last executing test programs: 29.984709111s ago: executing program 4 (id=174): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000009e00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='virtio_transport_alloc_pkt\x00', r0}, 0x10) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) 27.113066986s ago: executing program 4 (id=181): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48) r1 = getpid() bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x1, 0x8008, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/ipv6_route\x00') preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/7, 0x7}], 0x1, 0xffffffbf, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xf6, &(0x7f0000000040)=""/246}, 0x90) syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0) socket$inet(0x2, 0x200000003, 0x84) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_proto_private(r3, 0x89e9, &(0x7f0000000040)) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8982, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000140)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 26.580095442s ago: executing program 3 (id=184): bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020300021c000000000000000000000012000800"], 0xe0}, 0x1, 0x7}, 0x0) 25.828591826s ago: executing program 3 (id=188): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x0, @val=@tcx}, 0x40) syz_emit_ethernet(0xd86, &(0x7f0000000a40)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @udp={0x2, 0x6, "a341d0", 0xd4c, 0x11, 0x1, @private2, @dev={0xfe, 0x80, '\x00', 0x2e}, {[@hopopts={0x2e, 0x1a2, '\x00', [@calipso={0x7, 0x18, {0x2, 0x4, 0x6, 0x6, [0x2, 0x688]}}, @jumbo={0xc2, 0x4, 0xff}, @jumbo={0xc2, 0x4, 0xd18}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x1, 0x2, 0x1, 0x3ff, [0x3]}}, @jumbo={0xc2, 0x4, 0x1}, @generic={0x60, 0x55, "6ef5f583969e06dbff857f0a5612da1f10ca72595ecffc6faa775e3a48b14fe6ad2c208142826eddbf40573daf41a1984f348534437514cb7dd08f8526765003963ccf051ab6cbcbd6b8144c3245ca15e92002352c"}, @generic={0x10, 0xc74, "764c10cceb754266c504b5955e943c260d79ef9b95389cb0eb2b32f6050a42cc682680361ab05b148836efc1df6c370e4eea13beba553e199aaaaedef60bb05785411050154a1f3709c40442c63b69f8145e34f175a1b361ca11cb6e936f45c6e13d61d3d97570506b3c73e7e2a881b803ccf0617138d4a24521acd3694a6169c18b6e2c7748423d39fa6bb892db5dd33d734a3a4da64d4bcf0239fe91a3a2106a151b06b2dcac34b3796f72e3ce47638b3663c593d631faca95d5c2a9fa3212cf80f926d7e906cbbfc5fb04948b4c7e34df26a794e45af0e104faf205d97aca7c650c4a7b551895f0a3b48da3ee455f359948b62bda9c45af884d22fbb1e8d97935bc1cbcbb59b491b25e68bda05cce2208cc7903b04ac2b00adf56499c07aee3cdc64f956d380f1a9c6946ec02af4e828f04c787415bfaa4cfdf57cd2aa5bd9cdec42bf2b5380b9aa67fdca67c64b1879641e8aa4f5886cfe20982ada35b7817f97de6d0dd51888c522013c5c5862ed27e6f07d2218219a872160817fc89b52939ecde04b308e451b6d4e9c5c8c81f1b984b0fe1ec85bd337ee9ba3d64204515c0cc7f5a84d87ad639ce8965f93900269f9d33823cdd95cd9b7e73ee98c199013fad338360fc7cbec3a5fa8e83d7bfaec14b1719060774e1469800140203b1aaebd2bf0b535b9a76659d28c02d3b5cd2fb6984a417db28f2c43f218fbe669ccd2b8ecb4dcae17745350857790d8c07e943a7167b8bb8c85e091098b06ef0437b4e294dbb851e2882f0621c068a3da0fe1753fa920a81038dea2cee6c6252b2e5be5e0ae23e0c27d15de32c8912f4baa7bce1fa570356bf589a67055684b3dafe97632c5decb61d8b84786817eaca68f10694121e6d8e3db4be49251d0891ee5453b48ab72e350a509833f6754e0ad8a03df8a73442cda38fff95caf4761f4e612be9605a00238f8137c1aff6a75d34a349b141210de6a28ca1a762f8abc01a3d887376a8f28d49d14182601b7051c465f2a01f6b5702419e6b960f44f0ec984a1dedc35f5b43416e4cff2adb72d64124f5261f65599f2a9daf632fcb633da572ed021c60504c8fa2613623f0d721f1d231f022a17ec4ab0c1af8b251ac205c87e26a7fff8157778d590da524fdec2422a2f6bd321676ff2c7ce368f68155b9050a61ce50ab9f71a74178cfddb2c2884c2d758ae57e83bcaf1e7fdede71ec6ef063d99db6b0b8e772b60224a6b352d5e3cb1166dda8af66286adbc2041e99ad36b855297f577ca9d91d053627cc56137e591a3ccb1328dad92fef00201a0ca7b66568eb5c6c4e67490edc3b465928a6e5a21393b0b287f2718bba6f53511f742e202f811f739672f5acb46d277fda9398ad9046972b0b36bbe84a995ca5257afe52d0a5d2743b53f872555cd70d0f0731952ccfafe51876bf57073c8ffcb7eb01f07580a43dd376646c38c92904636445102084593ee6192a20d525bbb2702231806473829efb836eb2148735296bce1dd2fa838507f538be265922a728ae9710f56101118db1ec64caa4a39531de27b56f8e06e62bd49236e663078e434e90b4dbf8c254c6f5c8f2b775f8eb6a78d5b2987a54296f7916f0824eb39396f6ce240d19ccecfbd031578b87e24d42be97c58ab3e834015b0994060b72997a7f3bd1dd63fd7ad73afa38bd5c781315d5b363975fbfefb32ba601b11432bffa33263e48cf718067d01277eaf3d1591dba117ac2334eeeaeb14a313fd1d276b86d2fe64d374774cd355bceeedfbfe8677ec6b7f7f905e79f17cb538d3c4ad2f65c71331bf687d0d37499ae8007fde3ec315b34b332968e8be05f170cce3175e91fa0ecb986c976e687b85aad81f0950d77d614d29fd0cb85df99ee05c1597721c2b5ec0b955adec9486485bd5135957e69d28c3715c65ab1b84f9bc8f96f06d3d65115b88bef5732ba76f36d0953deaf3421c1a4fd9a41187202e3ea6ac7a40cc700b81c1779d680e7076ffe2873b07fbb18701aca4be362fafdad3af37d63a2fcc4a227590493d473024b0cd5e9245b02cc694767497cfe93ea18b79b3aeaff83c5173d35156fa79b9e5d04d6bae612d017f24fafac1a2fcdf87d53acf7f0f3cbf0c9d0ecb3a66b578b683775f89fcdcbec880189025b9da70f8bbdefffdaf40e352b1fe25571360761d92fc883a3fa9d411347aea73a57c5e62468ef5a4f03615f7c6435510a25fdd60bcc79f5b04f7cb74e7cff1ef4811c43a1a546dd96bb877628e577724407d8d80b436198678729f34a19da453ff63f08bc8df9e0314c696bc301b7b9042d271cbbd49122746a381c61353ce42e3e4be597c992c5064ed266a1261880383c9be1b5f7719ff010dbe5d3b29f9c81cbb9a52dc921d09b5f17cb0dd11cdcd9954f5fc751dd89af42cab233312d3f2f6766a9e9ae13632c73ebb6a76109bc1072c785a28eb087a563d5355e91925f84e9bd8c20abb76951dce0f4240b1c9ca8eb6025840535fa3aaf8a907b7db820b40275ec9174a90e731e089dc9ecfe04da9697e0cce7360315afa772cc8adfd1099ddc0912ee62887ed721dc89e3b82f0e0a6a3dd1183a49780914dc21afb324ffbb702f15dd9ff0ad1e7e620585c474ec2addea3280642e4415813f6d21eb5f125bd22c65488e338fc3f85c0e40a0ab18b490ee88c38addcd62a89e1ef5984645e58d3f288906060c930b24d5e8ffb3cab6f6a69218ba27d27d24e73941f6e40518d68ae67651e9c0b3c5c7f0690c7d65c92f3f627efeb64e0431a3022298768d91e4eb27c0c0e45d8593df6abe218571eade5a16f201f1136194ad5ba5fc4bd48274aa700c5555936c638e51750b68e06bf02d8a491e68e90cf4500fef5700ffa2e80d5f7783999c36732db7d4814cf42704c0f8675dce6a75ea72e431357b026e80b097682220039875bfaf02a04f78a43b390de8a9489a4eee132c3990d35fdc03e8907e0f2a3c44fadeac0e635a8f5747d9668ad63ebd790a07648f882012943969a822803f23534aac5f4f775d9519bdac5c2ecc312d2d040ca3bde8db02de9bb557781ed9e02fc224035347a26c43bb990ca27fb656884b59a1d506f435e6f9974bd9f550e359f34ccdb0b33aebdef0e2ce480fb870eaa610e0cbae4c74a5d2eccc5c5f3003b76ff5a5badc9da4b5ad9fbfb9e3344e95a2f415a6a24fc3bdd07623a8b70840e6c736d474253488706429a2e1ab46666e513741f1128c3399111df7ab19bac700d802222bcc30954e01af5f3d0132db67e9a75ee514b1b45ad0ed6e0ccb8942562c92d3eeed45edc9f3233e48efc783d9ced3504161253836305ce5c551fa257a43131f49d538bebf0187edc6784adac7d4755b652e175c0443d84d1099495cc617d4f3639363b6a9740650de2595efcbc517363e2180fa7222d09bbfb64a084f098eef5cedf6e56d1b6dcd91c297e3f50be4d4b778475edd72d076ab922dd5d4eb50df664af21e12d12b17b0083a666499606db910c596be0a552b5c7c9f7b6846b5518176c70105945aaf573a2d93ab568eeb3d01218232f5d629c6c0efc85aba78dc14596d06b964628eddd0898564ce0077ca582a4c5ffb4ba0f3cb6cf92b3642a04e6e785663d9739cf56167bff9a3db25bba25ac1793929701f225eb86e4653657f6a859c93b5e6e070fedfead7038837cf3ac2c862746430949e8334e76820495ca941912864baa5042d3b071acb52027649d4dba6cd61ff715f15814ef48b4addb2233f60c53b40aade03bf4738fc0529de96d1375a0c6e73ff292e648a7519d68d9a2436ac30b844085199f76236c7802f4cd2e955acebddbcffdbddd3b8f23711079ea5b6d95b4ce94fa6dfdb4fdf68875c87587b7a4e97ef2b8db010f8b0e416a5de546b6684f88ea9cc8074ea72395c79a59dbbebd3cd311b5c55d059e233e06d643ecb0178a87c167813b35c4de3088e54ff51b03c842eb3e379b19cb12a0544083d41c993b0ac3b56a03b160e4e9be31e284fa6d0fc26641f2eee49960158460f6f19f9e2535471f35a635bfa08cf2e436c09d88f97783ec5b20dd8fd5c04c2332c8c1646dbda04f2861ea9115be9dddba2465b66bfbff53bdf1cee7dcea7df23dc562c9e01a33a7c6af553715e8f667e0f4e33470b342059ebda0cebf26fcb60c55b98545d3a8202fc38dbb77bfcc5d1549392f60a3e2dccdc0a827f9db8ee0bd4704372642896c6af532f1e214f6d0ce17e03e9f4954616beb4cfb273cb3d06fb5ecc58732ddef653c74636d2651117012406253a4296f9d60e64465f2f42e6c10a897c956514106739a5105a7a3e4bd70f41ad0bd551ea636393c298d627a1262b686044bf94177cda1e55c1f09c0313926d260f4f28a49d558d9884169ce8b283fffd0a29ba1075bdda869823db78044642bfa2421ccbaed23f6f5475d5e7a7cf97b65f21fea394b284a2558750212e772c0a1148d43028c9bef780d34041b515e351c8277eeedfbb41a91f2868"}]}], {0x4e20, 0x4e23, 0x2c, 0x0, @opaque="d8e1be4755597a467eeb954ba9b9d41a9a4bf65428c8ce53bcd5a52b2be1ee44e94aa6f9"}}}}}}, 0x0) 4.793578851s ago: executing program 3 (id=189): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, 0x0, 0x4020801) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000640)=ANY=[@ANYRESHEX=r0, @ANYRES32, @ANYBLOB="0c8882e9cee242c261d719923b879957cd37136c725e682e724b8d", @ANYRES16=r2, @ANYRESOCT=r2], 0x114}], 0x1}, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x0) mount(0x0, 0x0, &(0x7f0000000040)='squashfs\x00', 0x0, 0x0) set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r4 = gettid() process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{0x0}], 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000f81000/0x3000)=nil) r5 = gettid() process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc040565e, &(0x7f0000001a80)) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0) 4.074845972s ago: executing program 0 (id=237): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) mremap(&(0x7f000062b000/0x2000)=nil, 0x1d5000, 0x40000000, 0x3, &(0x7f00009f6000/0x3000)=nil) io_submit(0x0, 0x0, &(0x7f0000000080)) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e390023200000000000e8e75c68fa"], 0xb) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc) syz_emit_ethernet(0x36, 0x0, 0x0) 3.940535764s ago: executing program 4 (id=182): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1804810, &(0x7f0000000180)=ANY=[], 0xfe, 0x669, &(0x7f0000000640)="$eJzs3c1vHGcdB/DvrDd2Ni3BTZM2oEq1GgkQFolf5IK5EBBCPlSoKgfOVuI0VjZpsV3kVog6vF576B9QDr4gTkjcIxUOXODWG/KxEhKXXjCnRTs7a6/XL10njb1pP59o9nmeeWae+T2/2Zl9saIN8IW1MJn6gxRZmHxlvd3e2pxtbm3O3u3Wk4wl2UjqSWpJiv+2Wq0Pk+tJsTNM0Vfu8/7y/GsffbL1cadVr5Zy+9pR+/WpttvoW73RXTeRZKQqH8Ge8W488njFTuTXk1ypSjh1Z5K09vjZ35/e6enROGjvsycSI/B4FZ3XzX3Gk3PVhd5+H9B95a2dbHSDGxtwu/53EAAAAPCkGeQz8Je3s5314vwJhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfCxu7v/9fVEutW59I0f39/9FqXar6cHnxeJs/eFxxAAAAAAAAAMAJenE721nP+W67VZR/83+pbFwsH5/KW1nNUlZyNetZzFrWspLpJOM9A42uL66trUwPsOfMgXvOfEqgY1XZ+GzmDQAAAAAAAACfM7/Kwu7f/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYBgUyUinSHG/Z/V4avUkZ5OMtldsJP/s1p9kD047AAAAADgBY8l21nO+224VuZjkufI7gLN5K/eyluWspZml3Cy/F+h86q9tbc42tzZn77aX/eN+/z/HCqMcMZ3vHg4+8uVyi0ZuZblcczU38kaauZlauWfb5Sqe7qh9cd1vx1R8rzJgZDersj3z96pyn3ePNdnDHPPLlPEyI2d2MjJVxdbOxjPdM3PwGTrm2ek/0nRqO8Fe7DvS6N7JPFTOz1Vlez6/Oyznp6I/EzM9z77njs558vW//OmnU1V9eKY0mJGqbJWPjf2ZmO3JxPODZOJ2896d27dWJ5+0TOwzVWbi0k57IT/KTzKZibyalSzn51nMWpYykR+WtcXq5Bc9l/whmbq+p/Xqp0UyWj1DOyfreDG9VO57Psv5cd7IzSzl5fLfTKbz7cxlLvM9Z/jS0We4vOprh1z1rS8dGPyVb1SVRpLfV+VwaOf1mZ689t5zx8u+3jW7WbowQJaOeW+sf7WqtI/x66ocDv2ZmO7JxLNHZ+IP5W1ltXnvzsrtxTcHO9yF96pK+zr6bTIxPDeS9vPlQvtkla29z45237MH9k2XfRd3+mr7+i7t9HWu1I1Dr9TR6j3c/pFmyr7nD+ybLfsu9/Qd9H4LgKF37pvnRhv/bvyj8UHjN43bjVfO/mDsO2MvjObMX898tz418rXaC8Wf80F+ufv5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHirb79zZ7HZXFrpq7RarXcP6RqwUq+O8JC7P0IlE/96qn3kA7q6P2d2gvF85enk5OY+rJX/tVqtak1xyDZ//NvQJKpVGYrUnVLl9O5JwMm4tnb3zWurb7/zreW7i68vvb50b35ubn5qfu7l2Wu3lptLU53H044SeBx2X/RPOxIAAAAAAAAAAABgUCfx3wlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAk21hMvUHKTI9dXWq3d7anG22l259d8t6klqS4hdJ8WFyPZ0l4z3DFYcd5/3l+dc++mTr492x6t3ta0ftN5iNaslEkpFOef+zGu9GVR6pOGoKxc4M2wm70k0cnLb/BwAA//+o5gZ+") unlink(&(0x7f0000000180)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) chdir(&(0x7f0000000140)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000002a80)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) chdir(&(0x7f0000000240)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0xa18496, 0x0, 0x1, 0x0, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file2\x00', 0x4b142, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$FUSE_GETXATTR(r0, &(0x7f0000000000)={0x18}, 0x18) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 3.87098692s ago: executing program 0 (id=238): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x10}}, 0x0) close(r0) socket$kcm(0x10, 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x80, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8}]}]}, 0x80}}, 0x0) pipe(&(0x7f0000000080)) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000380)={@multicast2, @multicast2}, 0x0) r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000400), 0x8) epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wlan1\x00'}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0) 3.813076555s ago: executing program 2 (id=239): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000480)=ANY=[@ANYRESOCT], 0x14}}, 0x20994) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800810, &(0x7f0000000640)=ANY=[], 0x1, 0x669, &(0x7f0000001000)="$eJzs3c1vHGcdB/DvrDd2Ni3BTZM2oEq1GgkQFolf5IK5EBBCPlSoKgfOVuI0VjZpsV3kVog6vF576B9QDr4gTkjcIxUOXODWG/KxEhKXXjCnRTs7a6/XL10njb1pP59o9nmeeWae+T2/2Zl9saIN8IW1MJn6gxRZmHxlvd3e2pxtbm3O3u3Wk4wl2UjqSWpJiv+2Wq0Pk+tJsTNM0Vfu8/7y/GsffbL1cadVr5Zy+9pR+/WpttvoW73RXTeRZKQqH8Ge8W488njFTuTXk1ypSjh1Z5K09vjZ35/e6enROGjvsycSI/B4FZ3XzX3Gk3PVhd5+H9B95a2dbHSDGxtwu/53EAAAAPCkGeQz8Je3s5314vwJhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfCxu7v/9fVEutW59I0f39/9FqXar6cHnxeJs/eFxxAAAAAAAAAMAJenE721nP+W67VZR/83+pbFwsH5/KW1nNUlZyNetZzFrWspLpJOM9A42uL66trUwPsOfMgXvOfEqgY1XZ+GzmDQAAAAAAAACfM7/Kwu7f/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYBgUyUinSHG/Z/V4avUkZ5OMtldsJP/s1p9kD047AAAAADgBY8l21nO+224VuZjkufI7gLN5K/eyluWspZml3Cy/F+h86q9tbc42tzZn77aX/eN+/z/HCqMcMZ3vHg4+8uVyi0ZuZblcczU38kaauZlauWfb5Sqe7qh9cd1vx1R8rzJgZDersj3z96pyn3ePNdnDHPPLlPEyI2d2MjJVxdbOxjPdM3PwGTrm2ek/0nRqO8Fe7DvS6N7JPFTOz1Vlez6/Oyznp6I/EzM9z77njs558vW//OmnU1V9eKY0mJGqbJWPjf2ZmO3JxPODZOJ2896d27dWJ5+0TOwzVWbi0k57IT/KTzKZibyalSzn51nMWpYykR+WtcXq5Bc9l/whmbq+p/Xqp0UyWj1DOyfreDG9VO57Psv5cd7IzSzl5fLfTKbz7cxlLvM9Z/jS0We4vOprh1z1rS8dGPyVb1SVRpLfV+VwaOf1mZ689t5zx8u+3jW7WbowQJaOeW+sf7WqtI/x66ocDv2ZmO7JxLNHZ+IP5W1ltXnvzsrtxTcHO9yF96pK+zr6bTIxPDeS9vPlQvtkla29z45237MH9k2XfRd3+mr7+i7t9HWu1I1Dr9TR6j3c/pFmyr7nD+ybLfsu9/Qd9H4LgKF37pvnRhv/bvyj8UHjN43bjVfO/mDsO2MvjObMX898tz418rXaC8Wf80F+ufv5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHirb79zZ7HZXFrpq7RarXcP6RqwUq+O8JC7P0IlE/96qn3kA7q6P2d2gvF85enk5OY+rJX/tVqtak1xyDZ//NvQJKpVGYrUnVLl9O5JwMm4tnb3zWurb7/zreW7i68vvb50b35ubn5qfu7l2Wu3lptLU53H044SeBx2X/RPOxIAAAAAAAAAAABgUCfx3wlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAk21hMvUHKTI9dXWq3d7anG22l259d8t6klqS4hdJ8WFyPZ0l4z3DFYcd5/3l+dc++mTr492x6t3ta0ftN5iNaslEkpFOef+zGu9GVR6pOGoKxc4M2wm70k0cnLb/BwAA//+o5gZ+") r2 = creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) write(r2, &(0x7f0000000000)='&', 0x1) unlink(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r4, 0x0) r5 = socket$vsock_stream(0x28, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) connect$vsock_stream(r5, &(0x7f0000000080), 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r5, 0x28, 0x0, &(0x7f0000000180), 0x8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES64=r4], 0x18}, 0x0) close(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r8, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x18}, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) 3.812533555s ago: executing program 0 (id=240): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002440)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a7ff070000000000004da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05dfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9ff86086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace85c370183f23cf0838fb5a1d75c145feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000000000000000000000000000000096e4a7b57a867432217cf0be18b96865ee3dca3a03a5e0d3060705c499776bb3e8c442aa1d3b26842c96080c4c251b8cbc5de68938316e95857b0e3cdb14d4a93d49dd4f7a08639ee6943861886fabfac35f9aab09c77bc495b5c7116de70619c5ac798f1974d7a6e9b80ac4bab0f1657488278a40480731b7f51ff921e8ad8a1986b6da1660c40875504d1265679a718dc9a1400ac15ce81696f712a1074ac47de09e95d64eb72a186f11bf360e5841a283841762a0cda06ac7c74520427465c128763e3258169d32bce06dbf95fcf8e19ffdb7c56fb5e236f2422f631ead769969699318140ad2b431b21f88bf824e1590524a0aea10ad2c5f961533e78d8e46da0e6ef484d25bd09f6de08e398485d95c51f3a5dc76dbdea7b2d236d819018b22467116b359e8c38147565203c75a4a2789019e7e4bf06a2b3779cea3206cc2d10e5a458b81"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c) r2 = socket$inet6(0xa, 0x80803, 0x84) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x32}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x5}}, 0xe8) connect$inet6(r2, &(0x7f00000000c0), 0x1c) 3.702295734s ago: executing program 3 (id=241): mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0) getuid() sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)="c1", 0x1}], 0x1}, 0x0) setsockopt$sock_int(r2, 0x1, 0x200000010, &(0x7f0000000000)=0xfffffffc, 0x4) sendto$unix(r1, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0) recvfrom$unix(r2, 0x0, 0x0, 0x10102, 0x0, 0x0) 3.638907349s ago: executing program 0 (id=242): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) 3.449190686s ago: executing program 0 (id=243): syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x1a08050, &(0x7f0000000880)=ANY=[], 0x2, 