sTanzWWvsrnt1TaPvcb+z7iALWjjbSFb2Gqbz+b/VWystcVtCVvSlrLOlrYJ9qbfxBVsRVvJVra32yr2Dlv1N3Fte4+tY++1de19tpa9+1dxPXu/rW8fsQ0QAWwz28i2sI3tI7aJfdQ2tc1sc9vCtrNP2vb2KZton7Yd7DO/iRfaRXa1XWPX2nV2t91jT9sz9pD9xp61P9qetpcdaF+2g+wrdrB91SbbIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk210+0M+66daWf9Jk6zH9g5Nt3OtfPsfLvg5/jCnNLth3ax/chm2ACW2mV2uV1hV9pV/3+uy+wGu9FusrvsJ3ar3Wa32x1256ULYbvH7rWf2kz7mT1ov7b77Rf2gD1ss+xXP8cXzu+w/dYesd/Zo/aYPW6/tyfsD+pS9oVz/97+ZM9bb4GQgCQpCiiGclAs5aRcdBXlpqspD11DEbqW4ug6ykvXUz7KTwWoIMVTISpMmgxZIgqpCBWlKN1Al6ZXkkqRo9KUQDdRGbqZytItVI5upfJ0G1WgilSJKtPtVIXuoKp0J1Wju6g61aCaVIvuptp0D9Whe6ku3Uf16H6qTw9QA3qQGtJD1Igepsb0CDWhR6kpNaPm1IJa0mPUih6n1tSG2tIT1I6epPb0FCXS09SBnqGO9DfqRM9SZ3qOutDz1JW6UXd6gXrQi9STelES9aY+9BL1pX7UnwbQQHqZBtErNJhepWQaQkPpNRpGr9NweoNG0EgaRW/SaHqLxtBYGkfjKYUm0ER6mybROzSZptBUmkapNJ1m0Ls0k2bRbHqP5tD7NJfm0XxaQGn0AS2kRZROH9Ji+ogyaAktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+ph20Se0m/bQXvqUMukz2kef0376gg7Ql5RFX9FB+poO0Td0mL71veg7OkrH6Dh9TyfoBzpJp+g0naGz9COdo5/oPHmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnvCaMhNeGceF1Yd7w+jBfmD8sEBYM48NCYeFQhya0IYVhWCQsGkbDG8Ji4Y1h8bBEWDIsFbqwdJgQ3hSWCW8Oy4a3hOXCW8Py4W1hhbBi+Mh9lcPbwyrhHWHV8M6wWnhXWD2sEdYMa4V3h7XDe8I64b1h3fC+sGx4f1g/fCBsED4YNgwfChuFD4eNw0fCJuGjYdOwWdg8bBG2DB8LW4WPh63DNmHb8ImwXfhk2D58KkwMnw47hM/83H//oj/uTwp7h33Cl8KXQu/vlfOjC6Jp0Q+iC6OLounRD6OLox9FM6JLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Le18oBDp1w0ikXuBiXw8W6nC6Xu8rldle7PO4aF3HXujh3ncvrrnf5XH5XwBV08a6QK+y0M846cqEr4oq6qLvBFXM3uuKuhCvpSjnnSrsE18K1dC1dK/e4a+3auLbuCfeEe9I96Z5yT7mnXQf3jOvo/uY6uWddZ/ece84977q6bq67e8H1cBPy/PKaTHJ9XB/X1/V1/V1/N9ANdIPcIDfYDXbJLtkNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbgUN9FNdJPcJDfZTXZT3VSX6lLdDDfDzXQzXZVZvxxlrpvr5rv5Ls2luYXuwjVjulvsFrsMl+GWuqVuuVvuVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na6nW6X2+V2+2t+GdRlun1un9vv9rsD7kuX5b5yB93X7pD7xh1237oj7jt31B1zx9337oT7wZ10p9xpd8addT+6c+4nd955lxKZEJkYeTsyKfJOZHJkSmRqZFokNTI9MiPybmRmZFZkduS9yJzI+5G5kXmR+ZEFkbTIB5GFkUWR9MiHkcWRjyIZkSWRpZFlkeWRFRHvC20NfRFf1Ef9Db6Yv9EX9yV8SV/KO1/aJ/ibfBl/sy/rb/Hl/K2+vL/NV/AVfSX/qG/qm/nmvoVv6R/zrfzjvrVv49v6J3w7/6Rv75/yif5p38E/4zv6v/lO/lnf2T/nu/jnfVffzXf3L/ge/kXf0/fySb637+Nf8n19P9/fD/AD/ct+kH/FD/av+mQ/xA/1r/lh/nU/3L/hR/iRflTMm370pVtkGO9T/AQ/0b/tJ/l3/GQ/xU/103yqn+5n+Hf9TD/Lz/bv+Tn+fT/Xz/Pz/QKf5j/wC/0in+4/9Iv9Rz7DL7m0qOxX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u9/hd/qP/S7/id/t9/i9/lOf6T/z+/znfr//wh/wX/os/5U/6L/2h/w3/rD/1h/x3/mj/pg/7r/3J/wP/qQ/5U/7M/6s/9Gf8z/58/ydNcYYY4yxf8qEy03x655flvN7/06O+Lud+wDA1dsKZv19/4UryvX5fmn3E/HtIgDwdK8uD13aqldPSkq6uG+GhKDoPIBLnwRd8POy8cV4CbSFJyER2kCZ351/P9HtLP2D8aO3AuT6u5xYuBxfHv9zAEz6nfEfe2LUwvLh6bj/Zfx5AMWLXs7JCZfjJdD25/WVNlD2D+afv9U/mH/OL1IAWv9dTm64HF+efwI8Ds9A4q/2ZIwxxhhjjDHGftFPVOp06f7z0v/4/L3783h1OScHXI7/0f05Y4wxxhhjjDHGrrxnu3V/6rFL39x7LDGxTaefH/lnGlX/lZ3/9UYT+E+NzI3fbXgPcOkRBQB/ckCACw353zyLLf+VYyVffLX8z67lZ3wA3Ytd/NLjX3fQ2D9fi3+ncaV+IzHGGGOMMcb+Uy5f9P/6cXWlJsQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/40/J3alz5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//8XnvpB") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x100, 0x52) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @d}}) rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)='./bus\x00') 6.124504987s ago: executing program 8 (id=3659): r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001000190426bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0305000000000200080025000100000008000400"], 0x30}, 0x1, 0x0, 0x0, 0x20004800}, 0x24000009) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac141400340008"], 0x2c}}, 0x0) sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 6.079222799s ago: executing program 3 (id=3660): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xa}, 0x16) 5.806302048s ago: executing program 7 (id=3661): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000800)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x5c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_HOOK={0x30, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}, {0x14, 0x1, 'veth1_to_bridge\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000) 5.770871912s ago: executing program 2 (id=3662): r0 = socket(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000040)=0x7, 0x4) syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, '\x00', 0x8, 0x0, 0x1, @empty, @mcast2, {[@hopopts={0xff}]}}}}}, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x40000122, 0x0) 5.067163556s ago: executing program 8 (id=3663): r0 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00') syz_mount_image$vfat(&(0x7f0000001800), &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="00631dda01aef2b0bad477a11d13ec0c19456795dd9b2620df1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d24c60c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e9000001001d0149e6d308cbe315789f4baffe39bbced9b1d4db174c6121d2e290e9fc561a62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac10222664bbc980b4e99027c53ae2c6cc05d3be246e5837cbf286225d43e8c1d2e3fda86b86906b79fdedae7f3bbe362e8ad7f2b370442013de1788be93a3d553c2e1f5b559393d964df51bf393f52ecbe6f832b222231fbb9fee9e0343c2d3d567f7cff6d0b25303bcbcc99c879d3bc"], 0x4, 0x28a, &(0x7f0000000600)="$eJzs281OE18Yx/EftH9e/9AqioIxPtGNbiZQr6AhkBibaJAaXxKTQabatLTYaTA1RnDl1usgLt2ZGG+AjVfgwh0blyyMY5gWaaHELsBR+v1s5oEzv+mcPmeSs+hs3Xu7XMj5Ts6tqrfHFJf6tC0l1auY6noax96w7lOzdV0by3y5eOf+g5vpTGZ23mwuvXA9ZWajlz4+f/nu8qfq8N33ox/6tZl8tPUt9XVzfHNi68fC07xved9K5aq5tlguV93FomdLeb/gmN0ueq7vWb7ke5WW8VyxvLJSM7e0NDK0UvF839xSzQpezaplq1Zq5j5x8yVzHMdGhoTfyW7Mz7vpqO8Cx6tSSbszkiYPjGQ3IrkhAAAQqTb7/3X2/92C/f9JF2/s/x82nt9W7P8BAAAAAAAAAAAAAAAAAAAAAPgXbAdBIgiCxO7xPyl8wydo/D0oaUjSsKT/JY1IGpWUkJSUdErSaUljks5IOitpXNI5SeclTTRdK+q54qDD+h+j/12B57+70f/u1vTi7oC0/GY1u5qtH+vj6ZzyKsrTlBL6HvayoV7P3cjMTlkoqQvLa4382mo21pqfVmJnwbTLT9fz1prvD9fdr3xKiZ0F1i6fapsf0NUrTXlHCX1+rLKKWgrX5F7+1bTZzK3MvvxkeN5J5+x8ca8lHdI/x7Fd+8br+Q7WRzDVtj9xTcajnTskv/ai4BaLXuVoimednDx4xB9KcZyFjuqCg3/FdCg67Tu6wF7Td/8Ti/aGAAAAAAAAAAAAAAAAAAAd+RM/J4x6jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PczAAD///cKXnQ=") r1 = epoll_create(0x10000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x9000000d}) 4.764119381s ago: executing program 7 (id=3664): socket$nl_route(0x10, 0x3, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'ip6gretap0\x00', @ifru_addrs=@can}) ioctl$sock_netdev_private(r0, 0x8914, &(0x7f0000000000)) 4.712707091s ago: executing program 2 (id=3665): r0 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xfffffffc, '\x00', r1, 0xffffffffffffffff, 0x3, 0x4}, 0x50) 4.457920558s ago: executing program 3 (id=3666): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8806, &(0x7f0000000580)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x4}}, {@allow_other}]}}, 0x4, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00') read$FUSE(r1, &(0x7f0000002c00)={0x2020}, 0x2020) 4.20514379s ago: executing program 5 (id=3667): capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x5b, 0x0, &(0x7f00000001c0)="e3ef7f670000ec6783b4241544940000009550f50ac311e0f0544b00aab05400f16b2882a631a8af8babc441912ecbee66cd7a3529664862e9f91f4aab3d47f07b93cd09504d9222638b43fd8b47485a03000000000000002d1a96", 0x0, 0x20000006, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x1}, 0x50) r0 = syz_open_dev$sg(&(0x7f0000000140), 0xa, 0x8001) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85) 3.732186124s ago: executing program 8 (id=3668): mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, &(0x7f0000000300)=ANY=[@ANYBLOB='usrquota,usrquota_block_hardlimit=8']) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020) 3.712624945s ago: executing program 7 (id=3669): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0xffffffff, 0x0, 0x1, 0x0, 0x6}, [@tmpl={0x44, 0x5, [{{@in6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x0, 0x3c}, 0x2, @in=@empty, 0x6, 0x4, 0x3}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) r1 = socket(0xa, 0x3, 0xff) sendmsg$inet6(r1, &(0x7f0000001c00)={&(0x7f0000000140)={0xa, 0x84, 0x7, @mcast2}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="671723d7c6012c", 0x7}, {&(0x7f0000000180)="9e91d91a92dc7c8f06c24fbe79d9284d0c66c92c658bb539e2ffb332c99223a7df", 0x21}], 0x2}, 0x20008b88) 3.611646293s ago: executing program 2 (id=3670): socket$netlink(0x10, 0x3, 0x10) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4) syz_usb_connect$uac1(0x3, 0xdc, 0x0, 0x0) 2.794994244s ago: executing program 5 (id=3671): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x54, &(0x7f0000000080)=0x1, 0x4) close(0x3) recvfrom(r0, 0x0, 0x0, 0x10000, 0x0, 0x0) 2.483227721s ago: executing program 7 (id=3672): r0 = socket$inet_tcp(0x2, 0x1, 0x0) syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bic', 0xff3d) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}], 0x4) 2.220941579s ago: executing program 8 (id=3673): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(0x0, r0) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001200), r0) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f00000012c0)={0x14, r1, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20040000) 2.129286536s ago: executing program 3 (id=3674): set_mempolicy(0x3, &(0x7f0000000140)=0x3, 0x5) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d40)={0x3c, r1, 0x1, 0x4, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x765a}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}]}, 0x3c}}, 0x3000c000) 1.725554346s ago: executing program 5 (id=3675): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 960.82704ms ago: executing program 8 (id=3676): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4c840) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=@newtfilter={0x54, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xb, 0xfff3}, {0x0, 0xfff3}, {0x9, 0x10}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0x10, 0x1, 0x0, 0x0, {{0x6, 0x0, 0x80}, "b07f9c"}}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20041090}, 0x20000000) 794.747426ms ago: executing program 3 (id=3677): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) write(r1, 0x0, 0x0) 413.705302ms ago: executing program 7 (id=3678): setresuid(0xee01, 0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x4000, &(0x7f0000002300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x900, 0x1, 0x0) 268.704034ms ago: executing program 5 (id=3679): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050004000000000000002e00000008000300", @ANYRES32=r2, @ANYBLOB="0a00340001010101010100000c0049000cac0f000dac0f0008004a"], 0x3c}}, 0x0) 0s ago: executing program 8 (id=3680): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') r0 = open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x80c42, 0x1d0) quotactl_fd$Q_GETFMT(r0, 0xffffffff80000400, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): eth13 [ 951.220893][T11779] Bluetooth: hci3: command tx timeout [ 951.336898][T12368] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 951.370822][T12368] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 951.455165][T12368] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 951.696436][T12368] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 952.087362][T12368] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 953.299926][T11779] Bluetooth: hci3: command tx timeout [ 956.174342][ T5226] 8021q: adding VLAN 0 to HW filter on device eth14 [ 956.744566][T12303] bridge0: port 1(bridge_slave_0) entered blocking state [ 956.780251][T12303] bridge0: port 1(bridge_slave_0) entered disabled state [ 956.820093][T12303] bridge_slave_0: entered allmulticast mode [ 956.851944][T12303] bridge_slave_0: entered promiscuous mode [ 956.934019][T12303] bridge0: port 2(bridge_slave_1) entered blocking state [ 956.952259][T12303] bridge0: port 2(bridge_slave_1) entered disabled state [ 956.987696][T12303] bridge_slave_1: entered allmulticast mode [ 957.032596][T12303] bridge_slave_1: entered promiscuous mode [ 957.358630][T12303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 957.462779][T12303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 957.924452][T12303] team0: Port device team_slave_0 added [ 957.990977][T12303] team0: Port device team_slave_1 added [ 958.078417][T12440] loop2: detected capacity change from 0 to 128 [ 958.603511][T12445] netlink: 72 bytes leftover after parsing attributes in process `syz.7.2254'. [ 958.681246][T12303] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 958.710678][T12303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 958.810010][T12303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 958.847136][T12303] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 958.855587][T12303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 958.956516][T12303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 959.820516][T12303] hsr_slave_0: entered promiscuous mode [ 959.905197][T12303] hsr_slave_1: entered promiscuous mode [ 959.952769][T12303] debugfs: 'hsr0' already exists in 'hsr' [ 960.003115][T12303] Cannot create hsr debugfs directory [ 961.531284][T12474] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2253'. [ 962.621152][T11779] Bluetooth: hci1: unexpected subevent 0x0e length: 30 > 15 [ 962.635383][T11779] Bluetooth: hci1: Unable to find connection for dst 00:00:00:00:00:00 sid 0x00 [ 962.646939][T12486] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2260'. [ 962.716541][T12486] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2260'. [ 962.744534][ T5226] 8021q: adding VLAN 0 to HW filter on device eth15 [ 963.223822][T12303] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 963.354384][T12303] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 963.401878][T12303] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 963.506940][T12303] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 963.577283][T12303] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 963.690416][T12303] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 963.762833][T12303] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 963.917924][T12303] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 965.008308][T12498] loop4: detected capacity change from 0 to 8192 [ 965.977267][T12303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 966.292078][T12303] 8021q: adding VLAN 0 to HW filter on device team0 [ 966.460033][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 966.467662][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 966.713320][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 966.721008][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 966.846031][T12520] netlink: 'syz.7.2271': attribute type 12 has an invalid length. [ 966.881712][T12522] binder: 12521:12522 ioctl 40046205 0 returned -22 [ 966.890466][T12520] netlink: 'syz.7.2271': attribute type 29 has an invalid length. [ 966.912819][T12520] netlink: 148 bytes leftover after parsing attributes in process `syz.7.2271'. [ 968.132449][T12530] siw: device registration error -23 [ 969.093264][T12284] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 969.363083][T12284] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 969.415272][T12284] usb 3-1: config 0 has no interface number 0 [ 969.474361][T12284] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 969.537047][T12284] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 969.604114][T12284] usb 3-1: Product: syz [ 969.640404][T12284] usb 3-1: Manufacturer: syz [ 969.665686][T12284] usb 3-1: SerialNumber: syz [ 969.723930][T12284] usb 3-1: config 0 descriptor?? [ 970.003057][T12284] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 