last executing test programs: 54.367047794s ago: executing program 4 (id=60): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) 53.835514433s ago: executing program 4 (id=62): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000005c0), r0) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000240)={0x30, r1, 0x805, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x2}]}, 0x30}}, 0x0) 53.206775057s ago: executing program 4 (id=65): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0x8, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41905}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 52.027768151s ago: executing program 4 (id=70): mkdirat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) select(0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x20000000, &(0x7f0000000580)='./file0\x00', 0x0, 0x233216, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./control\x00', 0x404, &(0x7f0000000540)={[{@errors_remount}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@grpquota}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) 51.259353178s ago: executing program 2 (id=71): syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1) ioperm(0x0, 0x1, 0x2) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x161c42, 0xb6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) 50.949900434s ago: executing program 4 (id=73): syz_mount_image$vfat(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x90, &(0x7f0000000140)=ANY=[@ANYBLOB='showexec,shortname=winnt,shortname=lower,utf8=1,iocharset=cp865,shortname=win95,uni_xlate=1,shortname=win95,check=strict,shortname=winnt,utf8=0,iocharset=iso8859-5,codepage=874,shortname=mixed,shortname=win95,shortname=mixed,nonumtail=0,shortname=mixed,shortname=mixed,uni_xlate=1,rodir,nnonuni_xlate=1,shortname=win95,shortname=win95,utf8=0,nnonumtail=1,shortname=win95,shortname=win95,nnonumtail=1,uni_xlate=1,nfs=nostale_ro,\x00'/444], 0x6, 0x2d7, &(0x7f0000000340)="$eJzs3T9rJGUYAPBnNrN/1GJTWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2Fe4g4h+cu0rsbCz9BILgB7GxsxRsBTsjBEZmdia7m4ybjWQjmt+vSN688zzzPvPOJJkmT957cXpwP4uHTz//JQaDJDqjfsRREtvRicaTWDL6OgCA/7Kjoojfi5mWwz9/tSJ3sMG6AIDNOef3fy2tPt4rI364utoAgM24e+/tN3f39m6/lWWDuDP98nCcRET5eXZ892F8EJN4EDdjGMcR1YtCN6q3hXJ4pyiKPM1K2/HKND8cl5nTd3+sz7/7W0SVvxPD2K6mTt42qvw39m7vZDML+XlZx7P1+qMy/1YM4/mT5KX8Wy35Me7Fqy8v1H8jhvHT+/FRTOJ+VcQ8/4udLHu9+OaPz94pyyvzk/xw3K/i5oqtZvH8iu8RAAAAAAAAAAAAAAAAAAAAAAD/Pzfq3jn9qPr3lFN1/52t4/KLbmSNeX+fDzt50x8oaU407w8UnaIo8iK+bfrr3MyyrKgD5/190nghrRsLAgAAAAAAAAAAAAAAAAAAwDX3+JNPD/YnkwePLmXQdANII+LPuxH/9DyjhZmXYnVwv15zfzLp1MPlmHRxJraamCRiZRnlRVzStpw3eOZMzfXgu+/PBidPZjcujbYTDs5ftNu+1gUHH3dn+9ga0zxdB/tJ+x72T4oflDcuTt+4XrSv3o1TM72/q7B5FNe7nF7roeGFt6X3XDXIV8REsur74rVfZ2UvXMVSTK/a1db0bj1YSD/1bKz1PMdgln72Z0WiWwcAAAAAAAAAAAAAAAAAAGzU/K9/Ww4+XZnaKfobKwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArtT8//+vM0iXk9fI6sWjx//WtQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9/BUAAP//gxtVEw==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000400)='\b', 0x1}, {&(0x7f0000000040)="000000070020ac", 0x7}], 0x2}, 0x40) setfsgid(0xee01) mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x6) faccessat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) recvfrom$l2tp(r1, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETTXFILTER(r2, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB="2e42000c371303ed6a33f2ff8689b3f60e"]) ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000940)=ANY=[@ANYBLOB="01000000ec0f8b67ad50691a6745c9f364a0df22bca993950361ec2ef0f083b2e729cf17e5ee0bc1d6601503f63e719937b29d65ff547bdbc6c9f9b685faaf154c338699bb5cba75def41d6ed0bb206677cf3f2e4d4467de28734496cc4e3c213f54ba745df1a63ab3662bf370da274991e5c45de7699bd88ff9a02b1adcfb7666d5e0fd0d4edeb7159d3698b2fc958bd87c5b834e967a03ae698aa02cd56c05bee0ca5d5ea7c31cdae8d2ee387ed338eb9440d4f6f94f095703ffac4b24e1ab50"]) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="1e000000ff000000730c00000800000008400000", @ANYRES32, @ANYBLOB="d100000000000000000000060000000080000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000050000000300"/28], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)="561a173ca509c0e6d83344457ddb287f97da7e514493b37c734b7a8c1c5f259e9e7f728c584dda1b85b60c2192faf3b8d2a41d3ab5", &(0x7f0000001600), 0x1, r3}, 0x38) bpf$BPF_GET_PROG_INFO(0x4, &(0x7f0000000340)={r3, 0xe0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x6f) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000000000b079f03a27f005e8cd8c21af96c12bbb7f6600000000000000000000010902240001000000000904000001030000000921000000012207000905810300000000005e85d680d8567c17cee9e9985f6f91b8018be49c478a3060d35c9ac85789b641827efee4cb252e0f1a7a3b5c037a1290f064c3e6ce8bc37eea2e4d5eaafb19213a2ee91b282c82245ecd0add48b6cd40d50f79fa38c373ba478b9a071f120aba68bc5fcd1181d49fbaf87b19f48a592d35e61cbad53cd95b4bf8a53917cdaa41aace863acb1e67dd1e54398b416ec71dde7a311411c00d9e2eef7b3a371202a749ce037933c7ab674a895e1466062b9edb70b2e8b98c1d7f7c45f9869e592811b3d889ce2f37025990059d327bae85031974ba331576a63e3db5350882cd86a140a0938950378bed5ae38ab2bbc1ce5347405562f304f905f5fe"], 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) pselect6(0x40, &(0x7f00000000c0)={0x3f, 0x0, 0x0, 0x0, 0x4, 0x0, 0xed98}, 0x0, &(0x7f0000000180)={0x5, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffc}, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3800003, 0x12, 0xffffffffffffffff, 0x6e78a000) mbind(&(0x7f000017f000/0x2000)=nil, 0x2000, 0x8000, 0x0, 0x0, 0x2) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6(0x10, 0x2, 0x4) 49.856150429s ago: executing program 4 (id=76): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3) io_setup(0x6, &(0x7f0000001380)=0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) 49.692388474s ago: executing program 2 (id=77): syz_emit_ethernet(0x5a, &(0x7f0000000040)={@broadcast, @multicast, @void, {@llc={0x4, {@snap={0xaa, 0xab, "9f8f", "fbd413", 0xc, "18c9edc6f5f6c6e5a258d1bed3d49e4741ee3afab7c79ace41b819016c77434c38c8ce2395d0ebc7e1d2cc2a7fddc2f7fc2be8636969cbb8a30b59433815223e8e7dea"}}}}}, 0x0) 48.775314233s ago: executing program 32 (id=76): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3) io_setup(0x6, &(0x7f0000001380)=0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) 48.680286999s ago: executing program 2 (id=81): r0 = userfaultfd(0x1) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080408037c09e8fe55a10a0015400200142603600e122f00160006000600a8000600200005400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) 48.185954655s ago: executing program 2 (id=83): mkdirat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) select(0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x20000000, &(0x7f0000000580)='./file0\x00', 0x0, 0x233216, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./control\x00', 0x404, &(0x7f0000000540)={[{@errors_remount}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@grpquota}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) 46.851926756s ago: executing program 2 (id=87): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r0], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x4040010) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, 0x0) pipe2(0x0, 0x84800) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000680), 0x42, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="640000001900010000000000000000001d0109004d0011806ba69c345acd7ebc1a62ccb8db5baee4fb5e0741f50d4b05622dd929149e0f2c26a620fa2ac0b2f3e589aaa039e1de630e9777de28df6652a43c107c68307a5a0c3d7cedb1e2deb0ad8fc434127a1c39a6c66da7faec1d9dc12953e814dd3094d4bcf17160ff05d5c4a31fcd17633f5180a22cf29f6a897b824dc722af12245cf06639c3cc6a2f422600bb219d663b2170ef1557567665404dd47a681a4e8ca22b5f9de0b831bfab3106c60d86189a336707ab289a5b2aef69f1a967bd1a50d135a16ad185"], 0x64}}, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) lremovexattr(&(0x7f00000006c0)='./file0\x00', &(0x7f00000006c0)=ANY=[]) read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f0000001140)={0x50, 0x0, r4, {0x7, 0x26, 0x2, 0x14, 0xfffe}}, 0x50) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0) syz_fuse_handle_req(r2, &(0x7f000000c680)="1cb93735169674ab14940b0ea7d620ac109230a351b270f991f70d0269180d859141a46d60ffbe9e1465fa57c377c8fd32f9784ce31ef4796ee2ecadc06d1f66453a8ec8d5b3f3e870009bc07f435252460427d29d5aaec6893e15d91c0d1d140efea7f0fb2da0dd5ab7f183cd77b0c5a48f12f0baff61f97dbf0f99910580e694931a8b5ad2f3765acfe411329349374cd9f861dab2704603eb8e15712bfdb3abfac9765a3f287039215e58e57f038c294011d75624d3d5d61b35e624c769d9b938f1acfa4d559edc86a7bf14e9e000123fbda520c63b3e24188e31f3d1bb8ce76148e62f9bf873a184907fcbd89cc750936dcd775aea9283038ffe15aeaf0abb807d9b7275c34ec0ded259a04fb7a82b4ab549b35fd2ef978e92a331bbdaddd3bdcbf1ea87ce4fe54b45a6a9d2da904b57462f5dae299b2880f5a1dc8ac7dba3b3b87cf5ffa1f94d9de656bc25eac87b8d7c435ad80dc69f1f354bdf4a9fe5801f6790ac24fde94e42d6155e007079e41b9cf5c2035b2ec0ec258dd972947f517d6c82c366e2b27b18edd52e23530559362a38f6530e54f854f8723dc7b0428ba5efe6faa170ed4b15606dd1a38644189d78d695e8ad046f900df8a405b4082a1f075ee5bb6dc3f13af71db2c763fb2dfa81bad5084ce019c7aedf7de86ccc07e2dae6a134dfb89e2be0da93e66a076c063abad0200f3728c0b1a383ede4ec7207d13f7c10d39e0da6572c8b8b9d08000000412d6fdc90949e52e8505f23d1c4d5475b2909fd0340b1c1b8be8ef69da6d11a3235742ac8ab886239b21aa6268d3c5c2ca227403f55ba517881ba0352234bde59de8602541fd33db5b9e0b10681b3c392d9ce83215acf51641df49e2960b1c3b8431d1d8ee15b44402e6b8501bb8989fdf581a26f94ba44e805a270c779c9ca4fa1b7df509567c5ae434d899940e8ffffebe93c7f54941578b5901af746b3778d40a868f92b60ee7c7befb89443c08e730335c608bc6113db7055ca59973c0fc15d46b4ea8201d4882333adf78e4886db8dc87fa6b0fed8e173c61fb9a50044b598127ae3a42c41510690991601367d94f9f990485987189623877a0d2d84de27634fe5aaba438d7bf3f465574f8d25808e830eb8163b5d67d130603511827b68216447211bcfe3b4897a1adefeeeb749cd2ee8cc4d3c082d114fe1f6bafb09d4868dbac343e4b9662630c4bfd3a0e651cfa1d4c233f22ddd057189dd5136fd76f2abbe1bb0ed4f5f98fcddcb6d42a2ae3f116d02da2701ed1308fcd15901b8e6ac1e1ccaf0895b2173cc7d137b3246bf4f42b02dee7bbd82d32d160527bd2b5ad7f9b0dc9e8adff5c355759b17ae4324b13e92b73b02764d7deb689db0dfb551775f6486f5e1eeed4d05d51cd604bed2283ff92f036fd602ac7739072eb8807c2e9b1c77fba97016a92408ab5e95e63e5708ffc6f9049a13f58cd5b1b4790c137da7fd00d86680bd9cd790a42d34e2c3e2d112d7e5b2613f4257f09252d048fa89da63277fc51bda503efd6818eb681c9c011de64dfcaa769af48187e539a9886adc65108dfedf8b1bf63b53fe8b3a85e45a2bc86a9a1145f2c447603859e213c0ab32686085db7d3d29434eb299922680f0aeffcd71a60ded8f99849c8774d7236ad9188b3d61b407b92e8a0db52e5b0eec5e71854102dcdb761fa05e5a8b24465196d0012b317762853498b8eb5004285b1a0b88cc6701f5ba04ec4cda668641cfcd74127f42a5b902ed232639ddaad219cff9413ac9f38fbecd4ee6a153608a07908f96c81d195035117aef2db86c666b1b710b112126a7c31b4e5fd62227e6c0012b26e8811502ad20187143ed104943b0b961ec41f112663028e03cf63f0a97bc94d8b93b8473f04e7edad8abd6c30880142658a68fa070f8a3685ca1012f17e5c1138f4eb007340a83bd62cda281fa24bf98a6950313950469d7dcb39ed5ca04e60bf715053a571b96ee5ed97097ce6348a4bdedadae9d5f54d12d01b48bc812caceb0253087086e987354d041050b372654936b7203e8b0e985178ab4e8c9b0a1563fa8290d9f36f34145ab5ac61a13cac22e0937e8ec6285cfb56142b0e777caf9d72b00fdd385712fee89a698aed2a79b136c55adb5d34625df2089c9efe4bf839d5b3cc00cd148802c60a2a23a357e0a544af147663a38371b878f651647b9fcea06e47b1c5e32fca2fad46579773c2d9d35fe016b4ad0f82794646fadcaa59b50d98ff6e783072c9f0f1e7f04c7bf04aebbe7fbadf87c375b54da72df7f7cbd976f4fb3a81c56384e9af80a2fdddfc6ada2443ddce6bffcc9764b4a7ffbfd25186331dba33a319ebaa0956fe8a1e9986c37585c2ae96d673759624bfaf6e30ec0983debab067740394a9eb5a9ae5fc77826c024098f53d11cdc3a1e6b1cc425341f86683f3cae75bf9d6f0f14911a3b68849aed54006e4c23586c05f882744f9dab46602b3b151e61dce2335ee6443b9fe51990965722f9a4c5ad1172c75ee4fcc8740fdc40e1fc543b2f7528616901857a36b3e0ad2fa20c51a7f3390b36aa3ccbad767bfff2238720b0eb8022d08663ecfc9f8009ab0d63293ca432ed89bc7042ee00ee8e710ad5d2677e3ea60ce06443694dc33669a87fff992610935e8821c80b1c0c27e7a9efc8bb458d518b8ddfbd1613cff77b2d5b7580b80b5a04c748c3a5f15df45802e9dabf8efa395ce9670976980bcb1a6d94faab2d2c7c7aa3d3f0ab49aba9c446120e1c6acc0f1d3cb44f38ade34e6ed3e13b79b59b6ac1ef15292ef42f8c4cb69fbe5d35432ab46aba37321c6da8138b285e723a14fa9c12516dbff109ebeecc2594ef3a694127323c4a59e4bf800c42201568aa4529b4f461cf6d21fe2fca76c9e6cbb848981bf14f6fcb5cc0c5c5f8860923f826c9b8a8a9ae88d5e9d3ee744e6718c10703ce64b373b49ad801cea885cad097624a1ba7b264e9cf24f23999970ac1eb77da889d28c6f0a4d434b4502b5e9c5762fe2aaa3ba104761f0cb7960921a2d45b8e9eb2d213107256455f03317f2ed18d474d7694c439337202f41d2830dbf9304888a2fd46c401002eec7f964e496c59a0d4acc3f7005e1b13f7ba7db379aff4eb80295ebaec584127e0209bed80fcea48cdb4ab0403e1c93a87bd6dda45a9927b316f9159660adaee89162cea09dc304050cdceeb12d5569e46ce2cbdcd5adcfd92094aaacae9db7752262687dfea314d4fe7ca7a3604ea36c0468dbecb1158a5f02d1b22f476b05201e652040437d50dbd5010d6d80b986f3b8595f61838894105202d439cdcd5581f12cdba6d10447c536c10fad3e0d5ee202f8468fd2e7da786ba8dcbf4802647ebdd5f441b33b2d5be85659dd6cde4b531088c5ad4c4b8ccffaf257255e4234fafc3e8b015dcdf9238da7e80898b724869e723e16baef45ecdb1629064ba3c1d0f584764d50ee7b905f8e5eb47b39eae39c152fecc8813658039f02c45c49485bc76ba16d989425274a2f26ad6f98029d1d0e856320d4d76d5ac72c218d2d84467e233ee93510397427933364bc4ff32f072f0eb7903158d2ab8d744831ea1710bdbc8d7ebf9d756a166f9f5f37593a0bd643442f2abfa4e89043703271a535809a2820773667b1a94055749162302fd08a0a5af3a47618978788742f245b3acfb63e308302c322653578eec35a6c7c42544a6bdf5d6526bae90b76ade9360e2314044ec124358329be78afaedf3aff1bdb5c32afc64cccec60ef430f99693aaaeb811af52fa8e7075a85ead483fb712c3fd2a00721de0aef7ec4e331a628d40f1efb2f379cdf90f057f154b6088ac75b6a762094f4ce86f562ebed58f1ce853ff6420ee552f873d0fbcdbf4a264d14b1bc5985ceb3518e10546b502dd2d3edf2c02501628c0549aed6a71abf58ad4cd628f120ee8c3998b393fc0f74788f3ecb287c13a58d2a4ea39eeafd8a29f32992b898e4287dfe5587f0020e64d359d74c05851b43fddf3c70335093ae4f154da16767cc7b006e1ad89265fbe54f1128b13348aae8c6a88b25747639a1849e3fa7a2721b1630c2ac52f9d0259d6111d19eb4bcc85a82624a153780aed6ec8c92129beff10fd6be84860b70a7e709d45b0d70fbac862d2728a1ed7e4cc3c9205ce3043ae2ae8dc3b9491a3ecfb891e98d62491b79811b699341a07e62213f050ad6f7557b022f6757fc9934b0acc87cf985316eb7e3d0221a6f4bbcb94a274d1195c8bbef5b30efb86ed342e30d9c6b3800f0476ae39cbc751bc83c73f8d4f76a8c64fe4bbc41c1e224b4ffbd56532a7e425a9f4e71ccf7c9e831e2b08abe6362cad04868dc36b372423291bf59c3624ee10e5a068cbca3259fb716af7e0cd5e6e44a8ae84c28c53c97475f7210dbd36bbbd49650f18b39d2427bc5daa83532402fe042004b2a2f7b36a2f8be7b9babaefd643ff0cab3a62cb2b2992f6ce6ab1db7e1f8ebf30a275ada68a7c3b07c221d2c3abc5737779857c4eb70020a1739b4d517dbff410c35ceb02a51ad711f03e0131144cdf561a028fec209022a151e3bd1bcb4eac6e642247c4d171c4b573d281eeb46269f37a291067538d38fe7b788d4e1640e8e309d0e8b5e9ecc42b351f7fd26e3b11f0427f712f4ce2767090d8777e3a05e8cb1979be3d0ab6e1a21b8f679779425d89be2b24a1619b5b5e12a75e8b87b34334043ed3cc42f3bb2493393691cef3dcbc4aa947e0fe1ebd596d8240b3a8428b9ee4ab37a0b17348241fad8a7194bed64517274033e521edace18a994bcf584dd2b23fd764e7b4a433763fd68abf3f78d6568c31a219072e86eb53e678648586ec9192e2cb4b0fe02b6bde7233d0d4cd9c246978e3afc460245c9c38493f72767959270fa2ae765412b4ffaf82dc2b4b5f9876b33266403221f4eab92852c6afeb81e0312dee796733be6bce09e850f7d3930575c0cfbfe08d7e94fc40edc55fd4dbc389c871d2fed6432c509c09dfa3ba5594eebf9ab5295631044fc3809823ed2cd610141c486b940867fd0935d2179e644d93c6232cc9d1f3c8ffdcee296554fe3ef5b7ed6c67e32eabfb747605f04656ab338f97d7962ff6ad96c14fc3a6eab8d1977c0e2ff7840dee914429567b56653567ba67f001989ac774da564f83f2643972902fba861f54c6af423fb7751c4f51c3f58fef608a69a3eddb104d02e40e7ab05bbd0ea465aad963cc18cd51511eea8e533643efae8ada221ae2549759efeddeeedad1d11e5a185981ae4f8b29177d4eccff58f9a836b6feb3a3e0ddee574ce0e2bd4df9ecdbe3c1fc285f71e94e4c0b5bbfe448d1e59ae9ee97a881994940acff3c01c7a2af5158a706603cd95a571141c892747271917dcd5bfeef6616409794da71c719953235641060ef3ef0bbc330a43fe9bd77c683c857e2407bc1ab126437e8e23da475b6b43f581cdf7d0fa54945256ae35cbbfa11b55fe8f9163f611d7c5c02cc4f757f04fc61b3e9692901e45f85a0885c856ccb49122195d02472727149931c28025eed1db3d9411e89dbd42b8a1999c6b35237f583ec7a5b231d05e94a14f4c3a034bbcfec0a4d8e565baf7a7b6811e7ea8d0c0fa36b35fc558b3fc77f670e5b144cb7d9b99aaf803021c30fc77eb3a8f36329dafc223d69eee23581a38c70e70d41bef31cb6347b89eefaeaebd4e540c25c2582af4b037c3118576aa010b3af57cdb9c26544a603c1235bc49c26233fe79b981a7cda950069fabfb71da52871201459f9a75e88ddca73fdd40c92bc044f5b882abf4c701e22e8b1aa0b73a82846cf6c194fb6d481366be124187661d2a1b5a4799e2cf7a306d7171b43fbad10ac5703f158193e8e05fffbd2a5b333d09f39009d204fe0bf7a3e1d2cca1aa9ef598ea29d61b186e263eb969f3b1b86e528de4d168208d77f1340c841936e4744c127c93de6c942258fb2b5dd807a0aa15961847f76d7c21e26d36ade71ff7600792fb7638afad16b6410f22fc91702d6cfefa2075dacfee8f3c0507e96e6d27a5836a3e14f654acfe89c8804442df613d4e9510bf501c5af2be4ab099f000000a38f74f3d30069ee0a844e9a5a4e9a8ed272b00e5abe3494e1affe2d96bb813b99694ade70d4b739d796b5d4bdad304bcef96ea0c54c83e79ca99abd2a7da896f2dd5842113467149ae8ff142d36a7e3ebbb26b32a49bb05b578874fb448a0aa8fb56d3f8d7ab301e0bf307f2599d96d9abe496606034a608c5f3f9b82abe35c1588926f7322e684dedc7231f4c8237f8179bffc9cdc1ea5336285e6257486eeab77ca0268d3dd2826dfe08187ac2e12df4cca80215e5ee6335f40ec1f0a32ef7ffa5bfb6c4479c9841fcaf6ddd6813cc3e53f0435bd0c56e09fca87c4c8ecdb972fad85cc902c26cdc97495ac32cdbc39d5f1964890b83e15428f1b0ada5e2671a038694cb09e185e09fdbe79494ccd0269a9afda8a4c69a8093f64b5a5bfc6ab4964749fc343470ae30fe0f584b79da521ade9202ec7d3f00b113ec3b7971c1fb43a31fcebce32329f26ccd582e848a6a68cb010cbf7cc5840ecc13888fb44090efa0d4ec26338df4b78f1497400bd4fb8278d53e7735b5f689cfaf2236ee50056c298c18e2e09adfd7d61843455efd0beb0d83fdf3b353bb25da99dd5ec3bf6e34b61b14056bcd22a058cbe3d79c9e95987775a42c53542646ee580827fd3c6131d69b922fb7e35131ebb2a3d36fd0928eab58a0ee2da7a0b022de17476bc5749cb67e382d38f5eb81edec88d098049de746fad95cd12f010ef0447620f4e3743774bf7cd102e15d861b5ee74b9d026e8a0b19803132912307462ce6c7915e50540799e7d92a915a7f23325062355ad7ec3bcab42a492607c713cc467aa99cb9b3581d27139bdd4b5ba3d236fc0256d9e73ddc170dea2329b8e3051241d439640345f23c0da518b8dd4ce7137b691ff8a4a947799aa09ded05ec727428db1832b9697620b214bf1153d5aa7236f3ddf6ff687e54475cbb347baa8df2cca47cc2801c20ca7f3d61e3ac78adf44b8d7f71c9676aa6d450c355979bad55ee8087f569815f10e44a5f572e4947e59ef19910f79246d048288dd74afa1660e9a4c859b975dd77093c1b6ec3cf7f604f4f73617456744012707f1e49f443c4f7bb5f714e1b3438abdf4f2d09276b17674ef9b01c498aa55b3448d56c480c0206438ca81e40cf611cc9749dc2652384fa83cfb250a7536abd37248e02fb6fc12e2ba855b04904dd868725cd5111e6e9223e46ebc317d128bb04f0064d0c518829632c6a607bf8d5f883dab3059077a9df220ad40f00fea6f29835bcbf28a7330fe61db63ffe957bae0b4eceeb1544cdfe032d33015b6c62adf1156025401113e408ef119a0f272b476a76bd913902ac77571ee59d9118d03744c160bfb0013da89c2e6f12ae5390ea62557ae4ac32ed51b38c0a6e4ecfc6569a30e916cd6b7ed3fef6f54a83ab29b0d2f855bd633d6bcfd6a0b3574d73c12a6ce741395dacde240eadb8178f7a89abef931f7705d82b518650f7f8b3cf608c0ff5861b613f830493a02b96a7ebaa5d4e858ac12efbef71d6e60b4376e1ad9eb47a34b0a08c7af0cff86c68ceef70a3a322b67bef84406922c99f9cbb1251beb59834bd959807de05a28e508294b23bac527611abf39d152bc1a6658a0c2a0899b6d20922773f4b3d725edb98e8c7c183f2a4dff18919685abe09f20aa2bfb4c40305e2a75bbf678abcd08b2e728ffe7b3c711407770d264ae2d64f761635156a942f90a64b5480a0bb222b9fcd26855ffdaebd96d38c96c884c3086a17fe31784f5b6757206bb879e63573e47f71eb05bb94cec13f9272a1f5f66dc8d7e2867c0774004b560a103c9930cf7807e30e9c4083b9e751e86ba370671f82265eea7f452abb146bb6abe98bca7947c4a3aaeb5713cf5346ce84adb4a7cddd7823d2eb25d074e78fd5843a20af8120edead9aa234df43010dbba74216cc2ed1f01e112c16caacfb47bfbb8a407bad0e3be20fde2915c18acff56d7c5bec7eb27ffe67471cece1dbe09d0a1d3eff734eb18f38d2779472cb771c30aefc3062f03a60ee611f5a04fb2a73510a07e42f6d83946ea816427c9808dedbe668fe86c473d84fe71898d658fa06042b54342385c1eb8e02d99c008402a768b84ca232a36cfcebb0cbcc764c9d362b47ec4b19dd5b5f980473a70ac251e6ed5ace780e0471d630075d0d4dfd523ab61b38ff584f42f5cfd2998bd12e7cd512f2236c1e8584f27dffcf043cb150a848a029305731300b13fea29d6ee01bd7a37f3fa19491e2b4debc47de13ad22acd8b930f2b68f738f4db30d333b2434fbc24fd87ed04f21857c0fb6cab910e34da582c48ec4d66cae18432387272eb06024ca09ccb7a317fce2683fdf28babb19306f35c66a385853e7bff42edb9fd2fd0c6bd2756d8e289dd6db1e829c397a841bb775891e5afa74921ac8de524802bc9feb04d295d7896fedf1f4ef9bfd16e93