last executing test programs: 11.95485425s ago: executing program 3: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) capset(&(0x7f0000000040), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x54, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x20000000, {0x2, 0x1f, 0x4, 0x1}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000011}, 0x0) 11.20096402s ago: executing program 3: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) syz_open_procfs(0x0, &(0x7f00000005c0)='net/route\x00') lseek(0xffffffffffffffff, 0x300, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) dup(r0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@getlink={0x34, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'netpci0\x00'}]}, 0x34}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) socket$inet6_sctp(0xa, 0x801, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000700)='net/ip_mr_cache\x00') read$FUSE(r4, &(0x7f00000021c0)={0x2020}, 0x2020) 10.705439215s ago: executing program 4: r0 = semget(0xffffffffffffffff, 0x4, 0x0) shmctl$IPC_SET(r0, 0x1, &(0x7f00000001c0)={{0x0}}) 10.091088717s ago: executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='pids.current\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000080), 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) getsockopt$netrom_NETROM_T4(r1, 0x103, 0x4, 0x0, &(0x7f00000000c0)) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0000000000000000000002bbbbbbbb0000"], 0x20}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2ccf3766}, 0x48) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b0b, &(0x7f0000000040)={'virt_wifi0\x00', @local}) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x10, 0xffffffffffffffff, 0x0) unshare(0x62040200) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r2}, &(0x7f0000001080), &(0x7f00000010c0)='%pK \x00'}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c80)={0x5, 0xf, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000b800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b71c000014090000b7030000000000d77139d60083000000bf0900000000000055090100ffe500009500000000000000bf91000000e5fffff0ffff8438a9c39b000000b700000000000000950000000043b3c44fb8918aa1"], &(0x7f0000000380)='syzkaller\x00', 0x3, 0xb7, &(0x7f0000000180)=""/183}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e40)={&(0x7f0000000600)='ext4_free_blocks\x00'}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000002000010000000000000000000a0000000000000000000000080010000000000008000a00000033"], 0x2c}}, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000100), 0x1001) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = socket$rds(0x15, 0x5, 0x0) bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r3, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) 8.595967574s ago: executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000500)={0xfffffffffffffdfd, 0x100000}) 8.512841568s ago: executing program 2: r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d000110000000090400"], 0x0) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, &(0x7f0000000080)='!', 0x7ffffff2) 8.014291305s ago: executing program 3: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) capset(&(0x7f0000000040), 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x54, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x20000000, {0x2, 0x1f, 0x4, 0x1}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000011}, 0x0) 7.861877871s ago: executing program 0: syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000100)) r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r1, 0xc0844123, &(0x7f0000000080)={0x0, 0x0}) 7.605617594s ago: executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000180)=0xfffffff9) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000080)='./bus\x00', 0x3000002, &(0x7f0000000a40)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB="2c66696c655f756d61736b3d30303030303030303030303030303030303030303030312c706172743d3078303030303030303030303030303063332c706172743d3078303030303030303030303030613565662c63726561746f723da0a54db32c706172743d3078303030303030303030303030306666662c6769643d", @ANYRESHEX=0x0, @ANYBLOB="2c696f63684c727365743d63703836362c636f6465706167653d61736369692c6469725f756d61736b3d30303030303030303030303030303030020030303030ba5838d06465706167653d63703733372c00010000000000008031bbc521c216fd6632f6b856c7517a338ab68496f7332bf9b6e06eed63cba98e998649f497c1062e443154d87e28f2211618d5e28c1d8f587883061f2967e9d4aad534400b045f7bd81294687824d9d6a6f282ffcc878ce33d249474cf9e91043820dd31bf78a80c274c4e7166dac09bd83dc5ebfd3719280f19c8488d6bb21f1209d160ac3945dc756703b3bec650"], 0x1, 0x2f2, &(0x7f00000006c0)="$eJzs3T9v004cx/HPOUmT9lf15/5BSCygQiVYKgoMiCUVysrOhIAmlSqiItoiAQsFMSIeAHufAkw8ARYQTwAmJh5AN6O7XP44sdM2JHED75fU6Hy+O39PtuP7WoIIwD/rduX7wfWf9s9IOeUk3ZICSSUpL+mMzpaebu9t7dVr1X4D5VwP+2fU6Gl62mxs15K62n6uhxfarbxmO+swGlEUrf/IOghkzt39CQKp6O9Dt7805rhGZV86n3UM49Z5gs2hDvVMcxmGAwA4BfzzP/CPiYKrMgoCacU/9nuf/0Fm4Q4gim0dZhbHSNyo91RFfTt0PP/d6i4y9vz+73a18z2Xwtn9QTNLPE4wha7tKTWuldgC0xyVVbpYgunNrbxWN16pGui1yl5HsyX3WY1fjEdEu5yQm/aRPlpBd2Yas3Erym7NkDa36rWiLSTEv3iyI/4589l8NfdMqPeqttZ/+cjY0+TOVNh1poKCjf9q+oj/uV62lXzaXy6X498N8+4g5/wRvJ5ZRrFrtpSckah5Rc23XxrstyJoxPkxvdeC4q8VGrNbS5+d67WY1CtsbaX0Wor1yvkrYXXjcb3vq5TRMu/MXbOsX/qgSsf6P7Dxreg4d6Zt41r6K6Mxn6nklnnXMuzJHNu3y4VWBF5xsInhJN7qoW5qbvf5i0e5er22YwsPEgpPZneMrym8kRLbDFAoDmkcW9B+uyayXkbRcbtHwwujqO6aK0MauVGw3x+tGnv7JDW2d1mrJkgf8JN6d80NLdRhFEoJEZ6WQuWL1L3roKdmAgr2iZuyK+svKIzDrmmedF8xnXFAGDe77jKRKTVX8n5V51Ik+xH2yUb6J5nxEddaGVx8KbjgPmeSM7j1tGFTM7iOI15LyRldznXxsnSpo9Kob84V+jj/Eqaib7rP+38AAAAAAAAAAAAAAAAAAIBJM45/aZD1HAEAAAAAAAAAAAAAAAAAAAAAmHQD/f5v0v8R737/N+T3f4EJ8jsAAP//Y/x7PA==") open(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x47, 0x0, &(0x7f0000000080)=0x8) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x298) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, 0x0) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x601, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}) socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) socket$netlink(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f0000000540)="$eJzs3U1rJGkdAPB/ddKbeYl21D2swr7grmQWne5k4+4GD7sriLcFZb2PIemEkE46pDvjJAySwQ8giOhc5+RF8AMIMh9BhAG9i4oy6Iwe5qCWVHX1xMTuSUL6BZPfD57UU6///1NJV9fLM1MBXFpvRMRHETEREW9HRKWYXipKHHRKttzTJ3eXs5JEmn7y1ySSYlq2WFKUzPVitSudQU+tvf2NpUajvlOM19qb27XW3v7N9c2ltfpafWthYf69xfcX312cG0g7s3Z98I0//eSHP/vmB7/6yvd+f+svN76f5TtdzO+2Y9A6+6Sc7YvnJiNiZxjBxmCiaE953IkAAHAq2Tn+ZyPii/n5fyUm8rO500mGmhkAAAAwKOmH0/HPJCIFAAAALqxS3gc2KVWLvgDTUSpVq50+vC/HtVKj2Wp/ebW5u7XS6Ss7E+XS6nqjPlf0qZ2JcpKNz+f1w/F3no8nR/oA/7hyNZ9fXW42VsZ32wMAAAAulevHrv//Uelc/7/AvZElBwAAAAzOzLgTAAAAAIbuf6//H4wlDwAAAGB4PP8HAACAC+1bH3+clbT7/uuV23u7G83bN1fqrY3q5u5ydbm5s11dazbXGulUxOZJ22s0m9tfja3dO7V2vdWutfb2b202d7fat9aPvAIbAAAAGKHPvP7wd0lEHHztal4yL2U/JvqsoK8AXBilsyz8x+HlAYxev6954OKbHHcCwNiUO4Nk3HkA43PSAaBv551fDz4XAABgOGY/3/v5/+ThvQHggjrT83/gQvH8Hy4vz//h8io7A4BLb/jP/9P0xG0BAABDNZ2XpFQtngVOR+lZ2hEzUU5W1xv1uYj4dET8tlKeysbn8zUT/2gAAAAAAAAAAAAAAAAAAAAAAAAAAE4pTZNIAQAAgAstovTnpHj/12zlrenj9wdeSp5V8mH+doBPfnpnqd3emc+m/62YHtG+X0x/5yx3Hrx5HAAAAIale53evY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEF6+uTucreMMu7jr0fETK/4k3ElH16JckRc+3sSk92VXo9IImJiAPEP7kXEK73iJ1laMVNkcSR+RJQi4mqexdDjv5qmac/4188dHS63h9nx56Nen79SvJEPe3/+J4tyXv2Pf6Xnx7+JHvGzI8+nThnjC49+Ues9Z6ozf7L38acbP+kT/81em+yxU777nf39frmlDyJme37/JEdi1dqb27XW3v7N9c2ltfpafWthYf69xfcX312cq62uN+rFz54xfvTqL//dL/7jexHX+sSfOdr+pePtfyurlPtt+dC/Ht158rm8VkmPbSKPf+PN3r//V47GP7Jrs7+JLxXfA9n82W79oFP/b6/9/Devvaj9K33af9Lv/8bJTc+9/e0f/OGUiwIAI9Da299YajTqO0Ov3E/TdFSxsrOjUcU6d+Xl/59UDysfnmXhdGrUf2wq566M+8gEAAAM2uFJ/7gzAQAAAAAAAAAAAAAAAAAAgMtrFP+d2PGYB+NpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC/0nAAD//7aj2ng=") mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x47) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]}) 7.446502871s ago: executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00'}, 0x10) r0 = syz_open_dev$video(&(0x7f0000000000), 0x3, 0x0) ioctl$VIDIOC_DQEVENT(r0, 0x80885659, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000040)={0x3, 0x980914, 0x3}) timerfd_create(0x7, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r1, &(0x7f0000000080), 0x8) llistxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000540)=""/197, 0xc5) syz_mount_image$minix(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x804008, &(0x7f0000000100)=ANY=[], 0x5a, 0x20d, &(0x7f0000000200)="$eJzs3L9u00AAx/Gf40BIQfwVf8RUCQmxkEBbqcpGFzZeAImhakNV4UJpWBohQV+CnZWJR+BNWBnagY2JQ2dfwHFSfHFIHOHvR2rj2Pfzndue765RIgCV9Sj+HuiMe26Mebcs6ekTSbVSmwZgxox7/GkAVE9I1wcq6mQjjMf/L4H09fvbrWP3dc5z/nCykSwS7PrhOJVvnhZ4lskfBfHj7fpwfknS+ZFwfXT+8jHJ383Uf8G3/a7+pUy+4Z1Prv/eneH8RUmXJF2WdEXSVUnXpPi01+UOpOrfztR/Kzl85NkMAAAAAAD+yq4+W4Mnvov+bL7lU/LB2L129fx8N+qOP+qhluQfFoyfdfWvTJlfzbQpl3vBteHyra1X0XbBNgBF1dL9P9/IHcK//2vsv7PCKft/Pc5/KJgGqq132H+xGUXdg7ltSJOm7FBZvNLmYONbbuFPdkM/kldGZv/TGNxM7Z5ln1TgCs/t96X8Mu9zyjR10DMe55n7xuvHyextBlXYQSm9pz/tCYNsP60PdaLPqT+kKDJhb/8fXJc9oQl/3yjCMu5OAGap/WZvv9077N/f3dvc6e50X66tdzrra6srnXY8LW9PtTgHsMj+DPpltwQAAAAAAAAAAAAAABR1Q9LNyWOnfrwHAAAAgMU1+RuDGhO/najsawQAAAAAAAAAAAAA4H/3KwAA//9/rD04") 6.845868811s ago: executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x0, 0x0, 0x8}, 0x48) r3 = socket$inet6(0xa, 0xa, 0x8000000003c) r4 = userfaultfd(0x80001) ioctl$UFFDIO_API(r4, 0xc018aa3f, 0x0) r5 = userfaultfd(0x801) r6 = userfaultfd(0x800) ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000610000/0x1000)=nil, 