970.062354][T12284] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 970.105375][T12284] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 970.138473][T12284] usb 3-1: media controller created [ 970.234066][T12537] usb 3-1: dvb_usb_ec168: I2C read not implemented [ 970.482267][T12284] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 970.893309][T12284] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 971.162783][ T5226] 8021q: adding VLAN 0 to HW filter on device eth16 [ 971.955961][T12284] usb 3-1: USB disconnect, device number 16 [ 972.008083][T11036] udevd[11036]: setting owner of /dev/bus/usb/003/016 to uid=0, gid=0 failed: No such file or directory [ 974.281556][T12303] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 976.135412][T12602] netlink: 100 bytes leftover after parsing attributes in process `syz.7.2293'. [ 976.168306][T12604] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 976.175866][T12604] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 976.295259][T12606] loop4: detected capacity change from 0 to 512 [ 976.543752][T12606] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 976.612391][T12606] ext4 filesystem being mounted at /324/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 976.825213][T12606] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 977.358784][ T7908] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 977.652546][T12619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2297'. [ 977.769896][T12619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2297'. [ 977.903257][T12614] loop7: detected capacity change from 0 to 4096 [ 977.981979][T12614] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512). [ 978.225902][T12303] veth0_vlan: entered promiscuous mode [ 978.308736][T12616] loop2: detected capacity change from 0 to 4096 [ 978.399826][T12616] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 978.468161][T12614] ntfs3(loop7): ino=1a, mi_enum_attr [ 978.486773][T12303] veth1_vlan: entered promiscuous mode [ 978.519912][T12614] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 978.815676][T12616] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 979.028806][T12614] ntfs3(loop7): ino=1e, "file1" ntfs3_write_inode failed, -22. [ 979.253833][ T5226] veth0_macvtap: left promiscuous mode [ 979.469717][ T29] audit: type=1326 audit(1778893613.588:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12625 comm="syz.0.2299" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704f00c code=0x7ffc0000 [ 979.605065][T12303] veth0_macvtap: entered promiscuous mode [ 979.674835][ T29] audit: type=1326 audit(1778893613.608:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12625 comm="syz.0.2299" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704f00c code=0x7ffc0000 [ 979.828514][ T29] audit: type=1326 audit(1778893613.678:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12625 comm="syz.0.2299" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf704f00c code=0x7ffc0000 [ 979.957973][T12303] veth1_macvtap: entered promiscuous mode [ 980.007037][ T29] audit: type=1326 audit(1778893613.688:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12625 comm="syz.0.2299" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf704f00c code=0x7ffc0000 [ 980.431777][T12303] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 980.722122][T12303] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 980.848767][T12638] loop2: detected capacity change from 0 to 256 [ 981.027676][ T5712] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 981.107601][ T5712] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 981.157149][ T539] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 981.327404][ T539] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 985.276902][T12688] netlink: 642 bytes leftover after parsing attributes in process `syz.4.2319'. [ 985.688400][T12694] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2320'. [ 985.762564][T12694] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2320'. [ 985.845212][T12694] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2320'. [ 987.547779][T12712] loop2: detected capacity change from 0 to 1024 [ 987.593660][T12712] EXT4-fs: Ignoring removed orlov option [ 987.778883][T12712] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 988.050223][T12712] EXT4-fs (loop2): shut down requested (2) [ 988.599986][ T8239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 989.905027][T12741] loop4: detected capacity change from 0 to 256 [ 990.211696][T12744] netlink: 'syz.7.2335': attribute type 2 has an invalid length. [ 991.225082][T10834] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 991.301469][T10834] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 991.320505][T12753] 9p: Bad value for 'rfdno' [ 991.868961][T10834] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 991.938027][T10834] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 992.597923][T12766] loop4: detected capacity change from 0 to 128 [ 992.681994][T12766] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 992.779466][T12766] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 993.012371][ T29] audit: type=1800 audit(2000000009.660:30): pid=12766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2342" name="file1" dev="loop4" ino=1048771 res=0 errno=0 [ 993.731684][ T34] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 995.536981][T12757] usb 9-1: new low-speed USB device number 2 using dummy_hcd [ 995.790781][T12757] usb 9-1: config 0 has no interfaces? [ 995.851735][T12757] usb 9-1: string descriptor 0 read error: -22 [ 995.878707][T12757] usb 9-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 995.914541][T12757] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 995.971557][T12757] usb 9-1: config 0 descriptor?? [ 996.156496][T12802] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2355'. [ 996.257023][T12757] usb 9-1: USB disconnect, device number 2 [ 998.479500][T12823] nbd1: detected capacity change from 0 to 64 [ 998.535303][T11779] block nbd1: Receive control failed (result -32) [ 998.799764][T11018] block nbd1: Dead connection, failed to find a fallback [ 998.853825][T11018] block nbd1: shutting down sockets [ 998.911720][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 998.994832][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 999.055981][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 999.162035][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 999.211244][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 999.249802][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 999.279581][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 999.344047][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 999.419940][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 999.472927][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 999.521468][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 999.599750][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 999.649863][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 999.727587][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 999.800797][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 999.868734][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 999.925665][T11018] ldm_validate_partition_table(): Disk read failed. [ 999.954150][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1000.017378][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 1000.072484][T11018] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1000.131555][T11018] Buffer I/O error on dev nbd1, logical block 0, async page read [ 1000.178751][T11018] Dev nbd1: unable to read RDB block 0 [ 1000.214686][T11018] nbd1: unable to read partition table [ 1000.298989][T11018] ldm_validate_partition_table(): Disk read failed. [ 1000.348412][T11018] Dev nbd1: unable to read RDB block 0 [ 1000.382780][T11018] nbd1: unable to read partition table [ 1002.757173][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.831377][T12888] loop7: detected capacity change from 0 to 164 [ 1004.130953][T12890] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2388'. [ 1006.197690][T12910] loop7: detected capacity change from 0 to 512 [ 1007.177857][T12913] loop2: detected capacity change from 0 to 2048 [ 1007.298237][T12913] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1007.334507][T12917] loop4: detected capacity change from 0 to 2048 [ 1007.422548][T12913] UDF-fs: error (device loop2): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 1007.568979][T12917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1008.450388][ T81] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 1008.533081][ T81] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 1008.583846][ T81] EXT4-fs (loop4): This should not happen!! Data will be lost [ 1008.583846][ T81] [ 1008.651015][ T81] EXT4-fs (loop4): Total free blocks count 0 [ 1008.696766][ T81] EXT4-fs (loop4): Free/Dirty block details [ 1008.735417][ T81] EXT4-fs (loop4): free_blocks=4096 [ 1008.784816][ T81] EXT4-fs (loop4): dirty_blocks=128 [ 1008.812375][ T81] EXT4-fs (loop4): Block reservation details [ 1008.851382][ T81] EXT4-fs (loop4): i_reserved_data_blocks=8 [ 1008.915184][ T55] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 108 with error 28 [ 1009.047843][ T7908] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 1010.331955][T12945] loop7: detected capacity change from 0 to 1024 [ 1010.376565][T12945] EXT4-fs: Ignoring removed orlov option [ 1010.556535][T12945] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1010.679979][T12945] EXT4-fs (loop7): shut down requested (2) [ 1011.103325][T10821] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1012.511285][T12973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2414'. [ 1013.864636][T12986] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2418'. [ 1013.920436][T12986] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2418'. [ 1015.544791][T13010] loop7: detected capacity change from 0 to 2048 [ 1015.689665][T13014] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1017.290804][T13030] netlink: 'syz.4.2432': attribute type 8 has an invalid length. [ 1017.402062][T13033] program syz.2.2433 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1018.478185][T13043] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2437'. [ 1018.617865][T13043] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2437'. [ 1020.233492][T13060] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2445'. [ 1021.216743][T13074] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2450'. [ 1021.880130][T13077] sg_write: data in/out 404444/42 bytes for SCSI command 0x0-- guessing data in; [ 1021.880130][T13077] program syz.4.2451 not setting count and/or reply_len properly [ 1023.013347][T13090] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2455'. [ 1023.495638][T13097] netlink: 220 bytes leftover after parsing attributes in process `syz.7.2458'. [ 1023.542304][T13097] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2458'. [ 1025.091782][T13115] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2464'. [ 1025.299654][ T4869] Bluetooth: hci2: command 0x0405 tx timeout [ 1028.111480][T13149] loop8: detected capacity change from 0 to 1024 [ 1028.232787][T13149] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002] [ 1028.278313][T13149] System zones: 0-1, 3-8 [ 1028.388439][T13149] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1028.476955][T13149] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1028.745524][ T29] audit: type=1800 audit(2000000045.400:31): pid=13149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2478" name="file1" dev="loop8" ino=15 res=0 errno=0 [ 1028.919574][T13154] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 1029.345835][T12303] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1031.042148][T13179] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1031.400458][T13187] netlink: 'syz.2.2490': attribute type 12 has an invalid length. [ 1031.432704][T13187] netlink: 'syz.2.2490': attribute type 29 has an invalid length. [ 1031.462370][T13187] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2490'. [ 1031.478595][T13187] netlink: 'syz.2.2490': attribute type 3 has an invalid length. [ 1031.502471][T13187] netlink: 'syz.2.2490': attribute type 2 has an invalid length. [ 1031.515349][T13187] netlink: 35 bytes leftover after parsing attributes in process `syz.2.2490'. [ 1031.800918][T13191] fuse: Bad value for 'fd' [ 1032.340061][T13195] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 1032.386753][T13195] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 1032.436189][T13195] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 1032.642503][T13195] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 1032.673212][T13200] loop4: detected capacity change from 0 to 8 [ 1034.102446][T13205] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1034.133424][T13205] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1034.212980][T13205] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1034.251548][T13205] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1034.355604][T13205] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1034.385952][T13205] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1034.469637][T13205] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1034.492388][T13205] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1034.644330][T13205] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1035.035130][ T29] audit: type=1326 audit(2000000051.690:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.7.2502" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9400c code=0x7ffc0000 [ 1035.157834][ T29] audit: type=1326 audit(2000000051.720:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13221 comm="syz.7.2502" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9400c code=0x7ffc0000 [ 1035.379559][T11779] Bluetooth: hci4: command 0x0406 tx timeout [ 1036.259479][T11779] Bluetooth: hci1: command 0x0406 tx timeout [ 1036.423327][T11779] Bluetooth: hci2: command 0x0405 tx timeout [ 1036.499396][T11779] Bluetooth: hci3: command 0x0c1a tx timeout [ 1037.103072][T13249] netlink: 14 bytes leftover after parsing attributes in process `syz.7.2513'. [ 1037.459775][T11779] Bluetooth: hci4: command 0x0406 tx timeout [ 1037.549959][T13249] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1037.721003][T13249] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1037.850993][T13249] bond0 (unregistering): Released all slaves [ 1038.339699][T11779] Bluetooth: hci1: command 0x0406 tx timeout [ 1038.510292][T11779] Bluetooth: hci2: command 0x0405 tx timeout [ 1038.582072][T11779] Bluetooth: hci3: command 0x0c1a tx timeout [ 1040.287520][T13282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2527'. [ 1040.343975][T13282] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2527'. [ 1040.659531][T11779] Bluetooth: hci3: command 0x0c1a tx timeout [ 1041.935996][T13300] loop8: detected capacity change from 0 to 512 [ 1042.022086][T13300] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1042.082540][T13300] EXT4-fs (loop8): blocks per group (34) and clusters per group (32768) inconsistent [ 1044.145971][T13324] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 1044.598392][T13329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2549'. [ 1044.651389][T13329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2549'. [ 1045.012420][T13334] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2551'. [ 1045.236302][T13337] loop7: detected capacity