903cc7028d1e82d9e7648335710294dc31f91acd5e6264a86fc236bc47478b57f8ea50531bf1f843b15fecae407e323e20be70cf644d9a8a0c9629d1cc5b9c991bb6280603704598af7189d85bed0b7e8e3803061bca0989e12cca4f0867787e1c414dc69f0eddaf257eba971747abc3194d0afd1d615489009b5170f749ba37506d67de88baf920f970933f20dd44ccb37200c8035b7da50e5f411e99cc538c4555ccffe4e7f0a49844a5440d8969e85abf4bcb129c513a26beed5cde3996ef8e1729d4802dec5b154a5351495a205f57aeb129dec76860645c743a7d9f816a01663e4844c3cc33f0bbb6183aaf521c73283a35b0e780ca0a8e474d99908bd46e067b2e0d137984d1707b67a6bf2836595f04a23a7d04f75bb622a0e37ad346b011e05fb86765e1dfe9095363c90a9647cbe08f56b1f0ee65a6f02c60e7b352ee910f45f7cea65a8a40bdf3625a494b0f9bae845d4105440a390eff67fc5d5e23c18a4b523a82f9b77afcd28f32edf3f2d67477fd5ecd88abd2362f50faba6041ddfe98d2d36ae4c03b0bfda615b89fd447fe5825962df996da4563145478a680437795cc22a87adea71c5406672d82ae7c27a558341fc0a198987059080de3eaedc4beee235d81245085db5e9ba3ced3782072f2bb7bc82f932b8e237417bbf256da2a1117ce33a13790367dcd4bb6578943334a6d1b8d2f5d5757167f79aa38bc0477ac7bd914fc4300ca389f92c884fac1f56f8cd19008df72f70358523f39b5b5a837bfbb80f6ae93ecae035b99f3d768c9323244c3a3b812dcfb0c0ac60d906dd62f0e0b128ae39c14bc9cb1b2033bb856b03e9c63945a6a7dc4d0fde987c6ae2ba2d01aecb89d6e8ff20cd88f574e9ed8adb6e2f2bbee37341a1a9ad6de53399069e5a28ee8988086ad9338db1ec2ad62e66d5d777afa1cd85932aec4460c5e01d87b3ecd7b10b2a1501fc306de8349935fc5bc899798e614bb8ed539d3fc32b6b425d3354f6c2fbfc004db2730f5ead22032ac6e2c75c18d1508c2f43c4b56a92debdc6538b2c24c5b6830db2df32edd759ebccc92e25629f2d149910c1489382b3b01b3c1d4a154e08067d469748727140db20fc3d99fdef3cf8f20dfbedf52134bd7f6ea5c20cc5133b7a9edfadf947fa0201fdd7ad9018c2f6d6d00322fad8cfe76458f69d05d7c4d187dee47d61ec02fc805a0c22125b538611fb88e59c56a39c36dd40fb2113cfd1747388c78d8a8a7d77692eb4e41fad5438891379e574003a8b2dbc5419afd24b0d292ced290426ac40825d8c4f17e50e6176a103a45007ae278e838ed8f22a27dae6ff490bb42ddbf38f67a001aadad6df6d868ce9bcdd2bf7404946b75579972d8104874301571ae8f17758b80ba72652cf53f9ebda59b277ca928736792cda8974c3a938c4f5be5634f8e25e690d41eb12ea588eb001e099b73af366c811053f81d33b9d16c4b0bb34c6a44fa6cfe6442c22e33754a718eda5049b4ee6a979e52a90021c20d9f04078a05ea443078ffaa00b814f0bc3dd3c1576da146cec7d5b4e643756a0a987b95a2d6c0e6dcf5f75139f2bf829aa6c4c458a19c69c55800f61a7a73c9424bd9cc3d4706c5798f3c50fcfe34b0885428de1536c7ec45567f47500a00d09984d75c7afe924ca707fabe730266fa839cde86c352b6b250108bf5750e10338b5dca67d664fa0217762cb54567317c52b0c57b623bc8858fe270513b49d8ee15b7f08717a80eb6f93332fd180132752b03029266b5f0ccaa3191fea39a3c7bf77e196084022f75f663dafd446838d8b0bca7a12459c3f1eb665a27f44ffa6df74f704b2f7c1a0d0f3815a548ad0063b7f6dfbb5021c6d9f73d9bca9dffa95fbdda043cba5c5245bc61442dad3f959a9f690a76a3bd87a4181858e1d97f8ba0a51c4c4d6a443ba16734ca50c5c119d38040a688ade88090294488e0a4f9cc97052a42b4286e03580921391a4bdc92a450a8740648ee48441bb2b37f898fa78dcf0fca56c64b5c1e99bf85d8f6591f62a176532e111cf7b2a9ff4fbb77bce7d12446fab2868563e3bf7767b481fdd6b8eb62c46d4324a6f4d76afecdfce3ce718ffb63a130a3d6c5ba30b513200dea2b48d9b0266feca97a8a1a0ab79419e792f00d7bfacb5445237f17eff1e334557f49b6b71fda941ccd13646aa356030406bb7020bc359fdf1b9b6e3e6a7068700fefa5ce97c0bb0cc48f64650ad4d76ab5fedf6378d3c39969a79fd4e7f5318bf8aba34d43bae032e319db2262c3362a95a898f47e15ea1a08c47c1066258340f7ebb0df98b7bf4e98afdb878c8f093654451f1b06c252d6eb27b7a721e0d6bbda260921ccca02b233c0f8db39d260dd4ed23479cb63ea35071bf177a9b2fef9b2264a957d3d873229048100cfdbb5dbaa09663aabcfad76cd0aaaf55a35fb763a2cfe1337f99d5aed72ebc864b2b6ae6f1d1430e9941b00fc5b46a25ec7fdb458065757ee9fd2f07dddb4ff3813c50f8878b628abf86d5e379a9d035dda0b047b2fde844f5d82169543fb1d65000367e0dd142e9d74d49634334029a01a878f66b770eb82f80e255efe0bbf69b4594695c7e03ce64fdce430b7cce854ad675c85c90161da3ed490339b399e788231ad8366c503d145ea563956f4c866db0c1edb54b61ff148376c0bff14c1cc4dd0b570c0399f6cee4b24ca6b38992cce28c38235218a2679a42a45ec291c587ea51516887977fb6cb7ecab1d78fb9e5d2f74e341194eafaede62980fb17938996ddee1d680e5996beabfeed894404da001939baa4402827b546fb24ba60ce5540eac060441455aff17811a79c7dc6f2cbf1eb62bde7f8b8357d0be1e29fbe18a3d538df5812337a0fecbe439c8e0100836da588b1ab1ec38b22a811ad4b165c60cbbbfaf52d6bc5343a17161b22bd97d9f320e2683d9090f522b122c36ced3ef9fb32edf779e749f7f8806acd2f9476e4ab2848c6e950a4c8334fc3d300", 0x2000, &(0x7f0000000200)={&(0x7f0000000180)={0x50, 0x0, 0x0, {0x7, 0x24}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000140)=[@in6={0xa, 0x4e21, 0x9, @private0, 0x10000}]}, &(0x7f0000000080)=0xc) sendmsg$inet(r5, &(0x7f00000005c0)={&(0x7f00000000c0)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000100)="e6", 0x1}], 0x1}, 0x20084844) 46.199691378s ago: executing program 2 (id=88): syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) sendmsg$NL80211_CMD_SET_KEY(r2, 0x0, 0x4810) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 45.242186503s ago: executing program 33 (id=88): syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) sendmsg$NL80211_CMD_SET_KEY(r2, 0x0, 0x4810) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 27.093946172s ago: executing program 1 (id=130): socket$tipc(0x1e, 0x5, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYRES8, @ANYRES64, @ANYRESOCT, @ANYRESDEC], &(0x7f0000001540)=""/4096, 0x58, 0x1000, 0xa, 0x0, 0x0, @void, @value}, 0x28) 26.632378312s ago: executing program 1 (id=131): openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) io_setup(0x6, &(0x7f0000001380)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) (fail_nth: 1) 25.686004532s ago: executing program 1 (id=134): r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x0, 0x0, 0xff, 0xe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, [0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1ff], [0xf1, 0x4]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 25.16906382s ago: executing program 1 (id=136): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0x10, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="7910480000000000690048000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @broadcast, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @info_request}}}}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x161c42, 0xb6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) 21.315080326s ago: executing program 1 (id=152): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000002340)='./bus\x00') mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) chdir(&(0x7f0000000100)='./bus\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000780)={0x0, 0x0, 0x0, 0xffffffffffffffff}) renameat2(r0, &(0x7f0000000340)='./file0\x00', r1, &(0x7f00000003c0)='./file1\x00', 0x2) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="6167000000000000060000000000000085000000c400e9299500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23) quotactl$Q_GETFMT(0xffffffff80000400, &(0x7f0000000600)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0) syz_usb_control_io$uac1(r3, 0x0, 0x0) syz_usb_control_io$printer(r3, 0x0, &(0x7f0000000c80)={0x34, &(0x7f0000000280)=ANY=[@ANYBLOB="001501000000e49e8f32ddc6857aa9279605980bdd885b17e261b26f6c96e78035851a73f7cf645d2d5e51e6105842293878ee74fb9a6d824fed334fe4e2fe03e3a3f13dd6d00dfb113b9bb6dbc2a01d89b090c11b4bdbc11a1255e41f0aef082c95db8ed4708ff0dc7897fe09ddff238635986eacddf4c9835493cf0da985ebf76aa4ebc939a0ee8879a6f612d658eee7e6985604c5ed15833eed9598bec7a09f9f255b2042813bdd7690e4103c75f35d17f607857835b52b199f1d69b0"], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r3, 0x0, 0x0) syz_usb_control_io(r3, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="00020000", @ANYRES16=r5, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x0) syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000180)={0x40, 0x12, 0x1, "b4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 16.623600257s ago: executing program 1 (id=170): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000011c0)=ANY=[@ANYBLOB="ac0000001800dd8d000000000000000002000000000000060000000006001500050000008800168084"], 0xac}}, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000080)={0x1, 0x1489c251ac12d5ee, 0xfc, 0x0, 0x267a4e37}, 0xc) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000000)=0x7, 0x4) 11.516933482s ago: executing program 0 (id=182): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0x10, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="7910480000000000690048000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @broadcast, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @info_request}}}}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x161c42, 0xb6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) 8.998674229s ago: executing program 0 (id=192): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0205647, &(0x7f0000000940)={0xf010000, @pix={0x0, 0x0, 0x41416770, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}) 8.316927463s ago: executing program 0 (id=195): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x0, 0x0, 0xff, 0xe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, [0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1ff], [0xf1, 0x4]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 7.051208928s ago: executing program 0 (id=199): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, &(0x7f00000000c0)={0x1, 0x0, 0x6, &(0x7f0000000080)={0xc, "df1e970974a75196eeb58543bd9d2ba55aeacc9859bdc9f2472342370527626623"}}) openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x104}}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x42002, 0x0) write$vga_arbiter(r3, &(0x7f0000000280)=ANY=[@ANYBLOB='target PCI:0:0:7.8'], 0x13) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0x8, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41905}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 6.9988279s ago: executing program 3 (id=200): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 6.015442324s ago: executing program 3 (id=202): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0x10, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="7910480000000000690048000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @broadcast, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @info_request}}}}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x161c42, 0xb6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) 5.939776298s ago: executing program 5 (id=203): mkdirat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) 5.845633282s ago: executing program 6 (id=204): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(0x0, r0) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000240)={0x30, r1, 0x805, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x2}]}, 0x30}}, 0x0) 5.004262369s ago: executing program 6 (id=205): r0 = syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") preadv2(r0, 0x0, 0x0, 0x6fa, 0x6, 0x18) mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 4.929436501s ago: executing program 5 (id=206): syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x406, 0x0, 0x0, 0x0, &(0x7f00000000c0)) 3.874959389s ago: executing program 6 (id=207): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x600, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x30, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2, 0x0, 0x1}, [@CTA_EXPECT_TUPLE={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @multicast1}}}]}, @CTA_EXPECT_MASK={0x4}]}, 0x30}}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x4, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet6(0xa, 0x80002, 0x0) getsockopt$sock_buf(r3, 0x1, 0x37, &(0x7f0000000240)=""/178, &(0x7f00000000c0)=0xb2) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0xfe, 0x0, 0x20, 0x6, 0xfe, 0x40, 0x1, 0x0, 0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3}}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x6, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, 0x8000000000000, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8001], 0x1, 0x3c4210}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3.823498964s ago: executing program 5 (id=208): ioperm(0x83, 0x3, 0xc) remap_file_pages(&(0x7f000077f000/0x1000)=nil, 0x1000, 0x0, 0x300, 0x0) 3.146893879s ago: executing program 3 (id=209): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x0, 0x0, 0xff, 0xe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, [0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1ff], [0xf1, 0x4]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 2.941254688s ago: executing program 5 (id=210): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0xfdef}], 0x1) openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0xa1, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) writev(r3, &(0x7f0000000240)=[{&(0x7f0000001440)="d6e0f933", 0x4}], 0x1) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r5, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0xa, 0x0, 0xfffffed4, 0x1}}, 0x20) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x104}}, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r6, 0xae9a) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 2.825723279s ago: executing program 6 (id=211): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c) syz_emit_ethernet(0x7a, &(0x7f00000000c0)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "02000b", 0x44, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x6558}}}}}}}, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000200)='./file4\x00', 0xc008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(r1, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file7\x00', 0x105040, 0x1ff) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x7c7, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x80, 0x4, 0x0, @loopback, @rand_addr=0x64010104}}}}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f3, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000040)={'ip_vti0\x00', 0x0, 0x8000, 0x0, 0x4000000, 0x0, {{0x5, 0x4, 0x0, 0x16, 0x14, 0x4, 0x0, 0xfe, 0x4, 0x0, @loopback, @rand_addr=0x64010101}}}}) openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1) rename(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file7\x00') 2.752245854s ago: executing program 3 (id=212): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={0x0, &(0x7f0000001540)=""/4096, 0x58, 0x1000, 0xa, 0x0, 0x0, @void, @value}, 0x28) 2.75153747s ago: executing program 0 (id=213): syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x10100}, 0x0, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000012c0)={0x8, "a9780d4dc37a1d5c99c46fa9d1f5ffb92eafb2723b49e41c13a0172578e35bde"}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f00000006c0)={0x7, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000700)={0x7f, 0xfffffffffffffeda, 0x0, 0xfffffffffffffffe, 0x3ff, 0x0, 0x4, 0xd6c3}, 0x0, 0x0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_FLUSH(r1, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4) setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000040), 0x4) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000080)='hugetlb.2MB.rsvd.failcnt\x00', 0x2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00') getdents64(r4, &(0x7f00000000c0)=""/44, 0x2c) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000580)=@mangle={'mangle\x00', 0x1f, 0x6, 0x640, 0x358, 0x358, 0x134, 0x244, 0x0, 0x578, 0x578, 0x578, 0x578, 0x578, 0x6, &(0x7f0000000500), {[{{@ipv6={@private2={0xfc, 0x2, '\x00', 0x1}, @remote, [0xffffffff, 0xff, 0xffffffff, 0xffffff00], [0xff000000, 0x0, 0xffffff00, 0xff000000], 'veth1_virt_wifi\x00', 'veth1_to_bond\x00', {0xff}, {}, 0x5c, 0x4c, 0x3, 0x3a}, 0x0, 0x110, 0x134, 0x0, {}, [@common=@hbh={{0x48}, {0x8, 0x1, 0x0, [0x8, 0x8, 0x8, 0x401, 0xfff9, 0x9, 0x5a2f, 0x5, 0x2, 0x5, 0x6f, 0xbe6, 0x1, 0x8001, 0xfffe, 0x101], 0xf}}, @inet=@rpfilter={{0x24}, {0x5}}]}, @inet=@TOS={0x24, 'TOS\x00', 0x0, {0x1, 0x5}}}, {{@uncond, 0x0, 0xd4, 0x110, 0x0, {}, [@common=@frag={{0x30}, {[0x2, 0xd], 0xa, 0x28, 0x2}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x4, 0x5, @ipv6=@mcast1, 0x4e22}}}, {{@uncond, 0x0, 0xf0, 0x114, 0x0, {}, [@inet=@rpfilter={{0x24}, {0xd}}, @common=@unspec=@addrtype1={{0x28}, {0x104, 0xb18, 0x8}}]}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0xec, 0x110, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x1}}, @inet=@rpfilter={{0x24}, {0xe}}]}, @HL={0x24, 'HL\x00', 0x0, {0x2, 0x9}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast1}, @mcast2, [0xff, 0xff, 0xff000000, 0xffffff00], [0xff000000, 0xffffffff, 0xff], '\x00', 'vlan1\x00', {0xff}, {0xff}, 0x84, 0x7, 0x1, 0x42}, 0x0, 0xec, 0x110, 0x0, {}, [@common=@mh={{0x24}, {"6ecd"}}, @inet=@rpfilter={{0x24}, {0x8}}]}, @common=@unspec=@AUDIT={0x24, 'AUDIT\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x69c) sendfile(r3, r3, 0x0, 0x71f) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x4, 0x3f, 0x3202, @vifc_lcl_addr=@private=0xa010102, @private=0xa010101}, 0x10) openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0xa0400, 0x2, 0x24}, 0x18) r5 = syz_open_dev$video4linux(&(0x7f00000001c0), 0x0, 0x0) ioctl$VIDIOC_QUERY_EXT_CTRL(r5, 0xc0205647, &(0x7f0000000200)={0x8f010000, 0x0, "392572ce18edbf1001000000800005e4ffffff00b0383b68b062c2bc00", 0x0, 0xfffffffffffffffc, 0x7f, 0x0, 0x4, 0x4, 0x4, 0x80, [0x7fb, 0x1, 0x1, 0x10001]}) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r6, 0x400, 0x1) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000004c0)={'wlan0\x00'}) 2.241662561s ago: executing program 3 (id=214): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x600, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x30, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2, 0x0, 0x1}, [@CTA_EXPECT_TUPLE={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @multicast1}}}]}, @CTA_EXPECT_MASK={0x4}]}, 0x30}}, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x4, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet6(0xa, 0x80002, 0x0) getsockopt$sock_buf(r3, 0x1, 0x37, &(0x7f0000000240)=""/178, &(0x7f00000000c0)=0xb2) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0xfe, 0x0, 0x20, 0x6, 0xfe, 0x40, 0x1, 0x0, 0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3}}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x6, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, 0x8000000000000, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8001], 0x1, 0x3c4210}) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 2) 1.025775537s ago: executing program 6 (id=215): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f00000005c0), r0) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, 0x0, 0x0) 770.388575ms ago: executing program 34 (id=170): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000011c0)=ANY=[@ANYBLOB="ac0000001800dd8d000000000000000002000000000000060000000006001500050000008800168084"], 0xac}}, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000080)={0x1, 0x1489c251ac12d5ee, 0xfc, 0x0, 0x267a4e37}, 0xc) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000000)=0x7, 0x4) 707.715389ms ago: executing program 0 (id=217): socket$netlink(0x10, 0x3, 0xa) epoll_create1(0x80000) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x349a02, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r2, 0x107, 0xb, 0x0, &(0x7f0000000080)) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r1, 0xc25c4110, &(0x7f0000000100)={0xfffffffd, [[0x1, 0xff, 0x0, 0x0, 0x0, 0xec2], [0x0, 0x80000000, 0xfffffffe, 0x0, 0x0, 0x0, 0x5], [0x7fe, 0xfffffffe, 0x0, 0x0, 0x4, 0xba0, 0xfffffffe, 0x9]], '\x00', [{}, {0xfffffffd}, {0x0, 0x1}, {0xfffffffc, 0x1}, {}, {0x200000}, {}, {0x3}, {}, {}, {0x480001}], '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xe, 0x5, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10) sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="340000001a000100000000000000000002000000000000000000000008001000000000000600150000000000080011"], 0x34}}, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) iopl(0xb) write$cgroup_int(r0, &(0x7f0000000140)=0x400900, 0x12) 393.467819ms ago: executing program 3 (id=218): syz_mount_image$hfsplus(&(0x7f0000000240), &(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x804000, &(0x7f0000000280)=ANY=[@ANYBLOB='nls=cp1255,decompose,uid=', @ANYRESHEX=0x0, @ANYRES16=0x0, @ANYRESHEX=0xee01, @ANYBLOB="2c626172726965722c6e6f624ab38a9261003f5c"], 