0x1000, 0x3}) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000180)) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) close(r7) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$SIOCSIFHWADDR(r7, 0x8b04, &(0x7f0000000000)={'wlan1\x00', @random="8dffffff06ff"}) ioctl$UFFDIO_CONTINUE(r5, 0xc020aa07, 0x0) ioctl$UFFDIO_UNREGISTER(r5, 0x8010aa01, &(0x7f0000000100)={&(0x7f0000ffe000/0x2000)=nil, 0x2000}) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000002dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001cc0)=ANY=[@ANYRESOCT=r6], 0x18}}], 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x0) 6.604254735s ago: executing program 3: r0 = semget(0xffffffffffffffff, 0x4, 0x0) shmctl$IPC_SET(r0, 0x1, &(0x7f00000001c0)={{0x0}}) 6.152101437s ago: executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x0, 0x0, 0x8}, 0x48) r3 = socket$inet6(0xa, 0xa, 0x8000000003c) userfaultfd(0x80001) r4 = userfaultfd(0x801) r5 = userfaultfd(0x800) ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000610000/0x1000)=nil, 0x1000, 0x3}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) close(r6) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$SIOCSIFHWADDR(r6, 0x8b04, &(0x7f0000000000)={'wlan1\x00', @random="8dffffff06ff"}) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, 0x0) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, 0x0) ioctl$UFFDIO_UNREGISTER(r4, 0x8010aa01, &(0x7f0000000100)={&(0x7f0000ffe000/0x2000)=nil, 0x2000}) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000002dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001cc0)=ANY=[@ANYRESOCT=r5], 0x18}}], 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x0) 5.951757694s ago: executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0x80086601, 0x1000000000000) write$P9_RXATTRWALK(r0, &(0x7f0000000040)={0xf, 0x1f, 0x1, 0x7fff}, 0xf) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) ioprio_get$uid(0x3, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000", 0x36}], 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000440)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r3}, 0x10) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000), 0x2a979d) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r4, 0x5, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_4ADDR={0x5}]}, 0x1c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) bind(0xffffffffffffffff, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) 5.741804001s ago: executing program 1: syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x1000402, &(0x7f0000000280)=ANY=[], 0x81, 0x1500, &(0x7f0000002a80)="$eJzs3AuYjtX6MPB1r7Uehia9TXIY1r3uhzcNlkmSHBJySJIkSXJKSJokSUgMOSWGJOQ4SYMhJIdpTBrn8yHnpMmWJklCQpL1Xdrtz97/9t7t79v7+1zXnvt3Xeua55713Pe71txzzfM873XN+22vMfVbNqjTnIjEvwX+/CVZCBEjhBguhLhOCBEIISrHVY67PF9AQfK/9yLsP+vh9Ku9AnY1cf/zNu5/3sb9z9u4/3kb9z9v4/7nbdz/vI37z1hetmNu8et55N3B7//nZXz9/y+SW2Hql5sq3Nj7/yCF+5+3cf/zNu5/3sb9z9u4/3kb9/+/X+1/Msf9z9u4/4zlZVf7/WceV3dc7d8/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGN5w3l/hRZC/OX4aq+LMcYYY4wxxhhj/zk+/9VeAWOMMcYYY4wxxv7fAyGFEloEIp/IL2JEAVFQXCNixbWikLhORMT1Ik7cIAqLG0URUVQUE8VFvCghSgojUFhBIhSlRGkRFTeJMuJmkSDKinKivHCigkgUt4iK4lZRSdwmKovbRRVxh6gqqonqooa4U9QUd4laoraoI+4WdUU9UV80EPeIhuJe0UjcJxqL+0UT8YBoKh4UzcRDorl4WLQQj4iW4lHRSjwmWos2oq1oJ9r/X+W/JPqJl0V/MUAki4FikHhFDBZDxFAxTAwXr4oR4jUxUowSKWK0GCNeF2PFG2KceFOMFxPERPGWmCQmiyliqpgmpotU8baYId4RM8W7Ik3MErPFHJEu5op54j0xXywQC8X7YpH4QCwWS8RSsUxkiA9FplgussRHYoX4WGSLlWKVWC3WiLVi3a/92Cg2ic1ii9gqtontYof4ROwUu8RusUfsFfvEfvGpOCA+EwfF5yJHfPE/8teLDf80/9z/yO8NAgRIkKBBQz7IBzEQAwWhIMRCLBSCQhCBCMRBHBSGwlAEikAxKAbxEA8loSQgIBAQlIJSEIUolIEykAAJUA7KgQMHiZAIFeFWqASVoDJUhipQBapCNagGNaAG1ISaUAtqQR2oA3WhLtSH+nAP3AP3QiNoBI2hMTSBJtAUmkIzaAbNoTm0gBbQElpCK2gFraE1tIW20B7aQwfoAB2hI3SGztAFukBX6ApJkATdoBt0h+7QA3pAT+gJvaAX9IY+0AdegpfgZXgZBkBdORAGwSAYDINhKAyDYfAqjIDX4DUYBSkwGsbA6/A6vAHj4CyMhwkwESZCTTkZpsBUIDkdUiEVZsAMmAkzIQ1mwSyYA+kwF+bBPJgPC2ABvA+L4AP4AJbAElgGGZABmbAcsiALVsA5yIaVsApWwxpYC2tgPWyA9bAJNsMm2ApbYTtsh0/gE9gFu2AP7IF9sA8+hU/hM/gMUiAHcuAQHILDcBiOwBHIhVw4CkfhGByD43AcTsAJOAmn4DScgjNwBs7COTgP5+ECXICL8EL81y32ld2YIuRlWmqZT+aTMTJGFpQFZayMlYVkIRmRERkn42RhWVgWkUVkMVlMxst4WVKWlChRkgxlKVlKRmVUlpFlZIJMkOVkOemkk4kyUVaUFWUlWUlWlrfLKvIOWVVWk51cDVlD1pSdXS1ZW9aRdWRdWU/Wlw1kA9lQNpSNZCPZWDaWTWQT2VQ+KJvJgTAUHpaXO9NSjoZWcgy0lm1kW9lOvgGPyw5yHHSUnWRn+aScAOOhq+zgkuQzspucAt3lc3IqPC97yunQS74oe8s+sq98SfaTHV1/OUCmwUA5SM6BwXKIHCqHyflQT17uWH05SqbI0XKMfF0ugzfkOPmmHC8nyInyLTlJTpZT5FQ5TU6XqfJtOUO+I2fKd2WanCVnyzkyXc6V8+R7cr5cIBfK9+Ui+YFcLJfIpXKZzJAfyky5XGbJj+QK+bHMlivlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrld7pCfyJ1yl9wt98i9cp/cLz+VB+Rn8qD8XObIL+Qh+Sd5WH4pj8ivZK78Wh6V38hj8lt5XH4nT8jv5Ul5Sp6WP8gz8kd5Vp6T5+VP8oL8WV6Uv8hL0su/XAW0ClQ+lV/FqAKqoLpGxaprVSF1nYqo61WcukEVVjeqIqqoKqaKq3hVQpVURqGyilSoSqnSKqpuUmXUzSpBlVXlVHnlVAWVqG5RFdWtqpK6TVVWt6sq6g5VVVVT1VUNdaeqqe5StVRtVUfdreqqeqq+aqDuUQ3VvaqRuk81VverJuoB1VQ9qJqph1Rz9bBqoR5RLdWjqpV6TLVWbVRb1U61V4+rDuoJ1VF1Up3Vk6qLekp1VU+rJPWM6qaeVd3Vc6qHel71VC+oXupF1Vv1UX3VL+qS8qq/GqCS1UA1SL2iBqshaqgapoarV9UI9ZoaqUapFDVajVGvq7HqDTVOvanGqwlqonpLTVKT1RQ1VU1T01WqelvNUO+omepdlaZmqdlqjkpXc9XQ3yot/Bfy3/k7+SN/ffXtaof6RO1Uu9RutUftVfvUfrVfHVAH1EF1UOWoHHVIHVKH1WF1RB1RuSpXHVVH1TF1TB1Xx9UJdUKdVKfUT+oHdUb9qM6qc+qc+kldUBfUxd9+BkKDllpprQOdT+fXMbqALqiv0bH6Wl1IX6cj+nodp2/QhfWNuoguqovp4jpel9AltdGorSYd6lK6tI7qm3QZfbNO0GV1OV1eO11BJ+pb/u38P1rfqLT2uoPuoDvqjrqz7qy76C66q+6qk3SS7qa76e66u+6he+ieuqfupXvp3rq37qv76n66n+6v++tknawH6Vf0YD1ED9XD9HD9qh6hR+iReqRO0Sl6jB6jx+qxepwep8fr8Xqinqgn6Ul6ip6ip+lpOlWn6hl6hp6pZ+o0naZn69k6XafreXqenq/n64V6oV6kF+nFerFeqpfqDJ2hM3WmztJZeoVeobP1Sr1Sr9ar9Vq9Vq/X6/VGvVFv1pv1Vr1VZ+sdeofeqXfq3Xq33qv36v16vz6gD+iD+qDO0Tn6kD6kD+vD+og+onN1rj6qj+pj+pg+ro/rE/qEPqlP6tP6tD6jz+iz+qw+r8/rC/qCvqgv6kv60uXbvkAGMtCBDvIF+YKYICYoGBQMYoPYoFBQKIgEkSAuiAsKBzcGRYKiQbGgeBAflAhKBibAwAYUhEGpoHQQDW4KygQ3BwlB2aBcUD5wQYUgMbglqBjcGlQKbgsqB7cHVYI7gqpBtaB6UCO4M6gZ3BXUCmoHdYK7g7pBvaB+0CC4J2gY3Bs0Cu4LGgf3B02CB4KmwYNBs+ChoHnwcNAieCRoGTwatAoeC1oHbYK2Qbug/X+0vvdniz7h+psBJtkMNIPMK2awGWKGmmFmuHnVjDCvmZFmlEkxo80Y87oZa94w48ybZryZYCaat8wkM9lMMVPNNDPdpJq3zQzzjplp3jVpZpaZbeaYdDPXzDPvmflmgVlo3jeLzAdmsVlilpplJsN8aDLNcpNlPjIrzMcm26w0q8xqs8asNevMerPBbDSbzGazxWw128x2s8N8YnaaXWa32WP2mn1mv/nUHDCfmYPmc5NjvjCHzJ/MYfOlOWK+Mrnma3PUfGOOmW/NcfOdOWG+NyfNKXPa/GDOmB/NWXPOnDc/mQvmZ3PR/GIuGX/55v7y5R01asyH+TAGY7AgFsRYjMVCWAgjGME4jMPCWBiLYBEshsUwHuOxJJbEywgJS2EpjGIUy2AZTMAELIfl0KHDREzEilgRK2ElrIyVsQpWwapYFatjdbwT78S78C6sjbXxbrwb62E9bIANsCE2xEbYCBtjY2yCTbApNsVm2AybY3NsgS2wJbbEVtgKW2NrFKIttsf22AE7YEfsiJ2xM3bBLtgVu2ISJmE37IbdsTv2wB7YE3tiL+yFvbE39sW+2A/7YX/sj8mYjINwEA7GwTgUh+JwHI4jcASOxJGYgik4BsfgWByL43AcjscJOBHfwkk4GafgVJyG0zEVU3EGzsCZOBPTMA1n42xMx3Sch/NwPs7HhbgQF+EiXIyLcSkuxQzMwEzMxCzMwhW4ArMxG1fhKlyDa3AdrsMNuAE34SbcgltwG27DHbgDd+JO3I27cS/uxf24Hw/gATyIBzEHc/AQHsLDeBiP4BHMxVw8ikfxGB7D43gcT+AJPIkn8TSexjN4Bs/iWTyP5/EC/owX8Re8hB5jrBQF7TU21l5rC9nrbIwtYP86LmaL23hbwpa0xhaxRf8mRmttgi1ry9ny1tkKNtHe8ru4qq1mq9sa9k5b095la/0ubmjvtY3sfbaxvd82sPf8TdzEPmCb2kdtM/uYbW7b2Ba2nW1pH7Wt7GO2tW1j29p2tot9yna1T9sk+4ztZp/9XZxpl9sNdqPdZDfbA/Yze97+ZI/Zb+0F+7PtbwfY4fZVO8K+ZkfaUTbFjv5dPNG+ZSfZyXaKnWqn2em/i2fbOTbdzrXz7Ht2vl3wuzjDfmgX2Sy72C6xS+2yX+PLa8qyH9kV9mObbVfaVXa1XWPX2nV2/f9e62q71W6z2+1++6ndaXfZ3XaP3Wv3/Rpf3sdB+7nNsV/Yo/Ybe9h+aY/Y4zbXfv1rfHl/x+139oT93p60p+xp+4M9Y3+0Z+25X/d/ee8/2F/sJeutICBJijQFlI/yUwwVoIJ0DcXStVSIrqMIXU9xdAMVphupCBWlYlSc4qkElSRDSJaIQipFpSlKN1EZupkSqCyVo/LkqAIl0i1UkW6lSnQbVabbqQrdQVWpGlWnGnQn1aS7qBbVpjp0N9WlelSfGtA91JDupUZ0HzWm+6kJPUBN6UFqRg9Rc3qYWtAj1JIepVb0GLWmNtSW2lF7epw60BPUkTpRZ3qSutBT1JWepiR6hrrRs9SdnqMe9Dz1pBeoF71IvakP9aWXqB+9TP1pACXTQBpEr9BgGkJDaRgNp1dpBL1GI2kUpdBoGkOv01h6g8bRmzSeJtBEeosm0WSaQlNpGk2nVHqbZtA7NJPepTSaRbNpDqXTXJpH79F8WkAL6X1aRB/QYlpCS2kZZdCHlEnLKYs+ohX0MWXTSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtAntJN20W7aQ3tpH+2nT+kAfUYH6XPKoS/oEP2JDtOXdIS+olz6mo7SN3SMvqXj9B2doO/pJJ2i0/QDnaEf6Sydo/P0E12gn+ki/UKXyJMIIZShCnUYhPnC/GFMWCAsGF4TxobXhoXC68JIeH0YF94QFg5vDIuERcNiYfEwPiwRlgxNiKENKQzDUmHpMBreFJYJbw4TwrJhubB86MIKYWJ4S1gxvDWsFN4WVg5vD6uEd4RVw2rho/fXCO8Ma4Z3hbXC2mGd8O6wblgvrB82CO8JG4b3ho3C+8LG4f1hpfCBsGn4YNgsfChsHj4ctggfCVuGj4atwsfC1mGbsG3YLmwfPh52CJ8IO4adws7hk2GX8Kmwa/h0mBQ+E3YLn/3D+eRwYDgofCV8JfT+PrU0uiyaEf0wmhldHs2KfhRdEf04mh1dGV0VXR1dE10bXRddH90Q3RjdFN0c3RLdGt0W3R71vkF+4cBJp5x2gcvn8rsYV8AVdNe4WHetK+SucxF3vYtzN7jC7kZXxBV1xVxxF+9KuJLOOHTWkQtdKVfaRd1Nroy72SW4sq6cK++cq+ASXTvX3rV3HdwTrqPr5Dq7J92T7in3lHvaPe2ecd3cs667e871cM+7nu4F94J70fV2fVxf95Lr5152/d0Al+yS3SA3yA12g91QN9QNd8PdCDfCjXQjXYpLcWPcGDfWjXXj3Dg33o13E91EN8lNclPcFDfNTXOpLtXNcDPcTDfTpbk0N9vNduku3c1z89x8N98tdAvdooRFbrFb7Ja6pS7DZbhMl+myXJZb4Va4bJftVrlVbo1b49a5dW6D2+A2uU1ui9vitrltbofb4Xa6nW632+32ur1uv9vvDrgD7qA76HJcjjvkDrnD7rA74r5yue5rd9R94465b91x95074b53J90pd9r94M64H91Zd86ddz+5C+5nd9H94i4571Ijb0dmRN6JzIy8G0mLzIrMjsyJpEfmRuZF3ovMjyyILIy8H1kU+SCyOLIksjSyLJIR+TCSGVkeyYp8FFkR+TiSHVkZWRVZHVkTWRvxvsTO0JfypX3U3+TL+Jt9gi/ry/ny3vkKPtHf4iv6W30lf5uv7G/3Vfwdvqqv5qv7x3xr38a39e18e/+47+Cf8B19J9/ZP+m7+Kd8V/+0T/LP+G7+Wd/dP+d7+Od9T/+C7+Vf9L19H9/Xv+T7+Zd9fz/AJ/uBfpB/xQ/2Q/xQP8wP96/6Ef41P9KP8il+tB/jX/dj/Rt+nH/Tj/cT/ET/lp/kJ/spfqqf5qf7VP+2n+Hf8TP9uz7Nz/Kz/Ryf7uf6ef49P98v8Av9+36R/8Av9kv8Ur/MZ/gPfaZf7rP8R36F/9hn+5V+lV/t1/i1fp1f7zf4jX6T3+y3+K1+m9/ud/hP/E6/y+/2e/xev8/v95/6A/4zf9B/7nP8F/6Q/5M/7L/0R/xXPtd/7Y/6b/wx/60/7r/zJ/z3/qQ/5U/7H/wZ/6M/68/58/4nf8H/7C/6X/wl/p81xhhjjLF/ybYi/3x+4N/5nvxtXDZICHHtruK5fz2vhBBbfqs7RMZ3iQghnhnQ6+G/jLp1k5OTfzs3W4mg9BIhRORKfj5xJV4pOounRJLoJCr+3fUNkX0u0B/Uj94uRMG/yokRV+Ir9W/9B/Uff3JiZpXwfNw/qb9EiITSV3IKiCvxlfqV/kH9oh3+YP0FvkwVouNf5cSKK/GV+oniCfGsSPqbMxljjDHGGGOMsT8bIqv3+PvPn39+wv/L83m8vpKTX1yJ/+j5nDHGGGOMMcYYY1ff8336Pv14UlKnHnzAB3zw336gxL988tX+y8QYY4wxxhj7T7ty03+1V8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVd/z8+e+xq75ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi72v5XAAAA//9QCjrm") r0 = open(0x0, 0x0, 0x0) fcntl$notify(r0, 0x402, 0x34) fcntl$setsig(r0, 0xa, 0x21) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r1, 0x40047211, &(0x7f00000004c0)) 4.967334716s ago: executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x440, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x9}, {}, {0x8}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x410, 0x2, [@TCA_CGROUP_ACT={0x4}, @TCA_CGROUP_POLICE={0x408, 0x2, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f63, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xbc5, 0x0, 0x0, 0x7, 0x0, 0x101, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcda0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}]}]}}]}, 0x440}}, 0x0) 4.829506147s ago: executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) syz_open_procfs(0x0, &(0x7f00000005c0)='net/route\x00') lseek(0xffffffffffffffff, 0x300, 0x0) pipe2$9p(&(0x7f00000001c0), 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@getlink={0x34, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'netpci0\x00'}]}, 0x34}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) socket$inet6_sctp(0xa, 0x801, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000700)='net/ip_mr_cache\x00') read$FUSE(r4, &(0x7f00000021c0)={0x2020}, 0x2020) 4.402251627s ago: executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000004c0)) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000500)={0xfffffffffffffdfd, 0x100000}) 3.225484627s ago: executing program 2: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) capset(0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x54, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x20000000, {0x2, 0x1f, 0x4, 0x1}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000011}, 0x0) 2.672568427s ago: executing program 1: syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000100)) r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r1, 0xc0844123, &(0x7f0000000080)={0x0, 0x0}) 2.613873154s ago: executing program 2: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00'}, 0x10) r0 = syz_open_dev$video(&(0x7f0000000000), 0x3, 0x0) ioctl$VIDIOC_DQEVENT(r0, 0x80885659, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000040)={0x3, 0x980914, 0x3}) timerfd_create(0x7, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r1, &(0x7f0000000080), 0x8) llistxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000540)=""/197, 0xc5) syz_mount_image$minix(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x804008, &(0x7f0000000100)=ANY=[], 0x5a, 0x20d, &(0x7f0000000200)="$eJzs3L9u00AAx/Gf40BIQfwVf8RUCQmxkEBbqcpGFzZeAImhakNV4UJpWBohQV+CnZWJR+BNWBnagY2JQ2dfwHFSfHFIHOHvR2rj2Pfzndue765RIgCV9Sj+HuiMe26Mebcs6ekTSbVSmwZgxox7/GkAVE9I1wcq6mQjjMf/L4H09fvbrWP3dc5z/nCykSwS7PrhOJVvnhZ4lskfBfHj7fpwfknS+ZFwfXT+8jHJ383Uf8G3/a7+pUy+4Z1Prv/eneH8RUmXJF2WdEXSVUnXpPi01+UOpOrfztR/Kzl85NkMAAAAAAD+yq4+W4Mnvov+bL7lU/LB2L129fx8N+qOP+qhluQfFoyfdfWvTJlfzbQpl3vBteHyra1X0XbBNgBF1dL9P9/IHcK//2vsv7PCKft/Pc5/KJgGqq132H+xGUXdg7ltSJOm7FBZvNLmYONbbuFPdkM/kldGZv/TGNxM7Z5ln1TgCs/t96X8Mu9zyjR10DMe55n7xuvHyextBlXYQSm9pz/tCYNsP60PdaLPqT+kKDJhb/8fXJc9oQl/3yjCMu5OAGap/WZvv9077N/f3dvc6e50X66tdzrra6srnXY8LW9PtTgHsMj+DPpltwQAAAAAAAAAAAAAABR1Q9LNyWOnfrwHAAAAgMU1+RuDGhO/najsawQAAAAAAAAAAAAA4H/3KwAA//9/rD04") 2.050834789s ago: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000180)=0xfffffff9) syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000080)='./bus\x00', 0x3000002, &(0x7f0000000a40)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB="2c66696c655f756d61736b3d30303030303030303030303030303030303030303030312c706172743d3078303030303030303030303030303063332c706172743d3078303030303030303030303030613565662c63726561746f723da0a54db32c706172743d3078303030303030303030303030306666662c6769643d", @ANYRESHEX=0x0, @ANYBLOB="2c696f63684c727365743d63703836362c636f6465706167653d61736369692c6469725f756d61736b3d30303030303030303030303030303030020030303030ba5838d06465706167653d63703733372c00010000000000008031bbc521c216fd6632f6b856c7517a338ab68496f7332bf9b6e06eed63cba98e998649f497c1062e443154d87e28f2211618d5e28c1d8f587883061f2967e9d4aad534400b045f7bd81294687824d9d6a6f282ffcc878ce33d249474cf9e91043820dd31bf78a80c274c4e7166dac09bd83dc5ebfd3719280f19c8488d6bb21f1209d160ac3945dc756703b3bec650"], 0x1, 0x2f2, &(0x7f00000006c0)="$eJzs3T9v004cx/HPOUmT9lf15/5BSCygQiVYKgoMiCUVysrOhIAmlSqiItoiAQsFMSIeAHufAkw8ARYQTwAmJh5AN6O7XP44sdM2JHED75fU6Hy+O39PtuP7WoIIwD/rduX7wfWf9s9IOeUk3ZICSSUpL+mMzpaebu9t7dVr1X4D5VwP+2fU6Gl62mxs15K62n6uhxfarbxmO+swGlEUrf/IOghkzt39CQKp6O9Dt7805rhGZV86n3UM49Z5gs2hDvVMcxmGAwA4BfzzP/CPiYKrMgoCacU/9nuf/0Fm4Q4gim0dZhbHSNyo91RFfTt0PP/d6i4y9vz+73a18z2Xwtn9QTNLPE4wha7tKTWuldgC0xyVVbpYgunNrbxWN16pGui1yl5HsyX3WY1fjEdEu5yQm/aRPlpBd2Yas3Erym7NkDa36rWiLSTEv3iyI/4589l8NfdMqPeqttZ/+cjY0+TOVNh1poKCjf9q+oj/uV62lXzaXy6X498N8+4g5/wRvJ5ZRrFrtpSckah5Rc23XxrstyJoxPkxvdeC4q8VGrNbS5+d67WY1CtsbaX0Wor1yvkrYXXjcb3vq5TRMu/MXbOsX/qgSsf6P7Dxreg4d6Zt41r6K6Mxn6nklnnXMuzJHNu3y4VWBF5xsInhJN7qoW5qbvf5i0e5er22YwsPEgpPZneMrym8kRLbDFAoDmkcW9B+uyayXkbRcbtHwwujqO6aK0MauVGw3x+tGnv7JDW2d1mrJkgf8JN6d80NLdRhFEoJEZ6WQuWL1L3roKdmAgr2iZuyK+svKIzDrmmedF8xnXFAGDe77jKRKTVX8n5V51Ik+xH2yUb6J5nxEddaGVx8KbjgPmeSM7j1tGFTM7iOI15LyRldznXxsnSpo9Kob84V+jj/Eqaib7rP+38AAAAAAAAAAAAAAAAAAIBJM45/aZD1HAEAAAAAAAAAAAAAAAAAAAAAmHQD/f5v0v8R737/N+T3f4EJ8jsAAP//Y/x7PA==") open(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)) getsockopt$IP_SET_OP_GET_FNAME(0xffffffffffffffff, 0x1, 0x47, 0x0, &(0x7f0000000080)=0x8) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x298) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, 0x0) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x601, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}) socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) socket$netlink(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f0000000540)="$eJzs3U1rJGkdAPB/ddKbeYl21D2swr7grmQWne5k4+4GD7sriLcFZb2PIemEkE46pDvjJAySwQ8giOhc5+RF8AMIMh9BhAG9i4oy6Iwe5qCWVHX1xMTuSUL6BZPfD57UU6///1NJV9fLM1MBXFpvRMRHETEREW9HRKWYXipKHHRKttzTJ3eXs5JEmn7y1ySSYlq2WFKUzPVitSudQU+tvf2NpUajvlOM19qb27XW3v7N9c2ltfpafWthYf69xfcX312cG0g7s3Z98I0//eSHP/vmB7/6yvd+f+svN76f5TtdzO+2Y9A6+6Sc7YvnJiNiZxjBxmCiaE953IkAAHAq2Tn+ZyPii/n5fyUm8rO500mGmhkAAAAwKOmH0/HPJCIFAAAALqxS3gc2KVWLvgDTUSpVq50+vC/HtVKj2Wp/ebW5u7XS6Ss7E+XS6nqjPlf0qZ2JcpKNz+f1w/F3no8nR/oA/7hyNZ9fXW42VsZ32wMAAAAulevHrv//Uelc/7/AvZElBwAAAAzOzLgTAAAAAIbuf6//H4wlDwAAAGB4PP8HAACAC+1bH3+clbT7/uuV23u7G83bN1fqrY3q5u5ydbm5s11dazbXGulUxOZJ22s0m9tfja3dO7V2vdWutfb2b202d7fat9aPvAIbAAAAGKHPvP7wd0lEHHztal4yL2U/JvqsoK8AXBilsyz8x+HlAYxev6954OKbHHcCwNiUO4Nk3HkA43PSAaBv551fDz4XAABgOGY/3/v5/+ThvQHggjrT83/gQvH8Hy4vz//h8io7A4BLb/jP/9P0xG0BAABDNZ2XpFQtngVOR+lZ2hEzUU5W1xv1uYj4dET8tlKeysbn8zUT/2gAAAAAAAAAAAAAAAAAAAAAAAAAAE4pTZNIAQAAgAstovTnpHj/12zlrenj9wdeSp5V8mH+doBPfnpnqd3emc+m/62YHtG+X0x/5yx3Hrx5HAAAAIale53evY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEF6+uTucreMMu7jr0fETK/4k3ElH16JckRc+3sSk92VXo9IImJiAPEP7kXEK73iJ1laMVNkcSR+RJQi4mqexdDjv5qmac/4188dHS63h9nx56Nen79SvJEPe3/+J4tyXv2Pf6Xnx7+JHvGzI8+nThnjC49+Ues9Z6ozf7L38acbP+kT/81em+yxU777nf39frmlDyJme37/JEdi1dqb27XW3v7N9c2ltfpafWthYf69xfcX312cq62uN+rFz54xfvTqL//dL/7jexHX+sSfOdr+pePtfyurlPtt+dC/Ht158rm8VkmPbSKPf+PN3r//V47GP7Jrs7+JLxXfA9n82W79oFP/b6/9/Devvaj9K33af9Lv/8bJTc+9/e0f/OGUiwIAI9Da299YajTqO0Ov3E/TdFSxsrOjUcU6d+Xl/59UDysfnmXhdGrUf2wq566M+8gEAAAM2uFJ/7gzAQAAAAAAAAAAAAAAAAAAgMtrFP+d2PGYB+NpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC/0nAAD//7aj2ng=") mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x47) mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]}) 1.896505486s ago: executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_unix(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$erofs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x1910000, &(0x7f0000000380)=ANY=[@ANYBLOB='IcOG', @ANYRESDEC=0x0, @ANYRES16, @ANYRES8=0x0, @ANYRESHEX], 0x0, 0x0, 0xfffffffffffffffe) socket$inet(0x2, 0x1, 0x0) mlockall(0x1) pipe2$watch_queue(&(0x7f00000000c0), 0xb82e336200000000) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) syz_read_part_table(0x4035, &(0x7f0000006d80)="$eJzs0MtNw0AQANBZ2QYj7rRBByBKoAwu3JC4IKN0kzJyTCGpY6Os81kndgPRewfPR54Zy8+79UdEpNef76/fmMrnR7RdfB7iQ6le4n7k5pS1VfeY91UrVXn5DduIt8107OJp6V5TF/2493/uxXRVdSUO73+rsiSniDwalm7Nacv04+23AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7NmBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAABAkL/1IBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABHBQAA//9DTBQN") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r0, &(0x7f0000000900)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) r2 = memfd_create(&(0x7f0000000040)='}\xa4-}{\x00', 0x0) close_range(r1, r2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)) socket$inet6(0xa, 0x1, 0x0) dup(0xffffffffffffffff) r3 = socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x1, 0x0) mq_open(&(0x7f0000000080)='erofs\x00', 0x40, 0x0, &(0x7f0000000180)={0xfff, 0x7f, 0x8, 0x1}) connect$unix(r3, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) 1.892453675s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0/control\x00', 0x0) rename(&(0x7f00000002c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000340)='./file0/control/file1\x00') r1 = fspick(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 1.578567764s ago: executing program 4: r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000004200)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5451, 0x0) openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0) mlockall(0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/105, 0x69}, 0x0) 790.752739ms ago: executing program 1: msgsnd(0x0, 0x0, 0x8, 0x0) sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x1c) r1 = eventfd2(0x0, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r2, 0x0) close(0xffffffffffffffff) 770.945649ms ago: executing program 4: syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000180)='./bus\x00', 0x400, &(0x7f0000000440)=ANY=[], 0x1, 0x63a, &(0x7f0000000840)="$eJzs3c1vHGcdB/DvbDZONpTUTZM2oEq1GgkQFolf5IK5EBBCPlSoKgfOVuI0VjZpsV3kVoia92sP/QPKwTdOSNwjlQsXuPXqYyUkLr1gTotmdna98VvtNvGu288nmn2eZ5+ZZ37Pb2Z2dteKNsCX1sJkmg9TZGHylfWyvbU5297anL3fqyc5l2QjaSZpJCn+2+l0PkxuJkV/mGJXucf7y/OvffTJ1sfdVrNeqvUbh213NBv1kokkZ+rycY1363OPV/RneDPJtbqEoTubpPOIX/zjqX7PgNZ+W58/kRiBJ6vo3jf3GE8u1Bd6+T6ge1fs3rNPtY1hBwAAAAAn4OntbGe9uDjsOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC02Nj5/f+iXhq9+kSK3u//j9XPpa6PlhePt/rDJxUHAAAAAAAAAJygF7eznfVc7LU7RfU3/5eqxuXq8St5K6tZykquZz2LWctaVjKdZHxgoLH1xbW1lekjbDmz75YznxLoubpsPZ55AwAAAAAAAMAXzG+zsPP3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAVFcqZbVMvlXn08jWaS80nGyvU2kn/16qfZw2EHAAAAACfg6e1sZz0Xe+1OUX3mf6763H8+b+VB1rKctbSzlNvVdwHdT/2Nrc3Z9tbm7P1y2TvuD/9zrDCqEdP97mH/PV+t1mjlTparZ67nVt5IO7fTqLYsXa3j6Y26K67flDEVP6gdMbLbdVnO/L263OPdY032IMf8MmW8ysjZfkam6tjKbDzTOzL7H6FjHp3de5pOox/s5V172jWJz5TzC3VZzuePB+V8KHZnYmbg7Hvu8Jwn3/zbX35+t/3g3t07q5OjM6WjOVOXneqxtTcTswOZeP6LnIk9pqpMXOm3F/KT/CyTmcirWclyfpnFrGUpE/lxVVusz+di4JI/IFM3H2m9+mmRjNVnaPdgHS+ml6ptL2Y5P80buZ2lvFz9m8l0vpu5zGV+4AhfOfwIV1d944CrvvPVfYO/9q260kryp7ocDWVenxnI6+Br7njVN/jMTpYuHSFLx3xtbH69rpT7+F1djobdmZgeyMSzh2fiz9XLymr7wb2Vu4tvHm13l96rK+V19IeRukuU58ul8mBVrUfPjrLv2X37pqu+y/2+xp6+K/2+7pW6ceCVOla/h9s70kzV9/y+fbNV39WBvv3ebwEw8i58+8JY69+tf7Y+aP2+dbf1yvkfnfveuRfGcvbvZ7/fnDrzjcYLxV/zQX698/kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD47FbffufeYru9tLKr0ul03j2g6zRXej9ndoI7/dpTyUjMfaiV/3U6nfqZYhTiObzSqY1KPMOoDPmFCXjibqzdf/PG6tvvfGf5/uLrS68vPZifm5ufmp97efbGneX20lT3cdhRAk/Czk1/2JEAAAAAAAAAAAAAR3US/51g2HMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATreFyTQfpsj01PWpsr21Odsul159Z81mkkaS4ldJ8WFyM90l4wPDFQft5/3l+dc++mTr452xmr31G4dtdzQb9ZKJJGfq8nGNd+tzj1f0Z1gm7FovcTBs/w8AAP//JggO2w==") mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) 619.63103ms ago: executing program 0: syz_mount_image$hfs(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x4004, &(0x7f0000000240)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030303031302c636f6465706167653d63703835352c696f636861727365743d6370313235302c0065fcfac35652d2119752177b83dd62bd1f7de553835128ed9475d69a7ff68815d149e3d770260f87adedaaa6166f2883a669eadf2fc703841d76d28addf20312d9c8fc5b9c22b6ded1166f95bc118305a3ee7ebad510e9785ba1b21c76ac0d23979366134009b2e8055dfdb125c12135913b94b66581"], 0x1, 0x2f2, &(0x7f0000000580)="$eJzs3b1uE0sYxvFn1nbsfChnT5KjI9GAApGgiQhQIBoj5JaeCgG2I0VYiUiCBDQERIm4AHpugYugAXEDUFHRk4pBMx4762S9jgn2JuH/k2ytZ2d23/Xsx7yrOCsAf61btS/vrn5zLyMVVJB0Q4okVaSipP/0f+Xx+vbadqvZyFpQwbdwL6N2S3OgTn29mdbUtfMtgth9KmomWYbRsNbe/Jp3EMidP/pTRFI5HId+fmXMcY3KjnQ27xjGLdnBZle7eqLZHMMBABwD4fofhcvEjC8yiiJpKVz2T9X1f/f0bIpzrXWgyGY2SFz//ejOGte///hZe/meT+Hc/KiTJR4mmNK+zxNq71k9A0wzKKv0sUSTq2tFLddfqBHppapBotqCf2+0d92OAdEupuSmGfovraTbU+2t8SPK/Tohra61mmU3kRL//HBrPDrzwXwyd02st2p0x39Fa1w3+Z6K9/VUVHLxX+6/xGnfytVSSPur1WrUU+Vfv5IzYQ3BgK2spGckyWV2bhDsdCPIitOve069txXaW7cyoNV8Wqu4+6lPq4WeVoWwJyzXN1qZt1JGo7OJ5o25Yxb1Xe9VS4z/IxffkhJHZtb50fiaYc+ob+intRPpNYu+ZnzgdLt3uJzrRhCUh942SEPeLXutB7qu2a2nzx4WWq3mppu4nzLxaGbThJLSKym1zugnCsqoo529Eus8t/awS7ZHCMwM+jYuDV7Oj8Ov1J0/uiXu8Emr7I6ybkn0B755a3Lo7kET5bz2wzBR+6isHfLkTFgr9Zk1svMUjpEt0+n0UDCZc0AYNzfuMu38z4/kw6jOp0juLc4Yp2cnmepZ4ko3g+sdCs7596mhMrjp/hlcYo1X+uSMPuc6f1G6kCg0ylxjHOI8JUxNn3WP+/8AAAAAAAAAAAAAAAAAAAAnTfij/85PNkfyS4OcNxEAAAAAAAAAAAAAAAAAAAAAgBPvt57/m/Y/4v3zf+NxP//XDvUgJwA9fgUAAP//11V3YA==") chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) renameat2(r0, &(0x7f0000000240)='./bus\x00', r1, &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) 30.616321ms ago: executing program 4: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@deltfilter={0x450, 0x2d, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_bpf={{0x8}, {0x4}}, @filter_kind_options=@f_basic={{0xa}, {0x40c, 0x2, [@TCA_BASIC_POLICE={0x408, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf96]}]}]}}]}, 0x450}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) 0s ago: executing program 1: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) syz_open_procfs(0x0, &(0x7f00000005c0)='net/route\x00') lseek(0xffffffffffffffff, 0x300, 0x0) pipe2$9p(&(0x7f00000001c0), 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@getlink={0x34, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'netpci0\x00'}]}, 0x34}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) socket$inet6_sctp(0xa, 0x801, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000700)='net/ip_mr_cache\x00') read$FUSE(r4, &(0x7f00000021c0)={0x2020}, 0x2020) kernel console output (not intermixed with test programs): [ 745.270616][ T29] audit: type=1804 audit(1718347639.315:77): pid=9079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir540492453/syzkaller.NqLcvA/6/file0" dev="sda1" ino=1955 res=1 errno=0 [ 745.297407][ T9081] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 745.387252][ T1070] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 745.399797][ T1070] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.395029][ T8650] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 746.524002][ T25] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 746.833454][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 746.991196][ T25] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 747.002742][ T25] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 747.013289][ T25] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 747.024922][ T25] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 747.044062][ T25] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 747.056212][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 747.429951][ T25] usb 4-1: GET_CAPABILITIES returned 64 [ 747.436535][ T25] usbtmc 4-1:16.0: can't read capabilities [ 747.596324][ T9101] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 747.702163][ T25] usb 4-1: USB disconnect, device number 2 [ 749.985165][ T9127] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 750.294026][ T9130] 9pnet_fd: Insufficient options for proto=fd [ 750.443601][ T29] audit: type=1804 audit(1718347644.485:78): pid=9130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir540492453/syzkaller.NqLcvA/10/file0" dev="sda1" ino=1965 res=1 errno=0 [ 751.119722][ T9138] loop0: detected capacity change from 0 to 512 [ 751.508688][ T9138] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 751.522438][ T9138] ext4 filesystem being mounted at /root/syzkaller-testdir3693832584/syzkaller.nYEv0h/12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 751.815144][ T9138] EXT4-fs error (device loop0): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 753.528031][ T8650] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 753.827463][ T9160] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 753.843315][ T5114] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 754.182620][ T5114] usb 4-1: Using ep0 maxpacket: 8 [ 754.311912][ T5114] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 754.323716][ T5114] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 754.334073][ T5114] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 754.344328][ T5114] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 754.357873][ T5114] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 754.367158][ T5114] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 754.819773][ T5114] usb 4-1: GET_CAPABILITIES returned 2f [ 754.827779][ T5114] usbtmc 4-1:16.0: can't read capabilities [ 755.058776][ T5120] usb 4-1: USB disconnect, device number 3 [ 756.332635][ T9176] 9pnet_fd: Insufficient options for proto=fd [ 756.465464][ T29] audit: type=1804 audit(1718347650.485:79): pid=9176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2164515733/syzkaller.u00iYu/8/file0" dev="sda1" ino=1963 res=1 errno=0 [ 759.221894][ T4424] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 759.262122][ T4424] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 759.275183][ T4424] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 759.301807][ T4424] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 759.345478][ T4424] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 759.357136][ T4424] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 759.935888][ T9210] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 760.861255][ T7163] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.013158][ T5114] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 761.044084][ T7163] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.156398][ T7163] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.281207][ T5114] usb 4-1: Using ep0 maxpacket: 8 [ 761.304679][ T7163] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.393652][ T9201] chnl_net:caif_netlink_parms(): no params data found [ 761.424965][ T4424] Bluetooth: hci2: command tx timeout [ 761.442782][ T5114] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 761.455163][ T5114] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 761.465658][ T5114] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 761.478546][ T5114] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 761.492930][ T5114] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 761.502959][ T5114] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 761.850256][ T5114] usb 4-1: GET_CAPABILITIES returned 0 [ 761.856319][ T5114] usbtmc 4-1:16.0: can't read capabilities [ 761.911824][ T9233] 9pnet_fd: Insufficient options for proto=fd [ 762.007001][ T29] audit: type=1804 audit(1718347656.045:80): pid=9233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir540492453/syzkaller.NqLcvA/17/file0" dev="sda1" ino=1951 res=1 errno=0 [ 762.131395][ T5114] usb 4-1: USB disconnect, device number 4 [ 762.411366][ T7163] bridge_slave_1: left allmulticast mode [ 762.417288][ T7163] bridge_slave_1: left promiscuous mode [ 762.424066][ T7163] bridge0: port 2(bridge_slave_1) entered disabled state [ 762.539941][ T7163] bridge_slave_0: left allmulticast mode [ 762.546380][ T7163] bridge_slave_0: left promiscuous mode [ 762.553117][ T7163] bridge0: port 1(bridge_slave_0) entered disabled state [ 763.511331][ T4424] Bluetooth: hci2: command tx timeout [ 763.713921][ T7163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 763.829913][ T7163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 763.902795][ T7163] bond0 (unregistering): Released all slaves [ 765.261735][ T7163] hsr_slave_0: left promiscuous mode [ 765.379713][ T7163] hsr_slave_1: left promiscuous mode [ 765.413587][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 765.422041][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 765.472393][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 765.480365][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 765.582745][ T4424] Bluetooth: hci2: command tx timeout [ 765.595428][ T7163] veth1_macvtap: left promiscuous mode [ 765.601527][ T7163] veth0_macvtap: left promiscuous mode [ 765.607352][ T7163] veth1_vlan: left promiscuous mode [ 765.612958][ T7163] veth0_vlan: left promiscuous mode [ 766.695680][ T9275] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 766.824802][ T7163] team0 (unregistering): Port device team_slave_1 removed [ 766.968030][ T7163] team0 (unregistering): Port device team_slave_0 removed [ 767.661613][ T4424] Bluetooth: hci2: command tx timeout [ 767.769274][ T9201] bridge0: port 1(bridge_slave_0) entered blocking state [ 767.777409][ T9201] bridge0: port 1(bridge_slave_0) entered disabled state [ 767.785178][ T9201] bridge_slave_0: entered allmulticast mode [ 767.793616][ T9201] bridge_slave_0: entered promiscuous mode [ 767.957555][ T9201] bridge0: port 2(bridge_slave_1) entered blocking state [ 767.965530][ T9201] bridge0: port 2(bridge_slave_1) entered disabled state [ 767.973352][ T9201] bridge_slave_1: entered allmulticast mode [ 767.981710][ T9201] bridge_slave_1: entered promiscuous mode [ 768.165534][ T9286] 9pnet_fd: Insufficient options for proto=fd [ 768.279705][ T9201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 768.316966][ T29] audit: type=1804 audit(1718347662.335:81): pid=9286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir540492453/syzkaller.NqLcvA/19/file0" dev="sda1" ino=1954 res=1 errno=0 [ 768.376415][ T9201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 768.788900][ T9201] team0: Port device team_slave_0 added [ 768.873882][ T9201] team0: Port device team_slave_1 added [ 769.073491][ T9201] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 769.080665][ T9201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 769.107511][ T9201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 769.366999][ T9201] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 769.374567][ T9201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 769.401115][ T9201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 769.781795][ T5114] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 769.902914][ T9201] hsr_slave_0: entered promiscuous mode [ 769.914681][ T9201] hsr_slave_1: entered promiscuous mode [ 770.062736][ T5114] usb 3-1: Using ep0 maxpacket: 8 [ 770.201356][ T5114] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 770.213089][ T5114] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 770.223637][ T5114] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 770.234148][ T5114] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 770.247578][ T5114] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 770.257893][ T5114] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 770.652325][ T5114] usb 3-1: GET_CAPABILITIES returned 2f [ 770.658337][ T5114] usbtmc 3-1:16.0: can't read capabilities [ 770.899105][ T5114] usb 3-1: USB disconnect, device number 2 [ 772.084431][ T1222] ieee802154 phy0 wpan0: encryption failed: -22 [ 772.091347][ T1222] ieee802154 phy1 wpan1: encryption failed: -22 [ 772.216470][ T9201] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 772.363297][ T9201] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 772.498804][ T9201] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 772.710343][ T9201] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 772.963469][ T9321] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 774.011763][ T9327] 9pnet_fd: Insufficient options for proto=fd [ 774.171743][ T29] audit: type=1804 audit(1718347668.155:82): pid=9327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2164515733/syzkaller.u00iYu/21/file0" dev="sda1" ino=1961 res=1 errno=0 [ 774.278660][ T9201] 8021q: adding VLAN 0 to HW filter on device bond0 [ 774.814400][ T9201] 8021q: adding VLAN 0 to HW filter on device team0 [ 774.943830][ T779] bridge0: port 1(bridge_slave_0) entered blocking state [ 774.951715][ T779] bridge0: port 1(bridge_slave_0) entered forwarding state [ 775.096086][ T779] bridge0: port 2(bridge_slave_1) entered blocking state [ 775.103648][ T779] bridge0: port 2(bridge_slave_1) entered forwarding state [ 777.966245][ T9201] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 778.062811][ T10] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 778.216983][ T9362] loop1: detected capacity change from 0 to 64 [ 778.276090][ T9362] minix: Unknown parameter '@' [ 778.341001][ T10] usb 3-1: Using ep0 maxpacket: 8 [ 778.512370][ T10] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 778.523880][ T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 778.534528][ T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 778.544961][ T10] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 778.558731][ T10] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 778.568252][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 778.799049][ T9201] veth0_vlan: entered promiscuous mode [ 778.973669][ T9201] veth1_vlan: entered promiscuous mode [ 779.067521][ T10] usb 3-1: usb_control_msg returned -71 [ 779.074679][ T10] usbtmc 3-1:16.0: can't read capabilities [ 779.150134][ T10] usb 3-1: USB disconnect, device number 3 [ 779.419796][ T9370] 9pnet_fd: Insufficient options for proto=fd [ 779.473084][ T9201] veth0_macvtap: entered promiscuous mode [ 779.579090][ T29] audit: type=1804 audit(1718347673.615:83): pid=9370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir540492453/syzkaller.NqLcvA/29/file0" dev="sda1" ino=1952 res=1 errno=0 [ 779.598506][ T9201] veth1_macvtap: entered promiscuous mode [ 779.926300][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 779.937691][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 779.948441][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 779.959054][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 779.969127][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 779.979784][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 779.990293][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 780.001327][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 780.018559][ T9201] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 780.376152][ T9374] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 780.528050][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 780.538823][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 780.550082][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 780.561035][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 780.571648][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 780.582471][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 780.592572][ T9201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 780.603395][ T9201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 780.624713][ T9201] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 781.011505][ T9201] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 781.020652][ T9201] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 781.046357][ T9201] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 781.056025][ T9201] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 784.191831][ T9408] loop3: detected capacity change from 0 to 64 [ 784.250155][ T9408] minix: Unknown parameter '@' [ 784.397911][ T9409] loop1: detected capacity change from 0 to 2048 [ 784.623678][ T9409] loop1: p1 < > p3 [ 784.692027][ T9409] loop1: p3 size 134217728 extends beyond EOD, truncated [ 786.623593][ T5120] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 786.914473][ T5120] usb 2-1: Using ep0 maxpacket: 8 [ 787.052140][ T5120] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 787.063833][ T5120] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 787.077947][ T5120] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 787.089255][ T5120] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 787.102934][ T5120] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 787.112349][ T5120] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 787.569956][ T5120] usb 2-1: usb_control_msg returned -71 [ 787.576978][ T5120] usbtmc 2-1:16.0: can't read capabilities [ 787.654550][ T5120] usb 2-1: USB disconnect, device number 3 [ 788.743022][ T9436] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 790.102392][ T1070] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 790.110455][ T1070] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 790.197359][ T9454] loop2: detected capacity change from 0 to 64 [ 790.237808][ T9454] minix: Unknown parameter '@' [ 790.393871][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 790.402863][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 791.579529][ T9472] loop0: detected capacity change from 0 to 512 [ 791.806811][ T9472] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 791.819888][ T9472] ext4 filesystem being mounted at /root/syzkaller-testdir786966315/syzkaller.11JUG5/0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 792.216178][ T9472] EXT4-fs error (device loop0): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 792.683695][ T9481] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz-executor.0: path /root/syzkaller-testdir786966315/syzkaller.11JUG5/0/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 793.177265][ T9481] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 12: comm syz-executor.0: path /root/syzkaller-testdir786966315/syzkaller.11JUG5/0/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 793.235755][ T9481] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 13: comm syz-executor.0: path /root/syzkaller-testdir786966315/syzkaller.11JUG5/0/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 793.412674][ T9481] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 14: comm syz-executor.0: path /root/syzkaller-testdir786966315/syzkaller.11JUG5/0/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 793.459827][ T9481] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 15: comm syz-executor.0: path /root/syzkaller-testdir786966315/syzkaller.11JUG5/0/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 793.523313][ T5120] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 793.804633][ T5120] usb 5-1: Using ep0 maxpacket: 8 [ 793.974106][ T5120] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 793.985792][ T5120] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 793.996302][ T5120] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 794.006621][ T5120] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 794.020207][ T5120] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 794.029660][ T5120] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 794.484657][ T5120] usb 5-1: usb_control_msg returned -71 [ 794.490681][ T5120] usbtmc 5-1:16.0: can't read capabilities [ 794.632283][ T5120] usb 5-1: USB disconnect, device number 2 [ 795.361094][ T9201] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 795.426253][ T9497] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 800.442228][ T5073] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 800.452258][ T5073] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 800.462065][ T5073] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 800.492122][ T5073] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 800.504889][ T5073] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 800.514589][ T5073] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 801.713732][ T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 801.981190][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 802.062249][ T7163] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 802.124837][ T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 802.136486][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 802.146924][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 802.157064][ T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 802.170440][ T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 802.179733][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 802.299251][ T7163] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 802.371432][ T9541] loop2: detected capacity change from 0 to 512 [ 802.379901][ T9528] chnl_net:caif_netlink_parms(): no params data found [ 802.491341][ T9541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 802.491865][ T7163] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 802.504811][ T9541] ext4 filesystem being mounted at /root/syzkaller-testdir2930904395/syzkaller.aCArwh/28/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 802.613368][ T10] usb 5-1: GET_CAPABILITIES returned 2f [ 802.619624][ T10] usbtmc 5-1:16.0: can't read capabilities [ 802.631314][ T5073] Bluetooth: hci2: command tx timeout [ 802.647296][ T9541] EXT4-fs error (device loop2): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 802.842172][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.844612][ T7163] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 802.851887][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.871966][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.881631][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.891277][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.900910][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.910543][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.920173][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.929803][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.939415][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.949056][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.958591][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.968182][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.977679][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 802.987305][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 803.015004][ T9534] usbtmc 5-1:16.0: Unable to send data, error -71 [ 803.038092][ T10] usb 5-1: USB disconnect, device number 3 [ 803.640032][ T7163] bridge_slave_1: left allmulticast mode [ 803.646378][ T7163] bridge_slave_1: left promiscuous mode [ 803.653092][ T7163] bridge0: port 2(bridge_slave_1) entered disabled state [ 803.804059][ T7163] bridge_slave_0: left allmulticast mode [ 803.809951][ T7163] bridge_slave_0: left promiscuous mode [ 803.817490][ T7163] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.224388][ T9552] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 804.448601][ T9553] loop1: detected capacity change from 0 to 64 [ 804.556422][ T9553] minix: Unknown parameter '@' [ 804.712294][ T5073] Bluetooth: hci2: command tx timeout [ 804.873799][ T7163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 804.956908][ T7163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 805.051726][ T7163] bond0 (unregistering): Released all slaves [ 806.212176][ T8823] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.538317][ T7163] hsr_slave_0: left promiscuous mode [ 806.819432][ T5073] Bluetooth: hci2: command tx timeout [ 806.821821][ T7163] hsr_slave_1: left promiscuous mode [ 806.873595][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 806.881471][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 806.904189][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 806.912009][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 806.964758][ T7163] veth1_macvtap: left promiscuous mode [ 806.970413][ T7163] veth0_macvtap: left promiscuous mode [ 806.976754][ T7163] veth1_vlan: left promiscuous mode [ 806.982586][ T7163] veth0_vlan: left promiscuous mode [ 808.019404][ T7163] team0 (unregistering): Port device team_slave_1 removed [ 808.146845][ T7163] team0 (unregistering): Port device team_slave_0 removed [ 808.879104][ T5073] Bluetooth: hci2: command tx timeout [ 809.050534][ T9528] bridge0: port 1(bridge_slave_0) entered blocking state [ 809.058590][ T9528] bridge0: port 1(bridge_slave_0) entered disabled state [ 809.066362][ T9528] bridge_slave_0: entered allmulticast mode [ 809.074470][ T9528] bridge_slave_0: entered promiscuous mode [ 809.312236][ T9528] bridge0: port 2(bridge_slave_1) entered blocking state [ 809.320099][ T9528] bridge0: port 2(bridge_slave_1) entered disabled state [ 809.329021][ T9528] bridge_slave_1: entered allmulticast mode [ 809.337218][ T9528] bridge_slave_1: entered promiscuous mode [ 809.651773][ T9528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 809.761394][ T9528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 810.000105][ T9528] team0: Port device team_slave_0 added [ 810.069685][ T9528] team0: Port device team_slave_1 added [ 810.412439][ T9528] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 810.423826][ T9528] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 810.451109][ T9528] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 810.691598][ T9528] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 810.699195][ T9528] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 