0x5ae, &(0x7f0000001540)="$eJzs3V9v29YZx/EfHTnRvKEYtiEIgiQ9TTbAAVKHkhsFRq846khmK5ECSRf2VREscmFE7oakA2bfzLkJWmx7CwP6Ina7N7PrYtcbsGkgKXryH0lO7Fpt+v0YLY/FR4fPYQQ+OQwpCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyPGbrltz1AnCjU0zmd+Mo+6U9WV/948spmxXcrL/VK3qRvHSjV/8f/X17H93dav47Zaq2aKq/R9f/+mHP68slO+fktCleLG3/+zJYNB/fsb4ytwzvlhtGwZJFHS9tjVBEpm1RsN9uN5KTCvo2GQrSW3X+LH10ig2y/59U1tbWzV2ZSvaCNtNr2PLFx+/X3fdhvlopWe9OInChx+tJP560OkEYTuPyVZnMY+zD+LHQWpS63WN2d4Z9FdnJZkF1Ubt438AB+NB9Vk91d16vVaR1Hh0dfRBrddrtXq91ni09uix61bcY5S/ZTxi7EPb/lfRx2vudHy/XdShGzi3hVH9V0eBQm1oU+bUH19NxYrUnbB+pKz/v3pop253vP6XVf5G9KNy9U3l9f9O8dudSfVfRtcm5HM5Py+0p3090xMNNFBfz8/X30I5/nmOyWQ79+BskW1ZhQqUKFKgrrz8FaNAVUUyWlNDDbn6VOtqKZFRS4E6skq0pUSpbP6J8hXLylOqSLGMluXrvozyaqtVGVmtaEuRNhSqraa8vJdt7eT7fXVKjodBtbME1acEnSjmJ154rfqPH6SLPYAD5zAs6z8AAAAAAHhrOfnZ92z+v6jbeasVdKw777QAAAAAAMAF+rKVX1/vZPN/SbflTJz/H4xOFAAAAAAAgO8ZJ7/HLpvWL+ndolXeCXV4EmBhvikCAAAAAIBzyv9B/062WMpa78o5Of8/Kf/2s+qlJQkAAAAAAM7ly5nfsZ/0rjl//6fieNF52dv8pbPrZXHe7pXifVeO95i2bmp4rWjnfTUqoy59e8sZffvl4ZdgflMsKhoOp+fhTE2gcjQB553Ru48moD/rvSziH3rvaRH7tFxTbGWpFXTsih91PqzJ895ZSO1m+vvPd/6gfPhfhd0syZ1Bf+U3vx08zXN5mfXycnd0X8SJ2yOm5PJFef7k9ukjXsxvxBhtd8nR9s6g746Pf3RZxomrM6Zs85XuFjF3l4rl0tHxV7Nt1lYmjb7IYlHnHPkr3Sti7i3fKxanZFGfkUW/Pp7FG+2LM2SxOiuL1XNmAQDzsp1/68+pVag8pB+vu29wlNue9beM6dX9jFt5peUiZvlmfmCt3DzliO7OOqK7vc2yMhfV7erU6qYD6fQj+uEzkCbV2Gy7fzncbi0f/dd/lPR1WVVPDD/p1J1sF175Yvd3uv5ib//9nd0nn/U/639er6823A9c91Fdi/kwRgtqDwDgFLOfsTMzwvmgmFUrn1X/Z1gYq3g/G11SUJ4VGOipHuR3G+RXHFR17Uivf/prNhMfuwzhwfFZa0XjFXVYFst/D4fDBzNmdUW/pbPEFo+XAQDgbXJ3vA5Prf+juFPq/4PyVMCEeffRWn78CcGTYmsTMv6K2xEBADgnG3/z39GMvfdpbW2t5qXr1sSR/7GJg2bbmiBMbeyve2Hbml4cpZEfXckanwRNm5hko9eL4tS0otj0oiTYzJ/8bkaPfk9s1wvTwE96Hesl1vhRmHp+appB4pvexq87QbJu4/zNSc/6QSvwvTSIQpNEG7FvV4xJrB0LDJo2TINWkDVD04uDrhdvmU+izkbXmqZN/DjopVHRYbmtIGxFcTfr9uq89zUAAN8VL/b2nz0ZDPrPv8XGvMcIAACOep0qzRVjAAAAAAAAAAAAAAAAAAAAAADMx2Xc/ze78befSPNPY1HSd2Fv0KDxxo2qLqjDWUeOg8s5QAH41vwvAAD//6zgX70=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000440)='./file0/../file0/file0\x00', 0x0, 0x2809c11, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_emit_ethernet(0x4a, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0) shmget(0x0, 0xa000, 0x2, &(0x7f0000ff3000/0xa000)=nil) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) syz_open_dev$usbfs(0x0, 0x76, 0x101301) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x40}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x0) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000000)={[{@undelete}, {@nostrict}, {@partition={'partition', 0x3d, 0x7c}}, {@noadinicb}, {@uid}, {@umask={'umask', 0x3d, 0x7}}, {@noadinicb}, {@unhide}, {@unhide}]}, 0x1, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==") r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0) readv(r3, &(0x7f0000000000)=[{&(0x7f0000000200)=""/215, 0x7ffff000}], 0x6) openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x8000, &(0x7f0000000200)={0x7}, 0x20) 3.389953511s ago: executing program 4 (id=244): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a00)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f75b5f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc1b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8ad5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f72ab789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add48ee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508adb9d278c58630ca0aac4bc02e1460984e85d6aead2f1f3e2bbfadfd9a678195cc175ecd90f215d3167ad6faba1a844d8e1d4cf489f31cac3a93f9009998c873a7a33aef8a05d318cdddaec0bd074c6722b15a527556bd3d8687cbd4f7224d80f96724366b3c92a20c55e814b05afdc3a0f8c051711df5b3a6d1f257938a2ad4431cbe6f1cac71a78ebbd561cc28ca4b35990583d81a7fb2848872"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0) socket$xdp(0x2c, 0x3, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000080)={[{@nodioread_nolock}, {@jqfmt_vfsold}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="74020000", @ANYRES16=r2, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78430800050001000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb542fc010880"], 0x274}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010) 2.691084041s ago: executing program 3 (id=248): openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, r0}, 0x1c) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x1}, 0x6) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)}) statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='global_dirty_state\x00', r3}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r4, &(0x7f0000000180), 0x40001) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0) 1.903332758s ago: executing program 4 (id=249): r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x16, 0x400009, 0x86, 0x2, 0x490, 0x1, 0x2, '\x00', 0x0, r0, 0x5, 0x3, 0x3}, 0x48) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r2 = open(&(0x7f0000022ff6)='./file0\x00', 0x800, 0x8) r3 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0) write$binfmt_script(r4, &(0x7f00000009c0)={'#! ', './file1/file1'}, 0x11) r5 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) preadv2(r5, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x9) getdents64(r2, &(0x7f0000000600)=""/35, 0x23) lseek(r2, 0x8, 0x1) syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x800000, &(0x7f0000001080)={[{@dax_always}, {@auto_da_alloc}, {@acl}, {@auto_da_alloc}, {@journal_checksum}, {@resgid={'resgid', 0x3d, 0xee01}}, {@i_version}, {@debug}, {@sysvgroups}, {@test_dummy_encryption}]}, 0x1, 0x769, &(0x7f0000000340)="$eJzs3M9rHOUbAPBnptmmP/L9bgQP6kGEFloonSTNpT0ZL+KlUCh4rSGZhJBJtmQ3tYmFtp6F2lwUBNGzHr0Kpf4BXkQKCt4F0RoP4iUym03aptm4bTfZkn4+MNn3nXnffd5nZ/JmBvJuAC+sN8ofScRARFyIiGprfxoRB5ulQxE31tut3r82UW5JrK1d/D0pu8XqWnXzvZLW69FodolXIuJuJeLUh4/HrS8tz44XRb7Qqg815i4P1ZeWT8/MjU/n0/n8yOi54bOjo2eHR7uW6/F3zx2+/f3bKys/ftO49Xrf6STGmnlHK7euBXrI+mdSibEt++d3I1gPJR206duDcQAAsLPyPv9A696sEtU44C4NAAAA9p21/jUAAABg30ui1yMAAAAAdtfG/wFsrO3drXWw7fz2VkQMbhe/r7mGOOJQVCLiyGryyMqEZL0bPJMbNyPiztg211/Suv6e3vCWeidrpNlbd8r5Z2y7+SfdnH9im/mnb+O7E55R+/nvQfwDbea/Cx3G+PbzVytt49+MeK1vu/jJZvykTfz3Oox/a+Wj2+2OrX0ZcWLbvz/JI7F2+H6IoamZYsdfrbv/nLy3U/5HHoufJM2oyc75X+4w/w9W/5xtN5eU8U8e2/n8r8fvf6RfeU183BpHGhG3W69lfWVLjGNzP333eOTkxkb8yTaf//bn/53N/L/oMP9fvu6/2mFTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaEojYiCSNNssp2mWRRyNiJfjSFrU6o1TU7XF+cnyWMRgVNKpmSIfjojqej0p6yPN8oP6mS310Yh46efD60FnijybqBWTvU4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACATUcjYiCSNIuINCL+qqZplvV6VAAAAEDXDfZ6AAAAAMCu8/wPAAAA+9/TPv8nXR4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsK9dOH++3NZW71+bKOuTV5YWZ2tXTk/m9dlsbnEim6gtXM6ma7XpIs8manP/9X5pRIyci8WrQ4283hiqLy1fmqstzjcuzcyNT+eX8sqeZAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTGmhuSZpFRNosp2mWRfwvIgajkkzNFPlwRPw/Iu5VK/1lfaTXgwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDr6kvLs+NFkS8oPJeFr2LHNpFEPC9DfcELEU/S63p09cT90P28ej0zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQC/Wl5dnxosgX6r0eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL2V/ppERLmdqB4f2Hr0YPJ3tfkaEe9/dvGTq+ONxsJIuf+Pzf2NT1v7zzzU8fpe5gAAAAD73ptP0njjOX3jOR4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBT9aXl2fGiyBeesVCJiHZt4mavswQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7GvwEAAP//lhHByQ==") chdir(&(0x7f0000000080)='./file0\x00') r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x2802, 0x26) ioctl$FS_IOC_ENABLE_VERITY(r6, 0x40806685, &(0x7f00000002c0)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r7, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r6, 0xc0046686, 0x0) getsockopt$MRT6(r3, 0x29, 0xcf, &(0x7f0000000180), &(0x7f0000000240)=0x4) 1.76942555s ago: executing program 1 (id=250): sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce) r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000000c0)) 1.726438523s ago: executing program 2 (id=251): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0xc8d0, &(0x7f0000000040)=ANY=[], 0x5, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) 1.64698429s ago: executing program 1 (id=252): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', 0x0}) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008011}, 0xc000010) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000280)={0x81, 0x0, 0x0, 0x7, 0x15, "cd2c683c06000081a0f200b7fc380eb6f86d22"}) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="180800000000000000000000000000007919a800000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80) ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000040)) sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000bd997454afdfdc8053d0b18f6b82364c7a87389da4095927acd21fe320a70dc09c0b8a18f1ad36f31221b0a8aeef79e09c9a2252856eef55b89ba8c69ed07ea2e8f24561070000000000000052bc3bff7069020b26afba76c14261e0c60593f583b5947a209f4f2f1e9982cf430d26fdcfb6d1292d924b4c7429406342fda7792bc09620e4737d7c938b6663e0b3c24c3752746f5e63fc3cb222db9c449651d237199e4016e48c3088175030fb86eefffc3b282c4d7dcf615aa3a2279f39a5376ec525d281c6a7ab28a4134e05f157a9d58c194073a9dc4fd9955b8b007512f012ad004fb86914edbfa38ec07064c61ea13cf5930a474c9707fd77a45c7a2e039cac066a05404fd8a82c047d719b9e714e4639a1072f25d1eaae8b0aa98b7d55f0460280be4e1db58d941a6ebae9d3ec0bc695945d725f1d5cd410310df401f448f0263bcc0ebfebe9171c29f5225b68c6128c9555d1aeb515315fbb9bcf248aad829430b83aa53a60dd2f5f52fa8ceaff055e47f7ba76f1ec67ff430ec6c4063cd8ffb638fab06ddd573531ed26ae2bc2772cbd82f58880374dd6a8eea8d0e49d412df9d8f9d8d07b7cf9aaf919d592229cfab81acc863308e69feaa909fe19e1f4ca39a65386ae06b8160d85075fdfd6ecee06dfb4f7a49ee20d8f2cca59b68beefabfa63a445fbaa84342d450d26763891823f499bce940319cd2d794fca8c918b84f580c3a937903f0efde56686caedddec00fe44ab75622e7978b6ec82e7c2930366d225f5ef2f8602cc0cf9a68ee19f584103129e1741efb646e2c16d94fcad5a6feb07af65cb05a900948560c7f2c6167137edb91fdc68f45aeed3402e14df17974", @ANYRES16=0x0, @ANYBLOB="000000000000000000000a000000080002000200000008000300000000000800040001000000"], 0x2c}}, 0x0) io_submit(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xc, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x90) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r4 = socket$igmp6(0xa, 0x3, 0x2) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000180)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYRES32=r4, @ANYBLOB="63bc084aabf366ecb4c4b2802533d4e4d392040ef9b2b6e5be86d42da0068c52c6c05710eed9abd958347f0fd735c5f95045b0a9cfd917c0466c94a5c3bae1493db529129487ed6f4f0694", @ANYRES64=r3, @ANYRES16=r4], 0x30}}], 0x1, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) lseek(r5, 0x80000001, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r7, &(0x7f0000000240)={0x1f, 0x0, @any, 0xfffa}, 0xe) setsockopt$bt_l2cap_L2CAP_LM(r7, 0x6, 0x3, &(0x7f0000000080), 0x4) connect$bt_l2cap(r7, &(0x7f0000000100)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) write$binfmt_misc(r6, &(0x7f0000000200)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0xd) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) 1.370405323s ago: executing program 2 (id=253): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000140)={0x1, r1}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0x3, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) 989.378006ms ago: executing program 2 (id=254): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x0, 0x0, 0x0) socket$inet(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) r1 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000880)={0x6}) r2 = getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) syz_emit_ethernet(0x2e, 0x0, 0x0) syz_open_dev$vcsu(&(0x7f00000002c0), 0x4, 0x100) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950"], 0x15) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}}, 0x0) open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1000) syz_genetlink_get_family_id$fou(&(0x7f0000000a00), 0xffffffffffffffff) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000007c0)={0x14, 0x0, 0xb05}, 0x14}}, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xb0) process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0) ioctl$FBIOBLANK(r0, 0x4611, 0x2) 863.005647ms ago: executing program 3 (id=255): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x100004, 0x220104, 0xb, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f00000000c0)={r1, 0x0, 0x0}, 0x20) 586.77391ms ago: executing program 2 (id=256): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000480)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f000020b000/0x3000)=nil, 0x3000}}) 381.545548ms ago: executing program 1 (id=257): ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000240)) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) getpid() connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, 0x0) ftruncate(0xffffffffffffffff, 0x1f00) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x18000, &(0x7f0000000540)=ANY=[], 0x14, 0x2fd, &(0x7f0000000e40)="$eJzs3MtrE18UwPGTR9MkpU0XP36iIL3oRjdDG11Lg7QgBiy1ER8gTNuJhoxJyYRKRGwFwa34R7goXXZX0P4D3bjTjRt33Qgu7EIcyWQmafNobZpHtd8PlDnMuWdyb6Yp54YmO3ffPMmmLS2tF8UfVuITEdkVGRW/eHzu0e/EIdlrVS4Pff90/va9+zcTyeTUrFLTibkrcaXUyNj7p88j7rDNQdkefbjzLf51+//tszu/5h5nLJWxVC5fVLqaz38p6vOmoRYzVlZTasY0dMtQmZxlFCr5fCWfNvNLSyWl5xaHo0sFw7KUniuprFFSxbwqFkoq8EjP5JSmaWo4KjhMam12Vk+0WbzQ4cmgSwqFhB4QkUhDJrXWlwkBAIC+qu///aI62f+vX9gqDt3ZGHH7/81Qs/7/6ufKtfb1/2ERadr/e4/ftP/Xj9b/N3ZEp8ux+n+cDGOhhlO+WlhOFhJ61H39Ol4+WB93Avp/AAAAAAAAAAAAAAAAAAAAAAD+Bru2HbNtO+Yeg+7p2KCIhEXEdvMNhXbFSs9njE6qu//Vn+r9l9V+TxFdVPvgXnBExHy9nFpOVY7ugC0RMcWQcYnJz+rL3rbtcux98kiVjcoHc8WtX1lOBZxMIi0Zp35CYgNSX2/b0zeSUxOqYn/9gET31sclJv81r483rQ/JpYt76jWJyccFyYspi848avUvJpS6fitZVx9xxgEAAAAA8C/QVFXT/bumtcpX6qv76/r3BwK1/fV40/15UM4F+7t2AAAAAABOC6v0LKubplE4IIjI4WPaD4JdurK3wj+t8v6XoXsrPSDwHnxfKuye7PjT4jvC09Ii8Es7VWPl1ajjrsJ726jVGJmZ7P0ddIIzb9/96NwFr22ED1lp+0Hg4F+AgZ79AQIAAADQM7Wm3zsz2d8JAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABwCrX+hrBX9V9H13bQ7zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8XvAAAA///zVACC") socket$key(0xf, 0x3, 0x2) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018"], &(0x7f0000000000)=""/140, 0x42, 0x8c, 0x1}, 0x20) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCSIFBR(r1, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2000000000002}) 351.79208ms ago: executing program 2 (id=258): mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0) getuid() sched_setaffinity(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)="c1", 0x1}], 0x1}, 0x0) setsockopt$sock_int(r2, 0x1, 0x200000010, &(0x7f0000000000)=0xfffffffc, 0x4) sendto$unix(r1, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0) recvfrom$unix(r2, 0x0, 0x0, 0x10102, 0x0, 0x0) 283.550836ms ago: executing program 1 (id=259): r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000001240)=ANY=[@ANYBLOB="85000000610000003500000000000020850000000500000095000000000000000001000000000000200ffa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa3b4b87b3e0cc7444a2391511c97fabd5f9810e81ae0b737136ea6f7be39cd34d5ae35de38dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8761b30d64b741a226de7bad76402320e13822c45c0f8612c10b1f3c075ff1ebb755a2dd5760903000000000000006c6386d7ec7209d031f40f3012e9576e51a7f578602f5807785b92e544fc46c744aeeee4418d6af3e4195cc03710212436a4ff3274cac948d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f99ab1e394ab800f4104dbffff0000000000005c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab94de93d928cf95846be6277c04b4c5324812696aa89e393c941d9541c86238d0703394a90231ccca9c3499c9a4cd3cd8a4f8070000000b0800000000000000087b5efabf84960ba0e3c4c00322de328c10752a42dca52fb98c1452b6518a6ef7297f7b2744419a2f238f173d0cd46daf2fcb5500f53e7309ec91d83cf4fbf975d9c07d8d3c76e65760ff000000b78863e629b3b200000000000000000000000000008b0000000a449c810d3174c87ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa8ea63e3e7000860000000004a2147c1128c697d9966b3c9f0e9e203911a3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae2f7967546c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca3000000000000000000000396e7b6e1aa007018f6d93e79fce95d405b809238cca421c82c96f10dfa978bee51f581d124216e8bd9b1855f77138e438bdc037865f07f98c068be4c6155ec27365410866059475714844a3ea4cbe37e0000000000ef6dc4dd63bb928ff58b3bd2a600089d172a884dcdb8b9f9050297815a371deec596838e38068b5e438cbcd585a8cf37c496a8d2dab79d4242a353917ebdf2dc7926d80260898d4e1ca5e3a833f8f65429845bc3c3092af2bc4ee7263d3cbd9cab24eafd961a2d0c7bbfca952475c7e6158bfbb32f187d18f977117101076bad4167d5559ac12ff1473fa0ac0c0e71925a25933bfe309a040034b0cc8f69074670efc8101b89477d23823605dfa8e5945c31a0225b50d18a010ecf3c349cbac4d5191c3d78726b9ab4bff5e05027ca5b338a62e955e514da8ca2846919b7b56c192bb43f7032e485cc664921b7f9133bdbc2ba3cd845997b0dd103c784a53ad0243624566e0dacfe4029ffbe59e7e7751b3a9e619107bde39bfa81791ff0e4577055528aef46891c3c49afda8137d03cf6893db7b0f1fe95f8a096159869db71853b6bb5c08ce5fc61353f1e659d7ac53f54a7e2c94cba21994930a423ac7f84ed873a76b0dda0a4b4c5f87eef3164a0c03bc2a7f08290ddf300b298de3fd9167fb8b9c2f26e27f97cf5e90586ea50b85eb5b420eebe171893782b8326148ef5f5408e4dbfdb2fbfec699e4a241291c2f43e9edbf44c0ffb8ee32a18b6e8f0b61836146e2eab9a767800c2c91190c96cf88466adf775b4cf517dc5e39be99c4ab471f381c3915203cd2f27466c8943a80ba03150699c787696de272affa4e4940e59d8b7c69f804d6d3fa7543176a4df033532e5053d72521d097dda0c7a70bd1278c61513c1b87b01d9a9ec4d5ef793096dab53d3224f245fd5d87984d58dc09d11ba0094ba8c39942be41f362e29bba1cdcf8068a4d8d67d2d6d79aa2d089bc4d475097d7523860ec41dab4fa4b0cfe674c163ad419753bd73882336d42036a179bb33162b31f2a58436ea88fba598fad987a60b1847cc63a77c2bb30477ecbeaaa590cde56be4102d0365987eed64bdf01bbd9aaeb77dde491845e612557f"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x428, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f00}, 0x50) 89.316843ms ago: executing program 1 (id=260): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000220000001801000020207025000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xb}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0xa4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5}, 0x48) 68.925974ms ago: executing program 4 (id=261): r0 = socket$inet6(0xa, 0x3, 0x88) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x12, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f00000012c0)={{0x6, 0x3, 0x0, 0x0, 'syz0\x00', 0x1}, 0x4, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 'syz0\x00', 0x0}) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r3 = epoll_create1(0x80000) close(r3) r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x10) fcntl$setsig(r4, 0xa, 0x2f) fcntl$setlease(r4, 