last executing test programs: 13.471190953s ago: executing program 1 (id=1035): fallocate(0xffffffffffffffff, 0x0, 0x400000000000000, 0x20007) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', <r1=>0x0}) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={@local, 0x0, r1}) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022}) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000240)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @remote, @dev={0xfe, 0x80, '\x00', 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r1}) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000100)={'veth1_to_bridge\x00', 0x118}) 13.247904921s ago: executing program 1 (id=1037): openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000500)=&(0x7f0000000240)) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000740)=r2) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000ac0)) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000) preadv(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, r0, 0xe1cdc000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 12.651257012s ago: executing program 4 (id=1041): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r2=>0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x2, r2, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, 0x0, 0x0, <r3=>0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000680)={0x8a, 0x7, r3, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x749bc}) 12.31345569s ago: executing program 4 (id=1042): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x2004c0a, &(0x7f00000000c0)={[{@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x30]}}]}) 12.264977283s ago: executing program 3 (id=1043): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000003c0)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000f4bd5979a5172e0700000000000000000000000000000000000000000000636c757374657200006db693c555d12b0101000000000000000000000000000010000000000000000000000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000004493000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800"/592]}, 0x2c8) syz_emit_ethernet(0x3e, &(0x7f0000000940)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}, @void, {@ipv6={0x86dd, @generic={0x4, 0x6, "cfc2b8", 0x8, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@srh={0x1, 0x0, 0x4, 0x0, 0xba, 0x28, 0x200}]}}}}}, 0x0) 12.135470238s ago: executing program 4 (id=1045): semget(0x2, 0x1, 0x52c) r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) recvmmsg(r0, &(0x7f000000a900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, 0x0, 0x0) 12.094857843s ago: executing program 3 (id=1046): ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x48, 0x2, 0x6, 0x301, 0xa, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x24008004) sendmsg$NFT_BATCH(r1, 0x0, 0x200548d0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) write$binfmt_misc(r1, &(0x7f00000000c0)="87d34d64adcfba62ebda02365be94a453bb40914e7c0e48bea21", 0x1a) close(r3) 11.169570904s ago: executing program 4 (id=1048): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x0, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x0, "00000080"}]}}, 0x0}, 0x0) syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') ioctl$HIDIOCGCOLLECTIONINFO(r1, 0xc0104811, &(0x7f0000000140)={0x6, 0xfffffffc, 0x0, 0x1}) 10.809153743s ago: executing program 3 (id=1049): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) close(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001dc0)) ioctl$SIOCSIFHWADDR(r4, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"}) r5 = accept4(r3, &(0x7f0000000300)=@nl=@proc, &(0x7f0000000380)=0x80, 0xc00) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000180)={'syztnl2\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2f, 0xde, 0xf8, 0x10000100, 0x16, @private1, @remote, 0x40, 0x10, 0x0, 0x81}}) bpf$PROG_LOAD(0x5, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) 10.015732978s ago: executing program 0 (id=1050): socket$inet_tcp(0x2, 0x1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() setrlimit(0x0, &(0x7f0000000280)={0x89c}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000840)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000009f95cb9450000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r4 = openat$dir(0xffffff9c, &(0x7f0000000380)='./file0\x00', 0x64a4c1, 0x0) renameat2(r4, &(0x7f00000003c0)='./file0/file0\x00', 0xffffffffffffffff, 0x0, 0x5) bpf$PROG_LOAD(0x5, 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000800)={'syz1\x00', {}, 0x23, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x800200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x8000], [0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x4], [0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc]}, 0x45c) r5 = eventfd(0x0) r6 = epoll_create(0x80) epoll_ctl$EPOLL_CTL_ADD(r6, 0x300, r5, &(0x7f0000000080)={0x10000000}) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f00000021c0)=ANY=[@ANYBLOB="b700000060000000bca3000000000000240300001afeffff620af0fff8ffffff69a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000a61140800000000001d430000000000007a0a00fe0000001f6114040000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19b0161e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba3a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652db036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700e89a56fe8e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a033a2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf799b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d54abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c940000002b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac987fd637c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fd52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23541320d8579c5ab42bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de01fdee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812fc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b2584e6c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795d35f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7eddd12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f386c4dd317e11c1e89fac1fa9bceb50fad686ffbb5f7d79565271add99821c3601653bf6d4091ce8e0af3ab3a82a2735abb21d675d21f0a65caeb3213db39c9d55a35c1d588a732ee0b3d3a09c7786bc50b014802027d1da4a2a0fde4672d8dccd9fa000000000000697d1f90ddf1f320292d9fa4d81dc97f9fd7088d29edb2473b5284227936edf9f00b6deddc45841b6c54cd3741c95fe628f31ae0bf7619817735688fa26ce52c368e5ac02bdd46f10eae05da628e8d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 9.850533689s ago: executing program 3 (id=1051): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r2=>0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x2, r2, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, 0x0, 0x0, <r3=>0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000680)={0x8a, 0x7, r3, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x749bc}) 9.318941367s ago: executing program 1 (id=1052): setsockopt$MRT6_TABLE(0xffffffffffffffff, 0x29, 0xcf, &(0x7f0000000280)=0xff, 0x4) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r3, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20010004, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x9) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0) 9.303513325s ago: executing program 3 (id=1053): r0 = socket(0x10, 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.swap.current\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff0000000000010902"], 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000000200)) 9.071764781s ago: executing program 0 (id=1054): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) mkdir(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) r0 = getpgid(0xffffffffffffffff) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) pipe2$9p(0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0) getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, 0x0, &(0x7f0000000180)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000080), 0x0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x468) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00'}) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000005c0)={{{@in=@private, @in=@multicast1}}, {{@in=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000000)=0xe8) socket(0xa, 0x2, 0x0) 8.677733488s ago: executing program 0 (id=1055): socket$inet_smc(0x2b, 0x1, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020) syz_fuse_handle_req(r0, 0x0, 0x0, 0x0) write$FUSE_INIT(r0, 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46250e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec15e7e8664d7bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45e4ff75c5d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a1031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f75", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0x0, 0x0, {{0x6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xee01}}}}, 0x0}) r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0) 8.583459733s ago: executing program 0 (id=1056): r0 = syz_io_uring_setup(0x2dd9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000380), &(0x7f0000000140)=<r1=>0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000180)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r0, 0x4e07, 0x0, 0x0, 0x0, 0x0) 8.483888028s ago: executing program 0 (id=1057): semget(0x2, 0x1, 0x52c) r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) recvmmsg(r0, &(0x7f000000a900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, 0x0, 0x0) 8.412720531s ago: executing program 1 (id=1058): syz_open_dev$ndb(&(0x7f00000004c0), 0x0, 0x88001) syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0) epoll_create1(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) userfaultfd(0x1) socket$inet6_tcp(0xa, 0x1, 0x0) 8.008904864s ago: executing program 4 (id=1059): r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffc]}, 0x8, 0x80000) read$snddsp(r0, &(0x7f0000000c80)=""/227, 0xe3) 8.008607606s ago: executing program 1 (id=1060): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0) 7.910996951s ago: executing program 2 (id=1061): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000670000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6207005d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c56f0979bd10b97163c066d0e196bf02f46c7953ab1abdaf9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9211e3550ee5520211d9370175133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80efd7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc058528e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe5682159fbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d94462d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cb43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbdde42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c27b30255bc4f8813be88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387c7acb9bbd1da497611ceda25049e48ddacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f0f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459500f024f9b75885cd79ba32776e4a511c8a4ad922b00000000000000a9241220dfbf7d02ef507ec6fc7f5d37d835f7bed71283c431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477e268326af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8ea5c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cade7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec46edc18d5c287d1435956784003a53eb5fe535ead8857acf0166dbd9f30a9b9c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8adef47ede2076dc538bb97502b4b4350e633dc0a53c2fc9a01bc5cfae0245f1fab843c633446f5f3a43226109b7dafe7815773bd6969f04cbe15236b90000000000000000000000000000000000000000000000000000ff0779b9c005da21073c6d9680d4e547cb727addb2efe11b8b3a706569f1522b57d71bb0beccab7c8fe9e1330b2f501b2ac3cf4eba7ceda6ff8a0c8b18c5e9e2f505e833217557abb257d61af8e8c473a7585436730db75da167481ab8921fe051b250f8d8ef9c8481bb28a137d15040b0181c28dfad7c17b30c452a64c43a117cb948247c33abc765a6ba695c3cea5e32a4d1ae2dcbec2ff4268e03aad15efc6004e6b3d7f0edf8b5d4ae7846a6d43c16c90b7c5dc13ac2ff0439ab693498964cad2bb533bcd240778b7e49145c48efde42b44c01517f1a7c7707b4c4fc0900e7086ec40354504590696282286db9030f0320e2fcba8723939005347b3f744ff1973431000000000000000000000000000000000000003495d69aaf9a1d83e83511a3bf44fe753b8ad83bc34ea4d46b397e000ff267c50122aa5aaf8474ec2e57d960d963900bef84a4b3c7dd01ae4d6b5522aa8a35ae7996e298bcfe3f31a34e3e12c58cf172a4d3677a67b52041ec21ae8003aa1c9969178b1b00e4d12ac9745b3cabc908e623403c013907523c77f8acc20b9e2fd224ca8f21fab2b10991881e2112f4e1c4f54b9ca7c9a0c8298d60b8b6eaa023418992d6d62b0e9faca4a3b3a805e859137cd933ef5eb8db16f159f32505725da51414562d064b551246dacd586f42d06c790000087bb52ae4bc09f3846c785d1b278e661ed01fbc2415288bc9c808c4aef648d431b3029da0dec8886c3ee9cad996843d00a3b5eb54e270dd2e96c8f2fdb4c27c2d1bd467f2a14867dec67730d8a68329839d9feff688dfbe25c73f936338e7b057980da58a6303d95f17712d667d5a1066ae457ae32925ce658b559c1182a74e267da57fe25b19153f1cdebaddf3f7a3479c09f2303dff449c0513b552a75ed48215cc31264a6ff648a95daa0d599dbce303b3b5307572df30429a3b4b115cab0a018f2501272048dd9e69877535e20078e7c28a98f26ace2fa90c68166396a2398d7a266bdc15ce904f25ec7fb2434ee7b5b69bed702ba1e7ed72942f452f1a98a2d949450091075efa823b11f5f5eccd921c04c7c15a5a05750cd85b1300fc00ce275de7559e117f87cb6c3c9a4b9f96149e3fcffa44d7258e9fc818ab3d76ab660a254d998592c31017f816e01a21c08a17ac"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r0, 0x18000000000002a0, 0x10, 0x0, &(0x7f0000000000)="5aee41dea43e63a3f75e64fb7ff20700", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 7.801069634s ago: executing program 2 (id=1062): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r2=>0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x2, r2, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, 0x0, 0x0, <r3=>0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000680)={0x8a, 0x7, r3, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x749bc}) 7.769333359s ago: executing program 2 (id=1063): openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r0 = socket(0x2, 0x80805, 0x26c00000) getsockopt$bt_hci(r0, 0x84, 0x1, &(0x7f0000001180)=""/4102, &(0x7f00000003c0)=0x1006) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_IO(r2, 0x2285, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$SG_GET_PACK_ID(r3, 0x227c, &(0x7f00000002c0)) 7.658458346s ago: executing program 2 (id=1064): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) r1 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) 7.657890916s ago: executing program 0 (id=1065): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) getpid() r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x1c, r3, 0x331, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x4000001, 0x0) socket$rds(0x15, 0x5, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) 7.591782924s ago: executing program 2 (id=1066): socket$inet_smc(0x2b, 0x1, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020) syz_fuse_handle_req(r0, 0x0, 0x0, 0x0) write$FUSE_INIT(r0, 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46250e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec15e7e8664d7bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45e4ff75c5d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a1031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f75", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0x0, 0x0, {{0x6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xee01}}}}, 0x0}) r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0) 7.309243904s ago: executing program 3 (id=1067): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) mkdir(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) r0 = getpgid(0xffffffffffffffff) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) pipe2$9p(0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0) getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, 0x0, &(0x7f0000000180)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000080), 0x0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x468) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00'}) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000005c0)={{{@in=@private, @in=@multicast1}}, {{@in=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000000)=0xe8) socket(0xa, 0x2, 0x0) 7.220358457s ago: executing program 2 (id=1068): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000af7d813590674bbbc5eab2287d873783c6d9eb1347a07f7198e6649a7ad66515b5ced5a235ac881a1f79b0bf4c33a2ebbe28620e36f3773a76ad83b4", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) close(r1) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1e000000070000000d0000000500000084000000", @ANYRES32=r1, @ANYBLOB='\t\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05001900050000000300000000000bff00000400000000000000000064ce95156d06ef9a6d29e02381375eeaf4d2828cba925141cdea25f4a4ed5208258a31bbd8d90204ab61036f9582f3465e9e91b39c0ef559cc54d5a10f76"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000000085000000040000001811", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @hyper}, 0x10) fcntl$setownex(r2, 0xf, &(0x7f0000000340)={0x1, 0xffffffffffffffff}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000900)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x0) socket$tipc(0x1e, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000001340)=""/102378, 0x7706c522012798af) add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0) eventfd2(0x0, 0x0) ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0) r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000016c0), 0x2, 0x0) dup3(r5, r4, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0) r6 = socket(0x15, 0x800000003, 0x39ce) ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)) 6.991574917s ago: executing program 4 (id=1069): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x0, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x0, "00000080"}]}}, 0x0}, 0x0) syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') ioctl$HIDIOCGCOLLECTIONINFO(r1, 0xc0104811, &(0x7f0000000140)={0x6, 0xfffffffc, 0x0, 0x1}) 0s ago: executing program 1 (id=1070): syz_open_dev$video4linux(0x0, 0xf, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x6be00000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) map_shadow_stack(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3ff) write$P9_RRENAME(r1, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): icast mode [ 294.771009][ T7971] bridge_slave_0: entered promiscuous mode [ 294.779271][ T7971] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.787792][ T7971] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.795313][ T7971] bridge_slave_1: entered allmulticast mode [ 294.802797][ T7971] bridge_slave_1: entered promiscuous mode [ 294.874924][ T7971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 294.901155][ T7971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 294.938749][ T7971] team0: Port device team_slave_0 added [ 294.947332][ T7971] team0: Port device team_slave_1 added [ 294.973263][ T7971] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 294.980464][ T7971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 295.008987][ T7971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 295.022384][ T7971] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 295.029488][ T7971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 295.058312][ T7971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 295.099745][ T7971] hsr_slave_0: entered promiscuous mode [ 295.106444][ T7971] hsr_slave_1: entered promiscuous mode [ 295.125207][ T7971] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 295.133708][ T7971] Cannot create hsr debugfs directory [ 295.264933][ T7989] loop4: detected capacity change from 0 to 2048 [ 295.317779][ T7989] iocharset iso8get not found [ 295.362158][ T7971] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.424614][ T7971] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.446471][ T7989] loop4: detected capacity change from 0 to 4096 [ 295.463312][ T3453] usb 4-1: USB disconnect, device number 4 [ 295.531367][ T7971] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.628363][ T7971] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.847760][ T7971] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 295.871198][ T7971] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 295.890697][ T7971] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 295.909873][ T7971] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 296.336257][ T5253] Bluetooth: hci7: command tx timeout [ 296.355615][ T8012] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0 [ 296.722256][ T5253] Bluetooth: hci4: command tx timeout [ 296.767373][ T7971] 8021q: adding VLAN 0 to HW filter on device bond0 [ 296.782883][ T7971] 8021q: adding VLAN 0 to HW filter on device team0 [ 296.795756][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.802918][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 296.853303][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.860514][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 296.985794][ T8018] x_tables: unsorted underflow at hook 3 [ 297.037859][ T8018] Bluetooth: MGMT ver 1.23 [ 297.106545][ T8009] loop0: detected capacity change from 0 to 40427 [ 297.141866][ T8009] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 297.150663][ T8009] F2FS-fs (loop0): Image doesn't support compression [ 297.190504][ T8009] F2FS-fs (loop0): Image doesn't support compression [ 297.224196][ T8009] F2FS-fs (loop0): invalid crc value [ 297.235977][ T8009] F2FS-fs (loop0): Found nat_bits in checkpoint [ 297.267490][ T7971] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 297.314305][ T7971] veth0_vlan: entered promiscuous mode [ 297.325621][ T7971] veth1_vlan: entered promiscuous mode [ 297.348665][ T7971] veth0_macvtap: entered promiscuous mode [ 297.357820][ T7971] veth1_macvtap: entered promiscuous mode [ 297.373052][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.384597][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.395140][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.405653][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.415790][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.426295][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.436289][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.440709][ T8009] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 297.446854][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.464250][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.469128][ T8009] syz.0.442: attempt to access beyond end of device [ 297.469128][ T8009] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 297.474721][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.474760][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.474777][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.475991][ T7971] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 297.530485][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.541110][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.550998][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.561507][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.571389][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.582702][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.593241][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.603742][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.613655][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.624163][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.634481][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.644980][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.655983][ T7971] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 297.679690][ T7971] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.690592][ T7971] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.699786][ T7167] syz-executor: attempt to access beyond end of device [ 297.699786][ T7167] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 297.714683][ T7971] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.723497][ T7167] F2FS-fs (loop0): Remounting filesystem read-only [ 297.730904][ T7971] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.854964][ T2919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 297.870201][ T2919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.016623][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.027897][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.411832][ T5253] Bluetooth: hci7: command tx timeout [ 298.995105][ T8055] overlayfs: unescaped trailing colons in lowerdir mount option. [ 299.746026][ T8070] netlink: 36 bytes leftover after parsing attributes in process `syz.3.455'. [ 299.883769][ T8070] netlink: 16 bytes leftover after parsing attributes in process `syz.3.455'. [ 299.893417][ T8070] netlink: 36 bytes leftover after parsing attributes in process `syz.3.455'. [ 299.902613][ T8070] netlink: 36 bytes leftover after parsing attributes in process `syz.3.455'. [ 300.144563][ T8066] loop0: detected capacity change from 0 to 40427 [ 300.168151][ T8066] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 300.176985][ T8066] F2FS-fs (loop0): Image doesn't support compression [ 300.184180][ T8066] F2FS-fs (loop0): Image doesn't support compression [ 300.211482][ T8066] F2FS-fs (loop0): invalid crc value [ 300.225887][ T8066] F2FS-fs (loop0): Found nat_bits in checkpoint [ 300.290775][ T8081] netlink: 16 bytes leftover after parsing attributes in process `syz.1.459'. [ 300.305466][ T8066] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 300.321199][ T8066] syz.0.456: attempt to access beyond end of device [ 300.321199][ T8066] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 300.363970][ T7167] syz-executor: attempt to access beyond end of device [ 300.363970][ T7167] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 300.402253][ T7167] F2FS-fs (loop0): Remounting filesystem read-only [ 300.484965][ T5253] Bluetooth: hci7: command tx timeout [ 300.934529][ T8084] loop2: detected capacity change from 0 to 40427 [ 301.042236][ T8084] F2FS-fs (loop2): Wrong SIT boundary, start(1536) end(50334208) blocks(1024) [ 301.071707][ T8084] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 301.112195][ T8084] F2FS-fs (loop2): invalid crc value [ 301.148853][ T8084] F2FS-fs (loop2): Found nat_bits in checkpoint [ 301.348721][ T8084] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 301.364796][ T8084] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 301.892048][ T7971] syz-executor: attempt to access beyond end of device [ 301.892048][ T7971] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 301.908847][ T7971] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 302.262788][ T8115] loop4: detected capacity change from 0 to 512 [ 302.269644][ T8115] EXT4-fs: Ignoring removed nobh option [ 302.286977][ T8115] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.300677][ T8115] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 302.628004][ T8113] loop0: detected capacity change from 0 to 40427 [ 302.670523][ T5253] Bluetooth: hci7: command tx timeout [ 302.678862][ T8113] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 302.709584][ T8113] F2FS-fs (loop0): Image doesn't support compression [ 302.726858][ T8113] F2FS-fs (loop0): Image doesn't support compression [ 302.759195][ T8113] F2FS-fs (loop0): invalid crc value [ 302.769202][ T8113] F2FS-fs (loop0): Found nat_bits in checkpoint [ 302.780101][ T8134] loop2: detected capacity change from 0 to 2048 [ 302.838809][ T8113] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 302.840014][ T8134] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 302.855879][ T8113] syz.0.472: attempt to access beyond end of device [ 302.855879][ T8113] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 302.869020][ T8134] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 302.905486][ T7167] syz-executor: attempt to access beyond end of device [ 302.905486][ T7167] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 302.922564][ T7167] F2FS-fs (loop0): Remounting filesystem read-only [ 302.956841][ T7971] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.173300][ T6464] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.115067][ T8153] loop4: detected capacity change from 0 to 32768 [ 304.128024][ T8153] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.483 (8153) [ 304.153959][ T8153] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 304.168250][ T8153] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 304.184662][ T8153] BTRFS info (device loop4): using free-space-tree [ 304.426019][ T8187] BTRFS info (device loop4): scrub: started on devid 1 [ 304.509683][ T8187] BTRFS info (device loop4): scrub: finished on devid 1 with status: 0 [ 304.850410][ T8197] loop3: detected capacity change from 0 to 512 [ 304.859602][ T8197] EXT4-fs: Ignoring removed nobh option [ 304.925254][ T8197] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 304.937958][ T8197] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.022229][ T8210] overlayfs: unescaped trailing colons in lowerdir mount option. [ 305.292796][ T6464] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 305.373480][ T8190] loop2: detected capacity change from 0 to 40427 [ 305.390873][ T8190] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff [ 305.399628][ T8190] F2FS-fs (loop2): Image doesn't support compression [ 305.406642][ T8190] F2FS-fs (loop2): Image doesn't support compression [ 305.416297][ T8190] F2FS-fs (loop2): invalid crc value [ 305.427542][ T8190] F2FS-fs (loop2): Found nat_bits in checkpoint [ 305.517957][ T8190] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 305.618782][ T7971] F2FS-fs (loop2): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x58a/0x1ca0 [ 305.631870][ T7971] F2FS-fs (loop2): invalid blkaddr: 1028, type: 10, run fsck to fix. [ 305.723801][ T8227] netlink: 12 bytes leftover after parsing attributes in process `syz.4.502'. [ 305.831910][ T8212] loop0: detected capacity change from 0 to 32768 [ 305.844645][ T8212] XFS: noikeep mount option is deprecated. [ 305.860192][ T8212] XFS: noikeep mount option is deprecated. [ 305.886969][ T6114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.903207][ T8212] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 306.018221][ T8212] XFS (loop0): Ending clean mount [ 306.020522][ T8241] kvm: emulating exchange as write [ 306.028965][ T8212] XFS (loop0): Quotacheck needed: Please wait. [ 306.067809][ T8212] XFS (loop0): Quotacheck: Done. [ 306.102892][ T8212] netlink: 'syz.0.497': attribute type 9 has an invalid length. [ 306.129106][ T8212] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.497'. [ 306.296711][ T7167] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 306.456499][ T8251] pimreg: entered allmulticast mode [ 306.512174][ T8251] pimreg: left allmulticast mode [ 307.732150][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 307.760019][ T8283] overlayfs: unescaped trailing colons in lowerdir mount option. [ 307.874980][ T8279] loop2: detected capacity change from 0 to 40427 [ 307.903295][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 307.914542][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 307.939957][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 307.965427][ T8279] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff [ 307.968026][ T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 308.017964][ T8279] F2FS-fs (loop2): invalid crc value [ 308.030742][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.034589][ T8279] F2FS-fs (loop2): Found nat_bits in checkpoint [ 308.091368][ T9] usb 4-1: config 0 descriptor?? [ 308.134529][ T8290] netlink: 1 bytes leftover after parsing attributes in process `syz.4.522'. [ 308.134997][ T8279] F2FS-fs (loop2): Start checkpoint disabled! [ 308.151030][ T8289] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 308.156223][ T8279] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 308.261807][ T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 308.271026][ T52] kworker/u8:3: attempt to access beyond end of device [ 308.271026][ T52] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 308.285698][ T52] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 308.296676][ T52] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 308.422830][ T25] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 308.442230][ T25] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 308.454117][ T25] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 308.469749][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.509841][ T8287] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 308.529491][ T9] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 308.533676][ T25] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 308.547896][ T9] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 308.582144][ T9] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 308.628437][ T9] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 308.817348][ T25] usb 1-1: USB disconnect, device number 5 [ 308.852936][ T46] usb 4-1: USB disconnect, device number 5 [ 308.899953][ T8305] fuse: Unknown parameter '00000000000000000000' [ 309.201760][ T5250] Bluetooth: hci6: command 0x0406 tx timeout [ 310.294803][ T8325] xt_connbytes: Forcing CT accounting to be enabled [ 310.294961][ T8325] --map-set only usable from mangle table [ 310.498904][ T8326] loop2: detected capacity change from 0 to 2048 [ 310.530570][ T8326] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 310.532092][ T8328] overlayfs: unescaped trailing colons in lowerdir mount option. [ 310.572922][ T8326] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.666845][ T29] audit: type=1800 audit(1728483726.602:26): pid=8326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.531" name="file0" dev="loop2" ino=13 res=0 errno=0 [ 311.122171][ T5324] libceph: connect (1)[c::]:6789 error -101 [ 311.134476][ T7971] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.137875][ T5324] libceph: mon0 (1)[c::]:6789 connect error [ 311.180046][ T8353] tipc: Started in network mode [ 311.185185][ T8353] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 311.195343][ T8353] tipc: Enabled bearer <eth:geneve1>, priority 10 [ 311.237725][ T29] audit: type=1326 audit(1728483727.182:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 311.249581][ T8344] ceph: No mds server is up or the cluster is laggy [ 311.277169][ T29] audit: type=1326 audit(1728483727.212:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 311.300224][ T29] audit: type=1326 audit(1728483727.222:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcf4837c990 code=0x7ffc0000 [ 311.384069][ T29] audit: type=1326 audit(1728483727.222:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fcf4837f827 code=0x7ffc0000 [ 311.426550][ T29] audit: type=1326 audit(1728483727.222:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 311.458074][ T9] libceph: connect (1)[c::]:6789 error -101 [ 311.470784][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 311.471985][ T29] audit: type=1326 audit(1728483727.222:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fcf4837f827 code=0x7ffc0000 [ 311.510862][ T29] audit: type=1326 audit(1728483727.222:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcf4837cc8a code=0x7ffc0000 [ 311.654723][ T29] audit: type=1326 audit(1728483727.222:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 311.684351][ T29] audit: type=1326 audit(1728483727.222:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 311.785877][ T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 312.249831][ T8370] netlink: 4 bytes leftover after parsing attributes in process `syz.1.543'. [ 312.265304][ T3453] tipc: Node number set to 15444650 [ 312.478545][ T8376] overlayfs: unescaped trailing colons in lowerdir mount option. [ 312.577506][ T25] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 312.599979][ T25] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 312.669459][ T25] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 312.696245][ T8387] loop0: detected capacity change from 0 to 2048 [ 312.728012][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.818605][ T8357] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 312.827184][ T8387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 312.834480][ T25] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 312.851952][ T8387] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 313.300929][ T7167] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.151235][ T8406] loop3: detected capacity change from 0 to 4096 [ 314.469893][ T5324] usb 3-1: USB disconnect, device number 3 [ 314.714540][ T8413] overlayfs: unescaped trailing colons in lowerdir mount option. [ 314.759292][ T8409] loop0: detected capacity change from 0 to 40427 [ 314.772778][ T8409] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 314.816111][ T1033] block nbd2: Possible stuck request ffff888025770000: control (read@0,4096B). Runtime 30 seconds [ 314.840097][ T8409] F2FS-fs (loop0): invalid crc value [ 314.860517][ T8409] F2FS-fs (loop0): Found nat_bits in checkpoint [ 314.953633][ T8409] F2FS-fs (loop0): Start checkpoint disabled! [ 314.970266][ T8409] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 315.037277][ T8409] syz.0.557: attempt to access beyond end of device [ 315.037277][ T8409] loop0: rw=524288, sector=45072, nr_sectors = 24 limit=40427 [ 315.057372][ T8409] syz.0.557: attempt to access beyond end of device [ 315.057372][ T8409] loop0: rw=0, sector=45072, nr_sectors = 8 limit=40427 [ 316.319279][ T8440] netlink: 28 bytes leftover after parsing attributes in process `syz.0.568'. [ 316.342399][ T8440] netlink: 28 bytes leftover after parsing attributes in process `syz.0.568'. [ 316.359911][ T8440] gretap0: entered promiscuous mode [ 316.402411][ T8440] batadv_slave_1: entered promiscuous mode [ 316.494978][ T8432] loop2: detected capacity change from 0 to 32768 [ 316.502944][ T8450] overlayfs: unescaped trailing colons in lowerdir mount option. [ 316.576721][ T8432] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 316.660651][ T8432] XFS (loop2): Ending clean mount [ 316.667460][ T8432] XFS (loop2): Quotacheck needed: Please wait. [ 316.827969][ T8468] loop3: detected capacity change from 0 to 4096 [ 316.849712][ T8466] loop0: detected capacity change from 0 to 512 [ 316.856692][ T8466] EXT4-fs: Ignoring removed nobh option [ 316.878773][ T8432] XFS (loop2): Quotacheck: Done. [ 316.917563][ T7971] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 317.025951][ T8466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.039563][ T8466] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 317.558804][ T8480] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set [ 317.574108][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.580661][ T1266] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.619591][ T8480] EXT4-fs (loop0): Remounting filesystem read-only [ 317.654563][ T8485] loop4: detected capacity change from 0 to 4096 [ 317.685719][ T8485] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 317.697040][ T7167] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.778316][ T8485] ntfs3(loop4): Inode r=19 is not in use! [ 317.784830][ T8485] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 317.865467][ T8489] overlayfs: unescaped trailing colons in lowerdir mount option. [ 318.263833][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 318.263856][ T29] audit: type=1326 audit(1728483734.192:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000 [ 318.293695][ T29] audit: type=1326 audit(1728483734.192:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000 [ 318.316053][ T29] audit: type=1326 audit(1728483734.192:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000 [ 318.341979][ T29] audit: type=1326 audit(1728483734.192:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000 [ 318.562316][ T5253] Bluetooth: hci3: command 0x0405 tx timeout [ 319.082897][ T8502] loop2: detected capacity change from 0 to 32768 [ 319.152075][ T8502] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 319.165410][ T8502] CPU: 0 UID: 0 PID: 8502 Comm: syz.2.589 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 319.175541][ T8502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 319.185652][ T8502] Call Trace: [ 319.188969][ T8502] <TASK> [ 319.191934][ T8502] dump_stack_lvl+0x241/0x360 [ 319.196664][ T8502] ? __pfx_dump_stack_lvl+0x10/0x10 [ 319.201917][ T8502] ? __pfx__printk+0x10/0x10 [ 319.206554][ T8502] ? __kmalloc_cache_noprof+0x243/0x390 [ 319.212162][ T8502] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 319.217581][ T8502] sysfs_create_dir_ns+0x2ce/0x3a0 [ 319.222751][ T8502] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 319.228441][ T8502] kobject_add_internal+0x435/0x8d0 [ 319.233680][ T8502] kobject_init_and_add+0x124/0x190 [ 319.238906][ T8502] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 319.244741][ T8502] ? __pfx_kobject_init_and_add+0x10/0x10 [ 319.250473][ T8502] ? __init_swait_queue_head+0xae/0x150 [ 319.256033][ T8502] gfs2_sys_fs_add+0x23b/0x4a0 [ 319.260807][ T8502] ? __pfx_gfs2_sys_fs_add+0x10/0x10 [ 319.266134][ T8502] ? __pfx_alloc_workqueue+0x10/0x10 [ 319.271424][ T8502] ? read_word_at_a_time+0xe/0x20 [ 319.276451][ T8502] ? sized_strscpy+0x8d/0x220 [ 319.281131][ T8502] gfs2_fill_super+0x11ee/0x24d0 [ 319.286096][ T8502] ? __pfx_gfs2_fill_super+0x10/0x10 [ 319.291410][ T8502] ? snprintf+0xda/0x120 [ 319.295671][ T8502] ? __pfx_lock_release+0x10/0x10 [ 319.300695][ T8502] ? do_raw_spin_lock+0x14f/0x370 [ 319.305730][ T8502] ? __pfx_snprintf+0x10/0x10 [ 319.310437][ T8502] ? sb_set_blocksize+0x98/0xf0 [ 319.315484][ T8502] ? setup_bdev_super+0x4e6/0x5d0 [ 319.320569][ T8502] get_tree_bdev+0x3f7/0x570 [ 319.325206][ T8502] ? __pfx_gfs2_fill_super+0x10/0x10 [ 319.330629][ T8502] ? __pfx_get_tree_bdev+0x10/0x10 [ 319.335813][ T8502] gfs2_get_tree+0x54/0x220 [ 319.340381][ T8502] vfs_get_tree+0x90/0x2b0 [ 319.344931][ T8502] do_new_mount+0x2be/0xb40 [ 319.349475][ T8502] ? __pfx_do_new_mount+0x10/0x10 [ 319.354555][ T8502] __se_sys_mount+0x2d6/0x3c0 [ 319.359289][ T8502] ? __pfx___se_sys_mount+0x10/0x10 [ 319.364575][ T8502] ? rcu_is_watching+0x15/0xb0 [ 319.369390][ T8502] ? __x64_sys_mount+0x20/0xc0 [ 319.374208][ T8502] do_syscall_64+0xf3/0x230 [ 319.378749][ T8502] ? clear_bhb_loop+0x35/0x90 [ 319.383467][ T8502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.389394][ T8502] RIP: 0033:0x7f6562f7f79a [ 319.393850][ T8502] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.413584][ T8502] RSP: 002b:00007f6563ddce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 319.422036][ T8502] RAX: ffffffffffffffda RBX: 00007f6563ddcef0 RCX: 00007f6562f7f79a [ 319.430045][ T8502] RDX: 0000000020000100 RSI: 0000000020037f80 RDI: 00007f6563ddceb0 [ 319.438059][ T8502] RBP: 0000000020000100 R08: 00007f6563ddcef0 R09: 0000000000000000 [ 319.446070][ T8502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80 [ 319.454071][ T8502] R13: 00007f6563ddceb0 R14: 0000000000037f14 R15: 0000000020000400 [ 319.462095][ T8502] </TASK> [ 319.475558][ T8502] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 319.490972][ T8502] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 321.459736][ T29] audit: type=1326 audit(1728483737.402:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8557 comm="syz.1.606" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x0 [ 321.490301][ T8555] loop2: detected capacity change from 0 to 512 [ 321.497295][ T8555] EXT4-fs: Ignoring removed nobh option [ 321.516559][ T8561] geneve0: entered promiscuous mode [ 321.551964][ T8561] macvlan2: entered promiscuous mode [ 321.562735][ T8555] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 321.575137][ T8561] macvlan2: entered allmulticast mode [ 321.576660][ T8555] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 321.600953][ T8561] geneve0: entered allmulticast mode [ 321.721525][ T8564] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 321.888619][ T7971] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.931732][ T8577] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0 [ 321.954422][ T8575] IPVS: stopping backup sync thread 8577 ... [ 322.376519][ T46] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 322.820809][ T8579] loop3: detected capacity change from 0 to 40427 [ 322.836393][ T8579] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff [ 322.851685][ T8579] F2FS-fs (loop3): Image doesn't support compression [ 322.858463][ T8579] F2FS-fs (loop3): Image doesn't support compression [ 322.893595][ T8579] F2FS-fs (loop3): invalid crc value [ 322.910956][ T8579] F2FS-fs (loop3): Found nat_bits in checkpoint [ 322.973905][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 322.991382][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 323.002643][ T46] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 323.016006][ T46] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 323.025427][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.068364][ T8587] loop0: detected capacity change from 0 to 32768 [ 323.091655][ T8579] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 323.124401][ T8587] JBD2: Ignoring recovery information on journal [ 323.144604][ T46] usb 3-1: config 0 descriptor?? [ 323.165028][ T8587] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 323.226928][ T6114] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x58a/0x1ca0 [ 323.239015][ T6114] F2FS-fs (loop3): invalid blkaddr: 1028, type: 10, run fsck to fix. [ 323.601015][ T46] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 323.608817][ T46] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 323.616841][ T46] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 323.628193][ T46] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 323.696732][ T8627] netem: change failed [ 323.862923][ T5289] usb 3-1: USB disconnect, device number 4 [ 324.346705][ T7167] ocfs2: Unmounting device (7,0) on (node local) [ 324.444496][ T8641] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0 [ 324.867789][ T8648] loop0: detected capacity change from 0 to 40427 [ 324.911764][ T8648] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 324.920557][ T8648] F2FS-fs (loop0): Image doesn't support compression [ 324.928293][ T8648] F2FS-fs (loop0): Image doesn't support compression [ 324.981810][ T8648] F2FS-fs (loop0): invalid crc value [ 325.059353][ T8648] F2FS-fs (loop0): Found nat_bits in checkpoint [ 325.107812][ T8648] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 325.198245][ T7167] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x58a/0x1ca0 [ 325.231282][ T7167] F2FS-fs (loop0): invalid blkaddr: 1028, type: 10, run fsck to fix. [ 325.390522][ T8661] Illegal XDP return value 4294967274 on prog (id 76) dev N/A, expect packet loss! [ 325.908472][ T8661] Cannot find add_set index 0 as target [ 326.158561][ T8665] netlink: 8 bytes leftover after parsing attributes in process `syz.3.638'. [ 326.170959][ T8665] 8021q: adding VLAN 0 to HW filter on device ipvlan4 [ 326.915385][ T8675] loop3: detected capacity change from 0 to 32768 [ 326.924198][ T8675] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.641 (8675) [ 326.943924][ T8675] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 326.961088][ T8675] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 326.996698][ T8675] BTRFS info (device loop3): using free-space-tree [ 327.144814][ T6114] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 327.722469][ T6010] gfs2: fsid=syz:syz.0: 2 left-over quota data objects [ 327.774990][ T8705] input: syz0 as /devices/virtual/input/input9 [ 327.836657][ T8399] gfs2: fsid=syz:syz.0: Error -5 syncing glock [ 327.845205][ T8399] gfs2: fsid=syz:syz.0: G: s:EX n:3/2090 f:lDpfiao t:UN d:UN/10000 a:0 v:0 r:2 m:20 p:0 [ 327.855405][ T8399] gfs2: fsid=syz:syz.0: R: n:8336 f:90000000 b:7001/6999 i:6 q:0 r:0 e:7032 [ 327.997284][ T26] gfs2: fsid=syz:syz.0: Error -5 syncing glock [ 328.007071][ T26] gfs2: fsid=syz:syz.0: G: s:EX n:2/24a1 f:lDpfia t:UN d:UN/10000 a:0 v:0 r:1 m:20 p:1 [ 328.016999][ T26] gfs2: fsid=syz:syz.0: Error -5 syncing glock [ 328.023327][ T26] gfs2: fsid=syz:syz.0: G: s:EX n:2/2093 f:lDpfia t:UN d:UN/30000 a:0 v:0 r:1 m:20 p:260 [ 328.033407][ T26] gfs2: fsid=syz:syz.0: Error -5 syncing glock [ 328.040555][ T26] gfs2: fsid=syz:syz.0: G: s:EX n:2/208e f:lDpfia t:UN d:UN/40000 a:0 v:0 r:1 m:20 p:1 [ 328.454893][ T8707] loop4: detected capacity change from 0 to 32768 [ 328.485290][ T8707] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 328.587370][ T8707] XFS (loop4): Ending clean mount [ 328.634757][ T8704] kexec: Could not allocate control_code_buffer [ 328.676566][ T8707] XFS (loop4): Quotacheck needed: Please wait. [ 328.691505][ T8707] XFS (loop4): Quotacheck: Done. [ 328.722424][ T8699] loop0: detected capacity change from 0 to 32768 [ 328.766823][ T8699] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 328.809965][ T6464] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 329.228558][ T7167] ocfs2: Unmounting device (7,0) on (node local) [ 329.671766][ T5324] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 329.831754][ T5324] usb 2-1: Using ep0 maxpacket: 8 [ 329.843972][ T5324] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 329.851448][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 