change from 0 to 256 [ 1046.686102][T13353] netlink: 540 bytes leftover after parsing attributes in process `syz.4.2560'. [ 1047.121659][T13357] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2562'. [ 1048.980666][T13382] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2574'. [ 1049.235823][T13383] dvmrp6: entered allmulticast mode [ 1049.727643][T13391] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2578'. [ 1050.665141][T13405] loop8: detected capacity change from 0 to 128 [ 1050.771401][ T36] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 1050.812092][T13405] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1050.842006][T13409] netlink: 'syz.2.2585': attribute type 2 has an invalid length. [ 1050.872660][T13405] ext4 filesystem being mounted at /45/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1050.961534][ T36] usb 5-1: Using ep0 maxpacket: 8 [ 1051.017583][ T36] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 1051.103942][ T36] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1051.155890][ T36] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1051.181484][ T36] usb 5-1: SerialNumber: syz [ 1051.433315][T12303] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1051.927241][ T36] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 1052.156777][ T36] usb 5-1: USB disconnect, device number 17 [ 1052.186877][T13422] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 1052.272130][T13422] overlayfs: NFS export requires an index dir, falling back to nfs_export=off. [ 1053.933751][T13439] dvmrp1: entered allmulticast mode [ 1053.953357][T13441] dvmrp1: left allmulticast mode [ 1054.632085][T13446] GUP no longer grows the stack in syz.7.2602 (13446): 80004000-80005000 (80001000) [ 1054.674317][T13446] CPU: 0 UID: 0 PID: 13446 Comm: syz.7.2602 Tainted: G W L syzkaller #0 PREEMPT(full) [ 1054.674528][T13446] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1054.674589][T13446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1054.674678][T13446] Call Trace: [ 1054.674732][T13446] [ 1054.674784][T13446] __dump_stack+0x26/0x30 [ 1054.674962][T13446] dump_stack_lvl+0x14c/0x1c0 [ 1054.675133][T13446] dump_stack+0x1e/0x25 [ 1054.675293][T13446] __get_user_pages+0x51d7/0x6260 [ 1054.675521][T13446] ? ktime_get+0x545/0x5a0 [ 1054.675736][T13446] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.675935][T13446] ? kmsan_get_metadata+0xf1/0x160 [ 1054.676144][T13446] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1054.676353][T13446] __gup_longterm_locked+0x1862/0x2660 [ 1054.676536][T13446] ? gup_fast_fallback+0xf11/0x3e40 [ 1054.676717][T13446] ? filter_irq_stacks+0x49/0x190 [ 1054.676869][T13446] ? stack_depot_save_flags+0x35/0x790 [ 1054.677083][T13446] ? kmsan_get_metadata+0xf1/0x160 [ 1054.677282][T13446] ? kmsan_get_metadata+0xf1/0x160 [ 1054.677460][T13446] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.677645][T13446] ? kmsan_get_metadata+0xf1/0x160 [ 1054.677822][T13446] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.678040][T13446] gup_fast_fallback+0x35ed/0x3e40 [ 1054.678330][T13446] get_user_pages_fast+0xb7/0x120 [ 1054.678499][T13446] __iov_iter_get_pages_alloc+0x982/0x1370 [ 1054.678704][T13446] ? stack_depot_init+0xf0/0x1a0 [ 1054.678871][T13446] ? kmsan_get_metadata+0xf1/0x160 [ 1054.679081][T13446] iov_iter_get_pages2+0xa9/0xf0 [ 1054.679269][T13446] __se_sys_vmsplice+0xdc4/0x2f70 [ 1054.679439][T13446] ? futex_wake+0x892/0x920 [ 1054.679616][T13446] ? kmsan_get_metadata+0xf1/0x160 [ 1054.679788][T13446] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.679970][T13446] ? kmsan_get_metadata+0xf1/0x160 [ 1054.680141][T13446] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1054.680315][T13446] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1054.680468][T13446] ? kmsan_get_metadata+0xf1/0x160 [ 1054.680643][T13446] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.680854][T13446] __ia32_sys_vmsplice+0xb8/0x110 [ 1054.681007][T13446] ia32_sys_call+0x358b/0x4360 [ 1054.681226][T13446] __do_fast_syscall_32+0x180/0x460 [ 1054.681435][T13446] do_fast_syscall_32+0x37/0x80 [ 1054.681621][T13446] do_SYSENTER_32+0x1f/0x30 [ 1054.681794][T13446] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1054.681958][T13446] RIP: 0023:0xf7f9400c [ 1054.682070][T13446] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8 [ 1054.682212][T13446] RSP: 002b:00000000f545650c EFLAGS: 00000206 ORIG_RAX: 000000000000013c [ 1054.682335][T13446] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140 [ 1054.682442][T13446] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 1054.682551][T13446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1054.682632][T13446] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1054.682713][T13446] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1054.682833][T13446] [ 1055.956804][T13458] loop8: detected capacity change from 0 to 512 [ 1056.086191][T13458] EXT4-fs error (device loop8): ext4_map_blocks:791: inode #11: block 327694: comm syz.8.2606: lblock 0 mapped to illegal pblock 327694 (length 1) [ 1056.101711][T13458] loop8: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1056.107554][T13458] ------------[ cut here ]------------ [ 1056.117199][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 1056.117294][ C1] EXT4-fs (loop8): initial error at time 2000000328: ext4_map_blocks:791: inode 11: block 327694 [ 1056.117502][ C1] EXT4-fs (loop8): last error at time 2000000328: ext4_map_blocks:791: inode 11: block 327694 [ 1056.154027][T13458] EA inode 11 i_nlink=2 [ 1056.154131][T13458] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x7a2/0x880, CPU#1: syz.8.2606/13458 [ 1056.169668][T13458] Modules linked in: [ 1056.173815][T13458] CPU: 1 UID: 0 PID: 13458 Comm: syz.8.2606 Tainted: G W L syzkaller #0 PREEMPT(full) [ 1056.185183][T13458] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1056.191266][T13458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1056.201704][T13458] RIP: 0010:ext4_xattr_inode_update_ref+0x81c/0x880 [ 1056.208627][T13458] Code: 06 00 00 44 89 ab 70 09 00 00 48 c7 83 80 0c 00 00 00 00 00 00 4d 85 f6 75 46 45 85 ff 75 55 48 8b 7d c0 48 8b 75 d0 8b 55 b8 <67> 48 0f b9 3a e9 d3 fc ff ff 44 89 e7 e8 f2 db 52 ff 89 c7 e8 0b [ 1056.230602][T13458] RSP: 0018:ffff888032067128 EFLAGS: 00010246 [ 1056.236975][T13458] RAX: 0000000000000000 RBX: ffff888048842d00 RCX: 0000000000aa83ea [ 1056.246608][T13458] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff92d436b0 [ 1056.254952][T13458] RBP: ffff8880320671b0 R08: ffffea000000000f R09: 0000000000000000 [ 1056.263400][T13458] R10: ffff888031867070 R11: ffffffff81ddb9c0 R12: 0000000000000000 [ 1056.271732][T13458] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1056.280062][T13458] FS: 0000000000000000(0000) GS:ffff8881aa710000(0063) knlGS:00000000f54adb40 [ 1056.289362][T13458] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 1056.296163][T13458] CR2: 00000000f53faff4 CR3: 0000000047e4c000 CR4: 00000000003526f0 [ 1056.304508][T13458] Call Trace: [ 1056.307938][T13458] [ 1056.311157][T13458] ext4_xattr_inode_dec_ref_all+0x1011/0x17b0 [ 1056.317533][T13458] ? errseq_check+0x6f/0xd0 [ 1056.323866][T13458] ext4_xattr_delete_inode+0xd14/0x14c0 [ 1056.330159][T13458] ? ext4_truncate+0x178d/0x1c10 [ 1056.335479][T13458] ? __ext4_mark_inode_dirty+0x72e/0x9a0 [ 1056.342490][T13458] ext4_evict_inode+0x202b/0x2730 [ 1056.347885][T13458] ? __pfx_ext4_evict_inode+0x10/0x10 [ 1056.353730][T13458] evict+0x69b/0xc90 [ 1056.357945][T13458] ? kmsan_get_metadata+0xf1/0x160 [ 1056.363527][T13458] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1056.370337][T13458] iput+0x84b/0xca0 [ 1056.374442][T13458] ext4_process_orphan+0x49a/0x520 [ 1056.380142][T13458] ext4_orphan_cleanup+0x108a/0x1e10 [ 1056.385793][T13458] ext4_fill_super+0xa699/0xafa0 [ 1056.391268][T13458] ? sb_set_blocksize+0x24e/0x390 [ 1056.396668][T13458] get_tree_bdev_flags+0x6e6/0x920 [ 1056.402224][T13458] ? __pfx_ext4_fill_super+0x10/0x10 [ 1056.407799][T13458] ? __pfx_ext4_fill_super+0x10/0x10 [ 1056.413531][T13458] ? __pfx_ext4_get_tree+0x10/0x10 [ 1056.418918][T13458] get_tree_bdev+0x38/0x50 [ 1056.425077][T13458] ext4_get_tree+0x35/0x40 [ 1056.430283][T13458] vfs_get_tree+0xb3/0x5d0 [ 1056.435013][T13458] do_new_mount+0x885/0x1dd0 [ 1056.440801][T13458] ? apparmor_capable+0x2a2/0x380 [ 1056.447026][T13458] ? kmsan_get_metadata+0xf1/0x160 [ 1056.452563][T13458] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1056.458731][T13458] path_mount+0x7a2/0x20b0 [ 1056.463636][T13458] ? user_path_at+0x1fc/0x330 [ 1056.468610][T13458] __se_sys_mount+0x704/0x7f0 [ 1056.474098][T13458] __ia32_sys_mount+0xe2/0x150 [ 1056.479390][T13458] ia32_sys_call+0x27fe/0x4360 [ 1056.484465][T13458] __do_fast_syscall_32+0x180/0x460 [ 1056.490100][T13458] do_fast_syscall_32+0x37/0x80 [ 1056.495239][T13458] do_SYSENTER_32+0x1f/0x30 [ 1056.500393][T13458] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1056.507062][T13458] RIP: 0023:0xf70bf00c [ 1056.511600][T13458] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8 [ 1056.533106][T13458] RSP: 002b:00000000f54ad360 EFLAGS: 00000206 ORIG_RAX: 0000000000000015 [ 1056.542311][T13458] RAX: ffffffffffffffda RBX: 00000000f54ad3c0 RCX: 00000000800001c0 [ 1056.551404][T13458] RDX: 0000000080000080 RSI: 0000000000800718 RDI: 00000000f54ad400 [ 1056.560722][T13458] RBP: 00000000f54ad3c0 R08: 0000000000000000 R09: 0000000000000000 [ 1056.569161][T13458] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1056.577332][T13458] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1056.589811][T13458] [ 1056.594049][T13458] ---[ end trace 0000000000000000 ]--- [ 1056.622823][T13458] EXT4-fs (loop8): 1 orphan inode deleted [ 1056.666097][T13458] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1056.685066][T13467] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1057.278728][T12303] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1058.569734][ T36] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 1058.764189][ T36] usb 5-1: Using ep0 maxpacket: 16 [ 1058.832475][ T36] usb 5-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1058.853261][ T36] usb 5-1: config 0 interface 0 altsetting 64 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1058.911320][ T36] usb 5-1: config 0 interface 0 has no altsetting 0 [ 1058.953551][ T36] usb 5-1: New USB device found, idVendor=04b4, idProduct=de64, bcdDevice= 0.00 [ 1058.989774][ T36] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1059.067393][ T36] usb 5-1: config 0 descriptor?? [ 1059.565431][T13494] program syz.8.2622 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1059.594596][ T36] cypress 0003:04B4:DE64.000F: unexpected long global item [ 1059.672781][ T36] cypress 0003:04B4:DE64.000F: parse failed [ 1059.687561][ T36] cypress 0003:04B4:DE64.000F: probe with driver cypress failed with error -22 [ 1059.779679][ T36] usb 5-1: USB disconnect, device number 18 [ 1060.898468][T13506] 9p: Bad value for 'rfdno' [ 1062.730407][T13531] loop4: detected capacity change from 0 to 512 [ 1062.957848][T13531] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1063.070460][T13531] ext4 filesystem being mounted at /392/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 1063.216865][ T29] audit: type=1800 audit(2000000335.872:34): pid=13531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2640" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1063.370130][ T29] audit: type=1800 audit(2000000335.932:35): pid=13531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2640" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 1063.755212][ T7908] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1064.134769][T13547] loop7: detected capacity change from 0 to 1024 [ 1064.195441][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 1065.597881][T13560] loop4: detected capacity change from 0 to 8 [ 1065.750405][T13563] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2653'. [ 1065.770352][T13560] SQUASHFS error: Unable to read inode 0xa7 [ 1065.818129][T13563] netlink: 'syz.0.2653': attribute type 1 has an invalid length. [ 1065.840347][T13563] netlink: 'syz.0.2653': attribute type 2 has an invalid length. [ 1065.887197][T13563] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2653'. [ 1067.085459][T13580] input: syz1 as /devices/virtual/input/input18 [ 1067.570240][T13585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2662'. [ 1067.634644][T13585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2662'. [ 1069.240429][T13602] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2670'. [ 1071.020241][T13627] loop4: detected capacity change from 0 to 512 [ 1071.194467][T13627] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1071.251079][T13627] ext4 filesystem being mounted at /399/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1071.349978][T13627] EXT4-fs error (device loop4): __ext4_add_entry:2412: inode #12: comm syz.4.2679: Directory hole found for htree leaf block 0 [ 1071.922899][ T7908] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1072.785775][T13644] dvmrp1: entered allmulticast mode [ 1072.838374][T13645] dvmrp1: left allmulticast mode [ 1073.751978][T13653] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2691'. [ 1077.633839][T13692] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 1077.961041][T13697] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2713'. [ 1078.308079][T13695] loop8: detected capacity change from 0 to 4096 [ 1078.483302][T13705] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1079.688881][ T29] audit: type=1326 audit(2000000352.342:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13709 comm="syz.7.2720" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f9400c code=0x7ffc0000 [ 1079.806243][ T29] audit: type=1326 audit(2000000352.352:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13709 comm="syz.7.2720" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9400c code=0x7ffc0000 [ 1079.925706][ T29] audit: type=1326 audit(2000000352.352:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13709 comm="syz.7.2720" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9400c code=0x7ffc0000 [ 1080.041544][ T29] audit: type=1326 audit(2000000352.392:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13709 comm="syz.7.2720" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7f9400c code=0x7ffc0000 [ 1080.520670][T13721] loop4: detected capacity change from 0 to 256 [ 1080.609360][T13721] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1081.328794][T13728] sctp: [Deprecated]: syz.2.2728 (pid 13728) Use of int in maxseg socket option. [ 1081.328794][T13728] Use struct sctp_assoc_value instead [ 1082.097644][T13735] loop8: detected capacity change from 0 to 4096 [ 1082.186540][ T5679] syz2: Port: 1 Link DOWN [ 1082.201569][T13735] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512). [ 1082.240209][ T539] smbdirect: ib_dev[syz2] removed [ 1082.367177][T13741] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 1082.688706][ T14] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1082.759363][ T14] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1083.011616][ T14] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1083.078952][ T14] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1083.222223][T13745] loop7: detected capacity change from 0 to 512 [ 1083.320293][T13745] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1083.376514][T13745] EXT4-fs (loop7): blocks per group (34) and clusters per group (32768) inconsistent [ 1083.386943][ T14] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1083.387150][ T14] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1083.667549][ T14] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1083.734581][ T14] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1084.320878][ T14] bridge_slave_1: left allmulticast mode [ 1084.326835][ T14] bridge_slave_1: left promiscuous mode [ 1084.335231][ T14] bridge0: port 2(bridge_slave_1) entered disabled state [ 1084.402856][ T14] bridge_slave_0: left allmulticast mode [ 1084.444357][ T14] bridge_slave_0: left promiscuous mode [ 1084.472867][ T14] bridge0: port 1(bridge_slave_0) entered disabled state [ 1085.236881][ T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1085.265474][ T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1085.283995][ T14] bond0 (unregistering): Released all slaves [ 1085.628831][ T14] tipc: Disabling bearer [ 1085.653739][ T14] tipc: Left network mode [ 1086.429771][T13757] loop8: detected capacity change from 0 to 4096 [ 1086.503004][T13757] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512). [ 1086.774043][ T14] hsr_slave_0: left promiscuous mode [ 1086.854148][ T4869] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1086.874127][ T4869] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1086.883590][ T4869] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1086.903882][ T4869] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1086.918285][ T4869] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1086.980234][ T14] hsr_slave_1: left promiscuous mode [ 1087.033730][T13757] ntfs3(loop8): Failed to initialize $Extend/$ObjId. [ 1087.086234][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1087.145059][ T14] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1087.216990][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1087.278432][ T14] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1087.480352][ T14] veth1_macvtap: left promiscuous mode [ 1087.522682][ T14] veth0_macvtap: left promiscuous mode [ 1087.572740][ T14] veth1_vlan: left promiscuous mode [ 1087.604421][ T14] veth0_vlan: left promiscuous mode [ 1088.032413][T13774] loop7: detected capacity change from 0 to 512 [ 1088.104641][T13774] EXT4-fs: Ignoring removed oldalloc option [ 1088.158813][T13774] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 1088.327330][T13774] EXT4-fs (loop7): 1 truncate cleaned up [ 1088.419328][T13774] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1088.640688][T13774] fscrypt (loop7, inode 18): Unsupported encryption flags (0x08) [ 1088.764733][T13782] loop8: detected capacity change from 0 to 1024 [ 1088.982480][ T4869] Bluetooth: hci4: command tx timeout [ 1089.177104][T10821] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1091.061019][ T4869] Bluetooth: hci4: command tx timeout [ 1091.527968][ T14] team0 (unregistering): Port device team_slave_1 removed [ 1091.714911][ T14] team0 (unregistering): Port device team_slave_0 removed [ 1092.896767][ T5226] 8021q: adding VLAN 0 to HW filter on device eth18 [ 1093.145675][ T4869] Bluetooth: hci4: command tx timeout [ 1093.761111][ T14] IPVS: stop unused estimator thread 0... [ 1095.221874][ T4869] Bluetooth: hci4: command tx timeout [ 1095.478886][T13845] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2768'. [ 1095.625830][T13845] ip6gre1: entered promiscuous mode [ 1095.650906][T13845] ip6gre1: entered allmulticast mode [ 1097.616074][T13875] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2777'. [ 1098.525825][ T5226] 8021q: adding VLAN 0 to HW filter on device eth17 [ 1099.035246][T13893] loop8: detected capacity change from 0 to 64 [ 1099.249842][ T29] audit: type=1800 audit(2000000371.902:40): pid=13893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2782" name="file2" dev="loop8" ino=22 res=0 errno=0 [ 1099.675384][T13765] bridge0: port 1(bridge_slave_0) entered blocking state [ 1099.718418][T13765] bridge0: port 1(bridge_slave_0) entered disabled state [ 1099.756670][T13765] bridge_slave_0: entered allmulticast mode [ 1099.803169][T13765] bridge_slave_0: entered promiscuous mode [ 1099.888161][T13765] bridge0: port 2(bridge_slave_1) entered blocking state [ 1099.922181][T13765] bridge0: port 2(bridge_slave_1) entered disabled state [ 1099.970033][T13765] bridge_slave_1: entered allmulticast mode [ 1100.052234][T13765] bridge_slave_1: entered promiscuous mode [ 1100.498483][T13905] loop7: detected capacity change from 0 to 2048 [ 1100.591651][T13765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1100.596150][T13905] UDF-fs: error (device loop7): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1100.704479][T13905] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found [ 1100.708245][T13765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1100.770974][T13905] UDF-fs: Scanning with blocksize 512 failed [ 1100.895947][T13905] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1101.348346][T13765] team0: Port device team_slave_0 added [ 1101.475442][T13765] team0: Port device team_slave_1 added [ 1101.695283][T13905] ptrace attach of "ci-upstream-kmsan-gce-386-root/syz-executor exec"[10821] was attempted by "+íëÒúÄè™ñçz¯ÿ¹m§¬}9\x22~;»&o¾Öxª”þzÛ\x1bˆ\x22¾“¯ÿ÷'{= `_¨Dß?úM+EŠˆ±ˆéèäíb¯G\x07 ”R§\x22Å}c }{5\x22¾®•\x22þwm«½1 |¥\x22.GŠ¿×JÕˆ¸Z½sàéCÕ£‡GÞ*¢ˆT–ôÖ¿1yîdíÔÂüâÒìòòìLmªÙ¸°03»Ó§\x1b8Ýh^¹:5>ñHVf[ƒxüƒ§ßYj\x5cúÕ»Þpàäùå•¥ú…»ßƒÑ1Ô;çH{ÀSãíAÏ5êÍö¢© [ 1101.815000][T13765] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1101.987112][T13765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1102.058201][T13765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1102.176800][T13765] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1102.219785][T13765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1102.333190][T13765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1103.125571][T13765] hsr_slave_0: entered promiscuous mode [ 1103.182629][T13765] hsr_slave_1: entered promiscuous mode [ 1103.230132][T13765] debugfs: 'hsr0' already exists in 'hsr' [ 1103.267476][T13765] Cannot create hsr debugfs directory [ 1104.466099][T13945] loop8: detected capacity change from 0 to 1024 [ 1104.631536][ T29] audit: type=1800 audit(2000000377.292:41): pid=13945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2799" name="file1" dev="loop8" ino=20 res=0 errno=0 [ 1104.921601][ T5226] 8021q: adding VLAN 0 to HW filter on device eth19 [ 1105.825766][T13957] loop7: detected capacity change from 0 to 64 [ 1105.907986][T13765] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1106.068660][T13765] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1106.117986][T13765] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1106.240803][T13765] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1106.289779][T13765] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1106.388512][T13765] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1106.452771][T13765] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1106.532850][T13765] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1108.017998][T13978] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2807'. [ 1108.224658][T13978] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1108.298820][T13978] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1108.395017][T13978] bond0 (unregistering): Released all slaves [ 1108.798547][T13765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1109.117315][T13765] 8021q: adding VLAN 0 to HW filter on device team0 [ 1109.283887][T10799] bridge0: port 1(bridge_slave_0) entered blocking state [ 1109.291574][T10799] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1109.485634][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 1109.493505][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1112.636912][ T5226] 8021q: adding VLAN 0 to HW filter on device eth20 [ 1113.566015][T14039] vcan0: tx address claim with different name [ 1115.530151][T13765] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1116.797876][T14078] netlink: 'syz.8.2839': attribute type 1 has an invalid length. [ 1117.656484][T14088] Bluetooth: MGMT ver 1.23 [ 1118.492223][T13765] veth0_vlan: entered promiscuous mode [ 1118.606446][T13765] veth1_vlan: entered promiscuous mode [ 1119.073328][T13765] veth0_macvtap: entered promiscuous mode [ 1119.262986][T13765] veth1_macvtap: entered promiscuous mode [ 1119.569720][T13765] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1119.694674][T13765] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1119.783707][ T29] audit: type=1326 audit(2000000392.442:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1119.862451][ T29] audit: type=1326 audit(2000000392.512:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1119.966578][ T81] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1120.036768][ T29] audit: type=1326 audit(2000000392.552:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1120.104342][ T81] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1120.147556][ T81] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1120.213491][ T29] audit: type=1326 audit(2000000392.572:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1120.274540][ T81] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1120.369479][ T29] audit: type=1326 audit(2000000392.612:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1120.530345][ T29] audit: type=1326 audit(2000000392.622:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=401 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1120.631948][T14116] loop8: detected capacity change from 0 to 128 [ 1120.689587][ T29] audit: type=1326 audit(2000000392.622:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1120.827386][ T4869] Bluetooth: hci3: Malformed Event: 0x13 [ 1120.882078][ T29] audit: type=1326 audit(2000000392.612:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1121.041893][ T29] audit: type=1326 audit(2000000392.642:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1121.173786][ T29] audit: type=1326 audit(2000000392.622:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.2.2853" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1121.881053][T14126] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2859'. [ 1121.941804][T14126] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2859'. [ 1123.238214][T14141] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1123.707505][T14141] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1124.079870][T14141] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1124.387404][T14141] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1124.908904][ T55] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.162135][ T5712] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.305297][T10834] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.328344][T14164] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2868'. [ 1125.452528][ T14] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.636040][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 1126.235539][T14171] loop8: detected capacity change from 0 to 256 [ 1126.327558][T14171] exfat: Deprecated parameter 'utf8' [ 1126.532225][T14171] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1127.522482][T14185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2873'. [ 1128.569900][T14197] loop7: detected capacity change from 0 to 1024 [ 1129.192655][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1129.268691][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1129.723821][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1129.766871][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1131.386779][T14226] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2738'. [ 1132.492558][T14241] overlay: filesystem on ./file0 is read-only [ 1133.448061][T14252] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2894'. [ 1133.707492][T14254] loop9: detected capacity change from 0 to 1024 [ 1134.669655][ T4891] kernel write not supported for file bpf-map (pid: 4891 comm: kworker/0:2) [ 1135.594805][T14280] loop9: detected capacity change from 0 to 512 [ 1135.675259][T14280] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 1135.800614][T14280] EXT4-fs (loop9): 1 truncate cleaned up [ 1135.925365][T14280] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1136.533331][T13765] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1137.499617][ T4891] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 1137.709511][ T4891] usb 10-1: Using ep0 maxpacket: 32 [ 1137.771447][ T4891] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1137.825948][ T4891] usb 10-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 1137.895835][ T4891] usb 10-1: config 0 interface 0 has no altsetting 0 [ 1137.940273][ T4891] usb 10-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1137.996045][ T4891] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1138.058082][ T4891] usb 10-1: Product: syz [ 1138.069212][ T4891] usb 10-1: Manufacturer: syz [ 1138.083812][ T4891] usb 10-1: SerialNumber: syz [ 1138.144452][ T4891] usb 10-1: config 0 descriptor?? [ 1138.695826][ T4891] gs_usb 10-1:0.0: Configuring for 240 interfaces [ 1138.937572][ T4891] gs_usb 10-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 1138.992537][ T4891] gs_usb 10-1:0.0: probe with driver gs_usb failed with error -22 [ 1139.178717][T12757] usb 10-1: USB disconnect, device number 2 [ 1139.697684][T14328] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2921'. [ 1139.731144][T14328] netlink: 580 bytes leftover after parsing attributes in process `syz.0.2921'. [ 1139.765981][T14328] netlink: 88 bytes leftover after parsing attributes in process `syz.0.2921'. [ 1139.822276][T14328] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2921'. [ 1141.467824][ C0] vcan0: j1939_tp_rxtimer: 0xffff888047f54600: rx timeout, send abort [ 1141.979932][ C0] vcan0: j1939_tp_rxtimer: 0xffff888047f54600: abort rx timeout. Force session deactivation [ 1143.146390][T14372] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2935'. [ 1144.237650][T14381] overlayfs: invalid origin (0000) [ 1145.578904][T14395] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2943'. [ 1146.153412][T14403] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2945'. [ 1147.999753][T14428] Invalid ELF header len 7 [ 1149.587805][T14448] macvtap1: entered allmulticast mode [ 1149.623592][T14448] dummy0: entered allmulticast mode [ 1149.643534][T14448] dummy0: entered promiscuous mode [ 1149.725751][T14448] dummy0: left allmulticast mode [ 1149.868854][ T4891] dummy0: left promiscuous mode [ 1149.915404][T14450] loop9: detected capacity change from 0 to 2048 [ 1150.046002][T14450] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1150.197979][T14452] loop7: detected capacity change from 0 to 2048 [ 1150.386774][T14452] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1150.877189][T14458] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2969'. [ 1151.385638][T14462] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2971'. [ 1151.440241][T14462] netlink: 200 bytes leftover after parsing attributes in process `syz.9.2971'. [ 1152.263908][T14470] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2975'. [ 1152.469381][T14470] gretap0: entered promiscuous mode [ 1152.541898][T14470] macvtap1: entered promiscuous mode [ 1152.581277][T14470] macvtap1: entered allmulticast mode [ 1152.615598][T14470] gretap0: entered allmulticast mode [ 1154.453565][T14498] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2988'. [ 1155.305137][T14509] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2993'. [ 