0x3, 0x6ab, &(0x7f0000005d00)="$eJzs3U2InHcdB/DvM5nMZiKk2zZNowhZGijaYLKboSaC0CgiOQQJeul1STbNkklaNltJi5iJWgVPnqQHDxWJh55ERKgnsZ4FwYun3APePOSgrjzPPDM7uzvZ7CbZnW37+cCzz/+Z/9vv+fV5mXmmYQJ8Zp1/Pft7KXL+xIVb5fa9u53uvbud64NykqkkjaTZX6VoJ8XHybn0l3y+fLEernjYPK/e/6hovv9hp7/VrJeqfWOzfhuMbdlLDgw39iWZ6Rf/s4UBG+PHq5ZqnEur4z2mYhh3mbDjg8TBpK1s0FutHHdqrLX18xbYs27375sbTCcH07+7lu8DUl8dHn1lmLxNr0293YsDAAAAdsrYz/KjnnmQB7mVQ7sTDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHw6FP3fDCzqpTEoz6QY/P5/a+Q39VsTDvcJvXelWn33mUkHAgAAAAAAAABP5NiDPMitHBpsrxTVd/4vVRuHq7+fy9u5mYUs5WRuZT7LWc5S5pJMjwzUujW/vLw0t7HnL1P2XFlZuV33PD225+m1cfXWBzru/zTY0AgAAAAAAAAAPrN+lPOr3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBeUCT7+qtqOTwoT6fRTHIgSauYGTZvTTTYp+DPkw4AAAAAdl67Xh8q/tcvrBTVZ/4j1ef+A3k7N7KcxSynm4Vcrp4F9D/1N/7e63Tv3e1cL5eNA3/jX9uKoxox/WcP42eerVq8MOxxPt/O93IiM7mYpSzm+5nPchYyk29VpfkUma6fXkzfu9vOINaN8Z5bs3VxfWzHRsplfEerSNq5ksUqtpO51BqE3qjbHR2Z7Y+tZN2Md8rsFK/Vtpijy/W63KNf1Ou9Ybra8/3DjMzWuS+z8exo3jfmfpvHyfqZ5tIYPoM6vDpLubl+psfK+cF6Xeb6pzub820+Slubid7Py63B0Xdk85wnX/7HXy5ebdy4dvXKzRN75zB6TOuPic5IJl7cUia6ZSZ6T5CJA08S/9PTqrPRv4pu72r5UtX3UBbznbyZy1nImcxmLmczm6/ldDo5PZLXFzbPa3WuNbZ3rh3/Ul0o70k/G7k37Zqph1WUeX12JK+jV7rpqm70ldUsPbeFLBWtjM/SP8eG0vxCXSjn+PHIHWfy1mdibiQTz2+eiV//dyXJze6Na0tX59/a4nwv1+vytH1v7bX5N09lh7av3t3yeHmu/I+V/m1j9Ogo654f1K3LV6v+xqVZD7amrpXqfO7XPepMLUc6cmfcSP26F8fO0qnqjo7UrXmXkzfTHb4Lqe36SQrAFhx85WCrfb/9t/YH7Z+0r7YvHPjm1NmpL7ay/6/NP+37XeO3ja8Xr+SD/DCHJh0pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8Gtx8591r893uwtIeLKTxlAe8M7ZqkIr+K60xbY5lD2Tjk1GY2uyI+n2STbq3JhFzO8meSF2auzDXVMZUXRi+0k4aw3iSXNsjP3AH7IRTy9ffOnXznXe/snh9/o2FNxZunD575rUzna/O3T51ZbG7MNv/O+kogZ2w+jZg0pEAAAAAAAAAAAAAW7Ub/7xhzLRFbwL7CgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwynX89+3spMjd7crbcvne30y2XQXm1ZTNJI0nxg6T4ODmX/pLpkeGKh83z6v2PfvXy+x92VsdqDto31vX7w79XVra5F716yUySffX60aa2NN6lkfF62wysrxjuYZmw44PEwaT9PwAA//+APAcg") syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000540)='./bus\x00', 0x2810880, &(0x7f0000000300)=ANY=[], 0x8b, 0x28e, &(0x7f0000000680)="$eJzs3U1r1EAcx/HfJNt1a2tNbUUQD1IteJK2XsRLQYqvwZOo3RWKSwWtoF4snsUX4N2LL8AX4UkEz3ry5AvoLTKzSXeiedi2dsel3w/sGpN5+E+STeYfKBGAE+v2xvcPN37aj5FixZJuSZHddFktSed1ofN8e2drp9/r1jUUSx25j5FcTfNXmc3tXllVW8/VyCT2fy3N+utwPNI0TX+EDgIhdbJ/47KNkXQq+3XGfuFJtxs6gMDMnvb0QnOh4wAAhGUG9/cou8/PZvP3KJKWs9u+f///diZwvEe1FzqAwLz7v8uyUmOP71m3aZjvuRTObo/yLPGg/djJY1uDM6swwTRNWaWLJZp+tNXvXd980u9GeqP1jFdsUdK6ulnOmmmIdqkkNy1qa/TWasy4MUzZMaxVxL9Q1unhe2xmPpsv5p5J9F7d/flfKzW2exdBsn+k7kwN41+pbtGNMhmUqhjlvOvkYnHH1o4yrspIlO+peRUfECTFONultdr6o9ZgdKvVo3PtLJTWWmuotWhrffRqDc/m6prHzbwzd82SfumTNrz5f2T39rJG+WXaMq5kdmbk4ynNDVuuZOKv2r1U2mZ0uPHgUN7qoW5q7tnLV48f9Pu9pyycoIX8JPhf4vl3C63x9NU+8q7r6ECFpboy+aVzhAbzi3Rjp2EuSxiv4UGvLvN6nAFh3OzFwwzyPy9fWXEpkv1KaubpadO0zWtxtSI3OOe+T3stmez5fHUGNFOdwY2ac125Jl31VjbkXImNc7p2rJPEbOir7vP8HwAAAAAAAAAAAAAAAAAAYNKM428zQo8RAAAAAAAAAAAAAAAAAAAAAIBJV/3+346O8f2/hZfp8P5fIIzfAQAA///stXSM") r0 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x184) renameat2(r0, &(0x7f00000001c0)='./file0\x00', r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.stat\x00', 0x26e1, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r1, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0], 0x0, 0x98, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000440), &(0x7f0000000480), 0x8, 0xe5, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10) renameat2(r2, &(0x7f0000000140)='./file1\x00', r2, &(0x7f0000000100)='./file0\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1817c1, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) rename(&(0x7f0000000000)='./bus\x00', &(0x7f0000000180)='./file1\x00') r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000180)="900000001c001f4d154a817393278bff0a80a578020000004004840014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x240200c5, 0x0, 0x0) 265.825222ms ago: executing program 6 (id=219): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0x10, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="7910480000000000690048000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @broadcast, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @info_request}}}}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x161c42, 0xb6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) 219.689227ms ago: executing program 5 (id=220): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]}) kexec_load(0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='rss_stat\x00', r0}, 0x18) madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3011, 0x17) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000, 0x4, &(0x7f0000ffd000/0x2000)=nil) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x15) madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8) 0s ago: executing program 5 (id=221): r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, 0x0, &(0x7f00000002c0)) (fail_nth: 1) kernel console output (not intermixed with test programs): 787] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.024637][ T5787] bridge_slave_1: entered allmulticast mode [ 225.033499][ T5787] bridge_slave_1: entered promiscuous mode [ 225.045939][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.054023][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.061733][ T5782] bridge_slave_1: entered allmulticast mode [ 225.070723][ T5782] bridge_slave_1: entered promiscuous mode [ 225.114852][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 225.122018][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 225.148551][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 225.286840][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 225.294105][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 225.321736][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 225.339421][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 225.346738][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 225.373174][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 225.387184][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 225.396034][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 225.422400][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 225.445456][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.571658][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.623433][ T5781] Bluetooth: hci0: command tx timeout [ 225.657137][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.710444][ T5781] Bluetooth: hci1: command tx timeout [ 225.739469][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.750467][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.759071][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.766916][ T5792] bridge_slave_0: entered allmulticast mode [ 225.768139][ T5781] Bluetooth: hci2: command tx timeout [ 225.776221][ T5792] bridge_slave_0: entered promiscuous mode [ 225.784596][ T5781] Bluetooth: hci3: command tx timeout [ 225.918549][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.929203][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.937024][ T5792] bridge_slave_1: entered allmulticast mode [ 225.945721][ T5792] bridge_slave_1: entered promiscuous mode [ 225.988752][ T5787] team0: Port device team_slave_0 added [ 226.041994][ T5776] hsr_slave_0: entered promiscuous mode [ 226.051390][ T5776] hsr_slave_1: entered promiscuous mode [ 226.120459][ T5787] team0: Port device team_slave_1 added [ 226.140703][ T5780] hsr_slave_0: entered promiscuous mode [ 226.150880][ T5780] hsr_slave_1: entered promiscuous mode [ 226.159682][ T5780] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 226.168550][ T5780] Cannot create hsr debugfs directory [ 226.188335][ T5782] team0: Port device team_slave_0 added [ 226.250556][ T5791] Bluetooth: hci4: command tx timeout [ 226.323969][ T5782] team0: Port device team_slave_1 added [ 226.339679][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.495843][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.539559][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.546992][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.573964][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.660828][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.669431][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.696277][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.710167][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.717536][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.745234][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.817970][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.825319][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.851900][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.964427][ T5792] team0: Port device team_slave_0 added [ 226.997084][ T5792] team0: Port device team_slave_1 added [ 227.301113][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 227.308689][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.337041][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 227.446914][ T5787] hsr_slave_0: entered promiscuous mode [ 227.456657][ T5787] hsr_slave_1: entered promiscuous mode [ 227.465618][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 227.473358][ T5787] Cannot create hsr debugfs directory [ 227.481972][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 227.489269][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.516383][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 227.540358][ T5782] hsr_slave_0: entered promiscuous mode [ 227.549258][ T5782] hsr_slave_1: entered promiscuous mode [ 227.558481][ T5782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 227.566298][ T5782] Cannot create hsr debugfs directory [ 227.684061][ T5791] Bluetooth: hci0: command tx timeout [ 227.766089][ T5791] Bluetooth: hci1: command tx timeout [ 227.844048][ T5791] Bluetooth: hci3: command tx timeout [ 227.849703][ T5791] Bluetooth: hci2: command tx timeout [ 227.952479][ T5792] hsr_slave_0: entered promiscuous mode [ 227.962513][ T5792] hsr_slave_1: entered promiscuous mode [ 227.973265][ T5792] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 227.981408][ T5792] Cannot create hsr debugfs directory [ 228.054944][ T5776] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 228.148494][ T5776] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 228.219423][ T5776] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 228.289997][ T5776] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 228.324586][ T5791] Bluetooth: hci4: command tx timeout [ 228.505928][ T5780] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 228.586243][ T5780] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 228.685982][ T5780] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 228.709128][ T5780] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 229.039806][ T5782] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 229.092293][ T5782] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 229.153054][ T5782] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 229.243171][ T5782] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 229.328519][ T5787] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 229.395644][ T5787] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 229.501333][ T5787] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 229.552183][ T5787] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 229.575822][ T5792] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 229.635890][ T5792] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 229.703267][ T5792] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 229.766204][ T5791] Bluetooth: hci0: command tx timeout [ 229.807182][ T5792] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 229.863334][ T5791] Bluetooth: hci1: command tx timeout [ 229.926209][ T5791] Bluetooth: hci2: command tx timeout [ 229.931863][ T5791] Bluetooth: hci3: command tx timeout [ 229.949773][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.023254][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.134091][ T5780] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.198765][ T3982] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.206805][ T3982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.245043][ T5776] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.339889][ T3982] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.347612][ T3982] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.412003][ T5791] Bluetooth: hci4: command tx timeout [ 230.476224][ T3982] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.484006][ T3982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.613198][ T3982] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.620795][ T3982] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.062991][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.278503][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.356804][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.382232][ T4096] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.389983][ T4096] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.506072][ T4096] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.513876][ T4096] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.563199][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.615568][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.703553][ T3982] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.711350][ T3982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.818940][ T3982] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.826702][ T3982] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.920009][ T5792] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.102513][ T1879] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.110270][ T1879] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.261405][ T5787] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 232.273941][ T5787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 232.306993][ T1879] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.314748][ T1879] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.629620][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.784190][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 233.291565][ T5776] veth0_vlan: entered promiscuous mode [ 233.426103][ T5780] veth0_vlan: entered promiscuous mode [ 233.466656][ T5776] veth1_vlan: entered promiscuous mode [ 233.542481][ T5780] veth1_vlan: entered promiscuous mode [ 233.870928][ T5776] veth0_macvtap: entered promiscuous mode [ 233.910728][ T5780] veth0_macvtap: entered promiscuous mode [ 233.942188][ T5776] veth1_macvtap: entered promiscuous mode [ 233.986372][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.000267][ T5780] veth1_macvtap: entered promiscuous mode [ 234.178982][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.242720][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 234.255706][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.270419][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.337308][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.405212][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.416142][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.430426][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.510335][ T5780] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.520568][ T5780] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.530517][ T5780] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.540129][ T5780] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.615810][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.645392][ T5776] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.654918][ T5776] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.664222][ T5776] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.673320][ T5776] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.751705][ T5782] veth0_vlan: entered promiscuous mode [ 234.909860][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.931641][ T5782] veth1_vlan: entered promiscuous mode [ 235.325103][ T5782] veth0_macvtap: entered promiscuous mode [ 235.382859][ T5782] veth1_macvtap: entered promiscuous mode [ 235.646200][ T5792] veth0_vlan: entered promiscuous mode [ 235.657694][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.668605][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.679194][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.690027][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.704572][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.778730][ T5792] veth1_vlan: entered promiscuous mode [ 235.889848][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.900820][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.911154][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.921975][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.937577][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 236.215299][ T5792] veth0_macvtap: entered promiscuous mode [ 236.229973][ T5782] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.240959][ T5782] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.251790][ T5782] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.260959][ T5782] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.294180][ T5792] veth1_macvtap: entered promiscuous mode [ 236.541662][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.554432][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.566510][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.578602][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.588724][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.599473][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.613979][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 236.787860][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.801468][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.811850][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.822621][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.832753][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.843546][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.858555][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 237.038801][ T5792] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.051466][ T5792] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.063894][ T5792] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.072946][ T5792] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.574657][ T5787] veth0_vlan: entered promiscuous mode [ 237.696974][ T5787] veth1_vlan: entered promiscuous mode [ 238.122851][ T5787] veth0_macvtap: entered promiscuous mode [ 238.211665][ T5787] veth1_macvtap: entered promiscuous mode [ 238.370442][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 238.381273][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.391476][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 238.402277][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.413241][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 238.424394][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.434487][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 238.445329][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.459855][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 238.613924][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 238.626066][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.637716][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 238.652094][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.662847][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 238.673725][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.683882][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 238.694755][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 238.708952][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 238.898571][ T5787] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.907955][ T5787] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.917157][ T5787] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 