329.863771][ T5324] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 329.877157][ T8735] loop4: detected capacity change from 0 to 32768 [ 329.894902][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 329.926143][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 329.954508][ T5324] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 329.966731][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 329.980650][ T5324] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 329.993150][ T8735] XFS (loop4): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 329.996353][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 330.019647][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 330.067666][ T5324] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 330.076546][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 330.113614][ T5324] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 330.177695][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 330.191341][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 330.210848][ T5324] usb 2-1: string descriptor 0 read error: -22 [ 330.217384][ T5324] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 330.230155][ T5324] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.260218][ T5324] adutux 2-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 330.287555][ T8755] loop0: detected capacity change from 0 to 32768 [ 330.307703][ T8755] JBD2: Ignoring recovery information on journal [ 330.377219][ T8735] XFS (loop4): Ending clean mount [ 330.387554][ T8735] XFS (loop4): Quotacheck needed: Please wait. [ 330.399974][ T8735] XFS (loop4): Quotacheck: Done. [ 330.406435][ T8755] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 330.439058][ T6464] XFS (loop4): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 331.000923][ T9] usb 2-1: USB disconnect, device number 6 [ 331.247990][ T29] audit: type=1326 audit(1728483747.192:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.281240][ T29] audit: type=1326 audit(1728483747.222:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.306505][ T29] audit: type=1326 audit(1728483747.222:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.328791][ T29] audit: type=1326 audit(1728483747.222:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.352314][ T29] audit: type=1326 audit(1728483747.222:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.376391][ T29] audit: type=1326 audit(1728483747.222:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.386621][ T8778] process 'syz.3.664' launched './file1' with NULL argv: empty string added [ 331.402256][ T29] audit: type=1326 audit(1728483747.222:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.434501][ T29] audit: type=1326 audit(1728483747.222:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.457335][ T29] audit: type=1326 audit(1728483747.222:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 331.480645][ T29] audit: type=1326 audit(1728483747.322:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7fc00000 [ 331.590038][ T8784] overlayfs: unescaped trailing colons in lowerdir mount option. [ 332.022065][ T8779] netlink: 'syz.4.665': attribute type 1 has an invalid length. [ 332.122478][ T8779] netlink: 'syz.4.665': attribute type 2 has an invalid length. [ 332.262757][ T8779] netlink: 4 bytes leftover after parsing attributes in process `syz.4.665'. [ 332.362505][ T7167] ocfs2: Unmounting device (7,0) on (node local) [ 332.385876][ T8793] loop3: detected capacity change from 0 to 512 [ 332.392932][ T8793] EXT4-fs: Ignoring removed nobh option [ 332.430133][ T8793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 332.442932][ T8793] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 333.969381][ T8797] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set [ 334.156885][ T8797] EXT4-fs (loop3): Remounting filesystem read-only [ 334.282437][ T6114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.476566][ T8821] overlayfs: unescaped trailing colons in lowerdir mount option. [ 334.730261][ T8806] loop4: detected capacity change from 0 to 32768 [ 334.827722][ T8806] XFS (loop4): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 334.956611][ T8806] XFS (loop4): Ending clean mount [ 334.992389][ T8806] XFS (loop4): Quotacheck needed: Please wait. [ 335.051831][ T8806] XFS (loop4): Quotacheck: Done. [ 335.116839][ T6464] XFS (loop4): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 335.268727][ T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 335.893352][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 335.907626][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 335.939608][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 335.971780][ T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 335.991178][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.012205][ T9] usb 4-1: config 0 descriptor?? [ 336.138705][ T5253] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 336.154510][ T5253] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 336.163939][ T5253] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 336.191765][ T5253] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 336.199608][ T5253] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 336.209030][ T5253] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 336.528747][ T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 336.536297][ T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 336.544331][ T9] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 336.701967][ T9] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 336.735935][ T46] usb 4-1: USB disconnect, device number 6 [ 336.821384][ T8849] netlink: 'syz.1.687': attribute type 9 has an invalid length. [ 336.829363][ T8849] netlink: 134672 bytes leftover after parsing attributes in process `syz.1.687'. [ 336.838985][ T8849] openvswitch: netlink: Key 2 has unexpected len 20 expected 4 [ 337.050533][ T8859] chnl_net:caif_netlink_parms(): no params data found [ 337.315494][ T8859] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.324776][ T8859] bridge0: port 1(bridge_slave_0) entered disabled state [ 337.332480][ T8859] bridge_slave_0: entered allmulticast mode [ 337.338901][ T8883] fuse: Bad value for 'fd' [ 337.344403][ T8859] bridge_slave_0: entered promiscuous mode [ 337.352293][ T8859] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.360482][ T8859] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.367608][ T8867] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 337.373752][ T8867] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 337.380560][ T8867] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 337.386616][ T8867] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 337.394042][ T8867] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 337.400088][ T8867] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 337.407177][ T8867] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 337.413293][ T8867] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 337.421199][ T8867] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 337.427263][ T8867] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 337.436164][ T8867] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 337.442990][ T8867] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 337.448966][ T8867] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 337.455716][ T8867] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 337.462256][ T8867] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 337.468187][ T8867] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 337.475074][ T8867] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 337.481986][ T8867] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 337.487962][ T8867] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 337.494598][ T8867] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 337.502493][ T8867] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 337.508469][ T8867] Bluetooth: hci8: Opcode 0x0406 failed: -4 [ 337.515607][ T8867] Bluetooth: hci8: Opcode 0x0406 failed: -4 [ 337.554939][ T8859] bridge_slave_1: entered allmulticast mode [ 337.562002][ T8859] bridge_slave_1: entered promiscuous mode [ 337.587190][ T8859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 337.598686][ T8859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 337.723040][ T8875] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 337.729214][ T8875] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 337.735272][ T8875] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 337.741231][ T8875] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 337.747278][ T8875] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 337.753273][ T8875] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 337.759226][ T8875] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 337.765372][ T8875] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 337.771343][ T8875] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 337.888524][ T8859] team0: Port device team_slave_0 added [ 338.028636][ T8859] team0: Port device team_slave_1 added [ 338.410070][ T8859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 338.420067][ T8859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 338.497425][ T8859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 338.533990][ T8859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 338.555459][ T8859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 338.609642][ T8859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 338.954973][ T8859] hsr_slave_0: entered promiscuous mode [ 339.057799][ T8859] hsr_slave_1: entered promiscuous mode [ 339.171186][ T8859] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 339.179236][ T8859] Cannot create hsr debugfs directory [ 339.622942][ T8904] loop3: detected capacity change from 0 to 32768 [ 339.628411][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 339.630582][ T8904] XFS: noikeep mount option is deprecated. [ 339.646771][ T8904] XFS: noikeep mount option is deprecated. [ 339.659725][ T8859] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.681750][ T5253] Bluetooth: hci2: command 0x0406 tx timeout [ 339.695901][ T8895] loop0: detected capacity change from 0 to 40427 [ 339.705134][ T8904] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 339.722664][ T8895] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 339.734253][ T8895] F2FS-fs (loop0): invalid crc value [ 339.741233][ T8895] F2FS-fs (loop0): Found nat_bits in checkpoint [ 339.750063][ T8859] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.800386][ T8859] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.813507][ T8895] F2FS-fs (loop0): Start checkpoint disabled! [ 339.820995][ T8895] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 339.836430][ T8904] XFS (loop3): Ending clean mount [ 339.846003][ T8904] XFS (loop3): Quotacheck needed: Please wait. [ 339.852350][ T5243] Bluetooth: hci7: command 0x0c1a tx timeout [ 339.852403][ T5243] Bluetooth: hci4: command 0x0c1a tx timeout [ 339.852431][ T5243] Bluetooth: hci1: command 0x0c1a tx timeout [ 339.852457][ T5243] Bluetooth: hci0: command 0x0c1a tx timeout [ 339.852517][ T5243] Bluetooth: hci3: command 0x0405 tx timeout [ 339.852544][ T5243] Bluetooth: hci6: command 0x0406 tx timeout [ 339.852602][ T5243] Bluetooth: hci5: command 0x0406 tx timeout [ 339.852836][ T5253] Bluetooth: hci8: command 0x041b tx timeout [ 339.884936][ T8904] XFS (loop3): Quotacheck: Done. [ 339.909393][ T8859] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.914883][ T8904] netlink: 'syz.3.702': attribute type 9 has an invalid length. [ 339.929375][ T8904] netlink: 134672 bytes leftover after parsing attributes in process `syz.3.702'. [ 339.940990][ T8904] openvswitch: netlink: Key 2 has unexpected len 20 expected 4 [ 339.961119][ T3004] kworker/u8:9: attempt to access beyond end of device [ 339.961119][ T3004] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 339.976111][ T3004] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 339.983760][ T3004] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 339.986248][ T6114] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 340.021835][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 340.131231][ T8859] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 340.142738][ T8859] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 340.153716][ T8859] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 340.164290][ T8859] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 340.185416][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 340.211855][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 340.241818][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 340.249253][ T8859] 8021q: adding VLAN 0 to HW filter on device bond0 [ 340.272098][ T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 340.293955][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.297600][ T8859] 8021q: adding VLAN 0 to HW filter on device team0 [ 340.313437][ T9] usb 2-1: config 0 descriptor?? [ 340.344438][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.351551][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 340.378735][ T3004] bridge0: port 2(bridge_slave_1) entered blocking state [ 340.385917][ T3004] bridge0: port 2(bridge_slave_1) entered forwarding state [ 340.663553][ T8950] netlink: 'syz.0.713': attribute type 1 has an invalid length. [ 340.674364][ T8950] netlink: 48 bytes leftover after parsing attributes in process `syz.0.713'. [ 340.727845][ T9] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 340.749410][ T9] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 340.769940][ T9] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 340.815628][ T8859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 340.835308][ T9] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 340.908293][ T8859] veth0_vlan: entered promiscuous mode [ 340.928422][ T9] usb 2-1: USB disconnect, device number 7 [ 340.974676][ T8859] veth1_vlan: entered promiscuous mode [ 341.061250][ T8859] veth0_macvtap: entered promiscuous mode [ 341.083240][ T8859] veth1_macvtap: entered promiscuous mode [ 341.138403][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.169644][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.179782][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.191670][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.206945][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.217957][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.228219][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.252659][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.263265][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.286665][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.317745][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.330463][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.343989][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.355596][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.372808][ T8859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 341.408100][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.442173][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.468102][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.517417][ T8956] loop0: detected capacity change from 0 to 32768 [ 341.524245][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.535959][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.546780][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.559037][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.573464][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.587253][ T8956] JBD2: Ignoring recovery information on journal [ 341.620685][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.637512][ T8956] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 341.652199][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.702747][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.713472][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.725075][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.736237][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.748185][ T8859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 341.763778][ T5250] Bluetooth: hci2: command 0x0406 tx timeout [ 341.774048][ T8859] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.783419][ T8859] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.794799][ T8859] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.804950][ T8859] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.830962][ T8956] OCFS2: ERROR (device loop0): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total [ 341.857360][ T8956] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 341.870214][ T8956] OCFS2: Returning error to the calling process. [ 341.888138][ T8956] (syz.0.714,8956,1):ocfs2_claim_suballoc_bits:2038 ERROR: status = -5 [ 341.899739][ T8956] (syz.0.714,8956,1):__ocfs2_claim_clusters:2412 ERROR: status = -5 [ 341.909349][ T8956] (syz.0.714,8956,1):__ocfs2_claim_clusters:2420 ERROR: status = -5 [ 341.921844][ T5253] Bluetooth: hci5: command 0x0406 tx timeout [ 341.927657][ T8956] (syz.0.714,8956,1):ocfs2_local_alloc_new_window:1216 ERROR: status = -5 [ 341.928041][ T5235] Bluetooth: hci6: command 0x0406 tx timeout [ 341.939105][ T8956] (syz.0.714,8956,1):ocfs2_local_alloc_new_window:1241 ERROR: status = -5 [ 341.943036][ T5243] Bluetooth: hci3: command 0x0405 tx timeout [ 341.951689][ T5241] Bluetooth: hci0: command 0x0c1a tx timeout [ 341.958051][ T5253] Bluetooth: hci1: command 0x0c1a tx timeout [ 341.970349][ T54] Bluetooth: hci4: command 0x0c1a tx timeout [ 341.976462][ T5241] Bluetooth: hci7: command 0x0c1a tx timeout [ 341.982869][ T5250] Bluetooth: hci8: command 0x041b tx timeout [ 341.984426][ T8956] (syz.0.714,8956,0):ocfs2_local_alloc_slide_window:1315 ERROR: status = -5 [ 342.003003][ T2903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.013841][ T2903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.037196][ T6499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.048576][ T6499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.066586][ T8956] (syz.0.714,8956,0):ocfs2_local_alloc_slide_window:1334 ERROR: status = -5 [ 342.100789][ T8956] (syz.0.714,8956,0):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -5 [ 342.128427][ T8956] (syz.0.714,8956,0):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -5 [ 342.174930][ T8956] (syz.0.714,8956,0):ocfs2_reserve_clusters_with_limit:1170 ERROR: status = -5 [ 342.193976][ T8956] (syz.0.714,8956,0):ocfs2_reserve_clusters_with_limit:1219 ERROR: status = -5 [ 342.204075][ T8956] (syz.0.714,8956,0):ocfs2_lock_allocators:2749 ERROR: status = -5 [ 342.212743][ T8956] (syz.0.714,8956,0):ocfs2_write_begin_nolock:1742 ERROR: status = -5 [ 342.221281][ T8956] (syz.0.714,8956,0):__ocfs2_page_mkwrite:97 ERROR: status = -5 [ 344.111649][ T5250] Bluetooth: hci4: command 0x0c1a tx timeout [ 344.120002][ T54] Bluetooth: hci1: command 0x0c1a tx timeout [ 344.126070][ T5250] Bluetooth: hci8: command 0x041b tx timeout [ 344.141784][ T5250] Bluetooth: hci7: command 0x0c1a tx timeout [ 344.147840][ T5250] Bluetooth: hci0: command 0x0c1a tx timeout [ 344.244011][ T8999] loop3: detected capacity change from 0 to 512 [ 344.250955][ T8999] EXT4-fs: Ignoring removed nobh option [ 344.345981][ T7167] ocfs2: Unmounting device (7,0) on (node local) [ 344.368156][ T8999] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 344.381704][ T8999] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 344.405023][ T9009] loop7: detected capacity change from 0 to 16384 [ 344.697522][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 344.697540][ T29] audit: type=1326 audit(1728483760.642:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9018 comm="syz.2.729" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1fb717dff9 code=0x0 [ 344.754093][ T9012] loop7: detected capacity change from 16384 to 16383 [ 344.912149][ T1033] block nbd2: Possible stuck request ffff888025770000: control (read@0,4096B). Runtime 60 seconds [ 344.973879][ T9022] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 345.031728][ T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 345.076591][ T7288] Buffer I/O error on dev loop7, logical block 2047, async page read [ 345.183496][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 345.196158][ T9009] Buffer I/O error on dev loop7, logical block 2047, async page read [ 345.204021][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 345.217516][ T9009] Buffer I/O error on dev loop7, logical block 2047, async page read [ 345.231117][ T9009] Buffer I/O error on dev loop7, logical block 2047, async page read [ 345.233938][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 345.269993][ T7288] Buffer I/O error on dev loop7, logical block 2047, async page read [ 345.300662][ T9] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 345.321621][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 345.341090][ T9] usb 1-1: config 0 descriptor?? [ 345.442820][ T9007] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set [ 345.463311][ T9007] EXT4-fs (loop3): Remounting filesystem read-only [ 345.473818][ T6114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.777769][ T9] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 345.900020][ T9] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 346.130366][ T9] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 346.163815][ T54] Bluetooth: hci8: command 0x041b tx timeout [ 346.182740][ T9] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 346.263814][ T9] usb 1-1: USB disconnect, device number 6 [ 347.731251][ T9052] loop3: detected capacity change from 0 to 40427 [ 347.758803][ T9052] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff [ 347.775883][ T9052] F2FS-fs (loop3): invalid crc value [ 347.789065][ T9052] F2FS-fs (loop3): Found nat_bits in checkpoint [ 347.860850][ T9052] F2FS-fs (loop3): Start checkpoint disabled! [ 347.876945][ T9052] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 348.006020][ T2903] kworker/u8:6: attempt to access beyond end of device [ 348.006020][ T2903] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 348.024471][ T2903] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 348.033729][ T2903] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 348.245700][ T5253] Bluetooth: hci8: command 0x041b tx timeout [ 349.751745][ T5289] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 349.811236][ T9086] loop2: detected capacity change from 0 to 32768 [ 349.826895][ T9086] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.748 (9086) [ 349.860986][ T9096] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 349.871412][ T9086] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 349.881766][ T9086] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 349.890512][ T9086] BTRFS info (device loop2): using free-space-tree [ 349.904257][ T5289] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 349.924820][ T5289] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 349.956668][ T5289] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 349.999443][ T5289] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 350.039193][ T5289] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.049793][ T5289] usb 5-1: config 0 descriptor?? [ 350.295927][ T9116] BTRFS info (device loop2): scrub: started on devid 1 [ 350.321804][ T5253] Bluetooth: hci8: command 0x041b tx timeout [ 350.402053][ T9116] BTRFS info (device loop2): scrub: finished on devid 1 with status: 0 [ 350.470849][ T5289] usbhid 5-1:0.0: can't add hid device: -71 [ 350.483326][ T9094] loop0: detected capacity change from 0 to 32768 [ 350.490482][ T5289] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 350.519669][ T5289] usb 5-1: USB disconnect, device number 8 [ 350.540911][ T9094] BTRFS: device /dev/loop0 (7:0) using temp-fsid 64c8e35a-4d63-474c-90c6-4299758a8238 [ 350.566264][ T9094] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.751 (9094) [ 350.617151][ T9094] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 350.634028][ T29] audit: type=1804 audit(1728483766.582:58): pid=9121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.754" name="/newroot/83/bus/file1" dev="overlay" ino=475 res=1 errno=0 [ 350.640480][ T9094] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 350.756172][ T9094] BTRFS info (device loop0): using free-space-tree [ 351.658571][ T8859] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 351.802447][ T5253] Bluetooth: hci4: unexpected event for opcode 0x2005 [ 352.227570][ T9154] loop3: detected capacity change from 0 to 40427 [ 352.237091][ T9154] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff [ 352.247413][ T9154] F2FS-fs (loop3): Image doesn't support compression [ 352.255468][ T9154] F2FS-fs (loop3): Image doesn't support compression [ 352.268321][ T9154] F2FS-fs (loop3): invalid crc value [ 352.285395][ T5289] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 352.316548][ T9154] F2FS-fs (loop3): Found nat_bits in checkpoint [ 352.386029][ T9154] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 352.401680][ T5253] Bluetooth: hci8: command 0x041b tx timeout [ 352.431751][ T6114] syz-executor: attempt to access beyond end of device [ 352.431751][ T6114] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 352.447435][ T6114] F2FS-fs (loop3): Remounting filesystem read-only [ 352.474921][ T5289] usb 1-1: config 0 has no interfaces? [ 352.492000][ T5289] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 352.503071][ T5289] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 352.520424][ T5289] usb 1-1: config 0 descriptor?? [ 352.755387][ T5289] usb 1-1: USB disconnect, device number 7 [ 352.792902][ T9181] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 353.211692][ T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 353.233262][ T9205] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 353.239928][ T9205] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 353.252305][ T9205] vhci_hcd vhci_hcd.0: Device attached [ 353.261197][ T9205] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 353.267767][ T9205] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 353.277629][ T9205] vhci_hcd vhci_hcd.0: Device attached [ 353.299596][ T9209] usbip_core: unknown command [ 353.304518][ T9209] vhci_hcd: unknown pdu 0 [ 353.315002][ T9209] usbip_core: unknown command [ 353.331496][ T2919] vhci_hcd: stop threads [ 353.339688][ T2919] vhci_hcd: release socket [ 353.347593][ T7167] BTRFS info (device loop0): last unmount of filesystem 64c8e35a-4d63-474c-90c6-4299758a8238 [ 353.350348][ T2919] vhci_hcd: disconnect device [ 353.369880][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 353.444786][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 353.541669][ T5289] usb 14-1: SetAddress Request (2) to port 0 [ 353.544258][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 353.571673][ T5289] usb 14-1: new SuperSpeed USB device number 2 using vhci_hcd [ 353.601444][ T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 353.610885][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.637822][ T9] usb 2-1: config 0 descriptor?? [ 354.117574][ T9] usbhid 2-1:0.0: can't add hid device: -71 [ 354.313354][ T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 354.342018][ T9] usb 2-1: USB disconnect, device number 8 [ 354.366159][ T9199] loop3: detected capacity change from 0 to 32768 [ 354.444095][ T9206] vhci_hcd: connection reset by peer [ 354.470692][ T435] vhci_hcd: stop threads [ 354.488294][ T5253] Bluetooth: hci8: command 0x041b tx timeout [ 354.502005][ T9244] netlink: 'syz.0.776': attribute type 5 has an invalid length. [ 354.512912][ T9199] JBD2: Ignoring recovery information on journal [ 354.544116][ T435] vhci_hcd: release socket [ 354.556827][ T435] vhci_hcd: disconnect device [ 354.574549][ T9244] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 354.761269][ T9199] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 354.850571][ T9252] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 355.163486][ T9250] OCFS2: ERROR (device loop3): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total [ 355.483759][ T9250] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 355.494203][ T9250] OCFS2: Returning error to the calling process. [ 355.500551][ T9250] (syz.3.764,9250,0):ocfs2_claim_suballoc_bits:2038 ERROR: status = -5 [ 355.513827][ T9250] (syz.3.764,9250,0):__ocfs2_claim_clusters:2412 ERROR: status = -5 [ 355.527168][ T9250] (syz.3.764,9250,0):__ocfs2_claim_clusters:2420 ERROR: status = -5 [ 355.538720][ T9250] (syz.3.764,9250,0):ocfs2_local_alloc_new_window:1216 ERROR: status = -5 [ 355.564969][ T9239] kexec: Could not allocate control_code_buffer [ 355.631910][ T9250] (syz.3.764,9250,1):ocfs2_local_alloc_new_window:1241 ERROR: status = -5 [ 355.678466][ T9250] (syz.3.764,9250,1):ocfs2_local_alloc_slide_window:1315 ERROR: status = -5 [ 355.711843][ T9250] (syz.3.764,9250,1):ocfs2_local_alloc_slide_window:1334 ERROR: status = -5 [ 355.720792][ T9250] (syz.3.764,9250,1):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -5 [ 355.780211][ T9250] (syz.3.764,9250,0):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -5 [ 355.789242][ T9250] (syz.3.764,9250,0):ocfs2_reserve_clusters_with_limit:1170 ERROR: status = -5 [ 355.799270][ T9250] (syz.3.764,9250,0):ocfs2_reserve_clusters_with_limit:1219 ERROR: status = -5 [ 355.810267][ T9250] (syz.3.764,9250,0):ocfs2_lock_allocators:2749 ERROR: status = -5 [ 355.818751][ T9250] (syz.3.764,9250,0):ocfs2_write_begin_nolock:1742 ERROR: status = -5 [ 355.827337][ T9250] (syz.3.764,9250,0):__ocfs2_page_mkwrite:97 ERROR: status = -5 [ 356.245153][ T6114] ocfs2: Unmounting device (7,3) on (node local) [ 356.455614][ T9274] netlink: 'syz.2.786': attribute type 10 has an invalid length. [ 356.602618][ T9274] syz_tun: entered promiscuous mode [ 356.626479][ T9274] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 356.821780][ T29] audit: type=1326 audit(1728483772.752:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 356.858847][ T29] audit: type=1326 audit(1728483772.752:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 356.895403][ T9263] loop4: detected capacity change from 0 to 32768 [ 356.911109][ T9263] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.783 (9263) [ 356.913596][ T9260] loop0: detected capacity change from 0 to 32768 [ 356.955103][ T9263] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 356.963867][ T29] audit: type=1326 audit(1728483772.762:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 356.972259][ T9263] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 357.006630][ T9260] BTRFS: device /dev/loop0 (7:0) using temp-fsid 7bb7547b-76f7-4695-8911-8010fd433b94 [ 357.027053][ T9263] BTRFS info (device loop4): using free-space-tree [ 357.036326][ T29] audit: type=1326 audit(1728483772.762:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 357.065281][ T9260] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.781 (9260) [ 357.083647][ T29] audit: type=1326 audit(1728483772.762:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 357.139171][ T29] audit: type=1326 audit(1728483772.762:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 357.314175][ T29] audit: type=1326 audit(1728483772.762:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 357.468448][ T9260] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 357.561671][ T29] audit: type=1326 audit(1728483772.762:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 357.615128][ T9260] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 357.676078][ T29] audit: type=1326 audit(1728483772.762:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000 [ 357.706049][ T9260] BTRFS info (device loop0): using free-space-tree [ 358.248666][ T9300] kexec: Could not allocate control_code_buffer [ 358.563851][ T9260] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 358.565633][ T9260] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 358.654974][ T9260] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 358.693780][ T6464] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 358.724016][ T5289] usb 14-1: device descriptor read/8, error -110 [ 358.937263][ T9260] BTRFS error (device loop0): open_ctree failed [ 359.142557][ T5289] usb usb14-port1: attempt power cycle [ 359.292900][ T9351] input: syz1 as /devices/virtual/input/input10 [ 360.184519][ T5289] usb usb14-port1: unable to enumerate USB device [ 360.738303][ T9372] netlink: 'syz.1.809': attribute type 16 has an invalid length. [ 360.746433][ T9372] netlink: 'syz.1.809': attribute type 3 has an invalid length. [ 360.754909][ T9372] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.809'. [ 360.952833][ T5253] Bluetooth: hci5: ACL packet for unknown connection handle 200 [ 363.123784][ T9410] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 