1155.370208][T14509] netlink: 190 bytes leftover after parsing attributes in process `syz.7.2993'. [ 1155.978172][T14516] loop9: detected capacity change from 0 to 256 [ 1158.567515][T14546] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3009'. [ 1158.731997][T14546] erspan0: entered promiscuous mode [ 1159.697678][T14552] loop7: detected capacity change from 0 to 256 [ 1159.821905][T14552] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1160.052141][T14556] exFAT-fs (loop7): start_clu is invalid cluster(0xffffffff) [ 1160.099849][T14556] exFAT-fs (loop7): failed to test cluster bit(11) [ 1160.908603][T14561] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3016'. [ 1161.409862][T14566] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3018'. [ 1163.879949][T14592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3032'. [ 1164.287335][T14590] loop7: detected capacity change from 0 to 4096 [ 1164.375858][T14590] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1164.406034][T14590] EXT4-fs (loop7): shut down requested (2) [ 1164.830207][T10821] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1164.934590][T14602] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3036'. [ 1166.263781][T14616] netlink: 'syz.7.3042': attribute type 3 has an invalid length. [ 1166.339670][T14616] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3042'. [ 1170.306412][T14661] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3061'. [ 1170.423117][T14664] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3061'. [ 1171.757102][T14673] netlink: 71 bytes leftover after parsing attributes in process `syz.0.3066'. [ 1172.265338][T14678] batadv0: entered promiscuous mode [ 1172.321811][T14678] dummy0: entered promiscuous mode [ 1172.392883][T14678] hsr1: entered promiscuous mode [ 1172.419501][T14678] hsr1: entered allmulticast mode [ 1172.434841][T14678] batadv0: entered allmulticast mode [ 1172.469769][T14678] dummy0: entered allmulticast mode [ 1174.139936][T14694] loop7: detected capacity change from 0 to 256 [ 1174.290014][T14694] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 1175.025781][T14702] loop8: detected capacity change from 0 to 256 [ 1175.082925][T14702] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1175.167760][T14702] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1176.304763][T14714] tap0: tun_chr_ioctl cmd 1074025676 [ 1176.329759][T14714] tap0: owner set to 0 [ 1177.105432][T14721] netlink: 'syz.2.3085': attribute type 9 has an invalid length. [ 1177.411065][ T145] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1177.443045][ T145] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1177.504324][ T145] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1177.548907][ T145] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1178.104797][T14729] netlink: 'syz.2.3089': attribute type 83 has an invalid length. [ 1178.460635][T14733] loop8: detected capacity change from 0 to 1024 [ 1178.527349][T14733] EXT4-fs: Ignoring removed bh option [ 1178.625879][T14733] EXT4-fs (loop8): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1178.745841][T14733] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1179.536294][T14745] netlink: 144 bytes leftover after parsing attributes in process `syz.0.3096'. [ 1179.620031][T12303] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1179.691431][T11779] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1179.717121][T11779] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1179.735423][T11779] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1179.758157][T11779] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1179.776065][T11779] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1181.863038][ T4869] Bluetooth: hci5: command tx timeout [ 1182.525391][T10834] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.798728][T10834] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1183.110974][T10834] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1183.386548][T10834] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1183.943014][ T4869] Bluetooth: hci5: command tx timeout [ 1184.455921][T14795] mac80211_hwsim hwsim22 wlan0: entered promiscuous mode [ 1184.481792][T14795] macsec2: entered promiscuous mode [ 1184.505412][T14795] macsec2: entered allmulticast mode [ 1184.518334][T14795] mac80211_hwsim hwsim22 wlan0: entered allmulticast mode [ 1185.112129][T10834] bridge_slave_1: left allmulticast mode [ 1185.156581][T10834] bridge_slave_1: left promiscuous mode [ 1185.196714][T10834] bridge0: port 2(bridge_slave_1) entered disabled state [ 1185.234658][T10834] bridge_slave_0: left allmulticast mode [ 1185.259507][T10834] bridge_slave_0: left promiscuous mode [ 1185.268137][T10834] bridge0: port 1(bridge_slave_0) entered disabled state [ 1186.024837][ T4869] Bluetooth: hci5: command tx timeout [ 1186.207978][T10834] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1186.226964][T10834] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1186.265520][T10834] bond0 (unregistering): Released all slaves [ 1187.075305][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 1187.246686][T14821] loop8: detected capacity change from 0 to 256 [ 1187.877365][T10834] hsr_slave_0: left promiscuous mode [ 1187.951643][T10834] hsr_slave_1: left promiscuous mode [ 1188.002152][T10834] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1188.038820][T10834] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1188.082626][T10834] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1188.102276][ T4869] Bluetooth: hci5: command tx timeout [ 1188.142558][T10834] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1188.215943][T10834] veth1_macvtap: left promiscuous mode [ 1188.228451][T10834] veth0_macvtap: left promiscuous mode [ 1188.246790][T10834] veth1_vlan: left promiscuous mode [ 1188.284000][T10834] veth0_vlan: left promiscuous mode [ 1188.645680][T14835] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3130'. [ 1188.717887][T14835] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3130'. [ 1190.631218][T10834] team0 (unregistering): Port device team_slave_1 removed [ 1190.760413][T10834] team0 (unregistering): Port device team_slave_0 removed [ 1192.857574][T14877] fuse: Bad value for 'fd' [ 1193.727394][T14746] bridge0: port 1(bridge_slave_0) entered blocking state [ 1193.747472][T14746] bridge0: port 1(bridge_slave_0) entered disabled state [ 1193.765958][T14746] bridge_slave_0: entered allmulticast mode [ 1193.815859][T14746] bridge_slave_0: entered promiscuous mode [ 1193.881204][T14746] bridge0: port 2(bridge_slave_1) entered blocking state [ 1193.907753][T14746] bridge0: port 2(bridge_slave_1) entered disabled state [ 1193.943144][T14746] bridge_slave_1: entered allmulticast mode [ 1193.991660][T14746] bridge_slave_1: entered promiscuous mode [ 1194.407787][T14746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1194.493536][T14746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1194.889892][T14746] team0: Port device team_slave_0 added [ 1194.967570][T14746] team0: Port device team_slave_1 added [ 1195.394017][T14746] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1195.438802][T14746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1195.536772][T14746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1195.571761][T14746] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1195.579812][T14746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1195.707444][T14746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1196.492421][T14746] hsr_slave_0: entered promiscuous mode [ 1196.525040][T14746] hsr_slave_1: entered promiscuous mode [ 1196.570122][T14746] debugfs: 'hsr0' already exists in 'hsr' [ 1196.611204][T14746] Cannot create hsr debugfs directory [ 1197.033301][ T5226] 8021q: adding VLAN 0 to HW filter on device eth21 [ 1198.157847][T14933] loop7: detected capacity change from 0 to 8 [ 1198.366745][T14933] SQUASHFS error: Unable to read directory block [629:fe] [ 1199.639728][T14947] loop7: detected capacity change from 0 to 1024 [ 1199.708820][T14947] EXT4-fs: Ignoring removed bh option [ 1199.752010][T14947] EXT4-fs (loop7): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1199.868881][T14947] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1200.225491][T14959] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3170'. [ 1200.374299][T14959] veth0_macvtap: left promiscuous mode [ 1200.714874][T14746] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1200.833873][T14746] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1200.842075][T10821] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1200.893080][T14746] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1201.025003][T14746] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1201.094134][T14746] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1201.260531][T14746] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1201.331985][T14746] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1201.491572][T14746] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1203.015621][T14984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3180'. [ 1203.034808][T14984] netlink: 'syz.2.3180': attribute type 30 has an invalid length. [ 1203.074421][T14984] netlink: 'syz.2.3180': attribute type 29 has an invalid length. [ 1203.112149][T14984] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3180'. [ 1203.191650][T14746] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1203.478629][T14746] 8021q: adding VLAN 0 to HW filter on device team0 [ 1203.604914][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 1203.612988][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1203.827540][T10834] bridge0: port 2(bridge_slave_1) entered blocking state [ 1203.835240][T10834] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1204.999797][ T5226] 8021q: adding VLAN 0 to HW filter on device eth22 [ 1206.982775][ T4869] Bluetooth: hci5: command tx timeout [ 1208.299547][T15045] netlink: 'syz.8.3198': attribute type 27 has an invalid length. [ 1209.333639][T14746] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1209.333687][T15057] loop8: detected capacity change from 0 to 512 [ 1209.398107][T15057] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 1209.532309][T15057] EXT4-fs (loop8): 1 truncate cleaned up [ 1209.570905][T15057] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1210.375062][T14746] veth0_vlan: entered promiscuous mode [ 1210.443767][T12303] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1210.598235][T14746] veth1_vlan: entered promiscuous mode [ 1211.277127][T14746] veth0_macvtap: entered promiscuous mode [ 1211.361176][T14746] veth1_macvtap: entered promiscuous mode [ 1211.605029][T14746] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1211.863540][T14746] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1212.147266][ T539] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1212.176884][ T539] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1212.205868][ T539] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1212.257412][ T539] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1212.448085][ T5226] 8021q: adding VLAN 0 to HW filter on device eth23 [ 1214.262099][T15106] 9p: Bad value for 'rfdno' [ 1214.694971][T15112] Bluetooth: MGMT ver 1.23 [ 1216.391167][T15135] netlink: 'syz.2.3235': attribute type 1 has an invalid length. [ 1216.739645][ T4869] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 1216.819385][ T4869] Bluetooth: hci2: command 0x0405 tx timeout [ 1217.037236][T15135] bond1: entered promiscuous mode [ 1217.046054][T15139] loop8: detected capacity change from 0 to 2048 [ 1217.060863][T15135] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1218.772825][T15161] loop8: detected capacity change from 0 to 1024 [ 1218.843108][T15161] ext3: Unknown parameter 'noacl' [ 1220.117177][ T5226] 8021q: adding VLAN 0 to HW filter on device eth24 [ 1222.745540][T15207] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3247'. [ 1222.754749][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1222.754851][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1223.237081][ T145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1223.237199][ T145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1223.645834][T15213] batman_adv: batadv0: Adding interface: vlan2 [ 1223.645920][T15213] batman_adv: batadv0: The MTU of interface vlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1223.646093][T15213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1223.646462][T15213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1223.646530][T15213] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active [ 1224.769853][ T24] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 1224.931931][ T24] usb 2-1: Using ep0 maxpacket: 32 [ 1224.982116][ T24] usb 2-1: New USB device found, idVendor=047f, idProduct=c010, bcdDevice= 0.40 [ 1224.982282][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1224.982449][ T24] usb 2-1: Product: syz [ 1224.982552][ T24] usb 2-1: Manufacturer: syz [ 1224.982661][ T24] usb 2-1: SerialNumber: syz [ 1225.376427][ T24] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 1225.510488][ T24] usb 2-1: USB disconnect, device number 2 [ 1225.596280][T11036] udevd[11036]: setting owner of /dev/bus/usb/002/002 to uid=0, gid=0 failed: No such file or directory [ 1225.903332][T15233] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3256'. [ 1225.961182][T15233] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3256'. [ 1226.959811][T15242] loop7: detected capacity change from 0 to 512 [ 1226.995098][T15242] EXT4-fs: Ignoring removed nobh option [ 1227.095907][T15242] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -13 [ 1227.097741][T15242] EXT4-fs error (device loop7): ext4_clear_blocks:876: inode #13: comm syz.7.3260: attempt to clear invalid blocks 1 len 1 [ 1227.097918][T15242] loop7: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1227.109057][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 1227.109166][ C1] EXT4-fs (loop7): initial error at time 2000000513: ext4_clear_blocks:876: inode 13 [ 1227.109349][ C1] EXT4-fs (loop7): last error at time 2000000513: ext4_clear_blocks:876: inode 13 [ 1227.129727][T15242] EXT4-fs (loop7): Remounting filesystem read-only [ 1227.151924][T15242] EXT4-fs (loop7): 1 truncate cleaned up [ 1227.192230][T15242] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1227.898646][T10821] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1227.970162][T15250] batman_adv: batadv0: Adding interface: vlan2 [ 1227.970252][T15250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1227.970351][T15250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1227.970420][T15250] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active [ 1230.435791][T15278] loop7: detected capacity change from 0 to 256 [ 1232.729968][T15305] loop8: detected capacity change from 0 to 512 [ 1232.839755][T15305] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1233.037639][T15305] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1233.159651][T15305] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1233.980979][T12303] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1235.917997][T15343] loop1: detected capacity change from 0 to 128 [ 1235.950157][T15345] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3295'. [ 1236.042602][T15343] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1236.065553][T15345] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3295'. [ 1236.144448][T15343] hpfs: filesystem