238.926375][ T5787] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.380650][ T3982] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.389996][ T3982] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.610792][ T3982] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.618978][ T3982] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.709973][ T3532] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.718660][ T3532] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.955334][ T5780] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 241.972483][ T3982] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.981064][ T3982] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.612813][ T5950] FAULT_INJECTION: forcing a failure. [ 242.612813][ T5950] name failslab, interval 1, probability 0, space 0, times 1 [ 242.628725][ T5950] CPU: 1 UID: 0 PID: 5950 Comm: syz.3.4 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 242.639471][ T5950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 242.649875][ T5950] Call Trace: [ 242.653335][ T5950] [ 242.656441][ T5950] dump_stack_lvl+0x216/0x2d0 [ 242.661434][ T5950] dump_stack+0x1e/0x24 [ 242.665851][ T5950] should_fail_ex+0x748/0x7f0 [ 242.670820][ T5950] should_failslab+0x17f/0x210 [ 242.675841][ T5950] __kmalloc_noprof+0x176/0x1230 [ 242.681060][ T5950] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 242.687687][ T5950] ? switchdev_deferred_enqueue+0x5f/0x510 [ 242.693881][ T5950] switchdev_deferred_enqueue+0x5f/0x510 [ 242.699788][ T5950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 242.705852][ T5950] ? __pfx_switchdev_port_attr_set_deferred+0x10/0x10 [ 242.712897][ T5950] switchdev_port_attr_set+0x334/0x430 [ 242.718616][ T5950] ? kmsan_get_metadata+0x13e/0x1c0 [ 242.724076][ T5950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 242.730154][ T5950] br_set_ageing_time+0x164/0x330 [ 242.735476][ T5950] br_dev_siocdevprivate+0x1378/0x2590 [ 242.741243][ T5950] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 242.747371][ T5950] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 242.754015][ T5950] ? kmsan_get_metadata+0x13e/0x1c0 [ 242.759466][ T5950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 242.765536][ T5950] ? __pfx_br_dev_siocdevprivate+0x10/0x10 [ 242.771719][ T5950] ? __pfx_br_dev_siocdevprivate+0x10/0x10 [ 242.777814][ T5950] dev_ifsioc+0xf4a/0x1420 [ 242.782512][ T5950] dev_ioctl+0xc38/0x1280 [ 242.787185][ T5950] sock_ioctl+0xbea/0xd70 [ 242.791824][ T5950] compat_sock_ioctl+0x36f/0x1360 [ 242.797163][ T5950] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 242.802915][ T5950] __se_compat_sys_ioctl+0x80f/0x1020 [ 242.808592][ T5950] ? ksys_write+0x408/0x4b0 [ 242.813382][ T5950] ? kmsan_get_metadata+0x13e/0x1c0 [ 242.818848][ T5950] __ia32_compat_sys_ioctl+0x93/0xe0 [ 242.824436][ T5950] ia32_sys_call+0x2226/0x4180 [ 242.829465][ T5950] __do_fast_syscall_32+0xb0/0x110 [ 242.834891][ T5950] ? irqentry_exit+0x16/0x60 [ 242.839773][ T5950] do_fast_syscall_32+0x38/0x80 [ 242.844923][ T5950] do_SYSENTER_32+0x1f/0x30 [ 242.849706][ T5950] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 242.856373][ T5950] RIP: 0023:0xf73dd579 [ 242.860669][ T5950] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 242.880563][ T5950] RSP: 002b:00000000f50c657c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 242.889299][ T5950] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000000089f0 [ 242.897497][ T5950] RDX: 0000000020000900 RSI: 0000000000000000 RDI: 0000000000000000 [ 242.905694][ T5950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 242.913905][ T5950] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 242.922103][ T5950] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 242.930318][ T5950] [ 243.436586][ T2964] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 243.445599][ T2964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.640219][ T3982] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 243.650616][ T3982] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.710898][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 243.719070][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.927307][ T5964] netlink: 'syz.3.6': attribute type 30 has an invalid length. [ 244.075873][ T2964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.084271][ T2964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.497000][ T5970] loop1: detected capacity change from 0 to 64 [ 244.634917][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.643128][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.892190][ T4096] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.901613][ T4096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.257250][ T5976] loop2: detected capacity change from 0 to 256 [ 245.758733][ T5986] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 245.994242][ T5845] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 245.998913][ T5991] loop4: detected capacity change from 0 to 64 [ 246.075680][ T5988] loop3: detected capacity change from 0 to 64 [ 246.172501][ T5997] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 246.951302][ T6006] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14'. [ 247.652704][ T6019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.17'. [ 247.723863][ T6019] capability: warning: `syz.4.17' uses deprecated v2 capabilities in a way that may be insecure [ 248.004742][ T5832] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 248.024135][ T5831] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 248.240631][ T6027] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 248.444800][ T5832] usb 4-1: Using ep0 maxpacket: 32 [ 248.450598][ T5831] usb 3-1: Using ep0 maxpacket: 16 [ 248.507239][ T5832] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 248.519209][ T5832] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 248.533164][ T5832] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 248.544147][ T5832] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.668850][ T5832] usb 4-1: config 0 descriptor?? [ 248.726416][ T6023] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 248.741391][ T5831] usb 3-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7 [ 248.751600][ T5831] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 248.760253][ T5831] usb 3-1: Product: syz [ 248.768529][ T5831] usb 3-1: Manufacturer: syz [ 248.773400][ T5831] usb 3-1: SerialNumber: syz [ 248.888355][ T5831] usb 3-1: config 0 descriptor?? [ 248.899020][ T5832] hub 4-1:0.0: USB hub found [ 248.948701][ T5831] hub 3-1:0.0: bad descriptor, ignoring hub [ 248.955377][ T5831] hub 3-1:0.0: probe with driver hub failed with error -5 [ 249.052042][ T5832] hub 4-1:0.0: config failed, hub has too many ports! (err -19) [ 249.162106][ T6036] veth0_macvtap: left promiscuous mode [ 249.374391][ T6024] loop2: detected capacity change from 0 to 2048 [ 249.391643][ T6024] ======================================================= [ 249.391643][ T6024] WARNING: The mand mount option has been deprecated and [ 249.391643][ T6024] and is ignored by this kernel. Remove the mand [ 249.391643][ T6024] option from the mount to silence this warning. [ 249.391643][ T6024] ======================================================= [ 249.499074][ T5832] usbhid 4-1:0.0: can't add hid device: -71 [ 249.506760][ T5832] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 249.575829][ T5832] usb 4-1: USB disconnect, device number 2 [ 249.671810][ T6024] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 249.818669][ T6024] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 250.009984][ T5832] libceph: connect (1)[c::]:6789 error -101 [ 250.016851][ T5832] libceph: mon0 (1)[c::]:6789 connect error [ 250.052544][ T6046] loop4: detected capacity change from 0 to 64 [ 250.178064][ T5845] usb 3-1: USB disconnect, device number 2 [ 250.287553][ T5831] libceph: connect (1)[c::]:6789 error -101 [ 250.294455][ T5831] libceph: mon0 (1)[c::]:6789 connect error [ 250.366480][ T5832] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 250.604238][ T5832] usb 1-1: Using ep0 maxpacket: 32 [ 250.625793][ T5831] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 250.647892][ T5832] usb 1-1: config 0 has an invalid interface number: 126 but max is 0 [ 250.657081][ T5832] usb 1-1: config 0 has no interface number 0 [ 250.663440][ T5832] usb 1-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 250.674389][ T5832] usb 1-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 250.684801][ T5832] usb 1-1: config 0 interface 126 has no altsetting 0 [ 250.738234][ T5832] usb 1-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 250.747743][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.756506][ T5832] usb 1-1: Product: syz [ 250.760927][ T5832] usb 1-1: Manufacturer: syz [ 250.765958][ T5832] usb 1-1: SerialNumber: syz [ 250.805506][ T5832] usb 1-1: config 0 descriptor?? [ 250.818036][ T6045] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 250.845913][ T8] libceph: connect (1)[c::]:6789 error -101 [ 250.852666][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 250.859746][ T5831] usb 2-1: Using ep0 maxpacket: 32 [ 250.886461][ T6045] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 250.957266][ T6051] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 251.172059][ T5831] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 251.181048][ T5831] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 251.190520][ T5831] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 251.199868][ T5831] usb 2-1: config 1 has no interface number 0 [ 251.206466][ T5831] usb 2-1: config 1 interface 1 altsetting 0 has an endpoint descriptor with address 0xA7, changing to 0x87 [ 251.218362][ T5831] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x87 has invalid maxpacket 32912, setting to 1024 [ 251.235016][ T5831] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 251.248438][ T5831] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 251.257885][ T5831] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.397438][ T5831] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 251.455393][ T6051] netlink: 96 bytes leftover after parsing attributes in process `syz.3.29'. [ 251.611207][ T5832] ir_usb 1-1:0.126: IR Dongle converter detected [ 251.673323][ T6058] loop4: detected capacity change from 0 to 64 [ 251.697100][ T6049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 251.707203][ T6049] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 251.752034][ T6059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.31'. [ 251.830136][ T6045] loop0: detected capacity change from 0 to 8 [ 252.132222][ T5831] snd_usb_pod 2-1:1.1: endpoint not available, using fallback values [ 252.141908][ T5831] snd_usb_pod 2-1:1.1: invalid control EP [ 252.153946][ T5831] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 252.160873][ T5831] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 252.174448][ T5831] snd_usb_pod 2-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 252.218094][ T6065] loop3: detected capacity change from 0 to 64 [ 252.275738][ T5831] libceph: connect (1)[c::]:6789 error -101 [ 252.282308][ T5831] libceph: mon0 (1)[c::]:6789 connect error [ 252.302095][ T5837] usb 2-1: USB disconnect, device number 2 [ 252.328605][ T5845] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 252.524493][ T5845] usb 3-1: Using ep0 maxpacket: 16 [ 252.624251][ T5845] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 252.645485][ T5832] usb 1-1: IRDA class descriptor not found, device not bound [ 252.692519][ T5845] usb 3-1: New USB device found, idVendor=05ac, idProduct=0272, bcdDevice= 0.40 [ 252.702124][ T5845] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.710688][ T5845] usb 3-1: Product: syz [ 252.715179][ T5845] usb 3-1: Manufacturer: syz [ 252.720024][ T5845] usb 3-1: SerialNumber: syz [ 252.769258][ T5845] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input5 [ 252.993943][ T6040] ceph: No mds server is up or the cluster is laggy [ 253.047762][ T5832] libceph: connect (1)[c::]:6789 error -101 [ 253.054721][ T5832] libceph: mon0 (1)[c::]:6789 connect error [ 254.240448][ T6071] loop3: detected capacity change from 0 to 256 [ 254.274864][ T5832] usb 1-1: USB disconnect, device number 3 [ 254.547395][ T6071] loop3: detected capacity change from 0 to 256 [ 255.385255][ T5121] bcm5974 3-1:1.0: could not read from device [ 255.434739][ T5121] bcm5974 3-1:1.0: could not read from device [ 255.483955][ T5121] bcm5974 3-1:1.0: could not read from device [ 255.520509][ T5121] bcm5974 3-1:1.0: could not read from device [ 255.528916][ T5845] usb 3-1: USB disconnect, device number 3 [ 255.719212][ T6087] loop3: detected capacity change from 0 to 256 [ 255.726138][ T5832] usb 2-1: new low-speed USB device number 3 using dummy_hcd [ 255.875639][ T6087] exFAT-fs (loop3): failed to read sector(0x800000078) [ 255.883017][ T6087] exFAT-fs (loop3): failed to load upcase table [ 255.889757][ T6087] exFAT-fs (loop3): failed to recognize exfat type [ 255.916387][ T5832] usb 2-1: device descriptor read/64, error -71 [ 256.683153][ T5881] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 256.736493][ T6091] FAULT_INJECTION: forcing a failure. [ 256.736493][ T6091] name failslab, interval 1, probability 0, space 0, times 0 [ 256.749917][ T6091] CPU: 1 UID: 0 PID: 6091 Comm: syz.2.41 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 256.760715][ T6091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 256.770994][ T6091] Call Trace: [ 256.774447][ T6091] [ 256.777544][ T6091] dump_stack_lvl+0x216/0x2d0 [ 256.782521][ T6091] dump_stack+0x1e/0x24 [ 256.786944][ T6091] should_fail_ex+0x748/0x7f0 [ 256.791920][ T6091] should_failslab+0x17f/0x210 [ 256.796972][ T6091] kmem_cache_alloc_lru_noprof+0xf5/0xe20 [ 256.803015][ T6091] ? hugetlbfs_alloc_inode+0x19b/0x2d0 [ 256.808787][ T6091] ? kmsan_get_metadata+0x13e/0x1c0 [ 256.814270][ T6091] hugetlbfs_alloc_inode+0x19b/0x2d0 [ 256.819843][ T6091] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 256.825934][ T6091] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 256.832029][ T6091] alloc_inode+0x86/0x460 [ 256.836617][ T6091] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 256.842692][ T6091] new_inode+0x38/0x480 [ 256.847101][ T6091] ? resv_map_alloc+0x36e/0x640 [ 256.852228][ T6091] hugetlbfs_get_inode+0xe5/0x8a0 [ 256.857534][ T6091] ? kmsan_get_metadata+0x13e/0x1c0 [ 256.863015][ T6091] hugetlb_file_setup+0x2d7/0xa40 [ 256.868340][ T6091] ksys_mmap_pgoff+0x2b9/0x790 [ 256.873377][ T6091] ? kmsan_get_metadata+0x13e/0x1c0 [ 256.878837][ T6091] __ia32_sys_mmap_pgoff+0x11d/0x1a0 [ 256.884418][ T6091] ia32_sys_call+0x30ef/0x4180 [ 256.889437][ T6091] __do_fast_syscall_32+0xb0/0x110 [ 256.894848][ T6091] ? irqentry_exit+0x16/0x60 [ 256.899712][ T6091] do_fast_syscall_32+0x38/0x80 [ 256.904860][ T6091] do_SYSENTER_32+0x1f/0x30 [ 256.909602][ T6091] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 256.916245][ T6091] RIP: 0023:0xf745d579 [ 256.920523][ T6091] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 256.940401][ T6091] RSP: 002b:00000000f514657c EFLAGS: 00000206 ORIG_RAX: 00000000000000c0 [ 256.949189][ T6091] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000ff5000 [ 256.957429][ T6091] RDX: 0000000001000002 RSI: 000000000005c831 RDI: 00000000ffffffff [ 256.965636][ T6091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 256.973823][ T6091] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 256.982005][ T6091] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 256.990206][ T6091] [ 257.297550][ T5832] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 257.324304][ T5881] usb 5-1: Using ep0 maxpacket: 8 [ 257.348540][ T5881] usb 5-1: config 0 has an invalid interface number: 5 but max is 0 [ 257.357080][ T5881] usb 5-1: config 0 has no interface number 0 [ 257.363422][ T5881] usb 5-1: config 0 interface 5 has no altsetting 0 [ 257.456937][ T5832] usb 2-1: device descriptor read/64, error -71 [ 257.498922][ T5881] usb 5-1: New USB device found, idVendor=1498, idProduct=a090, bcdDevice=f0.ff [ 257.509610][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 257.518143][ T5881] usb 5-1: Product: syz [ 257.522555][ T5881] usb 5-1: Manufacturer: syz [ 257.527892][ T5881] usb 5-1: SerialNumber: syz [ 257.579705][ T5832] usb usb2-port1: attempt power cycle [ 257.610549][ T5881] usb 5-1: config 0 descriptor?? [ 257.953967][ T5832] usb 2-1: new low-speed USB device number 5 using dummy_hcd [ 257.986047][ T5845] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 257.996512][ T5832] usb 2-1: device descriptor read/8, error -71 [ 258.030740][ T6102] FAULT_INJECTION: forcing a failure. [ 258.030740][ T6102] name failslab, interval 1, probability 0, space 0, times 0 [ 258.044086][ T6102] CPU: 0 UID: 0 PID: 6102 Comm: syz.0.45 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 258.054901][ T6102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 258.065198][ T6102] Call Trace: [ 258.068671][ T6102] [ 258.071798][ T6102] dump_stack_lvl+0x216/0x2d0 [ 258.076807][ T6102] dump_stack+0x1e/0x24 [ 258.081272][ T6102] should_fail_ex+0x748/0x7f0 [ 258.086266][ T6102] should_failslab+0x17f/0x210 [ 258.091319][ T6102] __kmalloc_noprof+0x176/0x1230 [ 258.096572][ T6102] ? kmsan_get_metadata+0x13e/0x1c0 [ 258.102049][ T6102] ? tomoyo_encode+0x5f8/0xa40 [ 258.107138][ T6102] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 258.113238][ T6102] ? kmsan_get_metadata+0x13e/0x1c0 [ 258.118716][ T6102] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 258.124863][ T6102] tomoyo_encode+0x5f8/0xa40 [ 258.129793][ T6102] tomoyo_realpath_from_path+0x9dd/0xaa0 [ 258.135788][ T6102] tomoyo_path_number_perm+0x1d9/0x8f0 [ 258.141582][ T6102] ? kmsan_get_metadata+0x13e/0x1c0 [ 258.147070][ T6102] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 258.153193][ T6102] tomoyo_file_ioctl+0x3f/0x50 [ 258.158234][ T6102] security_file_ioctl_compat+0x145/0x590 [ 258.164264][ T6102] __se_compat_sys_ioctl+0xc8/0x1020 [ 258.169870][ T6102] ? ksys_write+0x408/0x4b0 [ 258.174675][ T6102] ? kmsan_get_metadata+0x13e/0x1c0 [ 258.180159][ T6102] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 258.186264][ T6102] __ia32_compat_sys_ioctl+0x93/0xe0 [ 258.191877][ T6102] ia32_sys_call+0x2226/0x4180 [ 258.196922][ T6102] __do_fast_syscall_32+0xb0/0x110 [ 258.202356][ T6102] ? irqentry_exit+0x16/0x60 [ 258.207254][ T6102] do_fast_syscall_32+0x38/0x80 [ 258.212426][ T6102] do_SYSENTER_32+0x1f/0x30 [ 258.217193][ T6102] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 258.223954][ T6102] RIP: 0023:0xf7f0f579 [ 258.228257][ T6102] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 258.248170][ T6102] RSP: 002b:00000000f509657c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 258.256911][ T6102] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c00c9207 [ 258.265118][ T6102] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 258.273313][ T6102] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 258.281503][ T6102] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 258.289716][ T6102] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 258.297940][ T6102] [ 258.307913][ T5845] usb 3-1: Using ep0 maxpacket: 8 [ 258.312015][ T6102] ERROR: Out of memory at tomoyo_realpath_from_path. [ 258.346398][ T5845] usb 3-1: config index 0 descriptor too short (expected 15378, got 36) [ 258.355995][ T5845] usb 3-1: config 0 has too many interfaces: 137, using maximum allowed: 32 [ 258.365060][ T5845] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 258.375486][ T5845] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 137 [ 258.502844][ T5845] usb 3-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 258.512725][ T5845] usb 3-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 258.521448][ T5845] usb 3-1: Product: syz [ 258.525944][ T5845] usb 3-1: SerialNumber: syz [ 258.588703][ T6104] loop3: detected capacity change from 0 to 4096 [ 258.636931][ T5845] usb 3-1: config 0 descriptor?? [ 258.669748][ T6105] loop4: detected capacity change from 0 