0x400, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) getpid() setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@empty, 0x4e20, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}, {}, {}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in6=@mcast1, 0x0, 0x32}, 0x0, @in=@multicast1, 0x0, 0x2, 0x0, 0x4, 0x1}}, 0xe8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 45.343387ms ago: executing program 0 (id=262): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x90, r1, 0x5, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4c, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @val={0x25, 0x3, {0x0, 0xac, 0x9}}, @val={0x2a, 0x1, {0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x1000, 0x1, 0x1, 0x0, {0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x6, 0x7, 0x7}}, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x5, 0x2, [{0x7, 0x2}]}]}]}]}, 0x90}}, 0x0) 0s ago: executing program 1 (id=263): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0xc8d0, &(0x7f0000000040)=ANY=[], 0x5, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) kernel console output (not intermixed with test programs): nterface activated: batadv_slave_1 [ 45.555628][ T3582] device veth1_macvtap entered promiscuous mode [ 45.571864][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 45.579671][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 45.588490][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 45.599851][ T3569] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.609050][ T3569] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.617945][ T3569] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.626665][ T3569] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.655312][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.666441][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.677129][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.687844][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.697921][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.708622][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.720655][ T3582] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.732471][ T3571] device veth1_vlan entered promiscuous mode [ 45.752970][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 45.771288][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 45.783212][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.795724][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.805828][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.816922][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.827018][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.839433][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.851636][ T3582] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.890593][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 45.899113][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 45.916885][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 45.931981][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 45.951044][ T3582] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.960156][ T3582] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.975084][ T3582] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.984400][ T3582] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.024205][ T1241] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.043667][ T1241] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.059226][ T1246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.068654][ T1246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.080006][ T3616] Bluetooth: hci4: command 0x040f tx timeout [ 46.086498][ T3616] Bluetooth: hci1: command 0x040f tx timeout [ 46.091832][ T3571] device veth0_macvtap entered promiscuous mode [ 46.092997][ T3616] Bluetooth: hci0: command 0x040f tx timeout [ 46.104957][ T3616] Bluetooth: hci2: command 0x040f tx timeout [ 46.123629][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 46.131940][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 46.139816][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 46.152301][ T3619] Bluetooth: hci3: command 0x040f tx timeout [ 46.804107][ T3571] device veth1_macvtap entered promiscuous mode [ 46.831553][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.845633][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.860175][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.874839][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.885001][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.895824][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.911367][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.922109][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.933446][ T3571] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.046346][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.058333][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.088793][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.100274][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.112231][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.391369][ T26] audit: type=1326 audit(1724976646.619:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000 [ 47.527675][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.604638][ T26] audit: type=1326 audit(1724976646.639:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000 [ 47.627575][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.631512][ T26] audit: type=1326 audit(1724976646.749:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000 [ 47.638434][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.665983][ T26] audit: type=1326 audit(1724976646.789:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000 [ 47.671169][ T3571] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.699765][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.709466][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.718437][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.729611][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.749549][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.779861][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.807261][ T26] audit: type=1326 audit(1724976646.829:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000 [ 47.837575][ T26] audit: type=1326 audit(1724976646.879:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000 [ 47.842012][ T3571] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.860210][ T26] audit: type=1326 audit(1724976646.879:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000 [ 47.898261][ T3571] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.907354][ T3571] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.925803][ T3571] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.930172][ T3661] loop0: detected capacity change from 0 to 512 [ 47.943015][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 47.945223][ T1241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.958557][ T1241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.977923][ T1246] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.986262][ T1246] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.000291][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 48.014923][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 48.064237][ T3661] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 48.077276][ T3661] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff) [ 48.112359][ T1241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.132211][ T1241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.133318][ T26] audit: type=1800 audit(1724976647.399:9): pid=3661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.7" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 48.161835][ T3559] Bluetooth: hci2: command 0x0419 tx timeout [ 48.173496][ T3559] Bluetooth: hci0: command 0x0419 tx timeout [ 48.176612][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 48.189079][ T3559] Bluetooth: hci1: command 0x0419 tx timeout [ 48.199529][ T3559] Bluetooth: hci4: command 0x0419 tx timeout [ 48.230987][ T3619] Bluetooth: hci3: command 0x0419 tx timeout [ 48.277127][ T3672] netlink: 'syz.4.8': attribute type 21 has an invalid length. [ 48.298240][ T1246] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.338182][ T1246] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.365841][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 48.387028][ T1246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.453335][ T3674] netlink: 'syz.3.11': attribute type 10 has an invalid length. [ 48.462448][ T1246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.504183][ T3674] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.577487][ T3674] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 48.586897][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 48.605254][ T3674] syz.3.11 (3674) used greatest stack depth: 19576 bytes left [ 48.686717][ T3682] xt_CT: You must specify a L4 protocol and not use inversions on it [ 49.429402][ T3687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13'. [ 49.469035][ T3687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13'. [ 49.550977][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 49.671021][ T3559] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 49.910809][ T3618] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 49.960704][ T3651] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 49.980812][ T3614] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 50.030640][ T3559] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 50.043058][ T3559] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBA, skipping [ 50.160970][ T3618] usb 2-1: Using ep0 maxpacket: 8 [ 50.210660][ T3559] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 50.219799][ T3559] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 50.220552][ T3651] usb 1-1: Using ep0 maxpacket: 16 [ 50.233565][ T3559] usb 4-1: Product: syz [ 50.233588][ T3614] usb 3-1: Using ep0 maxpacket: 32 [ 50.237729][ T3559] usb 4-1: Manufacturer: syz [ 50.247909][ T3559] usb 4-1: SerialNumber: syz [ 50.258489][ T3559] usb 4-1: config 0 descriptor?? [ 50.281526][ T3685] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 50.288833][ T3685] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 50.300876][ T3618] usb 2-1: config 0 has no interfaces? [ 50.305708][ T3559] usb 4-1: ucan: probing device on interface #0 [ 50.316684][ T3559] usb 4-1: ucan: invalid EP count (1) [ 50.342436][ T3559] usb 4-1: ucan: probe failed; try to update the device firmware [ 50.401055][ T3614] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 50.410367][ T3651] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 50.416466][ T3707] loop4: detected capacity change from 0 to 512 [ 50.428800][ T3614] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.436528][ T3707] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 50.437128][ T3651] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 50.463206][ T3614] usb 3-1: config 0 descriptor?? [ 50.468458][ T3651] usb 1-1: New USB device found, idVendor=056a, idProduct=0300, bcdDevice= 0.00 [ 50.478997][ T3651] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.484291][ T3707] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 50.490139][ T3651] usb 1-1: config 0 descriptor?? [ 50.504507][ T3614] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 50.522218][ T3618] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 50.532474][ T3618] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 50.534167][ T3707] EXT4-fs (loop4): 1 truncate cleaned up [ 50.544865][ T3618] usb 2-1: Product: syz [ 50.546839][ T3707] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 50.558312][ T3618] usb 2-1: Manufacturer: syz [ 50.598447][ T3618] usb 2-1: SerialNumber: syz [ 50.605213][ T3618] usb 2-1: config 0 descriptor?? [ 50.858264][ T3617] usb 2-1: USB disconnect, device number 2 [ 51.000584][ T3651] wacom 0003:056A:0300.0001: Unknown device_type for 'HID 056a:0300'. Assuming pen. [ 51.014846][ T3651] wacom 0003:056A:0300.0001: hidraw0: USB HID v0.00 Device [HID 056a:0300] on usb-dummy_hcd.0-1/input0 [ 51.027560][ T3651] input: Wacom Bamboo One S Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0300.0001/input/input5 [ 51.210119][ T21] usb 1-1: USB disconnect, device number 2 [ 51.439240][ T3714] xt_CT: You must specify a L4 protocol and not use inversions on it [ 52.129763][ T3726] loop4: detected capacity change from 0 to 256 [ 52.181312][ T3726] ======================================================= [ 52.181312][ T3726] WARNING: The mand mount option has been deprecated and [ 52.181312][ T3726] and is ignored by this kernel. Remove the mand [ 52.181312][ T3726] option from the mount to silence this warning. [ 52.181312][ T3726] ======================================================= [ 52.231711][ T3614] gspca_vc032x: reg_w err -71 [ 52.236406][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.241993][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.247283][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.252695][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.257977][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.263493][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.268785][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.274240][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.279525][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.282493][ T3726] FAT-fs (loop4): Directory bread(block 64) failed [ 52.284951][ T3617] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 52.297412][ T3726] FAT-fs (loop4): Directory bread(block 65) failed [ 52.299875][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.310330][ T3726] FAT-fs (loop4): Directory bread(block 66) failed [ 52.324666][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.329976][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.345880][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.354637][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.358897][ T3726] FAT-fs (loop4): Directory bread(block 67) failed [ 52.360112][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.368325][ T3726] FAT-fs (loop4): Directory bread(block 68) failed [ 52.373042][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.381693][ T3726] FAT-fs (loop4): Directory bread(block 69) failed [ 52.384688][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.395290][ T3726] FAT-fs (loop4): Directory bread(block 70) failed [ 52.397071][ T3614] gspca_vc032x: I2c Bus Busy Wait 00 [ 52.403364][ T3726] FAT-fs (loop4): Directory bread(block 71) failed [ 52.407912][ T3614] gspca_vc032x: Unknown sensor... [ 52.419552][ T3614] vc032x: probe of 3-1:0.0 failed with error -22 [ 52.422054][ T3726] FAT-fs (loop4): Directory bread(block 72) failed [ 52.429127][ T3614] usb 3-1: USB disconnect, device number 2 [ 52.440962][ T3618] usb 4-1: USB disconnect, device number 2 [ 52.448548][ T3726] FAT-fs (loop4): Directory bread(block 73) failed [ 52.450557][ T21] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 52.651812][ T3617] usb 2-1: Using ep0 maxpacket: 32 [ 52.950687][ T3618] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 53.040983][ T3617] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 53.050036][ T3617] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 53.093067][ T3617] usb 2-1: Product: syz [ 53.099659][ T3617] usb 2-1: Manufacturer: syz [ 53.112399][ T3617] usb 2-1: SerialNumber: syz [ 53.140645][ T3617] usb 2-1: config 0 descriptor?? [ 53.202358][ T3617] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 53.230614][ T21] usb 1-1: Using ep0 maxpacket: 32 [ 53.281890][ T3618] usb 4-1: Using ep0 maxpacket: 16 [ 53.350634][ T21] usb 1-1: config 0 has an invalid interface number: 120 but max is 0 [ 53.358902][ T21] usb 1-1: config 0 has no interface number 0 [ 53.365151][ T21] usb 1-1: config 0 interface 120 altsetting 128 bulk endpoint 0xF has invalid maxpacket 32 [ 53.375283][ T21] usb 1-1: config 0 interface 120 altsetting 128 endpoint 0xB has an invalid bInterval 184, changing to 7 [ 53.386609][ T21] usb 1-1: config 0 interface 120 altsetting 128 bulk endpoint 0x9 has invalid maxpacket 16 [ 53.396743][ T21] usb 1-1: config 0 interface 120 has no altsetting 0 [ 53.410914][ T3618] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 53.422596][ T3618] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 53.433072][ T3618] usb 4-1: New USB device found, idVendor=05ac, idProduct=027d, bcdDevice= 0.00 [ 53.442149][ T3618] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.451842][ T3618] usb 4-1: config 0 descriptor?? [ 53.540571][ T3614] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 53.560700][ T21] usb 1-1: New USB device found, idVendor=11ca, idProduct=0201, bcdDevice=9c.fb [ 53.569829][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 53.577855][ T21] usb 1-1: Product: syz [ 53.582078][ T21] usb 1-1: Manufacturer: syz [ 53.586691][ T21] usb 1-1: SerialNumber: syz [ 53.596053][ T21] usb 1-1: config 0 descriptor?? [ 53.620752][ T3724] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 53.628665][ T3724] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 53.790649][ T3614] usb 5-1: Using ep0 maxpacket: 8 [ 53.885270][ T21] usb 1-1: USB disconnect, device number 3 [ 53.933333][ T3614] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 53.954602][ T3618] hid-generic 0003:05AC:027D.0002: hidraw0: USB HID v0.00 Device [HID 05ac:027d] on usb-dummy_hcd.3-1/input0 [ 53.966259][ T3614] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x93, skipping [ 53.978926][ T3614] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 54.070965][ T3617] gspca_ov534_9: reg_w failed -71 [ 54.134422][ T21] usb 4-1: USB disconnect, device number 3 [ 54.190732][ T3614] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 54.200478][ T3614] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.208463][ T3614] usb 5-1: Product: syz [ 54.212663][ T3614] usb 5-1: Manufacturer: syz [ 54.217334][ T3614] usb 5-1: SerialNumber: syz [ 54.223670][ T3614] usb 5-1: config 0 descriptor?? [ 54.263058][ T3614] imon:imon_find_endpoints: no valid input (IR) endpoint found [ 54.270996][ T3614] imon 5-1:0.0: unable to initialize intf0, err -19 [ 54.277589][ T3614] imon:imon_probe: failed to initialize context! [ 54.284427][ T3614] imon 5-1:0.0: unable to register, err -19 [ 54.400107][ T3736] loop0: detected capacity change from 0 to 512 [ 54.466643][ T3734] udc-core: couldn't find an available UDC or it's busy [ 54.473800][ T3734] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 54.482905][ T3734] udc-core: couldn't find an available UDC or it's busy [ 54.490910][ T3736] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 54.504201][ T3734] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 54.508229][ T3736] EXT4-fs (loop0): 1 truncate cleaned up [ 54.511848][ T3617] gspca_ov534_9: Unknown sensor 0000 [ 54.517662][ T3736] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 54.521650][ T3617] ov534_9: probe of 2-1:0.0 failed with error -22 [ 54.559720][ T3617] usb 2-1: USB disconnect, device number 3 [ 54.854717][ T3744] loop1: detected capacity change from 0 to 16 [ 54.945871][ T3744] erofs: Unknown parameter 't5;} 7_cN [ 54.945871][ T3744] baH.ww"Lam)p'6~' [ 56.055921][ T3751] vhci_hcd: default hub control req: 4012 v0007 i0006 l0 [ 56.063552][ T3614] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 56.163238][ T3757] netlink: 56 bytes leftover after parsing attributes in process `syz.2.40'. [ 56.201379][ T3761] loop1: detected capacity change from 0 to 256 [ 56.209639][ T3757] loop2: detected capacity change from 0 to 512 [ 56.264079][ T3757] EXT4-fs (loop2): filesystem is read-only [ 56.269185][ T21] usb 5-1: USB disconnect, device number 2 [ 56.281742][ T3757] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 56.309100][ T3757] EXT4-fs (loop2): filesystem is read-only [ 56.316839][ T3757] EXT4-fs (loop2): orphan cleanup on readonly fs [ 56.337217][ T3614] usb 4-1: Using ep0 maxpacket: 32 [ 56.344393][ T3757] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.40: bg 0: block 64: padding at end of block bitmap is not set [ 56.364659][ T3761] FAT-fs (loop1): Directory bread(block 64) failed [ 56.367103][ T3757] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6185: Corrupt filesystem [ 56.371714][ T3761] FAT-fs (loop1): Directory bread(block 65) failed [ 56.381598][ T3757] EXT4-fs (loop2): 1 orphan inode deleted [ 56.388427][ T3761] FAT-fs (loop1): Directory bread(block 66) failed [ 56.400306][ T3757] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,noblock_validity,auto_da_alloc=0x0000000000000000,inode_readahead_blks=0x0000000000001000,user_xattr,nombcache,resuid=0x000000000000ee00,data_err=abort,grpid,noauto_da_alloc,,errors=continue. Quota mode: none. [ 56.407094][ T3761] FAT-fs (loop1): Directory bread(block 67) failed [ 56.437238][ T3761] FAT-fs (loop1): Directory bread(block 68) failed [ 56.443854][ T3761] FAT-fs (loop1): Directory bread(block 69) failed [ 56.450431][ T3761] FAT-fs (loop1): Directory bread(block 70) failed [ 56.457020][ T3761] FAT-fs (loop1): Directory bread(block 71) failed [ 56.463696][ T3761] FAT-fs (loop1): Directory bread(block 72) failed [ 56.470231][ T3761] FAT-fs (loop1): Directory bread(block 73) failed [ 56.478337][ T3619] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 56.681532][ T21] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 56.931445][ T3614] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 56.966415][ T3614] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.066354][ T3614] usb 4-1: Product: syz [ 57.070896][ T3614] usb 4-1: Manufacturer: syz [ 57.080729][ T3614] usb 4-1: SerialNumber: syz [ 57.098145][ T3614] usb 4-1: config 0 descriptor?? [ 57.400628][ T3619] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 57.412076][ T3619] usb 1-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00 [ 57.421863][ T3619] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.445661][ T3619] usb 1-1: config 0 descriptor?? [ 57.606275][ T21] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 57.617898][ T21] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 57.634345][ T21] usb 5-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00 [ 57.645066][ T21] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.660609][ T3651] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 57.662848][ T21] usb 5-1: config 0 descriptor?? [ 57.850340][ T3614] rtl8150 4-1:0.0: eth1: rtl8150 is detected [ 57.933604][ T3619] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0 [ 58.044384][ T3616] usb 4-1: USB disconnect, device number 4 [ 58.061105][ T3651] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 58.087592][ T3651] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 58.150883][ T3619] hid-led: probe of 0003:1D34:0004.0003 failed with error -71 [ 58.176683][ T21] hid-generic 0003:18D1:9400.0004: hidraw0: USB HID v0.00 Device [HID 18d1:9400] on usb-dummy_hcd.4-1/input0 [ 58.195852][ T3651] usb 2-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4 [ 58.198900][ T3619] usb 1-1: USB disconnect, device number 4 [ 58.212226][ T3651] usb 2-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0 [ 58.251252][ T3651] usb 2-1: Manufacturer: syz [ 58.264018][ T3651] usb 2-1: config 0 descriptor?? [ 58.370933][ T3764] udc-core: couldn't find an available UDC or it's busy [ 58.377913][ T3764] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 58.422486][ T3617] usb 5-1: USB disconnect, device number 3 [ 58.679151][ T3800] loop2: detected capacity change from 0 to 512 [ 58.712323][ T3800] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 58.725654][ T3800] EXT4-fs (loop2): 1 truncate cleaned up [ 58.731946][ T3800] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 58.867510][ T3651] usb 2-1: USB disconnect, device number 4 [ 58.944267][ T3619] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 59.020549][ T3572] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 59.076987][ T3812] loop2: detected capacity change from 0 to 16 [ 59.148209][ T3812] erofs: (device loop2): mounted with root inode @ nid 36. [ 59.193705][ T3812] erofs: (device loop2): find_target_block_classic: corrupted dir block 0 @ nid 36 [ 59.381173][ T3572] usb 1-1: Using ep0 maxpacket: 8 [ 59.387882][ T3619] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 59.450116][ T3619] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 59.480046][ T3619] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 59.489699][ T3619] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.504952][ T3619] usb 4-1: config 0 descriptor?? [ 59.520790][ T3572] usb 1-1: config 1 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 59.534102][ T3572] usb 1-1: config 1 interface 0 has no altsetting 0 [ 59.553783][ T3619] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 59.841478][ T3572] usb 1-1: New USB device found, idVendor=05ac, idProduct=030a, bcdDevice= 0.40 [ 59.861470][ T3572] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 59.869581][ T3572] usb 1-1: Product: syz [ 59.912152][ T3572] usb 1-1: Manufacturer: syz [ 60.008635][ T3572] usb 1-1: SerialNumber: syz [ 60.452377][ T3825] vhci_hcd: default hub control req: 4012 v0007 i0006 l0 [ 60.519456][ T26] audit: type=1326 audit(1724976659.779:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.544100][ T3572] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input8 [ 60.570030][ T26] audit: type=1326 audit(1724976659.829:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.608824][ T3572] usb 1-1: USB disconnect, device number 5 [ 60.614760][ C1] appletouch 1-1:1.0: atp_complete: usb_submit_urb failed with result -19 [ 60.620527][ T26] audit: type=1326 audit(1724976659.829:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.687383][ T26] audit: type=1326 audit(1724976659.829:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.725967][ T26] audit: type=1326 audit(1724976659.829:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.772059][ T26] audit: type=1326 audit(1724976659.829:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.795314][ T26] audit: type=1326 audit(1724976659.829:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.822565][ T26] audit: type=1326 audit(1724976659.829:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.845146][ T26] audit: type=1326 audit(1724976659.829:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 60.848448][ T3572] appletouch 1-1:1.0: input: appletouch disconnected [ 60.878295][ T26] audit: type=1326 audit(1724976659.829:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 61.051256][ T3839] loop0: detected capacity change from 0 to 512 [ 61.060587][ T3651] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 61.060870][ T3619] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 61.138322][ T3839] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 61.153499][ T3839] EXT4-fs (loop0): 1 truncate cleaned up [ 61.159161][ T3839] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 61.320622][ T3619] usb 2-1: Using ep0 maxpacket: 8 [ 61.340631][ T3651] usb 3-1: Using ep0 maxpacket: 16 [ 61.440632][ T3619] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 61.451365][ T3619] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 61.460228][ T3619] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 61.471435][ T3619] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 61.482635][ T3619] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 61.491701][ T3619] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.520580][ T3572] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 61.541999][ T3619] hub 2-1:1.0: bad descriptor, ignoring hub [ 61.548059][ T3619] hub: probe of 2-1:1.0 failed with error -5 [ 61.554558][ T3619] cdc_wdm 2-1:1.0: skipping garbage [ 61.559771][ T3619] cdc_wdm 2-1:1.0: skipping garbage [ 61.569425][ T3619] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 61.575892][ T3619] cdc_wdm 2-1:1.0: Unknown control protocol [ 61.670769][ T3651] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 61.679922][ T3651] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 61.687963][ T3651] usb 3-1: Product: syz [ 61.692232][ T3651] usb 3-1: Manufacturer: syz [ 61.696837][ T3651] usb 3-1: SerialNumber: syz [ 61.703670][ T3651] usb 3-1: config 0 descriptor?? [ 61.747466][ T3651] visor 3-1:0.0: Sony Clie 3.5 converter detected [ 61.747982][ T3837] udc-core: couldn't find an available UDC or it's busy [ 61.761178][ T3837] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 61.780693][ T3617] usb 4-1: USB disconnect, device number 5 [ 61.815418][ T3844] loop3: detected capacity change from 0 to 1024 [ 61.822989][ T3845] udc-core: couldn't find an available UDC or it's busy [ 61.830065][ T3845] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 61.839596][ T3845] udc-core: couldn't find an available UDC or it's busy [ 61.847038][ T3845] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 61.856155][ T3844] EXT4-fs (loop3): Ignoring removed orlov option [ 61.866428][ T3844] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 61.890836][ T3572] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 61.898043][ T3844] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 61.901883][ T3572] usb 1-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00 [ 61.934150][ T3572] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.960267][ T3572] usb 1-1: config 0 descriptor?? [ 61.971931][ T3844] syz.3.60 (3844) used greatest stack depth: 19440 bytes left [ 62.184856][ T3651] usb 3-1: clie_3_5_startup: get interface number bad return length: 0 [ 62.195186][ T3651] visor: probe of 3-1:0.0 failed with error -5 [ 62.340690][ T21] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 62.387894][ T3617] usb 3-1: USB disconnect, device number 3 [ 62.402436][ T3651] usb 2-1: USB disconnect, device number 5 [ 62.511373][ T3572] hid-led 0003:1D34:0004.0005: unknown main item tag 0x0 [ 62.613384][ T21] usb 4-1: Using ep0 maxpacket: 8 [ 62.731174][ T21] usb 4-1: config 0 has an invalid interface number: 33 but max is 1 [ 62.779229][ T3572] hid-led 0003:1D34:0004.0005: hidraw0: USB HID v0.00 Device [HID 1d34:0004] on usb-dummy_hcd.0-1/input0 [ 62.849181][ T21] usb 4-1: config 0 has no interface number 1 [ 63.175624][ T3572] hid-led 0003:1D34:0004.0005: Dream Cheeky Webmail Notifier initialized [ 63.250952][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #300!!! [ 63.260064][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #300!!! [ 63.269061][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #302!!! [ 63.274057][ T21] usb 4-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1 [ 63.303568][ T3572] usb 1-1: USB disconnect, device number 6 [ 63.310198][ T21] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.335398][ T21] usb 4-1: Product: syz [ 63.340249][ T21] usb 4-1: Manufacturer: syz [ 63.348462][ T21] usb 4-1: SerialNumber: syz [ 63.404060][ T21] usb 4-1: config 0 descriptor?? [ 63.446265][ T21] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx [ 63.481654][ T3875] loop4: detected capacity change from 0 to 512 [ 63.514723][ T3875] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 63.539425][ T3875] EXT4-fs (loop4): 1 truncate cleaned up [ 63.545475][ T3875] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 63.570864][ T3651] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 63.663048][ T21] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx [ 63.672918][ T2149] usb 4-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2 [ 63.682868][ T2149] usb 4-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw [ 63.709753][ T21] usb 4-1: USB disconnect, device number 6 [ 63.760666][ T3617] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 63.940761][ T3614] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 64.000688][ T3651] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 64.009377][ T3651] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 64.019653][ T3617] usb 3-1: Using ep0 maxpacket: 8 [ 64.024817][ T3651] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 64.033847][ T3651] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 64.045067][ T3651] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 64.161032][ T3617] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 64.183293][ T3617] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 64.196237][ T3617] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 64.205710][ T3617] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.220816][ T3651] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 64.231754][ T3651] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 64.245902][ T3651] usb 2-1: Product: syz [ 64.250997][ T3651] usb 2-1: Manufacturer: syz [ 64.331762][ T3651] cdc_wdm 2-1:1.0: skipping garbage [ 64.338417][ T3651] cdc_wdm 2-1:1.0: skipping garbage [ 64.359189][ T3651] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 64.368671][ T3651] cdc_wdm 2-1:1.0: Unknown control protocol [ 64.510855][ T3614] usb 5-1: New USB device found, idVendor=2013, idProduct=025d, bcdDevice=f5.0f [ 64.523985][ T3614] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.541232][ T3614] usb 5-1: Product: syz [ 64.545529][ T3614] usb 5-1: Manufacturer: syz [ 64.550134][ T3614] usb 5-1: SerialNumber: syz [ 64.559917][ T3614] usb 5-1: config 0 descriptor?? [ 64.600088][ T3893] loop3: detected capacity change from 0 to 128 [ 64.645401][ T3617] usb 2-1: USB disconnect, device number 6 [ 64.673668][ T3893] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 64.747601][ T3569] FAT-fs (loop3): error, invalid access to FAT (entry 0x0affffff) [ 64.757287][ T3569] FAT-fs (loop3): Filesystem has been set read-only [ 64.766064][ T3569] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 64.810714][ T3614] dvb-usb: found a 'PCTV 2002e SE' in cold state, will try to load a firmware [ 64.869935][ T3614] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 64.878139][ T3614] dib0700: firmware download failed at 7 with -22 [ 64.887293][ T3614] usb 5-1: USB disconnect, device number 4 [ 65.548990][ T26] kauditd_printk_skb: 103 callbacks suppressed [ 65.548999][ T26] audit: type=1326 audit(1724976664.809:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.584707][ T26] audit: type=1326 audit(1724976664.849:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.610704][ T3614] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 65.612130][ T26] audit: type=1326 audit(1724976664.849:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.643656][ T26] audit: type=1326 audit(1724976664.849:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.666546][ T26] audit: type=1326 audit(1724976664.849:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.702056][ T3911] loop1: detected capacity change from 0 to 512 [ 65.709601][ T26] audit: type=1326 audit(1724976664.849:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.732086][ T26] audit: type=1326 audit(1724976664.849:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.755710][ T26] audit: type=1326 audit(1724976664.849:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.778061][ T26] audit: type=1326 audit(1724976664.849:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.788916][ T3911] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 65.803287][ T26] audit: type=1326 audit(1724976664.849:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 65.828332][ T3911] EXT4-fs (loop1): 1 truncate cleaned up [ 65.837836][ T3911] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 66.050618][ T3614] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 66.061791][ T3614] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 66.071630][ T3614] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00 [ 66.080947][ T3614] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.093936][ T3614] usb 5-1: config 0 descriptor?? [ 66.250664][ T3617] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 66.501396][ T3703] usb 3-1: USB disconnect, device number 4 [ 66.572902][ T3614] ryos 0003:1E7D:3138.0006: unknown main item tag 0x0 [ 66.584657][ T3614] ryos 0003:1E7D:3138.