810.727406][ T9528] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 811.357942][ T9528] hsr_slave_0: entered promiscuous mode [ 811.434748][ T9528] hsr_slave_1: entered promiscuous mode [ 812.742438][ T5122] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 813.052564][ T5122] usb 2-1: Using ep0 maxpacket: 8 [ 813.136395][ T9605] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 813.148497][ T9605] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 813.159183][ T9605] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 813.194997][ T9605] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 813.203205][ T5122] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 813.214778][ T5122] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 813.225154][ T5122] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 813.235515][ T5122] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 813.250056][ T5122] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 813.259462][ T5122] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 813.308533][ T9605] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 813.319611][ T9605] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 813.645321][ T9608] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 813.651231][ T5122] usb 2-1: GET_CAPABILITIES returned 2f [ 813.660647][ T5122] usbtmc 2-1:16.0: can't read capabilities [ 813.873122][ T5122] usb 2-1: USB disconnect, device number 4 [ 814.208648][ T9528] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 814.265366][ T9528] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 814.380727][ T9528] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 814.457463][ T9528] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 815.404690][ T9621] loop1: detected capacity change from 0 to 512 [ 815.436463][ T5073] Bluetooth: hci3: command tx timeout [ 815.751560][ T9621] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 815.764877][ T9621] ext4 filesystem being mounted at /root/syzkaller-testdir540492453/syzkaller.NqLcvA/53/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 815.828774][ T9621] EXT4-fs error (device loop1): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.1: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 815.916748][ T7163] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 816.105501][ T7163] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 816.237671][ T9604] chnl_net:caif_netlink_parms(): no params data found [ 816.411372][ T7163] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 816.735741][ T7163] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 816.829353][ T9528] 8021q: adding VLAN 0 to HW filter on device bond0 [ 817.553361][ T5073] Bluetooth: hci3: command tx timeout [ 817.571926][ T7163] bridge_slave_1: left allmulticast mode [ 817.577816][ T7163] bridge_slave_1: left promiscuous mode [ 817.589179][ T7163] bridge0: port 2(bridge_slave_1) entered disabled state [ 817.712376][ T7163] bridge_slave_0: left allmulticast mode [ 817.718301][ T7163] bridge_slave_0: left promiscuous mode [ 817.725239][ T7163] bridge0: port 1(bridge_slave_0) entered disabled state [ 817.826485][ T8734] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 818.810593][ T7163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 818.934227][ T7163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 819.105885][ T7163] bond0 (unregistering): Released all slaves [ 819.188479][ T9528] 8021q: adding VLAN 0 to HW filter on device team0 [ 819.487258][ T5122] bridge0: port 1(bridge_slave_0) entered blocking state [ 819.495187][ T5122] bridge0: port 1(bridge_slave_0) entered forwarding state [ 819.581561][ T9605] Bluetooth: hci3: command tx timeout [ 819.609942][ T5122] bridge0: port 2(bridge_slave_1) entered blocking state [ 819.617740][ T5122] bridge0: port 2(bridge_slave_1) entered forwarding state [ 820.432513][ T7163] hsr_slave_0: left promiscuous mode [ 820.501275][ T7163] hsr_slave_1: left promiscuous mode [ 820.531646][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 820.539390][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 820.578876][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 820.586842][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 820.658278][ T7163] veth1_macvtap: left promiscuous mode [ 820.664231][ T7163] veth0_macvtap: left promiscuous mode [ 820.670121][ T7163] veth1_vlan: left promiscuous mode [ 820.676447][ T7163] veth0_vlan: left promiscuous mode [ 821.538145][ T7163] team0 (unregistering): Port device team_slave_1 removed [ 821.564865][ T7163] team0 (unregistering): Port device team_slave_0 removed [ 821.661183][ T9605] Bluetooth: hci3: command tx timeout [ 822.134714][ T9604] bridge0: port 1(bridge_slave_0) entered blocking state [ 822.142580][ T9604] bridge0: port 1(bridge_slave_0) entered disabled state [ 822.150329][ T9604] bridge_slave_0: entered allmulticast mode [ 822.159536][ T9604] bridge_slave_0: entered promiscuous mode [ 822.175912][ T9604] bridge0: port 2(bridge_slave_1) entered blocking state [ 822.184164][ T9604] bridge0: port 2(bridge_slave_1) entered disabled state [ 822.194559][ T9604] bridge_slave_1: entered allmulticast mode [ 822.203657][ T9604] bridge_slave_1: entered promiscuous mode [ 822.741978][ T9604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 822.841260][ T9604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 823.108545][ T5073] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 823.128849][ T5073] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 823.138282][ T5073] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 823.181916][ T9604] team0: Port device team_slave_0 added [ 823.208508][ T5073] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 823.227369][ T5073] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 823.247040][ T9604] team0: Port device team_slave_1 added [ 823.258103][ T5073] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 823.639210][ T9604] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 823.646838][ T9604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 823.673658][ T9604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 823.885905][ T9604] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 823.894557][ T9604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 823.922508][ T9604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 824.565427][ T9604] hsr_slave_0: entered promiscuous mode [ 824.613195][ T9604] hsr_slave_1: entered promiscuous mode [ 824.656863][ T9604] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 824.664862][ T9604] Cannot create hsr debugfs directory [ 825.319797][ T9528] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 825.344000][ T5073] Bluetooth: hci0: command tx timeout [ 825.893507][ T9664] chnl_net:caif_netlink_parms(): no params data found [ 826.179113][ T9683] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 826.351778][ T9528] veth0_vlan: entered promiscuous mode [ 826.658464][ T9528] veth1_vlan: entered promiscuous mode [ 827.118120][ T9528] veth0_macvtap: entered promiscuous mode [ 827.166505][ T9604] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 827.271175][ T9528] veth1_macvtap: entered promiscuous mode [ 827.323795][ T9604] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 827.433892][ T5073] Bluetooth: hci0: command tx timeout [ 827.712226][ T9604] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 827.755188][ T9604] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 827.818975][ T9664] bridge0: port 1(bridge_slave_0) entered blocking state [ 827.829639][ T9664] bridge0: port 1(bridge_slave_0) entered disabled state [ 827.837425][ T9664] bridge_slave_0: entered allmulticast mode [ 827.845591][ T9664] bridge_slave_0: entered promiscuous mode [ 827.904075][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 827.916631][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 827.931394][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 827.942480][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 827.952582][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 827.963208][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 827.976586][ T9528] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 828.084609][ T9664] bridge0: port 2(bridge_slave_1) entered blocking state [ 828.092530][ T9664] bridge0: port 2(bridge_slave_1) entered disabled state [ 828.100619][ T9664] bridge_slave_1: entered allmulticast mode [ 828.110531][ T9664] bridge_slave_1: entered promiscuous mode [ 828.276309][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 828.287105][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 828.297533][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 828.308199][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 828.318254][ T9528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 828.328964][ T9528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 828.344189][ T9528] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 828.687143][ T9528] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 828.696275][ T9528] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 828.706255][ T9528] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 828.715775][ T9528] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 828.753555][ T9664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 828.817257][ T9664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 