error: improperly stopped [ 1236.209242][T15343] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1236.271153][T15343] hpfs: You really don't want any checks? You are crazy... [ 1236.321199][T15343] hpfs: Code page index out of array [ 1236.352178][T15343] hpfs: code page support is disabled [ 1236.397496][T15343] hpfs: hpfs_map_4sectors(): unaligned read [ 1236.451801][T15343] hpfs: hpfs_map_4sectors(): unaligned read [ 1236.485494][T15343] hpfs: filesystem error: unable to find root dir [ 1237.945833][T15362] macvtap1: entered allmulticast mode [ 1237.976468][T15362] dummy0: entered allmulticast mode [ 1237.999832][T15362] dummy0: entered promiscuous mode [ 1238.165332][T15362] dummy0: left allmulticast mode [ 1238.327649][T12757] dummy0: left promiscuous mode [ 1239.416756][T15373] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1239.470460][T15373] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1239.586498][T15381] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3307'. [ 1240.140297][T15373] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1240.220541][T15373] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1240.566821][T15390] loop7: detected capacity change from 0 to 256 [ 1240.653543][T15373] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1240.677290][T15373] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1240.759418][T15390] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1240.987471][T15373] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1241.057620][T15373] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1241.336014][T15398] loop1: detected capacity change from 0 to 8 [ 1241.830207][ T34] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1241.887821][ T34] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1242.049630][ T34] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1242.092941][ T34] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1242.350396][ T14] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1242.395725][ T14] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1242.590686][ T5690] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1242.637286][ T5690] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1244.042269][T10834] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1244.097341][T10834] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1244.188529][T10834] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1244.243179][T10834] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1246.725224][T15453] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1247.184842][T15453] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1247.599466][T15453] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1247.967602][T15453] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1248.516915][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 1248.581018][T15470] loop7: detected capacity change from 0 to 128 [ 1248.774628][ T67] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1248.904500][ T67] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1249.047087][ T67] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1249.220052][ T67] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1263.464963][T15587] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3343'. [ 1263.555321][T15113] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1263.573792][T15113] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1263.589896][T15113] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1263.608317][T15113] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1263.623419][T15113] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1263.733719][T15587] ip6gre2: entered promiscuous mode [ 1263.791897][T15587] ip6gre2: entered allmulticast mode [ 1264.110093][ T145] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1264.163029][ T145] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1264.171809][T14348] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1265.064085][T14348] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1265.146820][T14348] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1265.699411][T15113] Bluetooth: hci4: command tx timeout [ 1266.802755][T15623] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3354'. [ 1266.826244][T15623] netlink: 44 bytes leftover after parsing attributes in process `syz.8.3354'. [ 1267.052364][T15621] loop7: detected capacity change from 0 to 2048 [ 1267.137008][T15621] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1267.178687][T15621] NILFS (loop7): mounting unchecked fs [ 1267.324166][T15621] NILFS (loop7): recovery complete [ 1267.397561][T15626] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1267.547383][ T67] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1267.603966][ T67] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1267.779852][T15113] Bluetooth: hci4: command tx timeout [ 1267.861737][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1267.990280][ T67] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1268.057336][ T67] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1268.477921][ T67] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1268.538690][ T67] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1268.815503][ T67] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1268.878839][ T67] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1269.859746][T15113] Bluetooth: hci4: command tx timeout [ 1270.368443][ T67] bridge_slave_1: left allmulticast mode [ 1270.401575][ T67] bridge_slave_1: left promiscuous mode [ 1270.427531][ T67] bridge0: port 2(bridge_slave_1) entered disabled state [ 1270.494484][ T67] bridge_slave_0: left allmulticast mode [ 1270.538866][ T67] bridge_slave_0: left promiscuous mode [ 1270.573760][ T67] bridge0: port 1(bridge_slave_0) entered disabled state [ 1271.941442][T15113] Bluetooth: hci4: command tx timeout [ 1271.984441][ T67] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1272.012312][ T67] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1272.035868][ T67] bond0 (unregistering): Released all slaves [ 1273.201049][T15675] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3366'. [ 1273.720050][ T67] hsr_slave_0: left promiscuous mode [ 1273.769461][ T67] hsr_slave_1: left promiscuous mode [ 1273.832521][ T67] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1273.869890][ T67] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1273.917540][ T67] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1273.954469][ T67] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1274.052027][ T67] veth1_macvtap: left promiscuous mode [ 1274.074973][ T67] veth0_macvtap: left promiscuous mode [ 1274.094990][ T67] veth1_vlan: left promiscuous mode [ 1274.116391][ T67] veth0_vlan: left promiscuous mode [ 1275.379921][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1276.758788][ T67] team0 (unregistering): Port device team_slave_1 removed [ 1276.871548][ T67] team0 (unregistering): Port device team_slave_0 removed [ 1277.284978][T15699] block nbd8: not configured, cannot reconfigure [ 1279.766789][T15721] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3385'. [ 1279.825020][T15721] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3385'. [ 1280.194775][T15588] bridge0: port 1(bridge_slave_0) entered blocking state [ 1280.257495][T15588] bridge0: port 1(bridge_slave_0) entered disabled state [ 1280.301040][T15588] bridge_slave_0: entered allmulticast mode [ 1280.333079][T15588] bridge_slave_0: entered promiscuous mode [ 1280.439935][T15588] bridge0: port 2(bridge_slave_1) entered blocking state [ 1280.475060][T15588] bridge0: port 2(bridge_slave_1) entered disabled state [ 1280.529945][T15588] bridge_slave_1: entered allmulticast mode [ 1280.537272][T15725] netlink: 'syz.2.3386': attribute type 11 has an invalid length. [ 1280.568048][T15588] bridge_slave_1: entered promiscuous mode [ 1281.432740][T15588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1281.585115][T15588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1282.091150][T15588] team0: Port device team_slave_0 added [ 1282.212999][T15588] team0: Port device team_slave_1 added [ 1282.746355][T15588] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1282.786400][T15588] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1282.863476][T15588] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1282.882975][T15588] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1282.892632][ T4869] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1282.906770][ T4869] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1282.919432][ T4869] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1282.975445][ T4869] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1282.979506][T15588] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1283.021375][ T4869] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1283.221827][T15588] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1283.980074][T15588] hsr_slave_0: entered promiscuous mode [ 1284.040317][T15588] hsr_slave_1: entered promiscuous mode [ 1284.094885][T15588] debugfs: 'hsr0' already exists in 'hsr' [ 1284.135690][T15588] Cannot create hsr debugfs directory [ 1284.202594][ T5226] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1284.645416][T15763] loop8: detected capacity change from 0 to 512 [ 1284.741694][T15763] EXT4-fs: Ignoring removed i_version option [ 1284.761398][T15763] EXT4-fs: Ignoring removed oldalloc option [ 1284.857197][T15763] EXT4-fs (loop8): Test dummy encryption mode enabled [ 1284.976532][T15763] EXT4-fs (loop8): 1 truncate cleaned up [ 1285.037381][T15763] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1285.141884][ T4869] Bluetooth: hci5: command tx timeout [ 1285.199772][T15763] EXT4-fs error (device loop8): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.8.3397: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 1285.660795][T12303] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1286.240842][T15774] loop8: detected capacity change from 0 to 128 [ 1286.324343][T15774] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1286.374332][T15774] hpfs: filesystem error: improperly stopped [ 1286.402749][T15774] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1286.451394][T15774] hpfs: You really don't want any checks? You are crazy... [ 1286.498636][T15774] hpfs: hpfs_map_sector(): read error [ 1286.537905][T15774] hpfs: code page support is disabled [ 1286.561631][T15774] hpfs: hpfs_map_4sectors(): unaligned read [ 1286.590781][T15774] hpfs: hpfs_map_4sectors(): unaligned read [ 1286.614523][T15774] hpfs: filesystem error: unable to find root dir [ 1287.220073][ T4869] Bluetooth: hci5: command tx timeout [ 1287.777277][T15788] loop8: detected capacity change from 0 to 16 [ 1287.868053][T15788] erofs (device loop8): mounted with root inode @ nid 36. [ 1287.968594][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 1287.968678][ T29] audit: type=1800 audit(2000000574.616:58): pid=15788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3403" name="file1" dev="loop8" ino=86 res=0 errno=0 [ 1288.853700][T15797] loop7: detected capacity change from 0 to 2048 [ 1288.923273][T15797] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=66359, location=66359 [ 1289.011684][T15797] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1289.299566][ T4869] Bluetooth: hci5: command tx timeout [ 1289.710616][T15588] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1289.830692][T15588] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1290.022637][T15588] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1290.152914][T15588] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1290.209526][T15588] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1290.306631][T15588] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1290.351839][T15588] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1290.448671][T15588] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1290.739798][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1291.235725][ T4869] Bluetooth: hci1: unexpected event for opcode 0x2005 [ 1291.379660][ T4869] Bluetooth: hci5: command tx timeout [ 1292.558846][T15588] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1292.597625][ T5226] 8021q: adding VLAN 0 to HW filter on device eth6 [ 1292.691566][T15841] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3420'. [ 1292.917105][T15588] 8021q: adding VLAN 0 to HW filter on device team0 [ 1293.400865][T15747] bridge0: port 1(bridge_slave_0) entered blocking state [ 1293.431608][T15747] bridge0: port 1(bridge_slave_0) entered disabled state [ 1293.443258][T15747] bridge_slave_0: entered allmulticast mode [ 1293.480761][T15747] bridge_slave_0: entered promiscuous mode [ 1293.571483][T15747] bridge0: port 2(bridge_slave_1) entered blocking state [ 1293.593017][T15747] bridge0: port 2(bridge_slave_1) entered disabled state [ 1293.611721][T15747] bridge_slave_1: entered allmulticast mode [ 1293.645753][T15747] bridge_slave_1: entered promiscuous mode [ 1293.709819][ T81] bridge0: port 1(bridge_slave_0) entered blocking state [ 1293.717473][ T81] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1293.972661][T10834] bridge0: port 2(bridge_slave_1) entered blocking state [ 1293.980416][T10834] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1294.263266][T15747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1294.425389][T15747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1294.886813][T15747] team0: Port device team_slave_0 added [ 1294.966958][T15747] team0: Port device team_slave_1 added [ 1295.306408][T15864] netlink: 'syz.8.3429': attribute type 6 has an invalid length. [ 1295.336118][T15864] netlink: 232 bytes leftover after parsing attributes in process `syz.8.3429'. [ 1295.410767][T15866] netlink: 5252 bytes leftover after parsing attributes in process `syz.8.3429'. [ 1295.486257][T15747] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1295.520141][T15747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1295.659664][T15747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1295.839242][T15747] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1295.887819][T15747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1296.003895][T15747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1296.694013][T15747] hsr_slave_0: entered promiscuous mode [ 1296.744781][T15747] hsr_slave_1: entered promiscuous mode [ 1296.781350][T15747] debugfs: 'hsr0' already exists in 'hsr' [ 1296.799387][T15747] Cannot create hsr debugfs directory [ 1296.806461][T15882] loop7: detected capacity change from 0 to 64 [ 1296.985955][ T29] audit: type=1800 audit(2000000583.646:59): pid=15882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3434" name="file1" dev="loop7" ino=5 res=0 errno=0 [ 1297.098710][ T29] audit: type=1800 audit(2000000583.686:60): pid=15882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3434" name="file1" dev="loop7" ino=5 res=0 errno=0 [ 1298.449357][T14348] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 1298.645099][T14348] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1298.693677][T14348] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1298.780546][T14348] usb 9-1: config 0 descriptor?? [ 1298.852242][T14348] cp210x 9-1:0.0: cp210x converter detected [ 1299.338244][T14348] cp210x 9-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1299.405626][ T5226] 8021q: adding VLAN 0 to HW filter on device eth7 [ 1299.454616][T14348] usb 9-1: cp210x converter now attached to ttyUSB0 [ 