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.4-1/input0 [ 66.663794][ T3617] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 66.682393][ T3617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.701647][ T3617] usb 2-1: config 0 descriptor?? [ 66.752248][ T3617] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 66.784051][ T3900] udc-core: couldn't find an available UDC or it's busy [ 66.807488][ T3900] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 66.828464][ T3874] usb 5-1: USB disconnect, device number 5 [ 66.850089][ T3923] loop0: detected capacity change from 0 to 1024 [ 66.960731][ T3617] gp8psk: usb in 128 operation failed. [ 67.230904][ T3617] gp8psk: usb in 146 operation failed. [ 67.236383][ T3617] gp8psk: failed to get FW version [ 67.290798][ T3617] gp8psk: FPGA Version = 216 [ 67.310683][ T3703] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 67.443170][ T3941] loop4: detected capacity change from 0 to 512 [ 67.480779][ T3614] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 67.506762][ T3941] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 67.516988][ T3617] gp8psk: usb in 138 operation failed. [ 67.521477][ T3941] EXT4-fs (loop4): 1 truncate cleaned up [ 67.523123][ T3617] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 67.533536][ T3941] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 67.573207][ T3617] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 67.585233][ T3617] usb 2-1: media controller created [ 67.590780][ T3703] usb 1-1: Using ep0 maxpacket: 32 [ 67.607675][ T3617] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 67.637152][ T3617] gp8psk_fe: Frontend attached [ 67.642638][ T3617] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 67.652090][ T3617] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 67.720842][ T3703] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 67.731649][ T3614] usb 3-1: Using ep0 maxpacket: 8 [ 67.737536][ T3703] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 67.747522][ T3703] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.758082][ T3703] usb 1-1: config 0 descriptor?? [ 67.763351][ T3617] gp8psk: usb in 138 operation failed. [ 67.768865][ T3617] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 67.778790][ T3617] gp8psk: found Genpix USB device pID = 203 (hex) [ 67.787633][ T3617] usb 2-1: USB disconnect, device number 7 [ 67.793833][ T3928] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 67.821835][ T3703] hub 1-1:0.0: bad descriptor, ignoring hub [ 67.827765][ T3703] hub: probe of 1-1:0.0 failed with error -5 [ 67.845746][ T3703] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 67.876820][ T3617] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 67.887371][ T3614] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 67.915168][ T3614] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 68.060534][ T23] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 68.100646][ T3614] usb 3-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.40 [ 68.109833][ T3614] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.126419][ T3614] usb 3-1: Product: syz [ 68.144889][ T3614] usb 3-1: Manufacturer: syz [ 68.149516][ T3614] usb 3-1: SerialNumber: syz [ 68.219924][ T3952] loop1: detected capacity change from 0 to 1024 [ 68.300602][ T23] usb 5-1: Using ep0 maxpacket: 16 [ 68.420647][ T23] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 68.592327][ T23] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 68.601560][ T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.609677][ T23] usb 5-1: Product: syz [ 68.614393][ T23] usb 5-1: Manufacturer: syz [ 68.618986][ T23] usb 5-1: SerialNumber: syz [ 68.620593][ T3617] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 68.626162][ T23] usb 5-1: config 0 descriptor?? [ 68.641722][ T3935] udc-core: couldn't find an available UDC or it's busy [ 68.648858][ T3935] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 68.871250][ T3614] hid (null): report_id 2668810406 is invalid [ 68.879833][ T3614] asus 0003:0B05:19B6.0007: report_id 2668810406 is invalid [ 68.888628][ T3614] asus 0003:0B05:19B6.0007: item 0 4 1 8 parsing failed [ 68.896079][ T3614] asus 0003:0B05:19B6.0007: Asus hid parse failed: -22 [ 68.902991][ T3617] usb 2-1: Using ep0 maxpacket: 32 [ 68.908160][ T3614] asus: probe of 0003:0B05:19B6.0007 failed with error -22 [ 69.040679][ T3617] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 69.048959][ T3617] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 69.060068][ T3617] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 69.071455][ T3617] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 69.084972][ T3617] usb 2-1: config 0 interface 0 has no altsetting 0 [ 69.096890][ T3572] usb 3-1: USB disconnect, device number 5 [ 69.110823][ T23] usb 5-1: Found UVC 0.00 device syz (045e:0721) [ 69.117323][ T23] usb 5-1: No valid video chain found. [ 69.271857][ T3617] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 69.281117][ T3617] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 69.289558][ T3617] usb 2-1: Product: syz [ 69.294433][ T3617] usb 2-1: Manufacturer: syz [ 69.299027][ T3617] usb 2-1: SerialNumber: syz [ 69.308343][ T3617] usb 2-1: config 0 descriptor?? [ 69.324173][ T3572] usb 5-1: USB disconnect, device number 6 [ 69.362579][ T3617] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 69.373881][ T3617] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 69.582826][ T3617] usb 2-1: USB disconnect, device number 8 [ 69.591151][ T3617] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 70.065651][ T3974] loop0: detected capacity change from 0 to 512 [ 70.120715][ T3974] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 70.151157][ T3572] usb 1-1: USB disconnect, device number 7 [ 70.167673][ T3974] EXT4-fs (loop0): 1 truncate cleaned up [ 70.177471][ T3974] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 70.347091][ T3989] loop0: detected capacity change from 0 to 1024 [ 70.440624][ T3614] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 70.460744][ T3617] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 70.481050][ T3651] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 70.717839][ T3572] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 70.720679][ T3617] usb 3-1: Using ep0 maxpacket: 32 [ 70.730626][ T3614] usb 2-1: Using ep0 maxpacket: 8 [ 70.890703][ T3614] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 70.900700][ T3614] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 0 [ 70.928504][ T3651] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 70.939592][ T3651] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 70.949912][ T3651] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 70.960696][ T3572] usb 1-1: Using ep0 maxpacket: 8 [ 71.080602][ T3572] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 71.090946][ T3572] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 71.099816][ T3572] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 71.100713][ T3614] usb 2-1: New USB device found, idVendor=7392, idProduct=d611, bcdDevice=e7.bb [ 71.120392][ T3617] usb 3-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=10.ae [ 71.123282][ T3572] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 71.129750][ T3617] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.146991][ T3572] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 71.149677][ T3614] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.158703][ T3572] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.166320][ T3651] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38 [ 71.183382][ T3617] usb 3-1: Product: syz [ 71.187545][ T3617] usb 3-1: Manufacturer: syz [ 71.194028][ T1074] cfg80211: failed to load regulatory.db [ 71.195816][ T1389] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.195943][ T1389] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.215758][ T3614] usb 2-1: Product: syz [ 71.219918][ T3614] usb 2-1: Manufacturer: syz [ 71.224562][ T3651] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.232601][ T3614] usb 2-1: SerialNumber: syz [ 71.237619][ T3651] usb 5-1: Product: syz [ 71.243322][ T3614] usb 2-1: config 0 descriptor?? [ 71.248401][ T3651] usb 5-1: Manufacturer: syz [ 71.251622][ T3572] hub 1-1:1.0: bad descriptor, ignoring hub [ 71.253255][ T3651] usb 5-1: SerialNumber: syz [ 71.263831][ T3617] usb 3-1: SerialNumber: syz [ 71.269161][ T3572] hub: probe of 1-1:1.0 failed with error -5 [ 71.276397][ T3617] usb 3-1: config 0 descriptor?? [ 71.299961][ T3572] cdc_wdm 1-1:1.0: skipping garbage [ 71.301481][ T3651] usb 5-1: config 0 descriptor?? [ 71.318018][ T3572] cdc_wdm 1-1:1.0: skipping garbage [ 71.334080][ T3984] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 71.346901][ T3572] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 71.347360][ T3617] ums_eneub6250 3-1:0.0: USB Mass Storage device detected [ 71.356364][ T3572] cdc_wdm 1-1:1.0: Unknown control protocol [ 71.504044][ T3703] usb 2-1: USB disconnect, device number 9 [ 71.526933][ T3992] udc-core: couldn't find an available UDC or it's busy [ 71.541825][ T3617] usb 3-1: USB disconnect, device number 6 [ 71.547976][ T3992] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 71.590203][ T3572] usb 5-1: USB disconnect, device number 7 [ 71.601862][ T3997] udc-core: couldn't find an available UDC or it's busy [ 71.618028][ T3997] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 72.279051][ T4007] binder: 3998:4007 ioctl c0306201 0 returned -14 [ 72.569575][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 72.578931][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!! [ 72.590478][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.599545][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.608575][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.617560][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.626570][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.836697][ T4004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.113'. [ 73.032599][ T26] kauditd_printk_skb: 175 callbacks suppressed [ 73.032612][ T26] audit: type=1326 audit(1724976672.299:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.079428][ T4023] sch_fq: defrate 0 ignored. [ 73.095243][ T26] audit: type=1326 audit(1724976672.339:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.170223][ T26] audit: type=1326 audit(1724976672.339:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.190631][ T3572] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 73.201678][ T26] audit: type=1326 audit(1724976672.339:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.233310][ T26] audit: type=1326 audit(1724976672.339:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.239895][ T4026] loop2: detected capacity change from 0 to 1024 [ 73.261345][ T26] audit: type=1326 audit(1724976672.339:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.294808][ T26] audit: type=1326 audit(1724976672.339:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.324383][ T26] audit: type=1326 audit(1724976672.339:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.363631][ T26] audit: type=1326 audit(1724976672.339:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.390144][ T26] audit: type=1326 audit(1724976672.339:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000 [ 73.464426][ T3572] usb 2-1: Using ep0 maxpacket: 8 [ 73.511494][ T3650] usb 1-1: USB disconnect, device number 8 [ 73.600765][ T3572] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 69, changing to 10 [ 73.619447][ T3572] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 73.839622][ T3874] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 73.870618][ T3572] usb 2-1: string descriptor 0 read error: -22 [ 73.876892][ T3572] usb 2-1: New USB device found, idVendor=05ac, idProduct=0252, bcdDevice= 0.40 [ 73.887141][ T3572] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.945706][ T3572] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input9 [ 73.960526][ T3650] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 74.272714][ T4042] binder: 4039:4042 ioctl c0306201 0 returned -14 [ 74.282832][ T3650] usb 1-1: Using ep0 maxpacket: 16 [ 74.481774][ T3650] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.518588][ T3650] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 74.542694][ T3874] usb 3-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=45.87 [ 74.588174][ T4015] udc-core: couldn't find an available UDC or it's busy [ 74.624861][ T3874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 74.648473][ T4015] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 74.679730][ T3650] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 74.727623][ T3874] usb 3-1: Product: syz [ 74.768546][ T3874] usb 3-1: Manufacturer: syz [ 74.775373][ T3650] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.786004][ T3874] usb 3-1: SerialNumber: syz [ 74.798288][ T3874] usb 3-1: config 0 descriptor?? [ 74.804600][ T3650] usb 1-1: config 0 descriptor?? [ 74.842028][ T3874] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 74.967165][ T4015] udc-core: couldn't find an available UDC or it's busy [ 74.975256][ T4015] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 74.984641][ T4015] udc-core: couldn't find an available UDC or it's busy [ 74.991609][ T4015] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 75.000930][ T4015] udc-core: couldn't find an available UDC or it's busy [ 75.008089][ T4015] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 75.032195][ T3012] bcm5974 2-1:1.0: could not write to device [ 75.050249][ T3572] usb 2-1: USB disconnect, device number 10 [ 75.060706][ T3874] gspca_sunplus: reg_w_riv err -71 [ 75.060948][ T3012] bcm5974 2-1:1.0: could not read from device [ 75.065892][ T3874] sunplus: probe of 3-1:0.0 failed with error -71 [ 75.080013][ T3874] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 75.080108][ T3560] bcm5974 2-1:1.0: could not read from device [ 75.101211][ T3874] usb 3-1: USB disconnect, device number 7 [ 75.121046][ T3560] udevd[3560]: Error opening device "/dev/input/event4": No such file or directory [ 75.131090][ T3560] udevd[3560]: Unable to EVIOCGABS device "/dev/input/event4" [ 75.138752][ T3560] udevd[3560]: Unable to EVIOCGABS device "/dev/input/event4" [ 75.146805][ T3560] udevd[3560]: Unable to EVIOCGABS device "/dev/input/event4" [ 75.154749][ T3560] udevd[3560]: Unable to EVIOCGABS device "/dev/input/event4" [ 75.262196][ T23] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 75.292184][ T3650] hid-multitouch 0003:1FD2:6007.0008: unknown main item tag 0x0 [ 75.300170][ T3650] hid-multitouch 0003:1FD2:6007.0008: unknown main item tag 0x0 [ 75.311029][ T3650] hid-multitouch 0003:1FD2:6007.0008: item fetching failed at offset 4/5 [ 75.319670][ T3650] hid-multitouch: probe of 0003:1FD2:6007.0008 failed with error -22 [ 75.619541][ T4051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.127'. [ 75.694618][ T4053] sch_fq: defrate 0 ignored. [ 75.695746][ T23] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 75.703030][ T3618] usb 1-1: USB disconnect, device number 9 [ 75.708217][ T23] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 75.733208][ T23] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 75.750072][ T23] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 75.765986][ T23] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 75.925212][ T23] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 75.934605][ T23] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 75.942644][ T23] usb 5-1: Product: syz [ 75.946823][ T23] usb 5-1: Manufacturer: syz [ 75.994805][ T23] cdc_wdm 5-1:1.0: skipping garbage [ 76.000046][ T23] cdc_wdm 5-1:1.0: skipping garbage [ 76.006572][ T23] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 76.012860][ T23] cdc_wdm 5-1:1.0: Unknown control protocol [ 76.080667][ T3572] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 76.330537][ T3572] usb 3-1: Using ep0 maxpacket: 32 [ 76.480774][ T3572] usb 3-1: config 0 has no interfaces? [ 76.680745][ T3572] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 76.689964][ T3572] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 76.698526][ T3572] usb 3-1: Product: syz [ 76.703316][ T3572] usb 3-1: Manufacturer: syz [ 76.707988][ T3572] usb 3-1: SerialNumber: syz [ 76.714613][ T3572] usb 3-1: config 0 descriptor?? [ 76.977481][ T23] usb 3-1: USB disconnect, device number 8 [ 77.566972][ T23] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 77.798345][ T4085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.138'. [ 77.820565][ T23] usb 3-1: Using ep0 maxpacket: 32 [ 77.960575][ T23] usb 3-1: config 0 has no interfaces? [ 77.990319][ T3618] usb 5-1: USB disconnect, device number 8 [ 78.056057][ T4088] sch_fq: defrate 0 ignored. [ 78.131921][ T23] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 78.148043][ T26] kauditd_printk_skb: 122 callbacks suppressed [ 78.148055][ T26] audit: type=1326 audit(1724976677.409:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.181092][ T26] audit: type=1326 audit(1724976677.439:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.182592][ T23] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 78.238735][ T4097] loop4: detected capacity change from 0 to 1024 [ 78.264771][ T26] audit: type=1326 audit(1724976677.439:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.306650][ T23] usb 3-1: Product: syz [ 78.308309][ T26] audit: type=1326 audit(1724976677.439:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.338654][ T26] audit: type=1326 audit(1724976677.439:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.340399][ T23] usb 3-1: Manufacturer: syz [ 78.387348][ T26] audit: type=1326 audit(1724976677.439:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.438740][ T23] usb 3-1: SerialNumber: syz [ 78.454663][ T26] audit: type=1326 audit(1724976677.439:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.482151][ T26] audit: type=1326 audit(1724976677.439:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.504398][ T26] audit: type=1326 audit(1724976677.439:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.527296][ T26] audit: type=1326 audit(1724976677.439:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000 [ 78.588300][ T23] usb 3-1: config 0 descriptor?? [ 78.617232][ T4108] loop1: detected capacity change from 0 to 512 [ 78.875264][ T4108] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 79.271375][ T4108] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2815: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 79.273925][ T23] usb 3-1: USB disconnect, device number 9 [ 79.286989][ T4108] EXT4-fs (loop1): 1 truncate cleaned up [ 79.303165][ T4108] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 79.465913][ T4119] sch_fq: defrate 0 ignored. [ 79.490109][ T4121] netlink: 20 bytes leftover after parsing attributes in process `syz.1.150'. [ 79.528331][ T4121] netlink: 20 bytes leftover after parsing attributes in process `syz.1.150'. [ 79.688535][ T4125] loop1: detected capacity change from 0 to 1024 [ 79.948152][ T4117] Cannot find set identified by id 0 to match [ 79.964422][ T4117] loop2: detected capacity change from 0 to 1024 [ 80.013719][ T4117] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled [ 80.023344][ T4117] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 80.030671][ T4117] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 80.061079][ T4117] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 80.074483][ T4117] System zones: 0-1, 3-36 [ 80.080012][ T4117] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 80.117673][ T4117] EXT4-fs (loop2): shut down requested (0) [ 80.128388][ T4142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.158'. [ 80.137798][ T23] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 80.200761][ T3617] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 80.261981][ T3874] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 80.291655][ T4144] loop3: detected capacity change from 0 to 8192 [ 80.386405][ T4148] loop2: detected capacity change from 0 to 128 [ 80.402973][ T23] usb 1-1: Using ep0 maxpacket: 32 [ 80.436402][ T4148] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 80.450707][ T3617] usb 2-1: Using ep0 maxpacket: 16 [ 80.500956][ T4148] loop2: detected capacity change from 128 to 64 [ 80.529758][ T3571] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020) [ 80.540489][ T3874] usb 5-1: Using ep0 maxpacket: 32 [ 80.551842][ T23] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 80.570777][ T3617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.575516][ T3571] FAT-fs (loop2): Filesystem has been set read-only [ 80.590893][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.592166][ T3617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.601964][ T23] usb 1-1: config 0 descriptor?? [ 80.620617][ T3617] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 80.630320][ T3571] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020) [ 80.657609][ T3617] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 80.667913][ T3617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.726461][ T3617] usb 2-1: config 0 descriptor?? [ 80.799327][ T23] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 81.051144][ T3874] usb 5-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32 [ 81.090247][ T3874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.139403][ T3874] usb 5-1: Product: syz [ 81.164571][ T3874] usb 5-1: Manufacturer: syz [ 81.197244][ T3874] usb 5-1: SerialNumber: syz [ 81.311683][ T3874] usb 5-1: config 0 descriptor?? [ 81.473739][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.481900][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.544486][ T144] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.557709][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.565718][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.573020][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.580235][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.600553][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.607775][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.616163][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.624119][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0 [ 81.644549][ T3617] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0009/input/input10 [ 81.716714][ T144] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.776617][ T3874] usb 5-1: reset high-speed USB device number 9 using dummy_hcd [ 81.801470][ T3617] microsoft 0003:045E:07DA.0009: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 81.843352][ T3617] usb 2-1: USB disconnect, device number 11 [ 81.863404][ T144] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.011045][ T144] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.222407][ T4160] chnl_net:caif_netlink_parms(): no params data found [ 82.273697][ T4166] loop1: detected capacity change from 0 to 512 [ 82.387678][ T4166] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,min_batch_time=0x0000000000000029,minixdf,,errors=continue. Quota mode: writeback. [ 82.424574][ T4166] ext4 filesystem being mounted at /36/bus supports timestamps until 2038 (0x7fffffff) [ 82.629981][ T4160] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.681206][ T3874] usb 5-1: USB disconnect, device number 9 [ 82.690114][ T4160] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.717626][ T4160] device bridge_slave_0 entered promiscuous mode [ 82.754658][ T4182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.169'. [ 82.773460][ T4160] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.791050][ T4160] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.808446][ T4160] device bridge_slave_1 entered promiscuous mode [ 82.838024][ T4197] loop4: detected capacity change from 0 to 1024 [ 82.876010][ T4160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.910641][ T4160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.997120][ T4160] team0: Port device team_slave_0 added [ 83.017312][ T4160] team0: Port device team_slave_1 added [ 83.056805][ T4160] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.073157][ T4160] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.128193][ T4160] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.141027][ T4160] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.148048][ T4160] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.174457][ T4160] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.494051][ T4160] device hsr_slave_0 entered promiscuous mode [ 83.507533][ T4160] device hsr_slave_1 entered promiscuous mode [ 83.521530][ T26] kauditd_printk_skb: 106 callbacks suppressed [ 83.521543][ T26] audit: type=1800 audit(1724976682.579:556): pid=4207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.171" name="file1" dev="loop4" ino=26 res=0 errno=0 [ 83.590266][ T4160] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.598416][ T4160] Cannot create hsr debugfs directory [ 83.689662][ T4212] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 83.809064][ T4212] loop1: detected capacity change from 0 to 1764 [ 83.895648][ T4218] loop4: detected capacity change from 0 to 128 [ 83.920541][ T3874] Bluetooth: hci3: command 0x0409 tx timeout [ 83.939346][ T4212] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4091629214 (65466067424 ns) > initial count (185248 ns). Using initial count to start timer. [ 83.986102][ T4218] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 83.991640][ T4212] loop1: detected capacity change from 0 to 1024 [ 84.034387][ T4212] EXT4-fs (loop1): test_dummy_encryption requires encrypt feature [ 84.056624][ T26] audit: type=1800 audit(1724976683.319:557): pid=4218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.173" name="bus" dev="loop4" ino=1048649 res=0 errno=0 [ 84.101621][ T4218] loop4: detected capacity change from 128 to 64 [ 84.157257][ T3568] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020) [ 84.184404][ T3568] FAT-fs (loop4): Filesystem has been set read-only [ 84.193118][ T3568] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020) [ 84.315941][ T4224] sch_fq: defrate 0 ignored. [ 84.750975][ T23] gspca_vc032x: reg_r err -71 [ 84.775842][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 84.942636][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.033120][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.109782][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.202362][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.306976][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.312735][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.318110][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.323796][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.329177][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.334861][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.340356][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.355662][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.365039][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.377926][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.385212][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.397146][ T23] gspca_vc032x: I2c Bus Busy Wait 00 [ 85.403227][ T23] gspca_vc032x: Unknown sensor... [ 85.420032][ T23] vc032x: probe of 1-1:0.0 failed with error -22 [ 85.433940][ T23] usb 1-1: USB disconnect, device number 10 [ 85.751912][ T144] device hsr_slave_0 left promiscuous mode [ 85.810819][ T3617] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 85.855396][ T144] device hsr_slave_1 left promiscuous mode [ 85.991811][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 86.070873][ T3617] usb 2-1: Using ep0 maxpacket: 16 [ 86.134123][ T3874] Bluetooth: hci3: command 0x041b tx timeout [ 86.148009][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 86.189482][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 86.199611][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 86.214833][ T144] device bridge_slave_1 left promiscuous mode [ 86.225986][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.241261][ T3617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 86.269546][ T3617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 86.281102][ T3617] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 86.291425][ T3617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.306320][ T3617] usb 2-1: config 0 descriptor?? [ 86.331588][ T144] device bridge_slave_0 left promiscuous mode [ 86.337870][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.388663][ T144] device veth1_macvtap left promiscuous mode [ 86.396522][ T144] device veth0_macvtap left promiscuous mode [ 86.402857][ T144] device veth1_vlan left promiscuous mode [ 86.409085][ T144] device veth0_vlan left promiscuous mode [ 86.684018][ T144] team0 (unregistering): Port device team_slave_1 removed [ 86.700106][ T144] team0 (unregistering): Port device team_slave_0 removed [ 86.735295][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 86.755461][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 86.793361][ T3617] ntrig 0003:1B96:0008.000A: item fetching failed at offset 5/7 [ 86.814439][ T3617] ntrig 0003:1B96:0008.000A: parse failed [ 86.820199][ T3617] ntrig: probe of 0003:1B96:0008.000A failed with error -22 [ 86.885745][ T144] bond0 (unregistering): Released all slaves [ 86.997198][ T3568] syz-executor (3568) used greatest stack depth: 18744 bytes left [ 87.054609][ T4248] udc-core: couldn't find an available UDC or it's busy [ 87.078132][ T4248] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 87.102779][ T3618] usb 2-1: USB disconnect, device number 12 [ 87.164682][ T4160] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.178196][ T4160] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.204434][ T4160] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.230979][ T4260] loop3: detected capacity change from 0 to 128 [ 87.251061][ T4160] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.306744][ T4260] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 87.360708][ T26] audit: type=1800 audit(1724976686.619:558): pid=4260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.183" name="bus" dev="loop3" ino=1048656 res=0 errno=0 [ 87.441303][ T4260] loop3: detected capacity change from 128 to 64 [ 87.543286][ T3569] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020) [ 87.545055][ T4160] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.578549][ T3569] FAT-fs (loop3): Filesystem has been set read-only [ 87.590313][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.604442][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.612526][ T3569] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020) [ 87.616753][ T4160] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.692740][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 87.707910][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 87.764626][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.772038][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.785896][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 87.795421][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 87.810083][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.817200][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.832810][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 87.846074][ T4275] sch_fq: defrate 0 ignored. [ 87.936951][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 87.955331][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 87.967659][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 87.978574][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 87.996400][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 88.009441][ T4287] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 88.013799][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 88.069109][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 88.106273][ T4160] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 88.117436][ T4160] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.129876][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 88.143100][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 88.152094][ T23] Bluetooth: hci3: command 0x040f tx timeout [ 88.158971][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 88.186747][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 88.235154][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 88.510259][ T4264] chnl_net:caif_netlink_parms(): no params data found [ 89.206154][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 89.228935][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 89.339159][ T4160] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.534825][ T3703] Bluetooth: hci0: command 0x0409 tx timeout [ 90.244385][ T1077] Bluetooth: hci3: command 0x0419 tx timeout [ 90.407959][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 90.446892][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 90.472286][ T4327] loop1: detected capacity change from 0 to 1024 [ 90.640795][ T4264] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.679660][ T4264] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.702312][ T4264] device bridge_slave_0 entered promiscuous mode [ 90.742448][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 90.763622][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 90.785161][ T4264] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.820954][ T4264] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.837079][ T4338] loop1: detected capacity change from 0 to 512 [ 90.841527][ T4264] device bridge_slave_1 entered promiscuous mode [ 90.918069][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 90.929980][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 90.942875][ T4338] EXT4-fs (loop1): Unrecognized mount option "seclabel" or missing value [ 90.961811][ T4160] device veth0_vlan entered promiscuous mode [ 91.009977][ T4160] device veth1_vlan entered promiscuous mode [ 91.021371][ T4264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.063611][ T4338] loop1: detected capacity change from 0 to 8 [ 91.070064][ T4338] squashfs: Unknown parameter '0xffffffffffffffff.Qd躧W' [ 91.114434][ T4264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.199433][ T4310] chnl_net:caif_netlink_parms(): no params data found [ 91.407321][ T3572] Bluetooth: hci1: command 0x0409 tx timeout [ 91.440532][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 91.451852][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 91.494519][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 94.714498][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 94.722649][ T3572] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 94.753693][ T1077] Bluetooth: hci0: command 0x041b tx timeout [ 94.773756][ T4264] team0: Port device team_slave_0 added [ 94.800919][ T3614] Bluetooth: hci1: command 0x041b tx timeout [ 94.852742][ T4264] team0: Port device team_slave_1 added [ 94.860169][ T4160] device veth0_macvtap entered promiscuous mode [ 95.634962][ T4372] hub 6-0:1.0: USB hub found [ 95.643120][ T4372] hub 6-0:1.0: 1 port detected [ 95.662335][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 96.205739][ T4310] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.213911][ T4310] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.222536][ T4310] device bridge_slave_0 entered promiscuous mode [ 96.233171][ T4310] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.240311][ T4310] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.248847][ T4310] device bridge_slave_1 entered promiscuous mode [ 96.261579][ T4160] device veth1_macvtap entered promiscuous mode [ 96.307137][ T4376] loop1: detected capacity change from 0 to 128 [ 96.367529][ T4264] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.375212][ T4264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.404525][ T4264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.415721][ T4378] loop0: detected capacity change from 0 to 128 [ 96.444574][ T4264] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.455610][ T4264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.540873][ T4264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.581744][ T144] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.595951][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.608180][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.618618][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.635628][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.646100][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.656817][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.667074][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.677772][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.689508][ T4160] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.704047][ T4310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.718395][ T4376] kvm [4375]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xfe000000a0 [ 96.728907][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 96.747308][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 96.764323][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 96.782228][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 96.789622][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 96.797515][ T1077] Bluetooth: hci0: command 0x040f tx timeout [ 96.860149][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.871092][ T1077] Bluetooth: hci1: command 0x040f tx timeout [ 96.900371][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.913994][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.925378][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.935502][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.947989][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.971027][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.983343][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.002828][ T4160] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.012258][ T4310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.024940][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 97.039095][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 97.098315][ T4310] team0: Port device team_slave_0 added [ 97.131927][ T4264] device hsr_slave_0 entered promiscuous mode [ 97.142871][ T4264] device hsr_slave_1 entered promiscuous mode [ 97.150042][ T4264] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.176465][ T4264] Cannot create hsr debugfs directory [ 97.196752][ T144] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.213072][ T4160] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.222716][ T4160] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.231916][ T4160] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.241930][ T4160] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.276825][ T4310] team0: Port device team_slave_1 added [ 97.357737][ T144] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.387156][ T4310] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.400554][ T4310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.453722][ T4310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.526491][ T144] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.557131][ T4310] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.575535][ T4310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.612365][ T4310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.803703][ T3768] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.823656][ T4310] device hsr_slave_0 entered promiscuous mode [ 97.839374][ T3768] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.881210][ T4310] device hsr_slave_1 entered promiscuous mode [ 97.890217][ T4310] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.906160][ T4310] Cannot create hsr debugfs directory [ 97.926162][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 98.012050][ T144] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.057500][ T1246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.074096][ T1246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.098252][ T144] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.146613][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 98.246926][ T144] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.313122][ T26] audit: type=1326 audit(1724976697.579:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 98.378042][ T144] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.379980][ T26] audit: type=1326 audit(1724976697.579:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 98.531852][ T26] audit: type=1326 audit(1724976697.579:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 98.610481][ T26] audit: type=1326 audit(1724976697.579:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 98.735892][ T26] audit: type=1326 audit(1724976697.579:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 98.796317][ T26] audit: type=1326 audit(1724976697.579:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 98.856105][ T26] audit: type=1326 audit(1724976697.599:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 98.871238][ T3617] Bluetooth: hci0: command 0x0419 tx timeout [ 98.909220][ T26] audit: type=1326 audit(1724976697.599:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 98.960916][ T1077] Bluetooth: hci1: command 0x0419 tx timeout [ 98.987929][ T26] audit: type=1326 audit(1724976697.599:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 99.080573][ T26] audit: type=1326 audit(1724976697.599:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000 [ 99.972497][ T4264] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 100.031642][ T4264] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 100.056092][ T4264] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 100.094003][ T4310] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 100.119859][ T4310] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 100.197709][ T4264] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 100.223356][ T4310] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 100.329574][ T4310] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 100.497676][ T4436] loop1: detected capacity change from 0 to 512 [ 100.577594][ T144] device hsr_slave_0 left promiscuous mode [ 100.589161][ T144] device hsr_slave_1 left promiscuous mode [ 100.598962][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 100.618279][ T4436] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 100.624948][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 100.664305][ T4436] EXT4-fs (loop1): 1 truncate cleaned up [ 100.669962][ T4436] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 100.709320][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 100.738700][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 100.791080][ T144] device bridge_slave_1 left promiscuous mode [ 100.797326][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.833663][ T144] device bridge_slave_0 left promiscuous mode [ 100.839864][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.861880][ T144] device hsr_slave_0 left promiscuous mode [ 100.868293][ T144] device hsr_slave_1 left promiscuous mode [ 100.886055][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 100.896297][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 100.910225][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 100.920199][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 100.933969][ T144] device bridge_slave_1 left promiscuous mode [ 100.945770][ T144] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.959354][ T144] device bridge_slave_0 left promiscuous mode [ 100.970396][ T144] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.998544][ T144] device veth1_macvtap left promiscuous mode [ 101.008116][ T144] device veth0_macvtap left promiscuous mode [ 101.020739][ T144] device veth1_vlan left promiscuous mode [ 101.026534][ T144] device veth0_vlan left promiscuous mode [ 101.044029][ T144] device veth1_macvtap left promiscuous mode [ 101.050057][ T144] device veth0_macvtap left promiscuous mode [ 101.064255][ T144] device veth1_vlan left promiscuous mode [ 101.070067][ T144] device veth0_vlan left promiscuous mode [ 101.458278][ T144] team0 (unregistering): Port device team_slave_1 removed [ 101.483318][ T144] team0 (unregistering): Port device team_slave_0 removed [ 101.498838][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 101.518508][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 101.583964][ T144] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 101.623772][ T144] bond0 (unregistering): Released all slaves [ 101.723943][ T4447] loop0: detected capacity change from 0 to 4096 [ 101.794438][ T4447] NILFS (loop0): invalid segment: Checksum error in segment payload [ 101.829807][ T4447] NILFS (loop0): trying rollback from an earlier position [ 101.897014][ T4447] NILFS (loop0): recovery complete [ 101.907410][ T144] team0 (unregistering): Port device team_slave_1 removed [ 101.924818][ T4448] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 101.945003][ T144] team0 (unregistering): Port device team_slave_0 removed [ 101.975537][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 102.016215][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 102.128105][ T4447] loop_set_status: loop0 () has still dirty pages (nrpages=2) [ 102.171286][ T144] bond0 (unregistering): Released all slaves [ 102.309788][ T4264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.414434][ T4310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.435705][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 102.454676][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 102.501324][ T4264] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.557171][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 102.569767][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 102.632216][ T4310] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.646928][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 102.666819][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 102.837534][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.844689][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.984236][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 103.109379][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 103.225036][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.232159][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.415033][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 103.436532][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 103.451483][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 103.460394][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 103.489447][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.496635][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.508398][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 103.620510][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 103.629237][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 103.671455][ T1212] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.678543][ T1212] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.721952][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 103.731508][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 103.749982][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 103.781456][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 103.813448][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 103.857653][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 103.883824][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 103.928129][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 103.959165][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 103.969764][ T4471] loop1: detected capacity change from 0 to 32768 [ 103.978221][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 104.008131][ T4471] XFS: attr2 mount option is deprecated. [ 104.008906][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 104.076883][ T4264] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 104.130987][ T4471] XFS (loop1): Mounting V5 Filesystem [ 104.148213][ T4264] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 104.172085][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 104.212270][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 104.232438][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 104.312796][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 104.353946][ T4471] XFS (loop1): Ending clean mount [ 104.363334][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 104.389262][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 104.393271][ T4471] XFS (loop1): Quotacheck needed: Please wait. [ 104.417752][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 104.456722][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 104.469043][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 104.479487][ T4471] XFS (loop1): Quotacheck: Done. [ 104.486460][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 104.771145][ T3582] XFS (loop1): Unmounting Filesystem [ 104.896467][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 104.923522][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 104.981276][ T4310] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.998238][ T4264] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.034396][ T4506] loop0: detected capacity change from 0 to 32768 [ 105.055538][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 105.066217][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 105.145958][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 105.177373][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 105.272404][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 105.311150][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 105.361233][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 105.389909][ T4506] jfs: Unrecognized mount option " Z* m.Dc8'@C9G9?9S{1Jլ5 æԌqqY糔" or missing value [ 105.401008][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 105.426815][ T4310] device veth0_vlan entered promiscuous mode [ 105.471655][ T4310] device veth1_vlan entered promiscuous mode [ 105.542961][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 105.562248][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 105.603383][ T4310] device veth0_macvtap entered promiscuous mode [ 105.653168][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 105.662985][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 105.700398][ T4310] device veth1_macvtap entered promiscuous mode [ 105.750169][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 105.781241][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 105.818278][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.860081][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.904122][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.950061][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.994895][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.024858][ T4551] loop0: detected capacity change from 0 to 512 [ 106.045508][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.084284][ T4310] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.120252][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 106.138976][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 106.152787][ T4551] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 106.210025][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 106.227151][ T4551] EXT4-fs (loop0): 1 truncate cleaned up [ 106.250457][ T4551] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 106.269843][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 106.283924][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.319652][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.355042][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.390171][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.401065][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.411857][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.423090][ T4310] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.459831][ T4310] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.489494][ T4310] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.498507][ T4310] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.508560][ T4310] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.671744][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 106.682593][ T4557] loop1: detected capacity change from 0 to 16 [ 106.686948][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 106.721387][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 106.754065][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 106.782724][ T4264] device veth0_vlan entered promiscuous mode [ 106.798139][ T4557] erofs: (device loop1): mounted with root inode @ nid 36. [ 106.807986][ T4557] erofs: (device loop1): find_target_block_classic: corrupted dir block 0 @ nid 36 [ 106.896841][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 106.907572][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 106.940371][ T4560] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 106.963267][ T4264] device veth1_vlan entered promiscuous mode [ 107.039006][ T26] kauditd_printk_skb: 71 callbacks suppressed [ 107.039017][ T26] audit: type=1326 