to 8 [ 258.680101][ T6104] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 258.787527][ T5832] usb 2-1: new low-speed USB device number 6 using dummy_hcd [ 259.020670][ T5832] usb 2-1: device not accepting address 6, error -71 [ 259.028970][ T5832] usb usb2-port1: unable to enumerate USB device [ 259.330229][ T5845] usb 5-1: USB disconnect, device number 2 [ 259.337026][ T5845] dvb-usb: generic DVB-USB module successfully deinitialized and disconnected. [ 259.430599][ T5881] usb 3-1: USB disconnect, device number 4 [ 259.654090][ T5832] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 259.841706][ T5832] usb 1-1: Using ep0 maxpacket: 8 [ 260.114021][ T5832] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 260.123394][ T5832] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.167656][ T5832] usb 1-1: config 0 descriptor?? [ 260.427911][ T6123] loop1: detected capacity change from 0 to 64 [ 260.993047][ T5832] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61 [ 261.004431][ T5832] asix 1-1:0.0: probe with driver asix failed with error -61 [ 262.376364][ T6144] loop2: detected capacity change from 0 to 4096 [ 262.447670][ T6144] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 262.578910][ T5832] usb 1-1: USB disconnect, device number 4 [ 262.960382][ T6156] FAULT_INJECTION: forcing a failure. [ 262.960382][ T6156] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 262.974044][ T6156] CPU: 1 UID: 0 PID: 6156 Comm: syz.0.64 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 262.984876][ T6156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 262.995168][ T6156] Call Trace: [ 262.998633][ T6156] [ 263.001743][ T6156] dump_stack_lvl+0x216/0x2d0 [ 263.006738][ T6156] dump_stack+0x1e/0x24 [ 263.011187][ T6156] should_fail_ex+0x748/0x7f0 [ 263.016184][ T6156] should_fail+0x2a/0x40 [ 263.020717][ T6156] should_fail_usercopy+0x2e/0x40 [ 263.026047][ T6156] _copy_to_user+0x34/0x120 [ 263.030850][ T6156] simple_read_from_buffer+0x199/0x340 [ 263.036656][ T6156] proc_fail_nth_read+0x1e5/0x2c0 [ 263.041976][ T6156] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 263.047807][ T6156] vfs_read+0x29d/0xf50 [ 263.052264][ T6156] ? kmsan_get_metadata+0x13e/0x1c0 [ 263.057750][ T6156] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 263.064441][ T6156] ksys_read+0x240/0x4b0 [ 263.068985][ T6156] ? kmsan_get_metadata+0x13e/0x1c0 [ 263.074476][ T6156] __ia32_sys_read+0x91/0xe0 [ 263.079382][ T6156] ia32_sys_call+0x16dd/0x4180 [ 263.084429][ T6156] __do_fast_syscall_32+0xb0/0x110 [ 263.089870][ T6156] ? irqentry_exit+0x16/0x60 [ 263.094762][ T6156] do_fast_syscall_32+0x38/0x80 [ 263.099931][ T6156] do_SYSENTER_32+0x1f/0x30 [ 263.104694][ T6156] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 263.111358][ T6156] RIP: 0023:0xf7f0f579 [ 263.115665][ T6156] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 263.135576][ T6156] RSP: 002b:00000000f50965b0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 263.144309][ T6156] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5096620 [ 263.152535][ T6156] RDX: 000000000000000f RSI: 00000000f73a0ff4 RDI: 0000000000000000 [ 263.160833][ T6156] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 263.169043][ T6156] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 263.177248][ T6156] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 263.185477][ T6156] [ 263.220029][ T5845] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 263.635735][ T6163] netlink: 68 bytes leftover after parsing attributes in process `syz.2.66'. [ 263.843529][ T6170] loop2: detected capacity change from 0 to 512 [ 263.867631][ T6170] ext4: Unknown parameter '' [ 263.873372][ T5832] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 263.885823][ T5845] usb 2-1: Using ep0 maxpacket: 8 [ 263.898029][ T5845] usb 2-1: config index 0 descriptor too short (expected 15378, got 36) [ 263.906952][ T5845] usb 2-1: config 0 has too many interfaces: 137, using maximum allowed: 32 [ 263.916007][ T5845] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 263.932828][ T5845] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 137 [ 263.944051][ T5881] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 263.974619][ T5845] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 263.984309][ T5845] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 263.992847][ T5845] usb 2-1: Product: syz [ 263.997390][ T5845] usb 2-1: SerialNumber: syz [ 264.008153][ T5845] usb 2-1: config 0 descriptor?? [ 264.061933][ T5832] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 264.071686][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.080245][ T5832] usb 1-1: Product: syz [ 264.084899][ T5832] usb 1-1: Manufacturer: syz [ 264.089746][ T5832] usb 1-1: SerialNumber: syz [ 264.104582][ T5881] usb 4-1: device descriptor read/64, error -71 [ 264.121047][ T5832] usb 1-1: config 0 descriptor?? [ 264.277779][ T6153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.63'. [ 264.321971][ T6172] loop4: detected capacity change from 0 to 512 [ 264.339695][ T6161] FAULT_INJECTION: forcing a failure. [ 264.339695][ T6161] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 264.353512][ T6161] CPU: 1 UID: 0 PID: 6161 Comm: syz.0.67 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 264.355571][ T5881] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 264.364224][ T6161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 264.364308][ T6161] Call Trace: [ 264.364356][ T6161] [ 264.364414][ T6161] dump_stack_lvl+0x216/0x2d0 [ 264.393621][ T6161] dump_stack+0x1e/0x24 [ 264.398077][ T6161] should_fail_ex+0x748/0x7f0 [ 264.403152][ T6161] should_fail+0x2a/0x40 [ 264.407681][ T6161] should_fail_usercopy+0x2e/0x40 [ 264.413007][ T6161] _copy_to_user+0x34/0x120 [ 264.417807][ T6161] simple_read_from_buffer+0x199/0x340 [ 264.423609][ T6161] proc_fail_nth_read+0x1e5/0x2c0 [ 264.428925][ T6161] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 264.434764][ T6161] vfs_read+0x29d/0xf50 [ 264.439216][ T6161] ? kmsan_get_metadata+0x13e/0x1c0 [ 264.444703][ T6161] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 264.451387][ T6161] ksys_read+0x240/0x4b0 [ 264.455941][ T6161] ? kmsan_get_metadata+0x13e/0x1c0 [ 264.461442][ T6161] __ia32_sys_read+0x91/0xe0 [ 264.466352][ T6161] ia32_sys_call+0x16dd/0x4180 [ 264.471413][ T6161] __do_fast_syscall_32+0xb0/0x110 [ 264.476858][ T6161] do_fast_syscall_32+0x38/0x80 [ 264.482028][ T6161] do_SYSENTER_32+0x1f/0x30 [ 264.486793][ T6161] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.493471][ T6161] RIP: 0023:0xf7f0f579 [ 264.497770][ T6161] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 264.509554][ T6172] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 264.517561][ T6161] RSP: 002b:00000000f50965b0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 264.517698][ T6161] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5096620 [ 264.517796][ T6161] RDX: 000000000000000f RSI: 00000000f73a0ff4 RDI: 0000000000000000 [ 264.517889][ T6161] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 264.531153][ T6172] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 264.539362][ T6161] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 264.539458][ T6161] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 264.539565][ T6161] [ 264.617086][ T5831] usb 2-1: USB disconnect, device number 7 [ 264.675362][ T6172] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 264.700301][ T6172] EXT4-fs (loop4): 1 truncate cleaned up [ 264.708485][ T6172] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 264.735309][ T5881] usb 4-1: device descriptor read/64, error -71 [ 264.789287][ T5832] usb-storage 1-1:0.0: USB Mass Storage device detected [ 264.866907][ T5881] usb usb4-port1: attempt power cycle [ 264.959906][ T5832] usb 1-1: USB disconnect, device number 5 [ 264.974568][ T6180] loop2: detected capacity change from 0 to 64 [ 265.007280][ T6178] (unnamed net_device) (uninitialized): option lacp_active: invalid value (3) [ 265.078839][ T6182] loop0: detected capacity change from 0 to 16 [ 265.105872][ T6182] erofs (device loop0): mounted with root inode @ nid 36. [ 265.233039][ T5787] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 54: comm syz-executor: path /16/control/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 265.293330][ T5787] EXT4-fs (loop4): Remounting filesystem read-only [ 265.295804][ T5881] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 265.319040][ T5791] erofs (device loop0): failed to decompress -26 in[46, 0] out[9000] [ 265.335705][ T6178] erofs (device loop0): failed to decompress -26 in[46, 4050] out[8192] [ 265.344978][ T6178] erofs (device loop0): read error -117 @ 0 of nid 89 [ 265.361180][ T5881] usb 4-1: device descriptor read/8, error -71 [ 265.468973][ T29] audit: type=1800 audit(1733559483.578:2): pid=6178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.72" name="file3" dev="loop0" ino=89 res=0 errno=0 [ 265.626189][ T5881] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 265.657096][ T5881] usb 4-1: device descriptor read/8, error -71 [ 265.762049][ T5787] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.889885][ T5881] usb usb4-port1: unable to enumerate USB device [ 266.030835][ T3982] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.357748][ T3982] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.554227][ T6191] loop1: detected capacity change from 0 to 64 [ 266.922413][ T3982] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.248416][ T3982] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.536629][ T6201] netlink: 'syz.2.81': attribute type 21 has an invalid length. [ 267.545669][ T6201] netlink: 128 bytes leftover after parsing attributes in process `syz.2.81'. [ 267.555087][ T6201] netlink: 'syz.2.81': attribute type 5 has an invalid length. [ 267.562898][ T6201] netlink: 3 bytes leftover after parsing attributes in process `syz.2.81'. [ 267.835634][ T5781] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 267.848126][ T5781] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 267.857796][ T5781] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 267.871670][ T5781] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 267.883168][ T5781] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 267.902141][ T5781] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 267.974428][ T3982] bridge_slave_1: left allmulticast mode [ 267.980487][ T3982] bridge_slave_1: left promiscuous mode [ 267.987248][ T3982] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.084974][ T3982] bridge_slave_0: left allmulticast mode [ 268.090895][ T3982] bridge_slave_0: left promiscuous mode [ 268.097633][ T3982] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.497330][ T6207] loop2: detected capacity change from 0 to 512 [ 268.542969][ T5832] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 268.570789][ T6207] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 268.627725][ T6207] EXT4-fs (loop2): 1 truncate cleaned up [ 268.640247][ T6207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 268.655940][ T5831] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 268.689528][ T3982] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 268.706396][ T5832] usb 4-1: Using ep0 maxpacket: 8 [ 268.728984][ T5832] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 268.744221][ T5832] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 268.753388][ T5832] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 268.779510][ T5832] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 268.789147][ T5832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.797585][ T5832] usb 4-1: Product: syz [ 268.801987][ T5832] usb 4-1: Manufacturer: syz [ 268.807464][ T5832] usb 4-1: SerialNumber: syz [ 268.822963][ T5832] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found [ 268.830507][ T5832] cdc_ncm 4-1:1.0: bind() failure [ 268.869940][ T3982] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 268.879419][ T5831] usb 1-1: Using ep0 maxpacket: 8 [ 268.894956][ T5831] usb 1-1: config index 0 descriptor too short (expected 15378, got 36) [ 268.903884][ T5831] usb 1-1: config 0 has too many interfaces: 137, using maximum allowed: 32 [ 268.912852][ T5831] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 268.923434][ T5831] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 137 [ 268.944431][ T3982] bond0 (unregistering): Released all slaves [ 268.980192][ T5831] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 268.989873][ T5831] usb 1-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 268.998590][ T5831] usb 1-1: Product: syz [ 269.002997][ T5831] usb 1-1: SerialNumber: syz [ 269.163049][ T5831] usb 1-1: config 0 descriptor?? [ 269.175111][ T6211] netlink: 'syz.3.85': attribute type 10 has an invalid length. [ 269.196034][ T6211] syz_tun: entered promiscuous mode [ 269.221784][ T6211] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 269.227262][ T5792] EXT4-fs error (device loop2): ext4_readdir:261: inode #11: block 54: comm syz-executor: path /14/control/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 269.292994][ T5845] usb 4-1: USB disconnect, device number 7 [ 269.312796][ T5792] EXT4-fs (loop2): Remounting filesystem read-only [ 269.400580][ T6213] netlink: 8 bytes leftover after parsing attributes in process `syz.0.84'. [ 269.483145][ T5831] usb 1-1: USB disconnect, device number 6 [ 269.722814][ T6204] chnl_net:caif_netlink_parms(): no params data found [ 269.798642][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.040915][ T3982] hsr_slave_0: left promiscuous mode [ 270.089511][ T5791] Bluetooth: hci3: command tx timeout [ 270.096115][ T3982] hsr_slave_1: left promiscuous mode [ 270.121883][ T3982] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 270.129913][ T3982] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 270.217066][ T3982] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 270.225103][ T3982] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 270.299779][ T3982] veth1_macvtap: left promiscuous mode [ 270.307592][ T3982] veth1_vlan: left promiscuous mode [ 270.313183][ T3982] veth0_vlan: left promiscuous mode [ 270.994913][ T3982] team0 (unregistering): Port device team_slave_1 removed [ 271.120218][ T3982] team0 (unregistering): Port device team_slave_0 removed [ 271.421424][ T5781] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 271.442590][ T5781] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 271.452342][ T5781] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 271.465742][ T5781] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 271.477049][ T5781] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 271.486313][ T5781] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 271.838468][ T6231] pimreg: entered allmulticast mode [ 272.008854][ T6231] loop0: detected capacity change from 0 to 1024 [ 272.126751][ T6231] EXT4-fs: Ignoring removed oldalloc option [ 272.164039][ T5781] Bluetooth: hci3: command tx timeout [ 272.292117][ T6231] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 272.314049][ T6204] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.328130][ T6204] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.335990][ T6204] bridge_slave_0: entered allmulticast mode [ 272.345245][ T6204] bridge_slave_0: entered promiscuous mode [ 272.370011][ T6204] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.380588][ T6204] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.388450][ T6204] bridge_slave_1: entered allmulticast mode [ 272.397347][ T6204] bridge_slave_1: entered promiscuous mode [ 272.438133][ T6230] chnl_net:caif_netlink_parms(): no params data found [ 272.455045][ T6231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.631318][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.660458][ T3982] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.749651][ T6204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 272.770592][ T6204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 272.852423][ T3982] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.257343][ T3982] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.287280][ T6204] team0: Port device team_slave_0 added [ 273.370943][ T3982] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.392863][ T6252] loop3: detected capacity change from 0 to 512 [ 273.410260][ T6204] team0: Port device team_slave_1 added [ 273.476274][ T6252] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 273.496574][ T6230] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.505204][ T6230] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.512979][ T6230] bridge_slave_0: entered allmulticast mode [ 273.522189][ T6230] bridge_slave_0: entered promiscuous mode [ 273.591793][ T6230] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.601757][ T6230] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.609688][ T6230] bridge_slave_1: entered allmulticast mode [ 273.618882][ T6230] bridge_slave_1: entered promiscuous mode [ 273.624342][ T5781] Bluetooth: hci4: command tx timeout [ 273.677727][ T6252] EXT4-fs (loop3): 1 truncate cleaned up [ 273.685563][ T6252] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 273.714406][ T6204] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 273.721738][ T6204] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.748302][ T6204] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 273.982364][ T6204] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 273.990019][ T6204] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 274.016630][ T6204] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 274.088301][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.187544][ T6230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 274.245696][ T5781] Bluetooth: hci3: command tx timeout [ 274.296074][ T6204] hsr_slave_0: entered promiscuous mode [ 274.333458][ T6204] hsr_slave_1: entered promiscuous mode [ 274.348249][ T6204] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 274.374143][ T6204] Cannot create hsr debugfs directory [ 274.403129][ T6230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 274.475745][ T3982] bridge_slave_1: left allmulticast mode [ 274.481647][ T3982] bridge_slave_1: left promiscuous mode [ 274.488540][ T3982] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.503399][ T3982] bridge_slave_0: left allmulticast mode [ 274.509676][ T3982] bridge_slave_0: left promiscuous mode [ 274.516351][ T3982] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.574945][ T5845] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 274.633440][ T6266] ipt_rpfilter: unknown options [ 274.888358][ T5845] usb 4-1: Using ep0 maxpacket: 8 [ 275.006879][ T5845] usb 4-1: config index 0 descriptor too short (expected 15378, got 36) [ 275.015864][ T5845] usb 4-1: config 0 has too many interfaces: 137, using maximum allowed: 32 [ 275.024931][ T5845] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 275.026309][ T3982] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 275.035321][ T5845] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 137 [ 275.063197][ T3982] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 275.090119][ T3982] bond0 (unregistering): Released all slaves [ 275.114275][ T5845] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 275.123784][ T5845] usb 4-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 275.132318][ T5845] usb 4-1: Product: syz [ 275.136815][ T5845] usb 4-1: SerialNumber: syz [ 275.157068][ T5845] usb 4-1: config 0 descriptor?? [ 275.179927][ T6269] mmap: syz.1.101 (6269) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 275.302250][ T6230] team0: Port device team_slave_0 added [ 275.342475][ T6230] team0: Port device team_slave_1 added [ 275.484400][ T6264] netlink: 8 bytes leftover after parsing attributes in process `syz.3.99'. [ 275.656180][ T5845] usb 4-1: USB disconnect, device number 8 [ 275.727258][ T5781] Bluetooth: hci4: command tx timeout [ 275.844877][ T6230] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 275.852066][ T6230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.878625][ T6230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 275.948050][ T6230] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 275.955399][ T6230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.982619][ T6230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.061841][ T3982] hsr_slave_0: left promiscuous mode [ 276.096731][ T3982] hsr_slave_1: left promiscuous mode [ 276.124715][ T3982] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 276.132638][ T3982] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 276.176175][ T3982] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 276.184215][ T3982] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 276.274114][ T3982] veth1_macvtap: left promiscuous mode [ 276.280019][ T3982] veth0_macvtap: left promiscuous mode [ 276.286110][ T3982] veth1_vlan: left promiscuous mode [ 276.291664][ T3982] veth0_vlan: left promiscuous mode [ 276.324279][ T5781] Bluetooth: hci3: command tx timeout [ 276.592901][ T6280] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 276.689701][ T6279] binder: 6278:6279 ioctl 4018620d 200002c0 returned -22 [ 276.731504][ T6279] binder: 6278:6279 ioctl c0306201 200003c0 returned -14 [ 276.745865][ T6280] binder: 6276:6280 ioctl c0306201 20000680 returned -14 [ 276.817426][ T6279] binder: 6278:6279 ioctl c0306201 20000300 returned -14 [ 276.965430][ T6281] binder: 6278:6281 ioctl c0306201 20000680 returned -14 [ 277.017326][ T3982] team0 (unregistering): Port device team_slave_1 removed [ 277.108772][ T3982] team0 (unregistering): Port device team_slave_0 removed [ 277.708048][ T6277] IPv6: sit1: Disabled Multicast RS [ 277.790617][ T5781] Bluetooth: hci4: command tx timeout [ 277.998421][ T6204] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 278.072671][ T6204] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 278.115070][ T6230] hsr_slave_0: entered promiscuous mode [ 278.134703][ T6230] hsr_slave_1: entered promiscuous mode [ 278.149854][ T6230] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 278.160159][ T6230] Cannot create hsr debugfs directory [ 278.167938][ T6204] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 278.198706][ T6204] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 278.526128][ T6287] loop3: detected capacity change from 0 to 4096 [ 278.556197][ T6287] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 278.992569][ T6295] loop0: detected capacity change from 0 to 64 [ 279.207434][ T6230] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 279.268419][ T6230] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 279.333209][ T6230] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 279.411794][ T6230] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 279.459785][ T6297] FAULT_INJECTION: forcing a failure. [ 279.459785][ T6297] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 279.473346][ T6297] CPU: 1 UID: 0 PID: 6297 Comm: syz.1.110 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 279.484256][ T6297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 279.494554][ T6297] Call Trace: [ 279.498032][ T6297] [ 279.501153][ T6297] dump_stack_lvl+0x216/0x2d0 [ 279.506154][ T6297] dump_stack+0x1e/0x24 [ 279.510619][ T6297] should_fail_ex+0x748/0x7f0 [ 279.515613][ T6297] should_fail+0x2a/0x40 [ 279.520145][ T6297] should_fail_usercopy+0x2e/0x40 [ 279.525498][ T6297] _copy_from_iter+0x1d8/0x2b00 [ 279.530659][ T6297] ? kmsan_get_metadata+0x13e/0x1c0 [ 279.536143][ T6297] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 279.542251][ T6297] ? alloc_pages_mpol_noprof+0x306/0x990 [ 279.548187][ T6297] ? kmsan_get_metadata+0x13e/0x1c0 [ 279.553675][ T6297] copy_page_from_iter+0x3c8/0x7e0 [ 279.559108][ T6297] tun_get_user+0xee5/0x6dd0 [ 279.563980][ T6297] ? kmsan_get_metadata+0x13e/0x1c0 [ 279.569457][ T6297] ? kmsan_get_metadata+0x13e/0x1c0 [ 279.572325][ T6204] 8021q: adding VLAN 0 to HW filter on device bond0 [ 279.574845][ T6297] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 279.575046][ T6297] ? irq_poll_softirq+0x500/0xc20 [ 279.593432][ T6297] tun_chr_write_iter+0x3ac/0x5d0 [ 279.598802][ T6297] vfs_write+0xb2b/0x1540 [ 279.603458][ T6297] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 279.609333][ T6297] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 279.615445][ T6297] ksys_write+0x240/0x4b0 [ 279.620085][ T6297] ? kmsan_get_metadata+0x13e/0x1c0 [ 279.625576][ T6297] __ia32_sys_write+0x91/0xe0 [ 279.630578][ T6297] ia32_sys_call+0x2f4b/0x4180 [ 279.635627][ T6297] __do_fast_syscall_32+0xb0/0x110 [ 279.641073][ T6297] ? irqentry_exit+0x16/0x60 [ 279.645973][ T6297] do_fast_syscall_32+0x38/0x80 [ 279.651152][ T6297] do_SYSENTER_32+0x1f/0x30 [ 279.655924][ T6297] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 279.662592][ T6297] RIP: 0023:0xf7f57579 [ 279.666895][ T6297] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 279.686797][ T6297] RSP: 002b:00000000f50d6540 EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 279.695532][ T6297] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000300 [ 279.703762][ T6297] RDX: 0000000000000046 RSI: 00000000f73e0ff4 RDI: 0000000000000000 [ 279.711975][ T6297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 279.717507][ T6204] 8021q: adding VLAN 0 to HW filter on device team0 [ 279.720089][ T6297] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 279.735000][ T6297] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 279.743237][ T6297] [ 279.890856][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.898721][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 279.916227][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.923980][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 279.941727][ T5781] Bluetooth: hci4: command tx timeout [ 280.340108][ T6230] 8021q: adding VLAN 0 to HW filter on device bond0 [ 280.507763][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.516842][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 280.578831][ T6230] 8021q: adding VLAN 0 to HW filter on device team0 [ 280.643065][ T34] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.650904][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state [ 280.667266][ T29] audit: type=1326 audit(1733559498.858:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.746881][ T29] audit: type=1326 audit(1733559498.938:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.770040][ T29] audit: type=1326 audit(1733559498.938:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.791835][ T6306] loop0: detected capacity change from 0 to 256 [ 280.799469][ T29] audit: type=1326 audit(1733559498.968:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.807010][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.822833][ T29] audit: type=1326 audit(1733559499.008:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.828680][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 280.858494][ T29] audit: type=1326 audit(1733559499.008:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.880684][ T29] audit: type=1326 audit(1733559499.008:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.902878][ T29] audit: type=1326 audit(1733559499.028:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.926651][ T29] audit: type=1326 audit(1733559499.028:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.949253][ T29] audit: type=1326 audit(1733559499.028:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f0f579 code=0x7ffc0000 [ 280.987879][ T5837] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 281.094521][ T5832] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 281.182667][ T5837] usb 2-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 281.196470][ T5837] usb 2-1: config 36 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 281.314255][ T5832] usb 4-1: Using ep0 maxpacket: 8 [ 281.327422][ T5832] usb 4-1: config index 0 descriptor too short (expected 15378, got 36) [ 281.338611][ T5832] usb 4-1: config 0 has too many interfaces: 137, using maximum allowed: 32 [ 281.349185][ T5832] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 281.350460][ T5837] usb 2-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29 [ 281.360122][ T5832] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 137 [ 281.368910][ T5837] usb 2-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16 [ 281.369048][ T5837] usb 2-1: Manufacturer: syz [ 281.392216][ T5837] usb 2-1: SerialNumber: syz [ 281.712171][ T5832] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 281.721717][ T5832] usb 4-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 281.730414][ T5832] usb 4-1: Product: syz [ 281.735001][ T5832] usb 4-1: SerialNumber: syz [ 281.889733][ T5832] usb 4-1: config 0 descriptor?? [ 282.174241][ T6230] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 282.260457][ T6204] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 282.393021][ T5831] usb 4-1: USB disconnect, device number 9 [ 282.718895][ T5831] libceph: connect (1)[c::]:6789 error -101 [ 282.725635][ T5831] libceph: mon0 (1)[c::]:6789 connect error [ 282.903440][ T6332] loop0: detected capacity change from 0 to 8 [ 283.006473][ T5831] libceph: connect (1)[c::]:6789 error -101 [ 283.012849][ T5831] libceph: mon0 (1)[c::]:6789 connect error [ 283.482852][ T6328] ceph: No mds server is up or the cluster is laggy [ 283.906145][ T5837] usbhid 2-1:36.0: couldn't find an input interrupt endpoint [ 284.007081][ T5837] usb 2-1: USB disconnect, device number 8 [ 284.280281][ T6230] veth0_vlan: entered promiscuous mode [ 284.318488][ T6230] veth1_vlan: entered promiscuous mode [ 284.506563][ T6230] veth0_macvtap: entered promiscuous mode [ 284.527646][ T6230] veth1_macvtap: entered promiscuous mode [ 284.618296][ T6230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.630087][ T6230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.640300][ T6230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.651260][ T6230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.661450][ T6230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.672320][ T6230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.687093][ T6230] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 284.772889][ T6230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.783851][ T6230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.794144][ T6230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.805847][ T6230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.817896][ T6230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.829255][ T6230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.844043][ T6230] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 284.863894][ T6230] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.873135][ T6230] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.882313][ T6230] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.892170][ T6230] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.038908][ T6204] veth0_vlan: entered promiscuous mode [ 285.116158][ T6354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.122'. [ 285.207438][ T6204] veth1_vlan: entered promiscuous mode [ 285.372565][ T6204] veth0_macvtap: entered promiscuous mode [ 285.401247][ T6204] veth1_macvtap: entered promiscuous mode [ 285.407110][ T6353] loop1: detected capacity change from 0 to 64 [ 285.459535][ T6204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.470365][ T6204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.480448][ T6204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.491181][ T6204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.501374][ T6204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.512115][ T6204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.522268][ T6204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 285.539070][ T6204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.556030][ T6204] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 285.617486][ T6204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 285.628327][ T6204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.642276][ T6204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 285.654177][ T6204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.664304][ T6204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 285.676081][ T6204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.691087][ T6204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 285.707753][ T6204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 285.724422][ T6204] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 285.749483][ T6204] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.758663][ T6204] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.768557][ T6204] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.778149][ T6204] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.945784][ T6353] dccp_invalid_packet: pskb_may_pull failed [ 286.031714][ T6361] loop0: detected capacity change from 0 to 64 [ 286.162275][ T6364] loop3: detected capacity change from 0 to 64 [ 286.315437][ T25] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 286.474165][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 286.498543][ T25] usb 2-1: config 1 has an invalid interface number: 227 but max is 6 [ 286.507232][ T25] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 286.516486][ T25] usb 2-1: config 1 has no interface number 0 [ 286.522841][ T25] usb 2-1: config 1 interface 227 altsetting 172 has 0 endpoint descriptors, different from the interface descriptor's value: 30 [ 286.537521][ T25] usb 2-1: config 1 interface 227 has no altsetting 0 [ 286.641948][ T25] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 286.651628][ T25] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 286.664859][ T25] usb 2-1: Product: syz [ 286.669408][ T25] usb 2-1: Manufacturer: syz [ 286.674350][ T25] usb 2-1: SerialNumber: syz [ 287.155140][ T5881] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 287.229784][ T25] usb 2-1: palm_os_3_probe - error -71 getting connection information [ 287.238583][ T25] visor 2-1:1.227: probe with driver visor failed with error -71 [ 287.263197][ T25] usb 2-1: USB disconnect, device number 9 [ 287.389277][ T5881] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 287.398797][ T5881] usb 1-1: config 0 has no interface number 0 [ 287.405334][ T5881] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 287.417279][ T5881] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 287.427429][ T5881] usb 1-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 287.440719][ T5881] usb 1-1: New USB device found, idVendor=04d9, idProduct=a0c2, bcdDevice= 0.00 [ 287.450792][ T5881] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.516006][ T5881] usb 1-1: config 0 descriptor?? [ 288.013522][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.025865][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.034391][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.042259][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.050278][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.058338][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.066292][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.074245][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.082078][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.093157][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.101758][ T5881] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 288.109790][ T5881] holtek_mouse 0003:04D9:A0C2.0001: item fetching failed at offset 14/41 [ 288.309421][ T6373] Unsupported ieee802154 address type: 0 [ 288.366507][ T5881] holtek_mouse 0003:04D9:A0C2.0001: hid parse failed: -22 [ 288.374313][ T5881] holtek_mouse 0003:04D9:A0C2.0001: probe with driver holtek_mouse failed with error -22 [ 288.466883][ T6373] input: syz1 as /devices/virtual/input/input6 [ 288.742616][ T25] kernel write not supported for file /snd/seq (pid: 25 comm: kworker/1:0) [ 288.781709][ T6394] loop3: detected capacity change from 0 to 256 [ 288.837347][ T6394] exfat: Deprecated parameter 'namecase' [ 288.877222][ T25] usb 1-1: USB disconnect, device number 7 [ 289.280552][ T6394] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d) [ 289.547693][ T2951] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 289.555877][ T2951] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 289.557894][ T4677] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 289.571497][ T4677] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 289.700900][ T6408] FAULT_INJECTION: forcing a failure. [ 289.700900][ T6408] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 289.715923][ T6408] CPU: 0 UID: 0 PID: 6408 Comm: syz.1.131 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 289.726831][ T6408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 289.737133][ T6408] Call Trace: [ 289.740620][ T6408] [ 289.743745][ T6408] dump_stack_lvl+0x216/0x2d0 [ 289.748752][ T6408] dump_stack+0x1e/0x24 [ 289.753207][ T6408] should_fail_ex+0x748/0x7f0 [ 289.758221][ T6408] should_fail+0x2a/0x40 [ 289.762784][ T6408] should_fail_usercopy+0x2e/0x40 [ 289.768127][ T6408] _copy_from_user+0x35/0x110 [ 289.773103][ T6408] io_submit_one+0x67/0x3280 [ 289.778011][ T6408] ? kmsan_get_metadata+0x13e/0x1c0 [ 289.783493][ T6408] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 289.790146][ T6408] ? kmsan_get_metadata+0x13e/0x1c0 [ 289.795626][ T6408] ? kmsan_get_metadata+0x13e/0x1c0 [ 289.801114][ T6408] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 289.807210][ T6408] __se_compat_sys_io_submit+0x287/0x720 [ 289.813135][ T6408] ? ksys_write+0x408/0x4b0 [ 289.817950][ T6408] __ia32_compat_sys_io_submit+0x93/0xe0 [ 289.823889][ T6408] ia32_sys_call+0x2f60/0x4180 [ 289.828926][ T6408] __do_fast_syscall_32+0xb0/0x110 [ 289.834374][ T6408] ? irqentry_exit+0x16/0x60 [ 289.839270][ T6408] do_fast_syscall_32+0x38/0x80 [ 289.844469][ T6408] do_SYSENTER_32+0x1f/0x30 [ 289.849222][ T6408] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 289.855867][ T6408] RIP: 0023:0xf7f57579 [ 289.860150][ T6408] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 289.880035][ T6408] RSP: 002b:00000000f50d657c EFLAGS: 00000206 ORIG_RAX: 00000000000000f8 [ 289.888829][ T6408] RAX: ffffffffffffffda RBX: 00000000f7f52000 RCX: 0000000000000001 [ 289.897028][ T6408] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 289.905223][ T6408] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 289.913430][ T6408] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 289.921617][ T6408] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 289.929836][ T6408] [ 290.695890][ T4768] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 290.705255][ T4768] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 290.820046][ T2951] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 290.828616][ T2951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.050937][ T6421] FAULT_INJECTION: forcing a failure. [ 291.050937][ T6421] name failslab, interval 1, probability 0, space 0, times 0 [ 291.067524][ T6421] CPU: 0 UID: 0 PID: 6421 Comm: syz.0.135 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 291.078427][ T6421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 291.088697][ T6421] Call Trace: [ 291.092148][ T6421] [ 291.095243][ T6421] dump_stack_lvl+0x216/0x2d0 [ 291.100221][ T6421] dump_stack+0x1e/0x24 [ 291.104648][ T6421] should_fail_ex+0x748/0x7f0 [ 291.109612][ T6421] should_failslab+0x17f/0x210 [ 291.114632][ T6421] __kmalloc_cache_noprof+0xc5/0xdf0 [ 291.120206][ T6421] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 291.126840][ T6421] ? syslog_print_all+0xa5/0x11b0 [ 291.132142][ T6421] ? kmsan_get_metadata+0x13e/0x1c0 [ 291.137600][ T6421] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 291.143675][ T6421] syslog_print_all+0xa5/0x11b0 [ 291.148797][ T6421] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 291.155429][ T6421] ? kmsan_get_metadata+0x13e/0x1c0 [ 291.160891][ T6421] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 291.167277][ T6421] ? apparmor_capable+0x355/0x400 [ 291.172560][ T6421] ? kmsan_get_metadata+0x13e/0x1c0 [ 291.178012][ T6421] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 291.184089][ T6421] ? capable+0x123/0x1d0 [ 291.188589][ T6421] ? security_syslog+0x78/0x520 [ 291.193725][ T6421] do_syslog+0x6b7/0x1000 [ 291.198332][ T6421] ? fput+0x359/0x400 [ 291.202571][ T6421] ? ksys_write+0x408/0x4b0 [ 291.207359][ T6421] ? kmsan_get_metadata+0x13e/0x1c0 [ 291.212809][ T6421] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 291.218877][ T6421] __ia32_sys_syslog+0x92/0xf0 [ 291.223924][ T6421] ia32_sys_call+0x383c/0x4180 [ 291.228946][ T6421] __do_fast_syscall_32+0xb0/0x110 [ 291.234365][ T6421] ? irqentry_exit+0x16/0x60 [ 291.239237][ T6421] do_fast_syscall_32+0x38/0x80 [ 291.244390][ T6421] do_SYSENTER_32+0x1f/0x30 [ 291.249141][ T6421] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 291.255785][ T6421] RIP: 0023:0xf7f0f579 [ 291.260071][ T6421] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 291.279960][ T6421] RSP: 002b:00000000f509657c EFLAGS: 00000206 ORIG_RAX: 0000000000000067 [ 291.288661][ T6421] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000700 [ 291.296854][ T6421] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000 [ 291.305039][ T6421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 291.313221][ T6421] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 291.321408][ T6421] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 291.329616][ T6421] [ 291.354969][ T25] kernel read not supported for file /adsp1 (pid: 25 comm: kworker/1:0) [ 291.591999][ T6426] loop1: detected capacity change from 0 to 64 [ 291.836950][ T6424] loop6: detected capacity change from 0 to 4096 [ 291.860465][ T6424] ntfs3: Unknown parameter '0xffffffffffffffff' [ 292.316492][ T6436] pimreg: left allmulticast mode [ 292.392758][ T6426] dccp_invalid_packet: pskb_may_pull failed [ 292.447655][ T6437] netlink: 16 bytes leftover after parsing attributes in process `syz.0.139'. [ 292.448197][ T6434] kvm: pic: non byte read [ 292.494309][ T6434] kvm: pic: level sensitive irq not supported [ 292.494631][ T6434] kvm: pic: non byte read [ 292.539493][ T6434] kvm: pic: level sensitive irq not supported [ 292.539784][ T6434] kvm: pic: non byte read [ 292.786111][ T5881] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 292.856216][ T6441] FAULT_INJECTION: forcing a failure. [ 292.856216][ T6441] name failslab, interval 1, probability 0, space 0, times 0 [ 292.869394][ T6441] CPU: 0 UID: 0 PID: 6441 Comm: syz.3.142 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 292.880319][ T6441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 292.890611][ T6441] Call Trace: [ 292.894061][ T6441] [ 292.897157][ T6441] dump_stack_lvl+0x216/0x2d0 [ 292.902137][ T6441] dump_stack+0x1e/0x24 [ 292.906574][ T6441] should_fail_ex+0x748/0x7f0 [ 292.911546][ T6441] should_failslab+0x17f/0x210 [ 292.916670][ T6441] __kmalloc_noprof+0x176/0x1230 [ 292.921909][ T6441] ? kmsan_get_metadata+0x13e/0x1c0 [ 292.927357][ T6441] ? tomoyo_encode+0x5f8/0xa40 [ 292.932418][ T6441] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 292.938502][ T6441] ? kmsan_get_metadata+0x13e/0x1c0 [ 292.943950][ T6441] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 292.950031][ T6441] tomoyo_encode+0x5f8/0xa40 [ 292.954927][ T6441] tomoyo_realpath_from_path+0x9dd/0xaa0 [ 292.960879][ T6441] tomoyo_path_number_perm+0x1d9/0x8f0 [ 292.966627][ T6441] ? kmsan_get_metadata+0x13e/0x1c0 [ 292.972074][ T6441] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 292.978170][ T6441] tomoyo_file_ioctl+0x3f/0x50 [ 292.983184][ T6441] security_file_ioctl_compat+0x145/0x590 [ 292.989192][ T6441] __se_compat_sys_ioctl+0xc8/0x1020 [ 292.994770][ T6441] ? ksys_write+0x408/0x4b0 [ 292.999551][ T6441] ? kmsan_get_metadata+0x13e/0x1c0 [ 293.005005][ T6441] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 293.011084][ T6441] __ia32_compat_sys_ioctl+0x93/0xe0 [ 293.016665][ T6441] ia32_sys_call+0x2226/0x4180 [ 293.021683][ T6441] __do_fast_syscall_32+0xb0/0x110 [ 293.027096][ T6441] ? irqentry_exit+0x16/0x60 [ 293.031966][ T6441] do_fast_syscall_32+0x38/0x80 [ 293.037112][ T6441] do_SYSENTER_32+0x1f/0x30 [ 293.041855][ T6441] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 293.048495][ T6441] RIP: 0023:0xf73dd579 [ 293.052774][ T6441] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 293.072650][ T6441] RSP: 002b:00000000f50c657c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 293.081347][ T6441] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80 [ 293.089552][ T6441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 293.097736][ T6441] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 293.105924][ T6441] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 293.114126][ T6441] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 293.122337][ T6441] [ 293.130038][ T6441] ERROR: Out of memory at tomoyo_realpath_from_path. [ 293.163846][ T6441] kvm: pic: non byte read [ 293.169858][ T6441] kvm: pic: level sensitive irq not supported [ 293.170245][ T6441] kvm: pic: non byte read [ 293.224961][ T6441] kvm: pic: level sensitive irq not supported [ 293.225533][ T6441] kvm: pic: non byte read [ 293.267062][ T6446] FAULT_INJECTION: forcing a failure. [ 293.267062][ T6446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 293.282186][ T6446] CPU: 1 UID: 0 PID: 6446 Comm: syz.0.144 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 293.293087][ T6446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 293.303385][ T6446] Call Trace: [ 293.306854][ T6446] [ 293.309969][ T6446] dump_stack_lvl+0x216/0x2d0 [ 293.314978][ T6446] dump_stack+0x1e/0x24 [ 293.319434][ T6446] should_fail_ex+0x748/0x7f0 [ 293.324420][ T6446] should_fail+0x2a/0x40 [ 293.328954][ T6446] should_fail_usercopy+0x2e/0x40 [ 293.334291][ T6446] _copy_to_user+0x34/0x120 [ 293.339086][ T6446] simple_read_from_buffer+0x199/0x340 [ 293.343994][ T5881] usb 2-1: Using ep0 maxpacket: 8 [ 293.344792][ T6446] proc_fail_nth_read+0x1e5/0x2c0 [ 293.355265][ T6446] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 293.361101][ T6446] vfs_read+0x29d/0xf50 [ 293.365562][ T6446] ? kmsan_get_metadata+0x13e/0x1c0 [ 293.371035][ T6446] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 293.377711][ T6446] ksys_read+0x240/0x4b0 [ 293.382262][ T6446] ? kmsan_get_metadata+0x13e/0x1c0 [ 293.387745][ T6446] __ia32_sys_read+0x91/0xe0 [ 293.392652][ T6446] ia32_sys_call+0x16dd/0x4180 [ 293.397695][ T6446] __do_fast_syscall_32+0xb0/0x110 [ 293.403140][ T6446] ? irqentry_exit+0x16/0x60 [ 293.408038][ T6446] do_fast_syscall_32+0x38/0x80 [ 293.413222][ T6446] do_SYSENTER_32+0x1f/0x30 [ 293.417989][ T6446] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 293.424657][ T6446] RIP: 0023:0xf7f0f579 [ 293.428958][ T6446] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 293.448882][ T6446] RSP: 002b:00000000f50965b0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 293.457615][ T6446] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5096620 [ 293.465840][ T6446] RDX: 000000000000000f RSI: 00000000f73a0ff4 RDI: 0000000000000000 [ 293.474057][ T6446] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 293.482259][ T6446] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 293.490453][ T6446] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 293.498672][ T6446] [ 293.557108][ T5881] usb 2-1: config 1 has an invalid interface number: 227 but max is 6 [ 293.565868][ T5881] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 293.575104][ T5881] usb 2-1: config 1 has no interface number 0 [ 293.581461][ T5881] usb 2-1: config 1 interface 227 altsetting 172 has 0 endpoint descriptors, different from the interface descriptor's value: 30 [ 293.595245][ T5881] usb 2-1: config 1 interface 227 has no altsetting 0 [ 293.665971][ T5881] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 293.675829][ T5881] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 293.684833][ T5881] usb 2-1: Product: syz [ 293.689261][ T5881] usb 2-1: Manufacturer: syz [ 293.694273][ T5881] usb 2-1: SerialNumber: syz [ 294.062049][ T5881] usb 2-1: palm_os_3_probe - error -71 getting connection information [ 294.070989][ T5881] visor 2-1:1.227: probe with driver visor failed with error -71 [ 294.159151][ T5881] usb 2-1: USB disconnect, device number 10 [ 294.207757][ T6452] pim6reg1: entered allmulticast mode [ 294.287314][ T6454] loop0: detected capacity change from 0 to 1024 [ 294.319689][ T6456] pimreg3: entered allmulticast mode [ 294.663007][ T6461] netlink: 'syz.6.151': attribute type 15 has an invalid length. [ 294.716391][ T6456] pimreg3: left allmulticast mode [ 294.749206][ T5837] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 295.004192][ T5837] usb 1-1: Using ep0 maxpacket: 16 [ 295.015236][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 295.015414][ T5837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 295.015610][ T5837] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 295.015764][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.020637][ T5837] usb 1-1: config 0 descriptor?? [ 295.241688][ T6466] loop1: detected capacity change from 0 to 512 [ 295.410608][ T6466] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.446260][ T6454] netlink: 8 bytes leftover after parsing attributes in process `syz.0.148'. [ 295.447809][ T6466] ext4 filesystem being mounted at /33/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 295.707898][ T6466] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 295.715385][ T6466] overlayfs: failed to set xattr on upper [ 295.721593][ T6466] overlayfs: ...falling back to redirect_dir=nofollow. [ 295.729347][ T6466] overlayfs: ...falling back to index=off. [ 295.735636][ T6466] overlayfs: ...falling back to uuid=null. [ 295.919156][ T5837] corsair 0003:1B1C:1B02.0002: item fetching failed at offset 3/5 [ 295.990398][ T5837] corsair 0003:1B1C:1B02.0002: parse failed [ 295.998739][ T5837] corsair 0003:1B1C:1B02.0002: probe with driver corsair failed with error -22 [ 296.274147][ T5881] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 296.329921][ T5837] usb 1-1: USB disconnect, device number 8 [ 296.477630][ T6487] FAULT_INJECTION: forcing a failure. [ 296.477630][ T6487] name failslab, interval 1, probability 0, space 0, times 0 [ 296.477763][ T6487] CPU: 1 UID: 0 PID: 6487 Comm: syz.5.159 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 296.477916][ T6487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 296.477996][ T6487] Call Trace: [ 296.478053][ T6487] [ 296.478104][ T6487] dump_stack_lvl+0x216/0x2d0 [ 296.478288][ T6487] dump_stack+0x1e/0x24 [ 296.478445][ T6487] should_fail_ex+0x748/0x7f0 [ 296.478624][ T6487] should_failslab+0x17f/0x210 [ 296.478774][ T6487] __kmalloc_noprof+0x176/0x1230 [ 296.478945][ T6487] ? kfree+0x20/0xdb0 [ 296.479102][ T6487] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 296.479246][ T6487] ? tomoyo_realpath_from_path+0x104/0xaa0 [ 296.479436][ T6487] ? tomoyo_path_number_perm+0xfd/0x8f0 [ 296.479600][ T6487] ? kmsan_get_metadata+0x13e/0x1c0 [ 296.479749][ T6487] tomoyo_realpath_from_path+0x104/0xaa0 [ 296.479951][ T6487] ? __srcu_read_lock+0x76/0xd0 [ 296.480097][ T6487] tomoyo_path_number_perm+0x1d9/0x8f0 [ 296.480279][ T6487] ? kmsan_get_metadata+0x13e/0x1c0 [ 296.480418][ T6487] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 296.480592][ T6487] tomoyo_file_ioctl+0x3f/0x50 [ 296.480731][ T6487] security_file_ioctl_compat+0x145/0x590 [ 296.480904][ T6487] __se_compat_sys_ioctl+0xc8/0x1020 [ 296.481092][ T6487] ? ksys_write+0x408/0x4b0 [ 296.481259][ T6487] ? kmsan_get_metadata+0x13e/0x1c0 [ 296.481399][ T6487] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 296.481550][ T6487] __ia32_compat_sys_ioctl+0x93/0xe0 [ 296.481732][ T6487] ia32_sys_call+0x2226/0x4180 [ 296.481875][ T6487] __do_fast_syscall_32+0xb0/0x110 [ 296.482073][ T6487] ? irqentry_exit+0x16/0x60 [ 296.482243][ T6487] do_fast_syscall_32+0x38/0x80 [ 296.482426][ T6487] do_SYSENTER_32+0x1f/0x30 [ 296.482554][ T6487] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 296.482747][ T6487] RIP: 0023:0xf740d579 [ 296.482850][ T6487] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 296.482973][ T6487] RSP: 002b:00000000f50d557c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 296.483118][ T6487] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000541c [ 296.483213][ T6487] RDX: 0000000020000300 RSI: 0000000000000000 RDI: 0000000000000000 [ 296.483306][ T6487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 296.483396][ T6487] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 296.483486][ T6487] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 296.483611][ T6487] [ 296.499607][ T6487] ERROR: Out of memory at tomoyo_realpath_from_path. [ 296.692948][ T25] usb 4-1: new low-speed USB device number 10 using dummy_hcd [ 296.773985][ T5881] usb 2-1: Using ep0 maxpacket: 32 [ 296.782298][ T5881] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 296.954422][ T5881] usb 2-1: config 0 has no interface number 0 [ 296.954568][ T5881] usb 2-1: config 0 interface 12 has no altsetting 0 [ 297.016183][ T25] usb 4-1: config 1 has an invalid descriptor of length 228, skipping remainder of the config [ 297.027160][ T25] usb 4-1: config 1 interface 0 altsetting 13 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 297.041013][ T25] usb 4-1: config 1 interface 0 has no altsetting 0 [ 297.080457][ T25] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 297.090508][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.103440][ T25] usb 4-1: Product: 瀩㞃ﶋ礃믨솲㡧쵓꿅ᵭ풱떥⍂ﮋ㭎镪㇎♰랇쯎ꏥ䋻㶏㑋帟㳃隴ೄ깨ꐓ뛳䈣鿮ꦔ(䝕肗峰걦妽偛鴬仄繵⶝㬾똾桓筹⛭⧖్믻푃隗랔쓿岴蘢ꊌ뜃庎冰峬ꭇ炨⁽ෑ첼線韙Ԍټ镭甹徥셦ᄦ쁖Ꝃ蠴մ⡉琣窠⫫緮蛘萲ॴ⍦ᣔ橼쑲⻨鼌쪚⛇ꛟ頕塕벮䤃͏꣠쉽ۮۂ삛픻ߵ [ 297.114549][ T5881] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 297.139582][ C1] vkms_vblank_simulate: vblank timer overrun [ 297.141516][ T25] usb 4-1: Manufacturer: 、 [ 297.141632][ T25] usb 4-1: SerialNumber: 셕►⏴ූ醊숐䚀쯿芓俗렜轖醑襙巀♟쉟妳氱O噋夫ᄥ饄홒ഈؚ幍囨焄瞗Ὺ콄퍋枕䕹몢㎔ꄇ槉ャ쑏흠쀫唘ﯛ⇓錢蹃瞎᠟鬫峇祸ꁒ뉹鿤瘓ᾏ◎ㄔ徯䚯졼莂㉫Ừ⦂↳䀔ꉱ鳦볠䶤蚲ॲ⿱뢱쨼밽仗鿀힁埝猂꬈Ꚋ⧒럒ࢱ䶣犫藭䢪灚빇ż챍飢尮䩡㔞 [ 297.205858][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.206007][ T5881] usb 2-1: Product: syz [ 297.206114][ T5881] usb 2-1: Manufacturer: syz [ 297.206223][ T5881] usb 2-1: SerialNumber: syz [ 297.226514][ T5881] usb 2-1: config 0 descriptor?? [ 297.366024][ T735] hfsplus: b-tree write err: -5, ino 4 [ 297.531161][ T25] usb 4-1: bad CDC descriptors [ 297.549841][ T25] usb 4-1: USB disconnect, device number 10 [ 297.621976][ T6492] pimreg3: entered allmulticast mode [ 297.845700][ T6492] pimreg3: left allmulticast mode [ 298.256789][ T6497] loop0: detected capacity change from 0 to 64 [ 298.341836][ T6501] FAULT_INJECTION: forcing a failure. [ 298.341836][ T6501] name failslab, interval 1, probability 0, space 0, times 0 [ 298.344060][ T6497] dccp_invalid_packet: pskb_may_pull failed [ 298.355250][ T6501] CPU: 0 UID: 0 PID: 6501 Comm: syz.6.166 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 298.371712][ T6501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 298.382004][ T6501] Call Trace: [ 298.385464][ T6501] [ 298.388575][ T6501] dump_stack_lvl+0x216/0x2d0 [ 298.393554][ T6501] dump_stack+0x1e/0x24 [ 298.397980][ T6501] should_fail_ex+0x748/0x7f0 [ 298.402945][ T6501] should_failslab+0x17f/0x210 [ 298.407973][ T6501] kmem_cache_alloc_node_noprof+0xf4/0xe00 [ 298.414085][ T6501] ? __alloc_skb+0x1e9/0x7b0 [ 298.418921][ T6501] ? kmsan_get_metadata+0x13e/0x1c0 [ 298.424383][ T6501] __alloc_skb+0x1e9/0x7b0 [ 298.429062][ T6501] netlink_alloc_large_skb+0x1b4/0x280 [ 298.434811][ T6501] netlink_sendmsg+0xa96/0x11e0 [ 298.439960][ T6501] ? __pfx_netlink_sendmsg+0x10/0x10 [ 298.445522][ T6501] ? __pfx_netlink_sendmsg+0x10/0x10 [ 298.451089][ T6501] __sock_sendmsg+0x30f/0x380 [ 298.456053][ T6501] ____sys_sendmsg+0x877/0xb60 [ 298.461101][ T6501] ___sys_sendmsg+0x28d/0x3c0 [ 298.466031][ T6501] ? kmsan_get_metadata+0x13e/0x1c0 [ 298.471566][ T6501] ? kmsan_get_metadata+0x13e/0x1c0 [ 298.477017][ T6501] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 298.483092][ T6501] ? __rcu_read_unlock+0x7b/0xe0 [ 298.488318][ T6501] ? __fget_files+0x42b/0x500 [ 298.493256][ T6501] ? kmsan_get_metadata+0x13e/0x1c0 [ 298.498699][ T6501] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 298.504772][ T6501] __sys_sendmsg+0x1b6/0x300 [ 298.509660][ T6501] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 298.515411][ T6501] ia32_sys_call+0x2685/0x4180 [ 298.520438][ T6501] __do_fast_syscall_32+0xb0/0x110 [ 298.525864][ T6501] do_fast_syscall_32+0x38/0x80 [ 298.531011][ T6501] do_SYSENTER_32+0x1f/0x30 [ 298.535925][ T6501] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 298.542698][ T6501] RIP: 0023:0xf73cd579 [ 298.547009][ T6501] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 298.566943][ T6501] RSP: 002b:00000000f50b657c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 298.575665][ T6501] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000200002c0 [ 298.583895][ T6501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 298.592112][ T6501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 298.600311][ T6501] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 298.608515][ T6501] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 298.616726][ T6501] [ 298.658122][ T5881] f81534 2-1:0.12: f81534_set_register: reg: 1003 data: b0 failed: -71 [ 298.666954][ T5881] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71 [ 298.674636][ T5881] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 298.682672][ T5881] f81534 2-1:0.12: probe with driver f81534 failed with error -71 [ 298.702364][ T5881] usb 2-1: USB disconnect, device number 11 [ 298.715372][ T5831] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 298.794039][ T25] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 298.864052][ T6503] loop3: detected capacity change from 0 to 256 [ 298.934136][ T5831] usb 6-1: Using ep0 maxpacket: 32 [ 298.967005][ T5831] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 298.978458][ T5831] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 298.989113][ T5831] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 298.996320][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 298.998525][ T5831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.010142][ T25] usb 1-1: config 1 has an invalid interface number: 228 but max is 6 [ 299.020959][ T25] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 299.030239][ T25] usb 1-1: config 1 has no interface number 0 [ 299.036827][ T25] usb 1-1: config 1 interface 228 altsetting 172 has 0 endpoint descriptors, different from the interface descriptor's value: 30 [ 299.058371][ T25] usb 1-1: config 1 interface 228 has no altsetting 0 [ 299.089866][ T25] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 299.099575][ T25] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 299.101571][ T5831] usb 6-1: config 0 descriptor?? [ 299.108640][ T25] usb 1-1: Product: syz [ 299.108760][ T25] usb 1-1: Manufacturer: syz [ 299.108868][ T25] usb 1-1: SerialNumber: syz [ 299.137377][ T5831] hub 6-1:0.0: USB hub found [ 299.382648][ T5831] hub 6-1:0.0: config failed, hub has too many ports! (err -19) [ 299.434530][ T25] usb 1-1: palm_os_3_probe - error -71 getting connection information [ 299.443538][ T25] visor 1-1:1.228: probe with driver visor failed with error -71 [ 299.491804][ T25] usb 1-1: USB disconnect, device number 9 [ 299.495046][ T5881] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 299.611051][ T5831] usbhid 6-1:0.0: can't add hid device: -71 [ 299.618149][ T5831] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 299.633379][ T5776] EXT4-fs error (device loop1): ext4_empty_dir:3103: inode #12: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 299.653303][ C1] vkms_vblank_simulate: vblank timer overrun [ 299.655574][ T5831] usb 6-1: USB disconnect, device number 2 [ 299.692887][ T5776] EXT4-fs warning (device loop1): ext4_empty_dir:3105: inode #12: comm syz-executor: directory missing '.' [ 299.706175][ T5776] EXT4-fs error (device loop1): ext4_readdir:261: inode #12: block 32: comm syz-executor: path /33/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 299.739077][ T5881] usb 4-1: Using ep0 maxpacket: 8 [ 299.884371][ T5881] usb 4-1: config 0 has an invalid descriptor of length 230, skipping remainder of the config [ 299.895319][ T5881] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 299.904947][ T5881] usb 4-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 299.914433][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.982672][ T5881] usb 4-1: config 0 descriptor?? [ 301.379524][ T5831] usb 4-1: USB disconnect, device number 11 [ 301.624934][ T5881] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 301.846084][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 301.857892][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 301.868367][ T5881] usb 1-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00 [ 301.877865][ T5881] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.102590][ T6520] loop5: detected capacity change from 0 to 1024 [ 302.146026][ T5881] usb 1-1: config 0 descriptor?? [ 302.298857][ T6520] hfsplus: bad catalog file entry [ 302.304591][ T6520] hfsplus: failed to load root directory [ 302.602113][ T5881] samsung 0003:0419:0600.0003: unknown main item tag 0x0 [ 302.609882][ T5881] samsung 0003:0419:0600.0003: unknown main item tag 0x0 [ 302.617644][ T5881] samsung 0003:0419:0600.0003: unknown main item tag 0x0 [ 302.625158][ T5881] samsung 0003:0419:0600.0003: unknown main item tag 0x0 [ 302.637930][ T5881] samsung 0003:0419:0600.0003: unknown main item tag 0x0 [ 302.803256][ T6514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 302.812954][ T6514] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 302.993905][ T5881] samsung 0003:0419:0600.0003: hidraw0: USB HID v0.00 Device [HID 0419:0600] on usb-dummy_hcd.0-1/input0 [ 304.636187][ T5881] usb 1-1: USB disconnect, device number 10 [ 304.759979][ T6538] loop0: detected capacity change from 0 to 64 [ 304.992891][ T6542] loop3: detected capacity change from 0 to 256 [ 305.070943][ T6542] overlayfs: failed to resolve './bus/file0/file0': -2 [ 305.138171][ T6538] dccp_invalid_packet: pskb_may_pull failed [ 305.406265][ T25] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 305.584365][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 305.625352][ T6546] loop5: detected capacity change from 0 to 4096 [ 305.647577][ T25] usb 1-1: config 1 has an invalid interface number: 228 but max is 6 [ 305.656209][ T25] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 305.665449][ T25] usb 1-1: config 1 has no interface number 0 [ 305.671785][ T25] usb 1-1: config 1 interface 228 altsetting 172 has 0 endpoint descriptors, different from the interface descriptor's value: 30 [ 305.685853][ T25] usb 1-1: config 1 interface 228 has no altsetting 0 [ 305.824091][ T6546] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 305.866138][ T25] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 305.875953][ T25] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 305.884384][ T25] usb 1-1: Product: syz [ 305.888775][ T25] usb 1-1: Manufacturer: syz [ 305.893668][ T25] usb 1-1: SerialNumber: syz [ 306.328110][ T25] usb 1-1: palm_os_3_probe - error -71 getting connection information [ 306.337034][ T25] visor 1-1:1.228: probe with driver visor failed with error -71 [ 306.443334][ T25] usb 1-1: USB disconnect, device number 11 [ 307.502086][ T6562] syz.5.191 uses obsolete (PF_INET,SOCK_PACKET) [ 307.830644][ T6565] FAULT_INJECTION: forcing a failure. [ 307.830644][ T6565] name failslab, interval 1, probability 0, space 0, times 0 [ 307.843980][ T6565] CPU: 1 UID: 0 PID: 6565 Comm: syz.6.193 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 307.854893][ T6565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 307.865188][ T6565] Call Trace: [ 307.868653][ T6565] [ 307.871773][ T6565] dump_stack_lvl+0x216/0x2d0 [ 307.876774][ T6565] dump_stack+0x1e/0x24 [ 307.881227][ T6565] should_fail_ex+0x748/0x7f0 [ 307.886225][ T6565] should_failslab+0x17f/0x210 [ 307.891276][ T6565] __kmalloc_noprof+0x176/0x1230 [ 307.896628][ T6565] ? kfree+0x20/0xdb0 [ 307.900879][ T6565] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 307.906970][ T6565] ? tomoyo_realpath_from_path+0x104/0xaa0 [ 307.913104][ T6565] ? tomoyo_path_number_perm+0xfd/0x8f0 [ 307.918964][ T6565] ? kmsan_get_metadata+0x13e/0x1c0 [ 307.924467][ T6565] tomoyo_realpath_from_path+0x104/0xaa0 [ 307.930455][ T6565] ? __srcu_read_lock+0x76/0xd0 [ 307.935593][ T6565] tomoyo_path_number_perm+0x1d9/0x8f0 [ 307.941377][ T6565] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 307.947787][ T6565] tomoyo_file_ioctl+0x3f/0x50 [ 307.952820][ T6565] security_file_ioctl_compat+0x145/0x590 [ 307.958849][ T6565] __se_compat_sys_ioctl+0xc8/0x1020 [ 307.964449][ T6565] ? ksys_write+0x3d6/0x4b0 [ 307.969241][ T6565] ? kmsan_get_metadata+0x13e/0x1c0 [ 307.974698][ T6565] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 307.980782][ T6565] __ia32_compat_sys_ioctl+0x93/0xe0 [ 307.986365][ T6565] ia32_sys_call+0x2226/0x4180 [ 307.991384][ T6565] __do_fast_syscall_32+0xb0/0x110 [ 307.996804][ T6565] ? irqentry_exit+0x16/0x60 [ 308.001672][ T6565] do_fast_syscall_32+0x38/0x80 [ 308.006833][ T6565] do_SYSENTER_32+0x1f/0x30 [ 308.011574][ T6565] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 308.018213][ T6565] RIP: 0023:0xf73cd579 [ 308.022562][ T6565] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 308.042460][ T6565] RSP: 002b:00000000f50b657c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 308.051157][ T6565] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0205647 [ 308.059355][ T6565] RDX: 0000000020000940 RSI: 0000000000000000 RDI: 0000000000000000 [ 308.067554][ T6565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 308.075740][ T6565] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 308.083931][ T6565] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 308.092133][ T6565] [ 308.101076][ T6565] ERROR: Out of memory at tomoyo_realpath_from_path. [ 308.436354][ T6571] pimreg3: entered allmulticast mode [ 308.847485][ T6571] pimreg3: left allmulticast mode [ 310.607361][ T6587] loop3: detected capacity change from 0 to 64 [ 311.106569][ T25] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 311.338678][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 311.414909][ T25] usb 4-1: config 1 has an invalid interface number: 225 but max is 6 [ 311.423476][ T25] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 311.432736][ T25] usb 4-1: config 1 has no interface number 0 [ 311.443964][ T25] usb 4-1: config 1 interface 225 altsetting 172 has 0 endpoint descriptors, different from the interface descriptor's value: 30 [ 311.459173][ T25] usb 4-1: config 1 interface 225 has no altsetting 0 [ 311.601580][ T6593] loop6: detected capacity change from 0 to 64 [ 311.691281][ T25] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 311.700974][ T25] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 311.709547][ T25] usb 4-1: Product: syz [ 311.714003][ T25] usb 4-1: Manufacturer: syz [ 311.718825][ T25] usb 4-1: SerialNumber: syz [ 312.354428][ T25] usb 4-1: palm_os_3_probe - error -71 getting connection information [ 312.370133][ T25] visor 4-1:1.225: probe with driver visor failed with error -71 [ 312.494173][ T25] usb 4-1: USB disconnect, device number 12 [ 313.698580][ T6611] loop6: detected capacity change from 0 to 64 [ 313.730298][ T6613] pimreg3: entered allmulticast mode [ 314.009419][ T6613] loop0: detected capacity change from 0 to 1024 [ 314.082362][ T6613] EXT4-fs: Ignoring removed oldalloc option [ 314.122493][ T6613] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 314.360612][ T6613] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 314.467151][ T6619] FAULT_INJECTION: forcing a failure. [ 314.467151][ T6619] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 314.480867][ T6619] CPU: 0 UID: 0 PID: 6619 Comm: syz.3.214 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 314.491761][ T6619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 314.502046][ T6619] Call Trace: [ 314.505503][ T6619] [ 314.508610][ T6619] dump_stack_lvl+0x216/0x2d0 [ 314.513601][ T6619] dump_stack+0x1e/0x24 [ 314.518041][ T6619] should_fail_ex+0x748/0x7f0 [ 314.523021][ T6619] should_fail+0x2a/0x40 [ 314.527539][ T6619] should_fail_usercopy+0x2e/0x40 [ 314.532863][ T6619] _copy_from_user+0x35/0x110 [ 314.537841][ T6619] kstrtouint_from_user+0x75/0x140 [ 314.543237][ T6619] ? proc_fail_nth_write+0x43/0x2e0 [ 314.548712][ T6619] ? vfs_write+0x48a/0x1540 [ 314.553511][ T6619] proc_fail_nth_write+0x62/0x2e0 [ 314.558817][ T6619] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 314.564743][ T6619] vfs_write+0x48a/0x1540 [ 314.569382][ T6619] ? kmsan_get_metadata+0x13e/0x1c0 [ 314.574854][ T6619] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 314.581516][ T6619] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 314.587616][ T6619] ksys_write+0x240/0x4b0 [ 314.592235][ T6619] ? kmsan_get_metadata+0x13e/0x1c0 [ 314.597709][ T6619] __ia32_sys_write+0x91/0xe0 [ 314.602705][ T6619] ia32_sys_call+0x2f4b/0x4180 [ 314.607742][ T6619] __do_fast_syscall_32+0xb0/0x110 [ 314.613195][ T6619] ? irqentry_exit+0x16/0x60 [ 314.618087][ T6619] do_fast_syscall_32+0x38/0x80 [ 314.623249][ T6619] do_SYSENTER_32+0x1f/0x30 [ 314.628010][ T6619] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 314.634670][ T6619] RIP: 0023:0xf73dd579 [ 314.638977][ T6619] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 314.658882][ T6619] RSP: 002b:00000000f50c65b0 EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 314.667601][ T6619] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50c6620 [ 314.675810][ T6619] RDX: 0000000000000001 RSI: 00000000f73d0ff4 RDI: 0000000000000000 [ 314.684020][ T6619] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 314.692219][ T6619] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 314.700419][ T6619] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 314.708638][ T6619] [ 314.826142][ T6613] pimreg3: left allmulticast mode [ 315.192433][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.977697][ T6633] loop3: detected capacity change from 0 to 1024 [ 316.135115][ T6636] FAULT_INJECTION: forcing a failure. [ 316.135115][ T6636] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 316.152119][ T6636] CPU: 0 UID: 0 PID: 6636 Comm: syz.5.221 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 316.163029][ T6636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 316.173320][ T6636] Call Trace: [ 316.176787][ T6636] [ 316.179915][ T6636] dump_stack_lvl+0x216/0x2d0 [ 316.184926][ T6636] dump_stack+0x1e/0x24 [ 316.189375][ T6636] should_fail_ex+0x748/0x7f0 [ 316.194367][ T6636] should_fail+0x2a/0x40 [ 316.198908][ T6636] should_fail_usercopy+0x2e/0x40 [ 316.204251][ T6636] _copy_to_user+0x34/0x120 [ 316.209047][ T6636] ? raw_getsockopt+0x812/0xd70 [ 316.214211][ T6636] raw_getsockopt+0x847/0xd70 [ 316.219207][ T6636] ? __pfx_raw_getsockopt+0x10/0x10 [ 316.224716][ T6636] do_sock_getsockopt+0x5f0/0xa10 [ 316.230052][ T6636] __ia32_sys_getsockopt+0x445/0x590 [ 316.235649][ T6636] ia32_sys_call+0x36ec/0x4180 [ 316.240694][ T6636] __do_fast_syscall_32+0xb0/0x110 [ 316.246137][ T6636] ? irqentry_exit+0x16/0x60 [ 316.251029][ T6636] do_fast_syscall_32+0x38/0x80 [ 316.256201][ T6636] do_SYSENTER_32+0x1f/0x30 [ 316.260973][ T6636] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.267637][ T6636] RIP: 0023:0xf740d579 [ 316.271945][ T6636] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 316.291856][ T6636] RSP: 002b:00000000f50f657c EFLAGS: 00000206 ORIG_RAX: 000000000000016d [ 316.300590][ T6636] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000065 [ 316.308812][ T6636] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 00000000200002c0 [ 316.317030][ T6636] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 316.325245][ T6636] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 316.333457][ T6636] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 316.341681][ T6636] [ 316.559101][ T6633] ===================================================== [ 316.568915][ T6633] BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x10e5/0x16f0 [ 316.576785][ T6633] hfsplus_rename_cat+0x10e5/0x16f0 [ 316.582181][ T6633] hfsplus_rename+0x209/0x2e0 [ 316.587137][ T6633] vfs_rename+0x1d9d/0x2280 [ 316.591811][ T6633] do_renameat2+0x18d0/0x1d50 [ 316.596869][ T6633] __ia32_sys_renameat2+0x14f/0x1f0 [ 316.602344][ T6633] ia32_sys_call+0x2f8a/0x4180 [ 316.607410][ T6633] __do_fast_syscall_32+0xb0/0x110 [ 316.613226][ T6633] do_fast_syscall_32+0x38/0x80 [ 316.618417][ T6633] do_SYSENTER_32+0x1f/0x30 [ 316.623092][ T6633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.629859][ T6633] [ 316.632293][ T6633] Uninit was stored to memory at: [ 316.637753][ T6633] hfsplus_rename_cat+0x1014/0x16f0 [ 316.643151][ T6633] hfsplus_rename+0x209/0x2e0 [ 316.648144][ T6633] vfs_rename+0x1d9d/0x2280 [ 316.652821][ T6633] do_renameat2+0x18d0/0x1d50 [ 316.664765][ T6633] __ia32_sys_renameat2+0x14f/0x1f0 [ 316.670175][ T6633] ia32_sys_call+0x2f8a/0x4180 [ 316.676961][ T6633] __do_fast_syscall_32+0xb0/0x110 [ 316.682317][ T6633] do_fast_syscall_32+0x38/0x80 [ 316.687593][ T6633] do_SYSENTER_32+0x1f/0x30 [ 316.692261][ T6633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.698932][ T6633] [ 316.701346][ T6633] Uninit was stored to memory at: [ 316.706724][ T6633] hfsplus_create_cat+0x17f6/0x1800 [ 316.712100][ T6633] hfsplus_fill_super+0x2236/0x26e0 [ 316.717648][ T6633] get_tree_bdev_flags+0x6ec/0x910 [ 316.722980][ T6633] get_tree_bdev+0x37/0x50 [ 316.727720][ T6633] hfsplus_get_tree+0x34/0x40 [ 316.732611][ T6633] vfs_get_tree+0xb1/0x5a0 [ 316.737885][ T6633] do_new_mount+0x71f/0x15e0 [ 316.742657][ T6633] path_mount+0x742/0x1f10 [ 316.747553][ T6633] __se_sys_mount+0x722/0x810 [ 316.752451][ T6633] __ia32_sys_mount+0xe3/0x150 [ 316.757490][ T6633] ia32_sys_call+0x260e/0x4180 [ 316.767616][ T6633] __do_fast_syscall_32+0xb0/0x110 [ 316.772999][ T6633] do_fast_syscall_32+0x38/0x80 [ 316.779808][ T6633] do_SYSENTER_32+0x1f/0x30 [ 316.784600][ T6633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.791185][ T6633] [ 316.793744][ T6633] Uninit was created at: [ 316.798232][ T6633] __alloc_pages_noprof+0x9a7/0xe00 [ 316.803865][ T6633] alloc_pages_mpol_noprof+0x299/0x990 [ 316.809521][ T6633] alloc_pages_noprof+0x1bf/0x1e0 [ 316.814817][ T6633] allocate_slab+0x320/0x12e0 [ 316.819686][ T6633] ___slab_alloc+0x12ef/0x35e0 [ 316.824885][ T6633] kmem_cache_alloc_lru_noprof+0x855/0xe20 [ 316.830928][ T6633] hfsplus_alloc_inode+0x5a/0xd0 [ 316.836210][ T6633] alloc_inode+0x86/0x460 [ 316.840727][ T6633] iget_locked+0x250/0x1290 [ 316.845542][ T6633] hfsplus_iget+0x59/0xae0 [ 316.850174][ T6633] hfsplus_btree_open+0x13e/0x1d00 [ 316.855629][ T6633] hfsplus_fill_super+0x1113/0x26e0 [ 316.866178][ T6633] get_tree_bdev_flags+0x6ec/0x910 [ 316.871522][ T6633] get_tree_bdev+0x37/0x50 [ 316.878165][ T6633] hfsplus_get_tree+0x34/0x40 [ 316.883054][ T6633] vfs_get_tree+0xb1/0x5a0 [ 316.888319][ T6633] do_new_mount+0x71f/0x15e0 [ 316.893069][ T6633] path_mount+0x742/0x1f10 [ 316.897828][ T6633] __se_sys_mount+0x722/0x810 [ 316.902684][ T6633] __ia32_sys_mount+0xe3/0x150 [ 316.907809][ T6633] ia32_sys_call+0x260e/0x4180 [ 316.909958][ T5781] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 316.912699][ T6633] __do_fast_syscall_32+0xb0/0x110 [ 316.922113][ T5781] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 316.925017][ T6633] do_fast_syscall_32+0x38/0x80 [ 316.934548][ T5781] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 316.937039][ T6633] do_SYSENTER_32+0x1f/0x30 [ 316.948849][ T6633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.954278][ T5781] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 316.955490][ T6633] [ 316.971981][ T6633] CPU: 1 UID: 0 PID: 6633 Comm: syz.3.218 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 316.974577][ T5781] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 316.984986][ T6633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 316.991978][ T5781] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 316.999963][ T6633] ===================================================== [ 317.000002][ T6633] Disabling lock debugging due to kernel taint [ 317.000050][ T6633] Kernel panic - not syncing: kmsan.panic set ... [ 317.000115][ T6633] CPU: 1 UID: 0 PID: 6633 Comm: syz.3.218 Tainted: G B 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 317.000259][ T6633] Tainted: [B]=BAD_PAGE [ 317.000296][ T6633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 317.000355][ T6633] Call Trace: [ 317.000392][ T6633] [ 317.000427][ T6633] dump_stack_lvl+0x216/0x2d0 [ 317.000572][ T6633] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 317.000695][ T6633] dump_stack+0x1e/0x24 [ 317.000825][ T6633] panic+0x4e2/0xcf0 [ 317.000951][ T6633] ? kmsan_get_metadata+0xc1/0x1c0 [ 317.001074][ T6633] kmsan_report+0x2c7/0x2d0 [ 317.001178][ T6633] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 317.001337][ T6633] ? kmsan_get_metadata+0x13e/0x1c0 [ 317.001459][ T6633] ? __msan_warning+0x95/0x120 [ 317.001603][ T6633] ? hfsplus_rename_cat+0x10e5/0x16f0 [ 317.001721][ T6633] ? hfsplus_rename+0x209/0x2e0 [ 317.001835][ T6633] ? vfs_rename+0x1d9d/0x2280 [ 317.001932][ T6633] ? do_renameat2+0x18d0/0x1d50 [ 317.002030][ T6633] ? __ia32_sys_renameat2+0x14f/0x1f0 [ 317.002137][ T6633] ? ia32_sys_call+0x2f8a/0x4180 [ 317.002242][ T6633] ? __do_fast_syscall_32+0xb0/0x110 [ 317.002399][ T6633] ? do_fast_syscall_32+0x38/0x80 [ 317.002549][ T6633] ? do_SYSENTER_32+0x1f/0x30 [ 317.002642][ T6633] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 317.002813][ T6633] ? hfsplus_bnode_dump+0xca0/0xcd0 [ 317.002954][ T6633] ? kmsan_get_metadata+0x13e/0x1c0 [ 317.003061][ T6633] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 317.003181][ T6633] ? hfsplus_brec_remove+0x91d/0x9d0 [ 317.003324][ T6633] ? kmsan_get_metadata+0x13e/0x1c0 [ 317.003430][ T6633] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 317.003546][ T6633] __msan_warning+0x95/0x120 [ 317.003693][ T6633] hfsplus_rename_cat+0x10e5/0x16f0 [ 317.003821][ T6633] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 317.003933][ T6633] ? kfree+0x1a7/0xdb0 [ 317.004057][ T6633] ? filter_irq_stacks+0x60/0x1a0 [ 317.004193][ T6633] ? kmsan_get_metadata+0x13e/0x1c0 [ 317.004299][ T6633] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 317.004454][ T6633] ? kmsan_get_metadata+0x13e/0x1c0 [ 317.004560][ T6633] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 317.004671][ T6633] ? kmsan_get_metadata+0x13e/0x1c0 [ 317.004776][ T6633] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 317.004896][ T6633] ? kmsan_get_metadata+0x13e/0x1c0 [ 317.005034][ T6633] hfsplus_rename+0x209/0x2e0 [ 317.005149][ T6633] ? __pfx_hfsplus_rename+0x10/0x10 [ 317.005261][ T6633] vfs_rename+0x1d9d/0x2280 [ 317.005360][ T6633] ? end_current_label_crit_section+0x124/0x2a0 [ 317.005545][ T6633] do_renameat2+0x18d0/0x1d50 [ 317.005686][ T6633] __ia32_sys_renameat2+0x14f/0x1f0 [ 317.005810][ T6633] ia32_sys_call+0x2f8a/0x4180 [ 317.005921][ T6633] __do_fast_syscall_32+0xb0/0x110 [ 317.006075][ T6633] ? irqentry_exit+0x16/0x60 [ 317.006211][ T6633] do_fast_syscall_32+0x38/0x80 [ 317.006360][ T6633] do_SYSENTER_32+0x1f/0x30 [ 317.006454][ T6633] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 317.006615][ T6633] RIP: 0023:0xf73dd579 [ 317.006682][ T6633] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 317.006786][ T6633] RSP: 002b:00000000f50c657c EFLAGS: 00000206 ORIG_RAX: 0000000000000161 [ 317.006890][ T6633] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 317.006964][ T6633] RDX: 0000000000000004 RSI: 0000000020000200 RDI: 0000000000000000 [ 317.007029][ T6633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 317.007092][ T6633] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 317.007154][ T6633] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 317.387201][ T6633] [ 317.390621][ T6633] Kernel Offset: disabled [ 317.395014][ T6633] Rebooting in 86400 seconds..