364.618561][ T9430] netlink: 28 bytes leftover after parsing attributes in process `syz.3.827'. [ 364.644654][ T9430] random: crng reseeded on system resumption [ 366.021691][ T5328] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 366.174708][ T5328] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 366.187754][ T5328] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 366.200481][ T5328] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 366.214475][ T5328] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 366.224127][ T5328] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.239376][ T5328] usb 2-1: config 0 descriptor?? [ 366.480676][ T54] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 366.488440][ T54] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 366.504725][ T54] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 366.512965][ T54] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 366.520575][ T54] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 366.528426][ T54] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 366.661022][ T5328] usbhid 2-1:0.0: can't add hid device: -71 [ 366.667348][ T5328] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 366.731733][ T5328] usb 2-1: USB disconnect, device number 9 [ 366.943431][ T9465] chnl_net:caif_netlink_parms(): no params data found [ 367.034741][ T9465] bridge0: port 1(bridge_slave_0) entered blocking state [ 367.042359][ T9465] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.058000][ T9465] bridge_slave_0: entered allmulticast mode [ 367.069286][ T9465] bridge_slave_0: entered promiscuous mode [ 367.087064][ T9465] bridge0: port 2(bridge_slave_1) entered blocking state [ 367.113579][ T9465] bridge0: port 2(bridge_slave_1) entered disabled state [ 367.121010][ T9465] bridge_slave_1: entered allmulticast mode [ 367.128768][ T9465] bridge_slave_1: entered promiscuous mode [ 367.200523][ T9465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 367.228292][ T9465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 367.297702][ T9465] team0: Port device team_slave_0 added [ 367.308038][ T9465] team0: Port device team_slave_1 added [ 367.336899][ T9465] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 367.344069][ T9465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 367.370434][ T9465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 367.385810][ T9465] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 367.393393][ T9465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 367.422413][ T9465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 367.853244][ T9465] hsr_slave_0: entered promiscuous mode [ 367.963545][ T9465] hsr_slave_1: entered promiscuous mode [ 367.969781][ T9465] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 367.977579][ T9465] Cannot create hsr debugfs directory [ 368.566023][ T5253] Bluetooth: hci9: command tx timeout [ 368.718229][ T9465] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.787192][ T9465] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.844018][ T9465] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.999939][ T9465] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 369.055311][ T9543] netlink: 12 bytes leftover after parsing attributes in process `syz.3.857'. [ 369.117904][ T9465] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 369.127702][ T9465] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 369.150580][ T9465] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 369.171722][ T9465] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 369.197874][ T9545] netlink: 128 bytes leftover after parsing attributes in process `syz.1.859'. [ 369.343277][ T9465] 8021q: adding VLAN 0 to HW filter on device bond0 [ 369.372247][ T9465] 8021q: adding VLAN 0 to HW filter on device team0 [ 369.407724][ T435] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.414892][ T435] bridge0: port 1(bridge_slave_0) entered forwarding state [ 369.429940][ T435] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.437131][ T435] bridge0: port 2(bridge_slave_1) entered forwarding state [ 369.446879][ T5289] libceph: connect (1)[c::]:6789 error -101 [ 369.458802][ T5289] libceph: mon0 (1)[c::]:6789 connect error [ 369.708757][ T9547] ceph: No mds server is up or the cluster is laggy [ 369.722258][ T5289] libceph: connect (1)[c::]:6789 error -101 [ 369.728319][ T5289] libceph: mon0 (1)[c::]:6789 connect error [ 369.851009][ T9465] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 369.941452][ T9465] veth0_vlan: entered promiscuous mode [ 369.970934][ T9465] veth1_vlan: entered promiscuous mode [ 370.033378][ T9465] veth0_macvtap: entered promiscuous mode [ 370.055316][ T9465] veth1_macvtap: entered promiscuous mode [ 370.103761][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.122587][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.141701][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.168208][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.184647][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.207091][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.233324][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.261684][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.281694][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.306129][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.316052][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.327163][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.337731][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.348421][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.371635][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 370.401636][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.412864][ T9465] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 370.452875][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.471835][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.482342][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.493759][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.504524][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.515171][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.525250][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.535867][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.546072][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.556746][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.566916][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.577520][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.587420][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.598720][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.609168][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.619641][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.630948][ T9465] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 370.645284][ T54] Bluetooth: hci9: command tx timeout [ 370.663773][ T9465] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.672600][ T9465] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.681373][ T9465] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.690335][ T9465] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.790797][ T9582] overlayfs: failed to resolve './file1': -2 [ 370.810706][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 370.811360][ T9565] loop3: detected capacity change from 0 to 32768 [ 370.829173][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.871051][ T6499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 370.913568][ T6499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.950703][ T9565] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 370.959371][ T9565] CPU: 0 UID: 0 PID: 9565 Comm: syz.3.864 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 370.963625][ T9590] netlink: 40 bytes leftover after parsing attributes in process `syz.1.874'. [ 370.969465][ T9565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 370.988448][ T9565] Call Trace: [ 370.991761][ T9565] <TASK> [ 370.994714][ T9565] dump_stack_lvl+0x241/0x360 [ 370.999434][ T9565] ? __pfx_dump_stack_lvl+0x10/0x10 [ 371.004674][ T9565] ? __pfx__printk+0x10/0x10 [ 371.009278][ T9565] ? __kmalloc_cache_noprof+0x243/0x390 [ 371.014842][ T9565] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 371.020177][ T9565] sysfs_create_dir_ns+0x2ce/0x3a0 [ 371.025302][ T9565] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 371.030955][ T9565] kobject_add_internal+0x435/0x8d0 [ 371.036169][ T9565] kobject_init_and_add+0x124/0x190 [ 371.041487][ T9565] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 371.047312][ T9565] ? __pfx_kobject_init_and_add+0x10/0x10 [ 371.053047][ T9565] ? __init_swait_queue_head+0xae/0x150 [ 371.058609][ T9565] gfs2_sys_fs_add+0x23b/0x4a0 [ 371.063388][ T9565] ? __pfx_gfs2_sys_fs_add+0x10/0x10 [ 371.068692][ T9565] ? __pfx_alloc_workqueue+0x10/0x10 [ 371.073988][ T9565] ? read_word_at_a_time+0xe/0x20 [ 371.079023][ T9565] ? sized_strscpy+0x8d/0x220 [ 371.083715][ T9565] gfs2_fill_super+0x11ee/0x24d0 [ 371.088669][ T9565] ? __pfx_gfs2_fill_super+0x10/0x10 [ 371.093971][ T9565] ? snprintf+0xda/0x120 [ 371.098224][ T9565] ? __pfx_lock_release+0x10/0x10 [ 371.103273][ T9565] ? do_raw_spin_lock+0x14f/0x370 [ 371.108312][ T9565] ? __pfx_snprintf+0x10/0x10 [ 371.113024][ T9565] ? sb_set_blocksize+0x98/0xf0 [ 371.117881][ T9565] ? setup_bdev_super+0x4e6/0x5d0 [ 371.122914][ T9565] get_tree_bdev+0x3f7/0x570 [ 371.127515][ T9565] ? __pfx_gfs2_fill_super+0x10/0x10 [ 371.132806][ T9565] ? __pfx_get_tree_bdev+0x10/0x10 [ 371.137933][ T9565] gfs2_get_tree+0x54/0x220 [ 371.142455][ T9565] vfs_get_tree+0x90/0x2b0 [ 371.146885][ T9565] do_new_mount+0x2be/0xb40 [ 371.151402][ T9565] ? __pfx_do_new_mount+0x10/0x10 [ 371.156443][ T9565] __se_sys_mount+0x2d6/0x3c0 [ 371.161139][ T9565] ? __pfx___se_sys_mount+0x10/0x10 [ 371.166359][ T9565] ? rcu_is_watching+0x15/0xb0 [ 371.171134][ T9565] ? __x64_sys_mount+0x20/0xc0 [ 371.175913][ T9565] do_syscall_64+0xf3/0x230 [ 371.180425][ T9565] ? clear_bhb_loop+0x35/0x90 [ 371.185117][ T9565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.191021][ T9565] RIP: 0033:0x7fcf4837f79a [ 371.195435][ T9565] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.215065][ T9565] RSP: 002b:00007fcf49232e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 371.223494][ T9565] RAX: ffffffffffffffda RBX: 00007fcf49232ef0 RCX: 00007fcf4837f79a [ 371.231472][ T9565] RDX: 0000000020000100 RSI: 0000000020037f80 RDI: 00007fcf49232eb0 [ 371.239448][ T9565] RBP: 0000000020000100 R08: 00007fcf49232ef0 R09: 0000000000000000 [ 371.247443][ T9565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80 [ 371.255417][ T9565] R13: 00007fcf49232eb0 R14: 0000000000037f14 R15: 0000000020000400 [ 371.263403][ T9565] </TASK> [ 371.269587][ T9565] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 371.296042][ T9565] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 372.090938][ T9614] block device autoloading is deprecated and will be removed. [ 372.725720][ T54] Bluetooth: hci9: command tx timeout [ 372.768866][ T9644] netlink: 'syz.4.896': attribute type 2 has an invalid length. [ 372.809449][ T9639] netlink: 8 bytes leftover after parsing attributes in process `syz.2.894'. [ 373.016037][ T9633] loop3: detected capacity change from 0 to 32768 [ 373.039702][ T9633] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 373.064390][ T9633] CPU: 1 UID: 0 PID: 9633 Comm: syz.3.890 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 373.074523][ T9633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 373.084615][ T9633] Call Trace: [ 373.087924][ T9633] <TASK> [ 373.090899][ T9633] dump_stack_lvl+0x241/0x360 [ 373.095589][ T9633] ? __pfx_dump_stack_lvl+0x10/0x10 [ 373.100788][ T9633] ? __pfx__printk+0x10/0x10 [ 373.105382][ T9633] ? __kmalloc_cache_noprof+0x243/0x390 [ 373.110938][ T9633] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 373.116249][ T9633] sysfs_create_dir_ns+0x2ce/0x3a0 [ 373.121369][ T9633] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 373.127014][ T9633] kobject_add_internal+0x435/0x8d0 [ 373.132396][ T9633] kobject_init_and_add+0x124/0x190 [ 373.137598][ T9633] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 373.143454][ T9633] ? __pfx_kobject_init_and_add+0x10/0x10 [ 373.149269][ T9633] ? __init_swait_queue_head+0xae/0x150 [ 373.154841][ T9633] gfs2_sys_fs_add+0x23b/0x4a0 [ 373.159710][ T9633] ? __pfx_gfs2_sys_fs_add+0x10/0x10 [ 373.165266][ T9633] ? __pfx_alloc_workqueue+0x10/0x10 [ 373.170550][ T9633] ? read_word_at_a_time+0xe/0x20 [ 373.175660][ T9633] ? sized_strscpy+0x8d/0x220 [ 373.180336][ T9633] gfs2_fill_super+0x11ee/0x24d0 [ 373.185368][ T9633] ? __pfx_gfs2_fill_super+0x10/0x10 [ 373.190646][ T9633] ? snprintf+0xda/0x120 [ 373.194890][ T9633] ? __pfx_lock_release+0x10/0x10 [ 373.199908][ T9633] ? do_raw_spin_lock+0x14f/0x370 [ 373.204960][ T9633] ? __pfx_snprintf+0x10/0x10 [ 373.209738][ T9633] ? sb_set_blocksize+0x98/0xf0 [ 373.214585][ T9633] ? setup_bdev_super+0x4e6/0x5d0 [ 373.219693][ T9633] get_tree_bdev+0x3f7/0x570 [ 373.224304][ T9633] ? __pfx_gfs2_fill_super+0x10/0x10 [ 373.229850][ T9633] ? __pfx_get_tree_bdev+0x10/0x10 [ 373.234970][ T9633] gfs2_get_tree+0x54/0x220 [ 373.239731][ T9633] vfs_get_tree+0x90/0x2b0 [ 373.244155][ T9633] do_new_mount+0x2be/0xb40 [ 373.248663][ T9633] ? __pfx_do_new_mount+0x10/0x10 [ 373.253690][ T9633] __se_sys_mount+0x2d6/0x3c0 [ 373.258395][ T9633] ? __pfx___se_sys_mount+0x10/0x10 [ 373.263611][ T9633] ? rcu_is_watching+0x15/0xb0 [ 373.268381][ T9633] ? __x64_sys_mount+0x20/0xc0 [ 373.273156][ T9633] do_syscall_64+0xf3/0x230 [ 373.277842][ T9633] ? clear_bhb_loop+0x35/0x90 [ 373.282528][ T9633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.288418][ T9633] RIP: 0033:0x7fcf4837f79a [ 373.292830][ T9633] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.312438][ T9633] RSP: 002b:00007fcf49232e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 373.320934][ T9633] RAX: ffffffffffffffda RBX: 00007fcf49232ef0 RCX: 00007fcf4837f79a [ 373.328907][ T9633] RDX: 0000000020000100 RSI: 0000000020037f80 RDI: 00007fcf49232eb0 [ 373.336963][ T9633] RBP: 0000000020000100 R08: 00007fcf49232ef0 R09: 0000000000000000 [ 373.344933][ T9633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80 [ 373.353017][ T9633] R13: 00007fcf49232eb0 R14: 0000000000037f14 R15: 0000000020000400 [ 373.360998][ T9633] </TASK> [ 373.364150][ C1] vkms_vblank_simulate: vblank timer overrun [ 373.382854][ T9633] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 373.835963][ T9633] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 374.091038][ T9675] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.908'. [ 374.537295][ T9694] fuse: Bad value for 'fd' [ 374.802352][ T54] Bluetooth: hci9: command tx timeout [ 374.987683][ T1033] block nbd2: Possible stuck request ffff888025770000: control (read@0,4096B). Runtime 90 seconds [ 375.665049][ T9729] fuse: Bad value for 'fd' [ 375.841084][ T9708] loop4: detected capacity change from 0 to 32768 [ 375.957003][ T9708] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 375.964965][ T9708] CPU: 1 UID: 0 PID: 9708 Comm: syz.4.919 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 375.975172][ T9708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 375.985345][ T9708] Call Trace: [ 375.988655][ T9708] <TASK> [ 375.991607][ T9708] dump_stack_lvl+0x241/0x360 [ 375.996328][ T9708] ? __pfx_dump_stack_lvl+0x10/0x10 [ 376.001562][ T9708] ? __pfx__printk+0x10/0x10 [ 376.006187][ T9708] ? __kmalloc_cache_noprof+0x243/0x390 [ 376.011775][ T9708] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 376.017096][ T9708] sysfs_create_dir_ns+0x2ce/0x3a0 [ 376.022247][ T9708] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 376.027921][ T9708] kobject_add_internal+0x435/0x8d0 [ 376.033169][ T9708] kobject_init_and_add+0x124/0x190 [ 376.038409][ T9708] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 376.044268][ T9708] ? __pfx_kobject_init_and_add+0x10/0x10 [ 376.050027][ T9708] ? __init_swait_queue_head+0xae/0x150 [ 376.055635][ T9708] gfs2_sys_fs_add+0x23b/0x4a0 [ 376.060453][ T9708] ? __pfx_gfs2_sys_fs_add+0x10/0x10 [ 376.065785][ T9708] ? __pfx_alloc_workqueue+0x10/0x10 [ 376.071148][ T9708] ? read_word_at_a_time+0xe/0x20 [ 376.076211][ T9708] ? sized_strscpy+0x8d/0x220 [ 376.080926][ T9708] gfs2_fill_super+0x11ee/0x24d0 [ 376.085910][ T9708] ? __pfx_gfs2_fill_super+0x10/0x10 [ 376.091225][ T9708] ? snprintf+0xda/0x120 [ 376.095507][ T9708] ? __pfx_lock_release+0x10/0x10 [ 376.100566][ T9708] ? do_raw_spin_lock+0x14f/0x370 [ 376.105664][ T9708] ? __pfx_snprintf+0x10/0x10 [ 376.110386][ T9708] ? sb_set_blocksize+0x98/0xf0 [ 376.115279][ T9708] ? setup_bdev_super+0x4e6/0x5d0 [ 376.120345][ T9708] get_tree_bdev+0x3f7/0x570 [ 376.124980][ T9708] ? __pfx_gfs2_fill_super+0x10/0x10 [ 376.130303][ T9708] ? __pfx_get_tree_bdev+0x10/0x10 [ 376.135462][ T9708] gfs2_get_tree+0x54/0x220 [ 376.140000][ T9708] vfs_get_tree+0x90/0x2b0 [ 376.144436][ T9708] do_new_mount+0x2be/0xb40 [ 376.148962][ T9708] ? __pfx_do_new_mount+0x10/0x10 [ 376.154009][ T9708] __se_sys_mount+0x2d6/0x3c0 [ 376.158705][ T9708] ? __pfx___se_sys_mount+0x10/0x10 [ 376.163918][ T9708] ? rcu_is_watching+0x15/0xb0 [ 376.168690][ T9708] ? __x64_sys_mount+0x20/0xc0 [ 376.173468][ T9708] do_syscall_64+0xf3/0x230 [ 376.177984][ T9708] ? clear_bhb_loop+0x35/0x90 [ 376.182677][ T9708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.188577][ T9708] RIP: 0033:0x7f9a7637f79a [ 376.193009][ T9708] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 376.212724][ T9708] RSP: 002b:00007f9a77103e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 376.221148][ T9708] RAX: ffffffffffffffda RBX: 00007f9a77103ef0 RCX: 00007f9a7637f79a [ 376.229128][ T9708] RDX: 0000000020000100 RSI: 0000000020037f80 RDI: 00007f9a77103eb0 [ 376.237139][ T9708] RBP: 0000000020000100 R08: 00007f9a77103ef0 R09: 0000000000000000 [ 376.245118][ T9708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80 [ 376.253096][ T9708] R13: 00007f9a77103eb0 R14: 0000000000037f14 R15: 0000000020000400 [ 376.261099][ T9708] </TASK> [ 376.264285][ C1] vkms_vblank_simulate: vblank timer overrun [ 376.862181][ T9708] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 376.917388][ T9708] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 377.285705][ T9754] No buffer was provided with the request [ 377.735963][ T9767] fuse: Bad value for 'fd' [ 378.044542][ T9773] xt_connbytes: Forcing CT accounting to be enabled [ 378.051676][ T9773] Cannot find add_set index 0 as target [ 378.202038][ T29] audit: type=1326 audit(1728483794.142:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.1.