audit(1724976706.299:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 107.151150][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 107.159656][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 107.176333][ T26] audit: type=1326 audit(1724976706.299:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 107.234516][ T4264] device veth0_macvtap entered promiscuous mode [ 107.253510][ T26] audit: type=1326 audit(1724976706.339:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 107.277685][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.322873][ T4264] device veth1_macvtap entered promiscuous mode [ 107.331883][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.373392][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 107.384278][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 107.403897][ T26] audit: type=1326 audit(1724976706.339:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 107.446718][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.487379][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.527695][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.535763][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.576108][ T26] audit: type=1326 audit(1724976706.339:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 107.601990][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.630466][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.661605][ T26] audit: type=1326 audit(1724976706.339:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 107.675585][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.735200][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.758776][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.785457][ T26] audit: type=1326 audit(1724976706.339:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 107.824998][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.855028][ T3703] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 107.890700][ T26] audit: type=1326 audit(1724976706.339:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 107.891910][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.920509][ T26] audit: type=1326 audit(1724976706.349:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 108.076086][ T26] audit: type=1326 audit(1724976706.349:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000 [ 108.582227][ T4264] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.620745][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 108.662128][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 108.680378][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 108.711617][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.753239][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.788392][ T3703] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 108.794320][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.812089][ T4586] loop0: detected capacity change from 0 to 512 [ 108.836019][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.850116][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.863867][ T3703] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 108.865883][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.983915][ T3703] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.002348][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.274160][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.296942][ T3703] usb 2-1: config 0 descriptor?? [ 109.325576][ T4264] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.335709][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 109.342494][ T3703] pwc: Askey VC010 type 2 USB webcam detected. [ 109.353853][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 109.365198][ T4586] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 109.377163][ T4264] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.389986][ T4586] EXT4-fs (loop0): 1 truncate cleaned up [ 109.405404][ T4264] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.415854][ T4586] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 109.473988][ T4264] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.482989][ T4264] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.550645][ T3703] pwc: send_video_command error -71 [ 109.555873][ T3703] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 109.579644][ T3703] Philips webcam: probe of 2-1:0.0 failed with error -71 [ 109.598969][ T3703] usb 2-1: USB disconnect, device number 13 [ 109.710382][ T4596] loop2: detected capacity change from 0 to 16 [ 109.757040][ T4596] erofs: (device loop2): mounted with root inode @ nid 36. [ 109.767950][ T4596] erofs: (device loop2): find_target_block_classic: corrupted dir block 0 @ nid 36 [ 109.857025][ T4589] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.883214][ T3717] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.911367][ T4589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.983123][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 110.004597][ T3717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.078724][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 110.240632][ T3703] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 110.325080][ T4613] loop4: detected capacity change from 0 to 1024 [ 110.636001][ T3703] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 110.658324][ T3703] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 110.682140][ T4631] loop0: detected capacity change from 0 to 164 [ 110.696516][ T4628] loop2: detected capacity change from 0 to 1024 [ 110.703056][ T3703] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.741336][ T3703] usb 2-1: config 0 descriptor?? [ 110.761530][ T144] hfsplus: b-tree write err: -5, ino 3 [ 110.794355][ T3703] pwc: Askey VC010 type 2 USB webcam detected. [ 110.860810][ T3703] pwc: send_video_command error -71 [ 110.868086][ T3703] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 110.908001][ T4635] loop4: detected capacity change from 0 to 512 [ 110.914631][ T3703] Philips webcam: probe of 2-1:0.0 failed with error -71 [ 110.990929][ T3703] usb 2-1: USB disconnect, device number 14 [ 111.026438][ T4635] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 111.143275][ T4635] EXT4-fs (loop4): 1 truncate cleaned up [ 111.188102][ T4635] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none. [ 112.318339][ T26] kauditd_printk_skb: 527 callbacks suppressed [ 112.318352][ T26] audit: type=1326 audit(1724976711.579:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.355982][ T26] audit: type=1326 audit(1724976711.619:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.553398][ T26] audit: type=1326 audit(1724976711.619:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.577109][ T4659] loop2: detected capacity change from 0 to 128 [ 112.597255][ T26] audit: type=1326 audit(1724976711.619:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.597294][ T26] audit: type=1326 audit(1724976711.619:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.597323][ T26] audit: type=1326 audit(1724976711.619:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.597352][ T26] audit: type=1326 audit(1724976711.619:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.597381][ T26] audit: type=1326 audit(1724976711.619:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.597411][ T26] audit: type=1326 audit(1724976711.619:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.597440][ T26] audit: type=1326 audit(1724976711.619:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000 [ 112.612958][ T4660] loop4: detected capacity change from 0 to 512 [ 112.716445][ T4660] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 112.743533][ T4660] EXT4-fs (loop4): invalid journal inode [ 112.743677][ T4660] EXT4-fs (loop4): can't get journal size [ 113.012765][ T4660] EXT4-fs (loop4): 1 truncate cleaned up [ 113.012791][ T4660] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none. [ 113.750325][ T4681] loop1: detected capacity change from 0 to 128 [ 114.157545][ T3617] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 114.711414][ T3617] ================================================================== [ 114.719770][ T3617] BUG: KASAN: use-after-free in hci_ncmd_timeout+0x7c/0x200 [ 114.727078][ T3617] Read of size 8 at addr ffff888015bf40a8 by task kworker/0:4/3617 [ 114.734945][ T3617] [ 114.737251][ T3617] CPU: 0 PID: 3617 Comm: kworker/0:4 Not tainted 5.15.165-syzkaller #0 [ 114.745480][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 114.755512][ T3617] Workqueue: events hci_ncmd_timeout [ 114.760780][ T3617] Call Trace: [ 114.764045][ T3617] [ 114.766956][ T3617] dump_stack_lvl+0x1e3/0x2d0 [ 114.771618][ T3617] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 114.777248][ T3617] ? _printk+0xd1/0x120 [ 114.781395][ T3617] ? __wake_up_klogd+0xcc/0x100 [ 114.786232][ T3617] ? panic+0x860/0x860 [ 114.790280][ T3617] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 114.795717][ T3617] ? bt_err+0x123/0x170 [ 114.799856][ T3617] print_address_description+0x63/0x3b0 [ 114.805396][ T3617] ? hci_ncmd_timeout+0x7c/0x200 [ 114.810327][ T3617] kasan_report+0x16b/0x1c0 [ 114.814816][ T3617] ? hci_ncmd_timeout+0x7c/0x200 [ 114.819740][ T3617] kasan_check_range+0x27e/0x290 [ 114.824665][ T3617] hci_ncmd_timeout+0x7c/0x200 [ 114.829417][ T3617] process_one_work+0x8a1/0x10c0 [ 114.834353][ T3617] ? worker_detach_from_pool+0x260/0x260 [ 114.839971][ T3617] ? _raw_spin_lock_irqsave+0x120/0x120 [ 114.845507][ T3617] ? kthread_data+0x4e/0xc0 [ 114.850009][ T3617] ? wq_worker_running+0x97/0x170 [ 114.855026][ T3617] worker_thread+0xaca/0x1280 [ 114.859713][ T3617] kthread+0x3f6/0x4f0 [ 114.863769][ T3617] ? rcu_lock_release+0x20/0x20 [ 114.868603][ T3617] ? kthread_blkcg+0xd0/0xd0 [ 114.873174][ T3617] ret_from_fork+0x1f/0x30 [ 114.877582][ T3617] [ 114.880578][ T3617] [ 114.882886][ T3617] Allocated by task 3570: [ 114.887187][ T3617] ____kasan_kmalloc+0xba/0xf0 [ 114.891932][ T3617] __kmalloc+0x168/0x300 [ 114.896154][ T3617] hci_alloc_dev_priv+0x23/0x1d60 [ 114.901157][ T3617] vhci_create_device+0x120/0x590 [ 114.906164][ T3617] vhci_write+0x382/0x430 [ 114.910470][ T3617] vfs_write+0xacd/0xe50 [ 114.914689][ T3617] ksys_write+0x1a2/0x2c0 [ 114.918994][ T3617] do_syscall_64+0x3b/0xb0 [ 114.923387][ T3617] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 114.929258][ T3617] [ 114.931562][ T3617] Freed by task 3570: [ 114.935515][ T3617] kasan_set_track+0x4b/0x80 [ 114.940083][ T3617] kasan_set_free_info+0x1f/0x40 [ 114.944996][ T3617] ____kasan_slab_free+0xd8/0x120 [ 114.949994][ T3617] slab_free_freelist_hook+0xdd/0x160 [ 114.955343][ T3617] kfree+0xf1/0x270 [ 114.959125][ T3617] hci_release_dev+0x149e/0x1620 [ 114.964042][ T3617] bt_host_release+0x7f/0x90 [ 114.968606][ T3617] device_release+0x91/0x1c0 [ 114.973173][ T3617] kobject_put+0x224/0x460 [ 114.977567][ T3617] vhci_release+0x7b/0xc0 [ 114.981874][ T3617] __fput+0x3fe/0x8e0 [ 114.985834][ T3617] task_work_run+0x129/0x1a0 [ 114.990399][ T3617] do_exit+0x6a3/0x2480 [ 114.994538][ T3617] do_group_exit+0x144/0x310 [ 114.999103][ T3617] __x64_sys_exit_group+0x3b/0x40 [ 115.004106][ T3617] do_syscall_64+0x3b/0xb0 [ 115.008503][ T3617] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 115.014374][ T3617] [ 115.016677][ T3617] Last potentially related work creation: [ 115.022364][ T3617] kasan_save_stack+0x36/0x60 [ 115.027018][ T3617] kasan_record_aux_stack+0xba/0x100 [ 115.032279][ T3617] insert_work+0x54/0x3e0 [ 115.036585][ T3617] __queue_work+0x963/0xd00 [ 115.041062][ T3617] call_timer_fn+0x16d/0x560 [ 115.045627][ T3617] __run_timers+0x6a8/0x890 [ 115.050105][ T3617] run_timer_softirq+0x63/0xf0 [ 115.054848][ T3617] handle_softirqs+0x3a7/0x930 [ 115.059587][ T3617] __irq_exit_rcu+0x157/0x240 [ 115.064239][ T3617] irq_exit_rcu+0x5/0x20 [ 115.068455][ T3617] sysvec_apic_timer_interrupt+0x91/0xb0 [ 115.074068][ T3617] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 115.080027][ T3617] [ 115.082326][ T3617] Second to last potentially related work creation: [ 115.088883][ T3617] kasan_save_stack+0x36/0x60 [ 115.093539][ T3617] kasan_record_aux_stack+0xba/0x100 [ 115.098802][ T3617] insert_work+0x54/0x3e0 [ 115.103108][ T3617] __queue_work+0x963/0xd00 [ 115.107590][ T3617] queue_work_on+0x14b/0x250 [ 115.112154][ T3617] hci_recv_frame+0x18a/0x1e0 [ 115.116809][ T3617] vhci_write+0x31a/0x430 [ 115.121118][ T3617] vfs_write+0xacd/0xe50 [ 115.125342][ T3617] ksys_write+0x1a2/0x2c0 [ 115.129646][ T3617] do_syscall_64+0x3b/0xb0 [ 115.134039][ T3617] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 115.139909][ T3617] [ 115.142208][ T3617] The buggy address belongs to the object at ffff888015bf4000 [ 115.142208][ T3617] which belongs to the cache kmalloc-8k of size 8192 [ 115.156236][ T3617] The buggy address is located 168 bytes inside of [ 115.156236][ T3617] 8192-byte region [ffff888015bf4000, ffff888015bf6000) [ 115.169572][ T3617] The buggy address belongs to the page: [ 115.175186][ T3617] page:ffffea000056fc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15bf0 [ 115.185312][ T3617] head:ffffea000056fc00 order:3 compound_mapcount:0 compound_pincount:0 [ 115.193610][ T3617] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 115.201576][ T3617] raw: 00fff00000010200 0000000000000000 0000000100000001 ffff888011c42280 [ 115.210136][ T3617] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000 [ 115.218693][ T3617] page dumped because: kasan: bad access detected [ 115.225084][ T3617] page_owner tracks the page as allocated [ 115.230772][ T3617] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3561, ts 38032675983, free_ts 38028161499 [ 115.249148][ T3617] get_page_from_freelist+0x322a/0x33c0 [ 115.254676][ T3617] __alloc_pages+0x272/0x700 [ 115.259243][ T3617] new_slab+0xbb/0x4b0 [ 115.263291][ T3617] ___slab_alloc+0x6f6/0xe10 [ 115.267856][ T3617] kmem_cache_alloc_trace+0x1a0/0x290 [ 115.273205][ T3617] tomoyo_init_log+0x1140/0x1fe0 [ 115.278126][ T3617] tomoyo_supervisor+0x3b8/0x12c0 [ 115.283127][ T3617] tomoyo_env_perm+0x174/0x210 [ 115.287871][ T3617] tomoyo_find_next_domain+0x137e/0x1cf0 [ 115.293480][ T3617] tomoyo_bprm_check_security+0xdb/0x120 [ 115.299089][ T3617] security_bprm_check+0x5f/0xa0 [ 115.304031][ T3617] bprm_execve+0x84e/0x17c0 [ 115.308511][ T3617] do_execveat_common+0x583/0x720 [ 115.313513][ T3617] __x64_sys_execve+0x8e/0xa0 [ 115.318167][ T3617] do_syscall_64+0x3b/0xb0 [ 115.322559][ T3617] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 115.328430][ T3617] page last free stack trace: [ 115.333088][ T3617] free_unref_page_prepare+0xc34/0xcf0 [ 115.338643][ T3617] free_unref_page+0x95/0x2d0 [ 115.343310][ T3617] __unfreeze_partials+0x1b7/0x210 [ 115.348409][ T3617] put_cpu_partial+0x132/0x1a0 [ 115.353150][ T3617] ___cache_free+0xe3/0x100 [ 115.357635][ T3617] qlist_free_all+0x36/0x90 [ 115.362113][ T3617] kasan_quarantine_reduce+0x162/0x180 [ 115.367550][ T3617] __kasan_slab_alloc+0x2f/0xc0 [ 115.372376][ T3617] slab_post_alloc_hook+0x53/0x380 [ 115.377465][ T3617] __kmalloc+0x120/0x300 [ 115.381682][ T3617] tomoyo_realpath_from_path+0xd8/0x5e0 [ 115.387203][ T3617] tomoyo_path_perm+0x273/0x6b0 [ 115.392033][ T3617] security_inode_getattr+0xcf/0x120 [ 115.397298][ T3617] vfs_getattr+0x26/0x360 [ 115.401603][ T3617] vfs_statx+0x18f/0x3b0 [ 115.405820][ T3617] __x64_sys_newfstatat+0x12c/0x1b0 [ 115.410997][ T3617] [ 115.413384][ T3617] Memory state around the buggy address: [ 115.418989][ T3617] ffff888015bf3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 115.427026][ T3617] ffff888015bf4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 115.435063][ T3617] >ffff888015bf4080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 115.443096][ T3617] ^ [ 115.448440][ T3617] ffff888015bf4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 115.456474][ T3617] ffff888015bf4180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 115.464690][ T3617] ================================================================== [ 115.472734][ T3617] Disabling lock debugging due to kernel taint [ 115.500956][ T4693] loop1: detected capacity change from 0 to 128 [ 115.536778][ T3617] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 115.544071][ T3617] CPU: 0 PID: 3617 Comm: kworker/0:4 Tainted: G B 5.15.165-syzkaller #0 [ 115.553678][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 115.563712][ T3617] Workqueue: events hci_ncmd_timeout [ 115.568977][ T3617] Call Trace: [ 115.572231][ T3617] [ 115.575136][ T3617] dump_stack_lvl+0x1e3/0x2d0 [ 115.579790][ T3617] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 115.585407][ T3617] ? panic+0x860/0x860 [ 115.589451][ T3617] ? preempt_schedule_common+0xa6/0xd0 [ 115.594884][ T3617] ? preempt_schedule+0xd9/0xe0 [ 115.599709][ T3617] panic+0x318/0x860 [ 115.603575][ T3617] ? check_panic_on_warn+0x1d/0xa0 [ 115.608659][ T3617] ? fb_is_primary_device+0xd0/0xd0 [ 115.613830][ T3617] ? _raw_spin_unlock_irqrestore+0x128/0x130 [ 115.619782][ T3617] ? _raw_spin_unlock+0x40/0x40 [ 115.624602][ T3617] check_panic_on_warn+0x7e/0xa0 [ 115.629510][ T3617] ? hci_ncmd_timeout+0x7c/0x200 [ 115.634419][ T3617] end_report+0x6d/0xf0 [ 115.638544][ T3617] kasan_report+0x18e/0x1c0 [ 115.643020][ T3617] ? hci_ncmd_timeout+0x7c/0x200 [ 115.647965][ T3617] kasan_check_range+0x27e/0x290 [ 115.652876][ T3617] hci_ncmd_timeout+0x7c/0x200 [ 115.657612][ T3617] process_one_work+0x8a1/0x10c0 [ 115.662526][ T3617] ? worker_detach_from_pool+0x260/0x260 [ 115.668136][ T3617] ? _raw_spin_lock_irqsave+0x120/0x120 [ 115.673650][ T3617] ? kthread_data+0x4e/0xc0 [ 115.678126][ T3617] ? wq_worker_running+0x97/0x170 [ 115.683129][ T3617] worker_thread+0xaca/0x1280 [ 115.687790][ T3617] kthread+0x3f6/0x4f0 [ 115.691983][ T3617] ? rcu_lock_release+0x20/0x20 [ 115.696839][ T3617] ? kthread_blkcg+0xd0/0xd0 [ 115.701399][ T3617] ret_from_fork+0x1f/0x30 [ 115.705791][ T3617] [ 115.708980][ T3617] Kernel Offset: disabled [ 115.717617][ T3617] Rebooting in 86400 seconds..