1299.650880][T14348] usb 9-1: USB disconnect, device number 3 [ 1299.798662][T14348] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1300.041084][T14348] cp210x 9-1:0.0: device disconnected [ 1300.107987][T15908] loop7: detected capacity change from 0 to 512 [ 1300.354334][T15908] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1300.436462][T15908] EXT4-fs error (device loop7): ext4_validate_block_bitmap:423: comm syz.7.3442: bg 0: bad block bitmap checksum [ 1300.900741][T10821] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1301.492952][T15747] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1301.581100][T15747] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1301.604743][T15926] netlink: 144 bytes leftover after parsing attributes in process `syz.7.3445'. [ 1301.676579][T15747] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1301.794557][T15747] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1301.852685][T15747] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1301.978733][T15747] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1302.056400][T15747] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1302.183195][T15747] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1302.812271][T15940] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3449'. [ 1303.099659][T15945] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3450'. [ 1303.181627][T15945] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3450'. [ 1303.436944][T15948] loop7: detected capacity change from 0 to 8 [ 1303.764242][T15588] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1304.368041][T15747] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1304.915407][T15747] 8021q: adding VLAN 0 to HW filter on device team0 [ 1305.194249][T10799] bridge0: port 1(bridge_slave_0) entered blocking state [ 1305.202023][T10799] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1305.296889][T15588] veth0_vlan: entered promiscuous mode [ 1305.491002][ T145] bridge0: port 2(bridge_slave_1) entered blocking state [ 1305.498788][ T145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1305.510163][T15962] netlink: 436 bytes leftover after parsing attributes in process `syz.2.3456'. [ 1305.565839][T15962] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3456'. [ 1305.606965][T15964] loop8: detected capacity change from 0 to 2048 [ 1305.662847][T15964] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1305.732691][T15588] veth1_vlan: entered promiscuous mode [ 1305.795334][T15968] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1306.470271][T12303] syz-executor: attempt to access beyond end of device [ 1306.470271][T12303] loop8: rw=0, sector=262216, nr_sectors = 2 limit=2048 [ 1306.548552][T12303] NILFS (loop8): I/O error reading meta-data file (ino=6, block-offset=1) [ 1306.635070][T12303] syz-executor: attempt to access beyond end of device [ 1306.635070][T12303] loop8: rw=0, sector=262216, nr_sectors = 2 limit=2048 [ 1306.707497][T12303] NILFS (loop8): I/O error reading meta-data file (ino=6, block-offset=1) [ 1306.758857][T12303] syz-executor: attempt to access beyond end of device [ 1306.758857][T12303] loop8: rw=0, sector=262216, nr_sectors = 2 limit=2048 [ 1306.823114][T12303] NILFS (loop8): I/O error reading meta-data file (ino=6, block-offset=1) [ 1306.845488][T12303] NILFS (loop8): DAT doesn't have a block to manage vblocknr = 147 [ 1306.885135][T12303] NILFS error (device loop8): nilfs_bmap_truncate: broken bmap (inode number=15) [ 1306.950204][T12303] Remounting filesystem read-only [ 1306.967379][T12303] NILFS (loop8): error -5 truncating bmap (ino=15) [ 1306.981565][T12303] syz-executor: attempt to access beyond end of device [ 1306.981565][T12303] loop8: rw=0, sector=262216, nr_sectors = 2 limit=2048 [ 1307.032745][T12303] NILFS (loop8): I/O error reading meta-data file (ino=6, block-offset=1) [ 1307.088799][T12303] NILFS (loop8): disposed unprocessed dirty file(s) when detaching log writer [ 1307.248702][T15588] veth0_macvtap: entered promiscuous mode [ 1307.482732][T15588] veth1_macvtap: entered promiscuous mode [ 1307.945978][T15588] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1308.184593][T15588] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1308.377655][ T81] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.442562][ T81] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.487943][ T5690] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.550456][ T5690] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1309.852250][T16001] veth1_macvtap: left promiscuous mode [ 1309.952553][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 1310.586667][T16013] netem: unknown loss type 0 [ 1310.626722][T16013] netem: change failed [ 1313.024957][T15747] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1315.638597][T16082] loop7: detected capacity change from 0 to 512 [ 1315.866702][T16082] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1315.990332][T16082] ext4 filesystem being mounted at /406/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1316.231833][T16082] Quota error (device loop7): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 1316.280062][T16082] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 1316.356438][T16082] EXT4-fs error (device loop7): ext4_acquire_dquot:7034: comm syz.7.3483: Failed to acquire dquot type 0 [ 1316.441087][T15747] veth0_vlan: entered promiscuous mode [ 1316.468709][ T29] audit: type=1800 audit(2000000603.116:61): pid=16092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3483" name="file1" dev="loop7" ino=19 res=0 errno=0 [ 1316.655703][T15747] veth1_vlan: entered promiscuous mode [ 1316.842709][T16097] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3486'. [ 1316.951681][T10821] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1316.952675][T16097] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3486'. [ 1317.203188][T15747] veth0_macvtap: entered promiscuous mode [ 1317.338451][T15747] veth1_macvtap: entered promiscuous mode [ 1317.867820][T15747] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1318.225762][T15747] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1318.576984][ T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1318.585648][ T5690] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1318.624867][ T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1318.635286][ T5690] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1318.727292][ T5690] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1318.773676][ T81] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1319.277695][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1319.345315][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1319.517264][T16122] loop8: detected capacity change from 0 to 512 [ 1319.603553][T16122] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 1319.705207][T16122] EXT4-fs (loop8): 1 truncate cleaned up [ 1319.716945][T16122] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1319.893635][ T29] audit: type=1800 audit(2000000606.546:62): pid=16122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3493" name="file1" dev="loop8" ino=15 res=0 errno=0 [ 1320.746022][T12303] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1321.463135][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 1323.011238][T16159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3501'. [ 1323.584796][T16165] loop7: detected capacity change from 0 to 64 [ 1324.703890][ T5226] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1328.229080][T16218] netlink: 136 bytes leftover after parsing attributes in process `syz.8.3518'. [ 1328.554583][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1328.587726][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1329.009319][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1329.070307][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1329.472935][T16231] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3523'. [ 1329.556922][T16233] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3524'. [ 1330.607026][T16244] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3527'. [ 1332.017173][T16258] netem: change failed [ 1335.632127][T16301] loop3: detected capacity change from 0 to 512 [ 1335.817564][T16301] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 1335.924699][T16301] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.3548: corrupted in-inode xattr: e_value size too large [ 1335.966586][T16301] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1335.969179][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 1335.985453][ C0] EXT4-fs (loop3): initial error at time 2000000622: ext4_iget_extra_inode:5128: inode 15 [ 1335.995815][ C0] EXT4-fs (loop3): last error at time 2000000622: ext4_iget_extra_inode:5128: inode 15 [ 1336.019251][T16301] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.3548: couldn't read orphan inode 15 (err -117) [ 1336.079743][T16301] loop3: lost filesystem error report for type 5 error -117 [ 1336.096323][T16301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1336.913477][T16314] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3552'. [ 1336.942439][T16314] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3552'. [ 1337.027703][T15588] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1337.035589][T16314] netlink: 'syz.5.3552': attribute type 18 has an invalid length. [ 1337.115531][T16314] netlink: 'syz.5.3552': attribute type 18 has an invalid length. [ 1337.978521][T16315] loop8: detected capacity change from 0 to 4096 [ 1339.621419][T16329] loop7: detected capacity change from 0 to 4096 [ 1340.555872][T16329] ntfs3(loop7): ino=0, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr [ 1341.446477][T16357] loop3: detected capacity change from 0 to 256 [ 1341.693944][T16357] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66dc59, utbl_chksum : 0xe619d30d) [ 1342.906041][T16371] loop7: detected capacity change from 0 to 16 [ 1342.981522][T16371] erofs (device loop7): mounted with root inode @ nid 36. [ 1343.063292][T16371] syz.7.3574: attempt to access beyond end of device [ 1343.063292][T16371] loop7: rw=0, sector=1936876908, nr_sectors = 1 limit=16 [ 1343.187570][T16371] syz.7.3574: attempt to access beyond end of device [ 1343.187570][T16371] loop7: rw=0, sector=3955228672, nr_sectors = 1 limit=16 [ 1343.254241][T16376] syz.7.3574: attempt to access beyond end of device [ 1343.254241][T16376] loop7: rw=0, sector=1936876908, nr_sectors = 1 limit=16 [ 1343.326259][T16376] syz.7.3574: attempt to access beyond end of device [ 1343.326259][T16376] loop7: rw=0, sector=3955228672, nr_sectors = 1 limit=16 [ 1343.951180][T16374] loop3: detected capacity change from 0 to 4096 [ 1345.587877][T16401] loop5: detected capacity change from 0 to 256 [ 1345.635751][T16400] netlink: 140 bytes leftover after parsing attributes in process `syz.7.3582'. [ 1345.798564][T16401] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf3da6b1f, utbl_chksum : 0xe619d30d) [ 1345.864704][ T5677] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 1346.069710][ T5677] usb 9-1: Using ep0 maxpacket: 16 [ 1346.104106][ T5677] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1346.165193][ T5677] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1346.224744][ T5677] usb 9-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 1346.295908][ T5677] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1346.396283][ T5677] usb 9-1: config 0 descriptor?? [ 1346.791884][T16409] netlink: 88 bytes leftover after parsing attributes in process `syz.2.3585'. [ 1346.868409][T16409] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3585'. [ 1347.046576][ T5677] ntrig 0003:1B96:0008.0010: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.8-1/input0 [ 1347.246811][ T5677] usb 9-1: USB disconnect, device number 4 [ 1348.087992][T16415] fido_id[16415]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 1349.933614][T16440] loop7: detected capacity change from 0 to 1024 [ 1350.554863][T16445] loop8: detected capacity change from 0 to 2048 [ 1350.737635][T16445] UDF-fs: error (device loop8): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1350.820743][T16445] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found [ 1350.857256][T16445] UDF-fs: Scanning with blocksize 512 failed [ 1351.053419][T16445] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1353.193306][T16476] loop5: detected capacity change from 0 to 512 [ 1353.340827][T16476] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 1353.417923][T16476] EXT4-fs error (device loop5): ext4_iget_extra_inode:5128: inode #15: comm syz.5.3610: corrupted in-inode xattr: e_value size too large [ 1353.549848][T16476] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1353.553346][T16476] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.3610: couldn't read orphan inode 15 (err -117) [ 1353.563090][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 1353.563190][ C0] EXT4-fs (loop5): initial error at time 2000000640: ext4_iget_extra_inode:5128: inode 15 [ 1353.563357][ C0] EXT4-fs (loop5): last error at time 2000000640: ext4_iget_extra_inode:5128: inode 15 [ 1353.653019][T16476] loop5: lost filesystem error report for type 5 error -117 [ 1353.677031][T16476] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1354.365247][T15747] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1355.135384][T16499] program syz.8.3617 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1358.031994][ T29] audit: type=1326 audit(2000000644.686:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16524 comm="syz.2.3626" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf71c61ab code=0x7ffc0000 [ 1358.161197][ T29] audit: type=1326 audit(2000000644.696:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16524 comm="syz.2.3626" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf71c61ab code=0x7ffc0000 [ 1358.325045][ T29] audit: type=1326 audit(2000000644.726:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16524 comm="syz.2.3626" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf71c61ab code=0x7ffc0000 [ 1358.511064][ T29] audit: type=1326 audit(2000000644.726:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16524 comm="syz.2.3626" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1358.684527][ T29] audit: type=1326 audit(2000000644.726:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16524 comm="syz.2.3626" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1358.842890][ T29] audit: type=1326 audit(2000000644.746:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16524 comm="syz.2.3626" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1359.029806][ T29] audit: type=1326 audit(2000000644.766:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16524 comm="syz.2.3626" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf708f00c code=0x7ffc0000 [ 1359.808716][T16551] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3635'. [ 1360.846618][T16560] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3638'. [ 1362.303509][T16578] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3644'. [ 1362.363801][T16578] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3644'. [ 1364.285107][T16599] loop5: detected capacity change from 0 to 512 [ 1364.420137][T16599] FAT-fs (loop5): Directory bread(block 199916) failed [ 1364.460039][T16599] FAT-fs (loop5): Directory bread(block 199917) failed [ 1364.505877][T16599] FAT-fs (loop5): Directory bread(block 199918) failed [ 1364.533474][T16599] FAT-fs (loop5): Directory bread(block 199919) failed [ 1364.575025][T16599] FAT-fs (loop5): Directory bread(block 199920) failed [ 1364.635848][T16599] FAT-fs (loop5): Directory bread(block 199921) failed [ 1364.682487][T16599] FAT-fs (loop5): Directory bread(block 199922) failed [ 1364.702471][T16599] FAT-fs (loop5): Directory bread(block 199923) failed [ 1365.854064][T16615] netlink: 27 bytes leftover after parsing attributes in process `syz.8.3659'. [ 1366.084819][T16620] loop5: detected capacity change from 0 to 256 [ 1366.124962][T16620] exfat: Deprecated parameter 'utf8' [ 1366.167097][T16620] exfat: Deprecated parameter 'utf8' [ 1366.204881][T16620] exfat: Deprecated parameter 'utf8' [ 1366.400685][T16620] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 1367.081677][T16628] loop8: detected capacity change from 0 to 128 [ 1367.916265][T16638] program syz.5.3667 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1368.239997][T16641] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3669'. [ 1368.571377][T16645] syz.2.3670: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1368.657985][T16645] CPU: 1 UID: 0 PID: 16645 Comm: syz.2.3670 Tainted: G W L syzkaller #0 PREEMPT(full) [ 1368.658195][T16645] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1368.658255][T16645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1368.658353][T16645] Call Trace: [ 1368.658406][T16645] [ 1368.658463][T16645] __dump_stack+0x26/0x30 [ 1368.658642][T16645] dump_stack_lvl+0x14c/0x1c0 [ 1368.658821][T16645] dump_stack+0x1e/0x25 [ 1368.658976][T16645] warn_alloc+0x46f/0x6a0 [ 1368.659174][T16645] ? kmsan_get_metadata+0xf1/0x160 [ 1368.659394][T16645] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1368.659601][T16645] __vmalloc_node_range_noprof+0x148/0x2cd0 [ 1368.659766][T16645] ? kmsan_get_metadata+0xf1/0x160 [ 1368.659959][T16645] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1368.660167][T16645] ? should_fail_ex+0x45/0x8c0 [ 1368.660373][T16645] ? kmsan_get_metadata+0xf1/0x160 [ 1368.660565][T16645] ? kmsan_get_metadata+0xf1/0x160 [ 1368.660748][T16645] ? kmsan_get_metadata+0xf1/0x160 [ 1368.660936][T16645] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1368.661147][T16645] ? __kmalloc_cache_noprof+0x3b0/0x1240 [ 1368.661312][T16645] ? kmsan_get_metadata+0xf1/0x160 [ 1368.661522][T16645] vmalloc_user_noprof+0xce/0x140 [ 1368.661681][T16645] ? xskq_create+0x11d/0x290 [ 1368.662011][T16645] xskq_create+0x11d/0x290 [ 1368.662238][T16645] xsk_init_queue+0xce/0x180 [ 1368.662440][T16645] xsk_setsockopt+0x7f6/0xfe0 [ 1368.662640][T16645] ? __pfx_xsk_setsockopt+0x10/0x10 [ 1368.662819][T16645] __sys_setsockopt+0x43e/0x580 [ 1368.663067][T16645] __ia32_sys_setsockopt+0xf3/0x1a0 [ 1368.663276][T16645] ia32_sys_call+0x34c3/0x4360 [ 1368.663494][T16645] __do_fast_syscall_32+0x180/0x460 [ 1368.663718][T16645] do_fast_syscall_32+0x37/0x80 [ 1368.663909][T16645] do_SYSENTER_32+0x1f/0x30 [ 1368.664099][T16645] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1368.664301][T16645] RIP: 0023:0xf708f00c [ 1368.664409][T16645] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8 [ 1368.664539][T16645] RSP: 002b:00000000f547d50c EFLAGS: 00000206 ORIG_RAX: 000000000000016e [ 1368.664677][T16645] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b [ 1368.664776][T16645] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004 [ 1368.664871][T16645] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1368.664961][T16645] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1368.665050][T16645] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1368.665174][T16645] [ 1369.000793][T16645] Mem-Info: [ 1369.057945][T16645] active_anon:7530 inactive_anon:0 isolated_anon:0 [ 1369.057945][T16645] active_file:15368 inactive_file:40482 isolated_file:0 [ 1369.057945][T16645] unevictable:768 dirty:81 writeback:6 [ 1369.057945][T16645] slab_reclaimable:5493 slab_unreclaimable:27144 [ 1369.057945][T16645] mapped:29950 shmem:1593 pagetables:2180 [ 1369.057945][T16645] sec_pagetables:0 bounce:0 [ 1369.057945][T16645] kernel_misc_reclaimable:0 [ 1369.057945][T16645] free:341146 free_pcp:12934 free_cma:0 [ 1369.164589][T16645] Node 0 active_anon:29984kB inactive_anon:0kB active_file:61408kB inactive_file:161724kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119792kB dirty:324kB writeback:24kB shmem:4836kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5888kB pagetables:8156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1369.223617][T16645] Node 1 active_anon:0kB inactive_anon:0kB active_file:64kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:16kB pagetables:360kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1369.328204][T16645] Node 0 DMA free:4096kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1369.475077][T16645] lowmem_reserve[]: 0 927 1241 1241 1241 [ 1369.533977][T16645] Node 0 DMA32 free:429748kB boost:0kB min:36852kB low:46064kB high:55276kB reserved_highatomic:0KB free_highatomic:0KB active_anon:14572kB inactive_anon:0kB active_file:54792kB inactive_file:90684kB unevictable:0kB writepending:280kB zspages:0kB present:3129332kB managed:950004kB mlocked:0kB bounce:0kB free_pcp:39448kB local_pcp:22356kB free_cma:0kB [ 1369.639356][T16645] lowmem_reserve[]: 0 0 313 313 313 [ 1369.659500][T16645] Node 0 Normal free:16180kB boost:0kB min:13056kB low:16320kB high:19584kB reserved_highatomic:0KB free_highatomic:0KB active_anon:15468kB inactive_anon:0kB active_file:6616kB inactive_file:71040kB unevictable:1536kB writepending:24kB zspages:0kB present:1048580kB managed:321476kB mlocked:0kB bounce:0kB free_pcp:12500kB local_pcp:6808kB free_cma:0kB [ 1370.190527][T16645] lowmem_reserve[]: 0 0 0 0 0 [ 1370.235142][T16645] Node 1 Normal free:914560kB boost:0kB min:40036kB low:50044kB high:60052kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:64kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:985800kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1370.336197][T16645] lowmem_reserve[]: 0 0 0 0 0 [ 1370.365130][T16645] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB [ 1370.417077][T16645] Node 0 DMA32: 1363*4kB (UM) 1445*8kB (UM) 1102*16kB (UME) 585*32kB (UM) 357*64kB (UM) 212*128kB (UME) 113*256kB (UM) 73*512kB (UME) 46*1024kB (UME) 28*2048kB (UM) 38*4096kB (UM) = 429748kB [ 1370.620622][T16645] Node 0 Normal: 295*4kB (UME) 179*8kB (UM) 28*16kB (UM) 20*32kB (UM) 13*64kB (UME) 5*128kB (UM) 1*256kB (U) 1*512kB (E) 2*1024kB (ME) 2*2048kB (ME) 1*4096kB (M) = 16180kB [ 1370.771826][T16645] Node 1 Normal: 6*4kB (U) 5*8kB (UM) 6*16kB (U) 5*32kB (U) 3*64kB (UM) 1*128kB (U) 2*256kB (M) 0*512kB 2*1024kB (M) 1*2048kB (M) 222*4096kB (UM) = 914560kB [ 1370.897666][T16645] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1370.953185][T16645] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 1371.018639][T16645] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1371.049780][T16645] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 1371.080337][T16645] 57364 total pagecache pages [ 1371.096325][T16645] 0 pages in swap cache [ 1371.155539][T16645] Free swap = 124996kB [ 1371.188511][T16645] Total swap = 124996kB [ 1371.222970][T16645] 2097051 pages RAM [ 1371.240047][T16645] 0 pages HighMem/MovableOnly [ 1371.264110][T16645] 1531707 pages reserved [ 1371.295979][T16645] 0 pages cma reserved [ 1371.410373][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 1371.431948][ T1309] ------------[ cut here ]------------ [ 1371.437614][ T1309] WARNING: ./include/linux/skbuff.h:3242 at lowpan_xmit+0xa0e/0x1d00, CPU#0: aoe_tx0/1309 [ 1371.448186][ T1309] Modules linked in: [ 1371.452446][ T1309] CPU: 0 UID: 0 PID: 1309 Comm: aoe_tx0 Tainted: G W L syzkaller #0 PREEMPT(full) [ 1371.463469][ T1309] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1371.468834][ T1309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1371.479358][ T1309] RIP: 0010:lowpan_xmit+0xa0e/0x1d00 [ 1371.484928][ T1309] Code: fb 8b 7d d4 e8 73 a3 25 f2 48 89 df e9 35 fd ff ff 44 89 f7 e8 63 a3 25 f2 66 41 83 fd ff 0f 85 7f fd ff ff e8 13 84 77 f1 90 <0f> 0b 90 80 7d c0 00 0f 84 3b 12 00 00 48 8b bd 00 ff ff ff 0f b7 [ 1371.504951][ T1309] RSP: 0018:ffff888107f0f960 EFLAGS: 00010293 [ 1371.511416][ T1309] RAX: ffffffff9088f8cd RBX: 0000000000000000 RCX: ffff88810b924280 [ 1371.519744][ T1309] RDX: 0000000000000000 RSI: 000000000000ffff RDI: 000000000000ffff [ 1371.527951][ T1309] RBP: ffff888107f0fac0 R08: ffffea000000000f R09: 0000000000000000 [ 1371.536348][ T1309] R10: ffff88810770f8d8 R11: ffff888108c7ec90 R12: ffff88810b924e40 [ 1371.544703][ T1309] R13: 000000000000ffff R14: 0000000000000000 R15: ffff88811c366400 [ 1371.553087][ T1309] FS: 0000000000000000(0000) GS:ffff8881aa610000(0000) knlGS:0000000000000000 [ 1371.562432][ T1309] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1371.569373][ T1309] CR2: 0000000057da421c CR3: 000000003a400000 CR4: 00000000003526f0 [ 1371.577637][ T1309] Call Trace: [ 1371.581208][ T1309] [ 1371.584308][ T1309] ? validate_xmit_xfrm+0x84/0x19e0 [ 1371.590062][ T1309] ? netif_skb_features+0x1bd3/0x1ea0 [ 1371.595801][ T1309] ? kmsan_report+0x2f0/0x320 [ 1371.600927][ T1309] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1371.607589][ T1309] ? __pfx_lowpan_xmit+0x10/0x10 [ 1371.612926][ T1309] dev_hard_start_xmit+0x22f/0xa80 [ 1371.618365][ T1309] __dev_queue_xmit+0x2990/0x5a00 [ 1371.623798][ T1309] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1371.630305][ T1309] ? kmsan_get_metadata+0xf1/0x160 [ 1371.635738][ T1309] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1371.642524][ T1309] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1371.649023][ T1309] ? __dev_queue_xmit+0x2d4/0x5a00 [ 1371.654418][ T1309] ? kmsan_get_metadata+0xf1/0x160 [ 1371.660114][ T1309] tx+0xb6/0x440 [ 1371.664012][ T1309] ? __pfx_tx+0x10/0x10 [ 1371.668518][ T1309] kthread+0x17d/0x370 [ 1371.673063][ T1309] ? __pfx_default_wake_function+0x10/0x10 [ 1371.679410][ T1309] kthread+0x53a/0x5f0 [ 1371.683833][ T1309] ? __pfx_kthread+0x10/0x10 [ 1371.688755][ T1309] ? __pfx_kthread+0x10/0x10 [ 1371.693856][ T1309] ret_from_fork+0x20f/0x8d0 [ 1371.698807][ T1309] ? __switch_to+0x573/0x7a0 [ 1371.703904][ T1309] ? __pfx_kthread+0x10/0x10 [ 1371.708838][ T1309] ret_from_fork_asm+0x1a/0x30 [ 1371.714123][ T1309] [ 1371.717337][ T1309] ---[ end trace 0000000000000000 ]--- [ 1371.723146][ T1309] ===================================================== [ 1371.730521][ T1309] BUG: KMSAN: uninit-value in lowpan_xmit+0xa6b/0x1d00 [ 1371.737636][ T1309] lowpan_xmit+0xa6b/0x1d00 [ 1371.742527][ T1309] dev_hard_start_xmit+0x22f/0xa80 [ 1371.747877][ T1309] __dev_queue_xmit+0x2990/0x5a00 [ 1371.753293][ T1309] tx+0xb6/0x440 [ 1371.757083][ T1309] kthread+0x17d/0x370 [ 1371.761491][ T1309] kthread+0x53a/0x5f0 [ 1371.765829][ T1309] ret_from_fork+0x20f/0x8d0 [ 1371.770766][ T1309] ret_from_fork_asm+0x1a/0x30 [ 1371.775768][ T1309] [ 1371.778197][ T1309] Uninit was stored to memory at: [ 1371.783652][ T1309] lowpan_xmit+0x68f/0x1d00 [ 1371.788361][ T1309] dev_hard_start_xmit+0x22f/0xa80 [ 1371.793816][ T1309] __dev_queue_xmit+0x2990/0x5a00 [ 1371.799212][ T1309] tx+0xb6/0x440 [ 1371.802970][ T1309] kthread+0x17d/0x370 [ 1371.807253][ T1309] kthread+0x53a/0x5f0 [ 1371.811694][ T1309] ret_from_fork+0x20f/0x8d0 [ 1371.816488][ T1309] ret_from_fork_asm+0x1a/0x30 [ 1371.821618][ T1309] [ 1371.824051][ T1309] Uninit was created at: [ 1371.828582][ T1309] kmem_cache_alloc_node_noprof+0x3cd/0x12c0 [ 1371.834957][ T1309] __alloc_skb+0x855/0x1190 [ 1371.839893][ T1309] new_skb+0x4a/0x550 [ 1371.844111][ T1309] aoecmd_cfg+0x2c2/0xb70 [ 1371.848643][ T1309] discover_timer+0x64/0x80 [ 1371.853504][ T1309] call_timer_fn+0x4c/0x510 [ 1371.858197][ T1309] __run_timer_base+0x80a/0xdb0 [ 1371.863385][ T1309] run_timer_softirq+0x3a/0x70 [ 1371.868341][ T1309] handle_softirqs+0x171/0x7b0 [ 1371.873476][ T1309] __irq_exit_rcu+0x9a/0x1e0 [ 1371.878287][ T1309] irq_exit_rcu+0x12/0x20 [ 1371.882958][ T1309] sysvec_apic_timer_interrupt+0x84/0x90 [ 1371.888851][ T1309] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 1371.895171][ T1309] [ 1371.897625][ T1309] CPU: 0 UID: 0 PID: 1309 Comm: aoe_tx0 Tainted: G W L syzkaller #0 PREEMPT(full) [ 1371.908595][ T1309] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1371.914049][ T1309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1371.924401][ T1309] ===================================================== [ 1371.931595][ T1309] Disabling lock debugging due to kernel taint [ 1371.937881][ T1309] Kernel panic - not syncing: kmsan.panic set ... [ 1371.944461][ T1309] CPU: 0 UID: 0 PID: 1309 Comm: aoe_tx0 Tainted: G B W L syzkaller #0 PREEMPT(full) [ 1371.955297][ T1309] Tainted: [B]=BAD_PAGE, [W]=WARN, [L]=SOFTLOCKUP [ 1371.961828][ T1309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1371.972018][ T1309] Call Trace: [ 1371.975411][ T1309] [ 1371.978467][ T1309] __dump_stack+0x26/0x30 [ 1371.982985][ T1309] dump_stack_lvl+0x50/0x1c0 [ 1371.987761][ T1309] ? dump_stack+0x12/0x25 [ 1371.992277][ T1309] dump_stack+0x1e/0x25 [ 1371.996645][ T1309] vpanic+0x7b4/0x1430 [ 1372.000951][ T1309] panic+0x15d/0x160 [ 1372.005113][ T1309] kmsan_report+0x31a/0x320 [ 1372.009836][ T1309] ? __msan_warning+0x1b/0x30 [ 1372.014714][ T1309] ? lowpan_xmit+0xa6b/0x1d00 [ 1372.019580][ T1309] ? dev_hard_start_xmit+0x22f/0xa80 [ 1372.025072][ T1309] ? __dev_queue_xmit+0x2990/0x5a00 [ 1372.030466][ T1309] ? tx+0xb6/0x440 [ 1372.034385][ T1309] ? kthread+0x17d/0x370 [ 1372.038805][ T1309] ? kthread+0x53a/0x5f0 [ 1372.043262][ T1309] ? ret_from_fork+0x20f/0x8d0 [ 1372.048249][ T1309] ? ret_from_fork_asm+0x1a/0x30 [ 1372.053425][ T1309] ? kmsan_get_metadata+0xf1/0x160 [ 1372.058761][ T1309] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1372.065316][ T1309] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1372.071605][ T1309] ? report_bug+0x196/0x1d0 [ 1372.076443][ T1309] ? lowpan_xmit+0xa10/0x1d00 [ 1372.081299][ T1309] ? lowpan_xmit+0xa0e/0x1d00 [ 1372.086152][ T1309] ? handle_bug+0xb2/0x230 [ 1372.090782][ T1309] ? exc_invalid_op+0x1f/0x50 [ 1372.095675][ T1309] ? kmsan_get_metadata+0xf1/0x160 [ 1372.101006][ T1309] __msan_warning+0x1b/0x30 [ 1372.105728][ T1309] lowpan_xmit+0xa6b/0x1d00 [ 1372.110412][ T1309] ? validate_xmit_xfrm+0x84/0x19e0 [ 1372.115792][ T1309] ? netif_skb_features+0x1bd3/0x1ea0 [ 1372.121377][ T1309] ? kmsan_report+0x2f0/0x320 [ 1372.126279][ T1309] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1372.132846][ T1309] ? __pfx_lowpan_xmit+0x10/0x10 [ 1372.137987][ T1309] dev_hard_start_xmit+0x22f/0xa80 [ 1372.143325][ T1309] __dev_queue_xmit+0x2990/0x5a00 [ 1372.148571][ T1309] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1372.154849][ T1309] ? kmsan_get_metadata+0xf1/0x160 [ 1372.160170][ T1309] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1372.166710][ T1309] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1372.172978][ T1309] ? __dev_queue_xmit+0x2d4/0x5a00 [ 1372.178296][ T1309] ? kmsan_get_metadata+0xf1/0x160 [ 1372.183651][ T1309] tx+0xb6/0x440 [ 1372.187403][ T1309] ? __pfx_tx+0x10/0x10 [ 1372.191757][ T1309] kthread+0x17d/0x370 [ 1372.196010][ T1309] ? __pfx_default_wake_function+0x10/0x10 [ 1372.202026][ T1309] kthread+0x53a/0x5f0 [ 1372.206306][ T1309] ? __pfx_kthread+0x10/0x10 [ 1372.211094][ T1309] ? __pfx_kthread+0x10/0x10 [ 1372.215901][ T1309] ret_from_fork+0x20f/0x8d0 [ 1372.220675][ T1309] ? __switch_to+0x573/0x7a0 [ 1372.225477][ T1309] ? __pfx_kthread+0x10/0x10 [ 1372.230298][ T1309] ret_from_fork_asm+0x1a/0x30 [ 1372.235294][ T1309] [ 1372.239062][ T1309] Kernel Offset: disabled [ 1372.243460][ T1309] Rebooting in 86400 seconds..