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000 [ 378.271713][ T29] audit: type=1326 audit(1728483794.142:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.1.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000 [ 378.309655][ T29] audit: type=1326 audit(1728483794.142:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.1.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000 [ 378.337485][ T29] audit: type=1326 audit(1728483794.142:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.1.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000 [ 378.365586][ T29] audit: type=1326 audit(1728483794.282:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 378.422236][ T29] audit: type=1326 audit(1728483794.282:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 378.445936][ T29] audit: type=1326 audit(1728483794.312:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 378.484307][ T29] audit: type=1326 audit(1728483794.312:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 378.522947][ T29] audit: type=1326 audit(1728483794.312:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 378.522992][ T29] audit: type=1326 audit(1728483794.332:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000 [ 378.641855][ T5289] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 378.678626][ T9763] loop0: detected capacity change from 0 to 32768 [ 378.679188][ T9763] XFS: noikeep mount option is deprecated. [ 378.679216][ T9763] XFS: noikeep mount option is deprecated. [ 378.714673][ T9791] wireguard0: entered promiscuous mode [ 378.718272][ T9791] wireguard0: entered allmulticast mode [ 378.722893][ T9763] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 378.809858][ T1266] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.816394][ T1266] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.826305][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 378.896606][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 379.050585][ T5289] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 379.063892][ T5289] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 379.073078][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.185682][ T5289] usb 4-1: config 0 descriptor?? [ 379.219364][ T9763] XFS (loop0): Ending clean mount [ 379.231410][ T9763] XFS (loop0): Quotacheck needed: Please wait. [ 379.247828][ T9763] XFS (loop0): Quotacheck: Done. [ 379.261264][ T9763] netlink: 'syz.0.941': attribute type 9 has an invalid length. [ 379.269536][ T9763] netlink: 134672 bytes leftover after parsing attributes in process `syz.0.941'. [ 379.282211][ T9763] openvswitch: netlink: Key 2 has unexpected len 20 expected 4 [ 379.319390][ T7167] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 379.504750][ T9818] xt_connbytes: Forcing CT accounting to be enabled [ 379.513966][ T9818] Cannot find add_set index 0 as target [ 379.750061][ T5289] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 379.759400][ T5289] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 379.788547][ T5289] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 380.074180][ T9830] overlay: Unknown parameter ':#�' [ 380.271668][ T5289] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 380.421845][ T5289] usb 2-1: device descriptor read/64, error -71 [ 380.487881][ T9840] netlink: 'syz.0.963': attribute type 16 has an invalid length. [ 380.509396][ T9840] netlink: 'syz.0.963': attribute type 17 has an invalid length. [ 380.638072][ T9840] bridge0: port 2(bridge_slave_1) entered disabled state [ 380.645538][ T9840] bridge0: port 1(bridge_slave_0) entered disabled state [ 380.692876][ T5289] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 380.725651][ T9840] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 380.749604][ T9840] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 380.810269][ T9840] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.819599][ T9840] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.829029][ T9840] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.839285][ T9840] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.840981][ T5289] usb 2-1: device descriptor read/64, error -71 [ 380.967410][ T5289] usb usb2-port1: attempt power cycle [ 381.371716][ T5289] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 381.392264][ T5289] usb 2-1: device descriptor read/8, error -71 [ 381.646823][ T5289] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 381.689975][ T5289] usb 2-1: device descriptor read/8, error -71 [ 381.811921][ T5289] usb usb2-port1: unable to enumerate USB device [ 381.866402][ T9853] loop0: detected capacity change from 0 to 32768 [ 381.882783][ T9853] XFS: noikeep mount option is deprecated. [ 381.888668][ T9853] XFS: noikeep mount option is deprecated. [ 381.912814][ T9853] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 381.967273][ T9853] XFS (loop0): Ending clean mount [ 381.975201][ T9853] XFS (loop0): Quotacheck needed: Please wait. [ 381.992926][ T9853] XFS (loop0): Quotacheck: Done. [ 382.008671][ T9853] netlink: 'syz.0.967': attribute type 9 has an invalid length. [ 382.017820][ T9853] netlink: 134672 bytes leftover after parsing attributes in process `syz.0.967'. [ 382.030771][ T9853] openvswitch: netlink: Key 2 has unexpected len 20 expected 4 [ 382.078140][ T7167] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 382.202466][ T5287] usb 4-1: USB disconnect, device number 7 [ 382.218644][ T9879] overlay: Unknown parameter ':#�' [ 382.961678][ T3453] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 383.181885][ T3453] usb 1-1: Using ep0 maxpacket: 8 [ 383.205623][ T3453] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 383.241243][ T3453] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 383.250354][ T3453] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 383.261724][ T3453] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 383.273585][ T3453] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 383.285858][ T3453] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.302243][ T3453] hub 1-1:1.0: bad descriptor, ignoring hub [ 383.308264][ T3453] hub 1-1:1.0: probe with driver hub failed with error -5 [ 383.315852][ T3453] cdc_wdm 1-1:1.0: skipping garbage [ 383.321124][ T3453] cdc_wdm 1-1:1.0: skipping garbage [ 383.338753][ T3453] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 383.344964][ T3453] cdc_wdm 1-1:1.0: Unknown control protocol [ 383.523096][ T9908] overlay: Unknown parameter ':#�' [ 383.558287][ T9891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.579447][ T9891] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.876694][ T9904] loop3: detected capacity change from 0 to 32768 [ 383.899932][ T9904] XFS: noikeep mount option is deprecated. [ 383.906788][ T9904] XFS: noikeep mount option is deprecated. [ 384.060535][ T9904] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 384.168137][ T9904] XFS (loop3): Ending clean mount [ 384.179302][ T9904] XFS (loop3): Quotacheck needed: Please wait. [ 384.196197][ T9904] XFS (loop3): Quotacheck: Done. [ 384.230379][ T9904] netlink: 'syz.3.982': attribute type 9 has an invalid length. [ 384.260053][ T9904] netlink: 134672 bytes leftover after parsing attributes in process `syz.3.982'. [ 384.275309][ T9904] openvswitch: netlink: Key 2 has unexpected len 20 expected 4 [ 384.339651][ T6114] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 384.684562][ T54] Bluetooth: hci3: SCO packet for unknown connection handle 200 [ 384.685215][ T54] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 384.695116][ T54] Bluetooth: hci3: SCO packet for unknown connection handle 1039 [ 384.882106][ T46] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 385.032004][ T46] usb 4-1: device descriptor read/64, error -71 [ 385.272141][ T46] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 385.411880][ T46] usb 4-1: device descriptor read/64, error -71 [ 385.525890][ T3453] usb 1-1: USB disconnect, device number 8 [ 385.598395][ T46] usb usb4-port1: attempt power cycle [ 385.951622][ T46] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 385.972127][ T46] usb 4-1: device descriptor read/8, error -71 [ 386.211636][ T46] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 386.232142][ T46] usb 4-1: device descriptor read/8, error -71 [ 386.321804][ T3453] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 386.341868][ T46] usb usb4-port1: unable to enumerate USB device [ 386.473006][ T3453] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 386.501598][ T3453] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 386.522475][ T3453] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 386.542391][ T3453] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 386.581467][ T3453] usb 5-1: config 0 descriptor?? [ 386.694610][T10013] netlink: 'syz.1.1001': attribute type 9 has an invalid length. [ 386.702913][T10013] netlink: 134672 bytes leftover after parsing attributes in process `syz.1.1001'. [ 386.713114][T10013] openvswitch: netlink: Key 2 has unexpected len 20 expected 4 [ 387.069645][ T3453] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 387.077462][ T3453] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0 [ 387.093836][ T3453] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.0008/input/input11 [ 387.146230][ T3453] cm6533_jd 0003:0D8C:0022.0008: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0 [ 388.362202][ T5328] usb 5-1: reset high-speed USB device number 9 using dummy_hcd [ 388.941826][ T3453] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 389.061645][ T6010] gfs2: fsid=syz:syz.0: 2 glocks left after 61 seconds; still waiting [ 389.151656][ T3453] usb 1-1: config 0 has no interfaces? [ 389.157239][ T3453] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 389.191595][ T3453] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.242309][ T3453] usb 1-1: config 0 descriptor?? [ 389.276335][ T5253] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 389.283872][ T5253] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 389.291266][ T5253] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 389.292080][ T937] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 389.312557][ T5253] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 389.320472][ T5253] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 389.328087][ T5253] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 389.441779][ T937] usb 4-1: device descriptor read/64, error -71 [ 389.490371][ T5289] usb 1-1: USB disconnect, device number 9 [ 389.570819][T10112] chnl_net:caif_netlink_parms(): no params data found [ 389.681474][T10112] bridge0: port 1(bridge_slave_0) entered blocking state [ 389.689950][T10112] bridge0: port 1(bridge_slave_0) entered disabled state [ 389.698447][T10112] bridge_slave_0: entered allmulticast mode [ 389.704896][ T937] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 389.706938][T10112] bridge_slave_0: entered promiscuous mode [ 389.720517][T10112] bridge0: port 2(bridge_slave_1) entered blocking state [ 389.727724][T10112] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.736690][T10112] bridge_slave_1: entered allmulticast mode [ 389.745319][T10112] bridge_slave_1: entered promiscuous mode [ 389.767824][T10112] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 389.779872][T10112] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 389.807781][T10112] team0: Port device team_slave_0 added [ 389.816267][T10112] team0: Port device team_slave_1 added [ 389.836180][T10112] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 389.843319][ T937] usb 4-1: device descriptor read/64, error -71 [ 389.843331][T10112] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 389.887084][T10112] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 389.900305][T10112] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 389.911887][T10112] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 389.943680][T10112] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 389.982239][T10112] hsr_slave_0: entered promiscuous mode [ 389.989009][T10112] hsr_slave_1: entered promiscuous mode [ 389.991880][ T937] usb usb4-port1: attempt power cycle [ 390.000834][T10112] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 390.008881][T10112] Cannot create hsr debugfs directory [ 390.130593][T10141] input: syz1 as /devices/virtual/input/input12 [ 390.162580][ T9] usb 5-1: USB disconnect, device number 9 [ 390.371774][T10144] --map-set only usable from mangle table [ 390.390928][T10112] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.392709][ T937] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 390.492146][ T937] usb 4-1: device descriptor read/8, error -71 [ 390.736622][T10112] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.763699][ T937] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 390.806837][ T937] usb 4-1: device descriptor read/8, error -71 [ 390.905555][T10112] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.016663][ T937] usb usb4-port1: unable to enumerate USB device [ 391.203884][T10112] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.247194][T10163] Cannot find add_set index 0 as target [ 391.475393][ T54] Bluetooth: hci10: command tx timeout [ 391.528445][T10112] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 391.537833][T10112] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 391.551288][T10112] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 391.562204][T10112] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 391.638162][T10112] 8021q: adding VLAN 0 to HW filter on device bond0 [ 391.656333][T10112] 8021q: adding VLAN 0 to HW filter on device team0 [ 391.674929][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 391.682082][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 391.690322][ T46] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 391.749439][T10167] veth1_to_bridge: entered promiscuous mode [ 391.767633][ T435] bridge0: port 2(bridge_slave_1) entered blocking state [ 391.774832][ T435] bridge0: port 2(bridge_slave_1) entered forwarding state [ 391.788298][ T435] bridge0: port 2(bridge_slave_1) entered disabled state [ 391.864557][ T46] usb 1-1: config 0 has no interfaces? [ 391.870101][ T46] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 391.880299][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.896217][ T46] usb 1-1: config 0 descriptor?? [ 392.364013][ T937] usb 1-1: USB disconnect, device number 10 [ 392.543642][T10185] Cannot find add_set index 0 as target [ 392.768085][T10112] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 392.900598][T10112] veth0_vlan: entered promiscuous mode [ 392.914164][T10112] veth1_vlan: entered promiscuous mode [ 393.067661][T10112] veth0_macvtap: entered promiscuous mode [ 393.111574][T10112] veth1_macvtap: entered promiscuous mode [ 393.485486][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 393.522271][ T54] Bluetooth: hci10: command tx timeout [ 393.527935][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 393.616622][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 393.630800][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 393.642633][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 393.654739][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 393.668407][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 393.699279][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 393.723784][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 393.749488][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 393.766146][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 393.795252][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 393.818662][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 393.839804][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 393.863956][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 393.883713][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 393.901290][T10112] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 393.984866][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 394.033984][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 394.053529][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 394.071684][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 394.087616][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 394.098488][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 394.109092][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 394.120286][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 394.130491][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 394.141241][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 394.155135][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 394.170976][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 394.191298][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 394.211618][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 394.222465][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 394.231777][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 394.256358][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 394.276740][T10112] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 394.352317][T10112] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 394.381634][ T9] usb 5-1: device descriptor read/64, error -71 [ 394.479515][T10112] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 395.002529][T10112] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 395.031894][T10112] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 395.051641][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 395.184648][ T9] usb 5-1: device descriptor read/64, error -71 [ 395.611773][ T54] Bluetooth: hci10: command tx timeout [ 395.630390][ T435] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 395.757870][ T9] usb usb5-port1: attempt power cycle [ 395.765733][ T435] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 395.793833][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 395.808339][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 395.973686][T10230] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1052'. [ 396.008019][T10230] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1052'. [ 396.035238][T10230] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1052'. [ 396.243547][T10234] --map-set only usable from mangle table [ 396.361657][T10230] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1052'. [ 396.404632][ T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 396.432130][ T9] usb 5-1: device descriptor read/8, error -71 [ 396.471633][ T5328] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 396.626845][T10227] loop2: detected capacity change from 0 to 32768 [ 396.635241][ T5328] usb 4-1: config 0 has no interfaces? [ 396.637406][T10227] XFS: noikeep mount option is deprecated. [ 396.641939][ T5328] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 396.650233][T10227] XFS: noikeep mount option is deprecated. [ 396.673387][ T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 396.699033][ T5328] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.702938][T10227] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 396.709056][ T9] usb 5-1: device descriptor read/8, error -71 [ 396.725769][ T5328] usb 4-1: config 0 descriptor?? [ 396.833066][ T9] usb usb5-port1: unable to enumerate USB device [ 396.924687][T10227] XFS (loop2): Ending clean mount [ 396.936553][T10227] XFS (loop2): Quotacheck needed: Please wait. [ 397.099289][T10227] XFS (loop2): Quotacheck: Done. [ 397.122127][T10227] netlink: 'syz.2.1014': attribute type 9 has an invalid length. [ 397.130647][T10227] netlink: 134672 bytes leftover after parsing attributes in process `syz.2.1014'. [ 397.140851][T10227] openvswitch: netlink: Key 2 has unexpected len 20 expected 4 [ 397.177864][ T46] usb 4-1: USB disconnect, device number 16 [ 397.178813][T10112] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 397.681683][ T54] Bluetooth: hci10: command tx timeout [ 403.803677][ T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 405.092562][ T1033] block nbd2: Possible stuck request ffff888025770000: control (read@0,4096B). Runtime 120 seconds [ 406.151401][ T4691] udevd[4691]: worker [6540] /devices/virtual/block/nbd2 is taking a long time [ 424.894523][ T30] INFO: task syz.1.318:7524 blocked for more than 144 seconds. [ 426.282265][ T30] Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 426.289496][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 426.470481][ T30] task:syz.1.318 state:D stack:25360 pid:7524 tgid:7523 ppid:7283 flags:0x00000004 [ 427.699464][ T30] Call Trace: [ 427.782450][ T30] <TASK> [ 427.806889][ T30] __schedule+0x1895/0x4b30 [ 427.929717][ T30] ? rcu_is_watching+0x15/0xb0 [ 428.634062][ T30] ? kernel_text_address+0xa7/0xe0 [ 428.639617][ T30] ? schedule+0x90/0x320 [ 428.705579][ T30] ? schedule+0x90/0x320 [ 428.710051][ T30] ? lock_release+0xbf/0xa30 [ 428.786891][ T30] ? __pfx___schedule+0x10/0x10 SYZFAIL: failed to send rpc fd=3 want=184 sent=0 n=-1 (errno 32: Broken pipe) [ 430.586282][ T30] ? __pfx_lock_release+0x10/0x10 [ 430.602123][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 430.608609][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 430.635103][ T30] ? schedule+0x90/0x320 [ 430.639481][ T30] schedule+0x14b/0x320 [ 430.658704][ T30] ? down_read+0x6a5/0xa40 [ 430.677096][ T30] schedule_preempt_disabled+0x13/0x30 [ 430.701883][ T30] down_read+0x705/0xa40 [ 430.711044][ T30] ? __se_sys_quotactl+0x277/0xa30 [ 430.716446][ T30] ? do_syscall_64+0xf3/0x230 [ 430.721241][ T30] ? __pfx_down_read+0x10/0x10 [ 430.726236][ T30] ? rcu_is_watching+0x15/0xb0 [ 430.731147][ T30] ? rcu_is_watching+0x15/0xb0 [ 430.736149][ T30] ? lock_release+0xbf/0xa30 [ 430.740845][ T30] super_lock+0x27c/0x400 [ 430.745355][ T30] ? __pfx_super_lock+0x10/0x10 [ 430.750344][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 430.759269][ T30] user_get_super+0xd2/0x180 [ 430.764144][ T30] __se_sys_quotactl+0x527/0xa30 [ 430.769278][ T30] ? __pfx___se_sys_quotactl+0x10/0x10 [ 430.774890][ T30] ? rcu_is_watching+0x15/0xb0 [ 430.779781][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 430.786271][ T30] ? rcu_is_watching+0x15/0xb0 [ 430.791157][ T30] ? rcu_is_watching+0x15/0xb0 [ 430.796102][ T30] do_syscall_64+0xf3/0x230 [ 430.800718][ T30] ? clear_bhb_loop+0x35/0x90 [ 430.806083][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.813495][ T30] RIP: 0033:0x7fd7d937dff9 [ 430.818000][ T30] RSP: 002b:00007fd7da19c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 430.826580][ T30] RAX: ffffffffffffffda RBX: 00007fd7d9535f80 RCX: 00007fd7d937dff9 [ 430.834684][ T30] RDX: 0000000000000000 RSI: 0000000020000340 RDI: ffffffff80000800 [ 430.861808][ T30] RBP: 00007fd7d93f0296 R08: 0000000000000000 R09: 0000000000000000 [ 430.871289][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 431.020065][ T30] R13: 0000000000000000 R14: 00007fd7d9535f80 R15: 00007ffc642a1888 [ 431.031601][ T30] </TASK> [ 431.051448][ T30] INFO: lockdep is turned off. [ 432.034072][ T30] NMI backtrace for cpu 1 [ 432.038503][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 432.048603][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 432.058688][ T30] Call Trace: [ 432.062000][ T30] <TASK> [ 432.064949][ T30] dump_stack_lvl+0x241/0x360 [ 432.069661][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 432.074892][ T30] ? __pfx__printk+0x10/0x10 [ 432.079519][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 432.084493][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 432.090950][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 432.096461][ T30] ? rcu_is_watching+0x15/0xb0 [ 432.101269][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 432.107291][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 432.113317][ T30] watchdog+0xff4/0x1040 [ 432.117604][ T30] ? watchdog+0x1ea/0x1040 [ 432.122066][ T30] ? __pfx_watchdog+0x10/0x10 [ 432.126780][ T30] kthread+0x2f0/0x390 [ 432.130867][ T30] ? __pfx_watchdog+0x10/0x10 [ 432.135563][ T30] ? __pfx_kthread+0x10/0x10 [ 432.140161][ T30] ret_from_fork+0x4b/0x80 [ 432.144594][ T30] ? __pfx_kthread+0x10/0x10 [ 432.149192][ T30] ret_from_fork_asm+0x1a/0x30 [ 432.153986][ T30] </TASK> [ 432.158080][ T30] Sending NMI from CPU 1 to CPUs 0: [ 432.163993][ C0] NMI backtrace for cpu 0 [ 432.164008][ C0] CPU: 0 UID: 0 PID: 8819 Comm: syz.0.677 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 432.164029][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 432.164041][ C0] RIP: 0010:__kernel_text_address+0x34/0x40 [ 432.164069][ C0] Code: 00 00 00 85 c0 0f 95 c0 48 c7 c1 00 30 7c 91 48 39 cb 0f 93 c1 48 c7 c2 9f 0b 97 91 48 39 d3 0f 92 c2 20 ca 08 c2 0f b6 c2 5b <c3> cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 [ 432.164084][ C0] RSP: 0018:ffffc9000d2ef518 EFLAGS: 00000202 [ 432.164101][ C0] RAX: 0000000000000001 RBX: ffffc9000d2ef588 RCX: ffffffff917c3000 [ 432.164114][ C0] RDX: ffffffff91970b01 RSI: ffffc9000d2e8000 RDI: ffffffff81efb10b [ 432.164128][ C0] RBP: ffffc9000d2ef5d0 R08: ffffc9000d2ef868 R09: 0000000000000000 [ 432.164141][ C0] R10: ffffc9000d2ef590 R11: fffff52001a5deb4 R12: ffff88802c69da00 [ 432.164154][ C0] R13: ffffffff8180a490 R14: dffffc0000000000 R15: 1ffff92001a5deb1 [ 432.164169][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 432.164184][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 432.164196][ C0] CR2: 00007ff7fad36018 CR3: 00000000313d6000 CR4: 00000000003526f0 [ 432.164212][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 432.164233][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 432.164245][ C0] Call Trace: [ 432.164250][ C0] <NMI> [ 432.164257][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 432.164283][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 432.164301][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 432.164334][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 432.164360][ C0] ? nmi_handle+0x14f/0x5a0 [ 432.164379][ C0] ? nmi_handle+0x2a/0x5a0 [ 432.164399][ C0] ? __kernel_text_address+0x34/0x40 [ 432.164420][ C0] ? default_do_nmi+0x63/0x160 [ 432.164445][ C0] ? exc_nmi+0x123/0x1f0 [ 432.164468][ C0] ? end_repeat_nmi+0xf/0x53 [ 432.164489][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 432.164516][ C0] ? __init_begin+0x41000/0x41000 [ 432.164537][ C0] ? no_hash_pointers_enable+0xb1/0xe0 [ 432.164556][ C0] ? free_unref_page+0xcfb/0xf20 [ 432.164574][ C0] ? __kernel_text_address+0x34/0x40 [ 432.164602][ C0] ? __kernel_text_address+0x34/0x40 [ 432.164625][ C0] ? no_hash_pointers_enable+0xb1/0xe0 [ 432.164643][ C0] ? __kernel_text_address+0x34/0x40 [ 432.164664][ C0] </NMI> [ 432.164670][ C0] <TASK> [ 432.164676][ C0] unwind_get_return_address+0x4d/0x90 [ 432.164695][ C0] arch_stack_walk+0xfd/0x150 [ 432.164717][ C0] ? free_unref_page+0xcfb/0xf20 [ 432.164737][ C0] stack_trace_save+0x118/0x1d0 [ 432.164758][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 432.164787][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 432.164809][ C0] ? rcu_is_watching+0x15/0xb0 [ 432.164830][ C0] ? lock_acquire+0xe3/0x550 [ 432.164849][ C0] save_stack+0xfb/0x1f0 [ 432.164869][ C0] ? __pfx_save_stack+0x10/0x10 [ 432.164901][ C0] ? rcu_read_lock_held+0xa/0x50 [ 432.164925][ C0] __reset_page_owner+0x76/0x430 [ 432.164949][ C0] free_unref_page+0xcfb/0xf20 [ 432.164972][ C0] vfree+0x186/0x2e0 [ 432.164990][ C0] kcov_close+0x28/0x50 [ 432.165014][ C0] ? __pfx_kcov_close+0x10/0x10 [ 432.165037][ C0] __fput+0x23f/0x880 [ 432.165070][ C0] task_work_run+0x24f/0x310 [ 432.165089][ C0] ? rcu_is_watching+0x15/0xb0 [ 432.165111][ C0] ? __pfx_task_work_run+0x10/0x10 [ 432.165131][ C0] ? do_exit+0xa2a/0x28e0 [ 432.165148][ C0] ? kmem_cache_free+0x1a2/0x420 [ 432.165174][ C0] ? do_exit+0xa2a/0x28e0 [ 432.165194][ C0] do_exit+0xa2f/0x28e0 [ 432.165213][ C0] ? rcu_is_watching+0x15/0xb0 [ 432.165239][ C0] ? __pfx_do_exit+0x10/0x10 [ 432.165256][ C0] ? preempt_schedule+0xe1/0xf0 [ 432.165274][ C0] ? preempt_schedule_common+0x84/0xd0 [ 432.165292][ C0] ? preempt_schedule+0xe1/0xf0 [ 432.165309][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 432.165333][ C0] do_group_exit+0x207/0x2c0 [ 432.165354][ C0] get_signal+0x16a3/0x1740 [ 432.165384][ C0] ? __pfx_get_signal+0x10/0x10 [ 432.165406][ C0] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 432.165429][ C0] arch_do_signal_or_restart+0x96/0x860 [ 432.165456][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 432.165487][ C0] ? rcu_is_watching+0x15/0xb0 [ 432.165509][ C0] syscall_exit_to_user_mode+0xc9/0x370 [ 432.165530][ C0] do_syscall_64+0x100/0x230 [ 432.165549][ C0] ? clear_bhb_loop+0x35/0x90 [ 432.165571][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.165590][ C0] RIP: 0033:0x7f1fc7db00e5 [ 432.165604][ C0] Code: Unable to access opcode bytes at 0x7f1fc7db00bb. [ 432.165612][ C0] RSP: 002b:00007f1fc8c50f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 432.165630][ C0] RAX: fffffffffffffdfc RBX: 00007f1fc7f35f80 RCX: 00007f1fc7db00e5 [ 432.165643][ C0] RDX: 00007f1fc8c50fc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 432.165654][ C0] RBP: 00007f1fc7df0296 R08: 0000000000000000 R09: 0000000000000000 [ 432.165666][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 432.165677][ C0] R13: 0000000000000000 R14: 00007f1fc7f35f80 R15: 00007ffcca244d38 [ 432.165697][ C0] </TASK> [ 432.873457][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 432.880468][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 432.890496][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 432.900582][ T30] Call Trace: [ 432.903870][ T30] <TASK> [ 432.906808][ T30] dump_stack_lvl+0x241/0x360 [ 432.911587][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 432.916790][ T30] ? __pfx__printk+0x10/0x10 [ 432.921419][ T30] ? vscnprintf+0x5d/0x90 [ 432.925757][ T30] panic+0x349/0x880 [ 432.929660][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 432.935825][ T30] ? __pfx_panic+0x10/0x10 [ 432.940245][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 432.945624][ T30] ? __irq_work_queue_local+0x137/0x410 [ 432.951183][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 432.956662][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 432.962917][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 432.969086][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 432.975250][ T30] watchdog+0x1033/0x1040 [ 432.979592][ T30] ? watchdog+0x1ea/0x1040 [ 432.984022][ T30] ? __pfx_watchdog+0x10/0x10 [ 432.988711][ T30] kthread+0x2f0/0x390 [ 432.993201][ T30] ? __pfx_watchdog+0x10/0x10 [ 432.997907][ T30] ? __pfx_kthread+0x10/0x10 [ 433.002518][ T30] ret_from_fork+0x4b/0x80 [ 433.006960][ T30] ? __pfx_kthread+0x10/0x10 [ 433.011578][ T30] ret_from_fork_asm+0x1a/0x30 [ 433.016395][ T30] </TASK> [ 433.019582][ T30] Kernel Offset: disabled [ 433.023917][ T30] Rebooting in 86400 seconds..