829.031298][ T7163] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 829.216649][ T9664] team0: Port device team_slave_0 added [ 829.268969][ T7163] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 829.356946][ T9664] team0: Port device team_slave_1 added [ 829.415481][ T7163] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 829.501103][ T9605] Bluetooth: hci0: command tx timeout [ 829.611417][ T7163] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 829.805370][ T9664] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 829.813819][ T9664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 829.840277][ T9664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 830.013309][ T9664] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 830.020576][ T9664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 830.047527][ T9664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 830.182182][ T7163] bridge_slave_1: left allmulticast mode [ 830.188008][ T7163] bridge_slave_1: left promiscuous mode [ 830.194352][ T7163] bridge0: port 2(bridge_slave_1) entered disabled state [ 830.286314][ T7163] bridge_slave_0: left allmulticast mode [ 830.292427][ T7163] bridge_slave_0: left promiscuous mode [ 830.299089][ T7163] bridge0: port 1(bridge_slave_0) entered disabled state [ 830.461300][ T9605] Bluetooth: hci4: command 0x0406 tx timeout [ 831.024452][ T7163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 831.083433][ T7163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 831.115148][ T7163] bond0 (unregistering): Released all slaves [ 831.534639][ T9664] hsr_slave_0: entered promiscuous mode [ 831.544763][ T9719] loop4: detected capacity change from 0 to 512 [ 831.583468][ T5073] Bluetooth: hci0: command tx timeout [ 831.599029][ T9664] hsr_slave_1: entered promiscuous mode [ 831.648820][ T9664] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 831.656906][ T9664] Cannot create hsr debugfs directory [ 831.819527][ T9719] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 831.833094][ T9719] ext4 filesystem being mounted at /root/syzkaller-testdir1566741126/syzkaller.LqazRg/83/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 831.897517][ T9719] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 833.139504][ T9604] 8021q: adding VLAN 0 to HW filter on device bond0 [ 833.299659][ T7163] hsr_slave_0: left promiscuous mode [ 833.320997][ T7680] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 833.335929][ T7163] hsr_slave_1: left promiscuous mode [ 833.382216][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 833.390009][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 833.412060][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 833.419759][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 833.440478][ T7163] veth1_macvtap: left promiscuous mode [ 833.446302][ T7163] veth0_macvtap: left promiscuous mode [ 833.452306][ T7163] veth1_vlan: left promiscuous mode [ 833.458753][ T7163] veth0_vlan: left promiscuous mode [ 833.529465][ T1222] ieee802154 phy0 wpan0: encryption failed: -22 [ 833.536321][ T1222] ieee802154 phy1 wpan1: encryption failed: -22 [ 834.141788][ T7163] team0 (unregistering): Port device team_slave_1 removed [ 834.219787][ T7163] team0 (unregistering): Port device team_slave_0 removed [ 834.868858][ T9604] 8021q: adding VLAN 0 to HW filter on device team0 [ 835.222139][ T5114] bridge0: port 1(bridge_slave_0) entered blocking state [ 835.230248][ T5114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 835.327518][ T5114] bridge0: port 2(bridge_slave_1) entered blocking state [ 835.335415][ T5114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 836.029903][ T9604] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 836.391030][ T9664] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 836.482792][ T9664] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 836.566120][ T9664] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 836.647654][ T9664] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 838.331286][ T9664] 8021q: adding VLAN 0 to HW filter on device bond0 [ 838.372062][ T9604] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 838.595733][ T9664] 8021q: adding VLAN 0 to HW filter on device team0 [ 838.732380][ T5114] bridge0: port 1(bridge_slave_0) entered blocking state [ 838.740080][ T5114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 838.906689][ T5114] bridge0: port 2(bridge_slave_1) entered blocking state [ 838.914241][ T5114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 839.108739][ T9604] veth0_vlan: entered promiscuous mode [ 839.175953][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 839.184512][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 839.367775][ T9604] veth1_vlan: entered promiscuous mode [ 839.603373][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 839.612366][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 839.867947][ T9605] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 839.884507][ T9605] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 839.904748][ T9605] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 839.906034][ T9604] veth0_macvtap: entered promiscuous mode [ 839.947901][ T9605] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 839.969896][ T9605] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 839.997042][ T9605] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 840.274540][ T9604] veth1_macvtap: entered promiscuous mode [ 840.438956][ T9604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 840.450191][ T9604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.460589][ T9604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 840.471496][ T9604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.481593][ T9604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 840.492723][ T9604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.507703][ T9604] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 840.692761][ T9604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 840.704739][ T9604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.715260][ T9604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 840.727029][ T9604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.737298][ T9604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 840.747926][ T9604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.763416][ T9604] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 840.998260][ T9604] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 841.008464][ T9604] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 841.018935][ T9604] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 841.030027][ T9604] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 841.612826][ T7163] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 841.860716][ T7163] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 841.984263][ T7163] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 842.137241][ T7163] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 842.152792][ T5073] Bluetooth: hci1: command tx timeout [ 842.294481][ T9759] chnl_net:caif_netlink_parms(): no params data found [ 842.473337][ T9664] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 842.656275][ T7163] bridge_slave_1: left allmulticast mode [ 842.663127][ T7163] bridge_slave_1: left promiscuous mode [ 842.669755][ T7163] bridge0: port 2(bridge_slave_1) entered disabled state [ 842.834671][ T7163] bridge_slave_0: left allmulticast mode [ 842.840735][ T7163] bridge_slave_0: left promiscuous mode [ 842.847654][ T7163] bridge0: port 1(bridge_slave_0) entered disabled state [ 843.293297][ T7163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 843.327975][ T7163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 843.349031][ T7163] bond0 (unregistering): Released all slaves [ 844.210655][ T7163] hsr_slave_0: left promiscuous mode [ 844.222506][ T5073] Bluetooth: hci1: command tx timeout [ 844.250189][ T7163] hsr_slave_1: left promiscuous mode [ 844.280567][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 844.289568][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 844.321491][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 844.329210][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 844.380490][ T7163] veth1_macvtap: left promiscuous mode [ 844.387314][ T7163] veth0_macvtap: left promiscuous mode [ 844.393344][ T7163] veth1_vlan: left promiscuous mode [ 844.398925][ T7163] veth0_vlan: left promiscuous mode [ 845.351715][ T7163] team0 (unregistering): Port device team_slave_1 removed [ 845.428851][ T7163] team0 (unregistering): Port device team_slave_0 removed [ 845.683559][ T9793] loop0: detected capacity change from 0 to 1024 [ 845.770449][ T1070] hfsplus: b-tree write err: -5, ino 4 [ 845.955025][ T9664] veth0_vlan: entered promiscuous mode [ 846.105900][ T9664] veth1_vlan: entered promiscuous mode [ 846.324302][ T5073] Bluetooth: hci1: command tx timeout [ 846.516454][ T9801] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 846.759159][ T9759] bridge0: port 1(bridge_slave_0) entered blocking state [ 846.767012][ T9759] bridge0: port 1(bridge_slave_0) entered disabled state [ 846.776946][ T9759] bridge_slave_0: entered allmulticast mode [ 846.786295][ T9759] bridge_slave_0: entered promiscuous mode [ 846.907105][ T9664] veth0_macvtap: entered promiscuous mode [ 846.919262][ T9759] bridge0: port 2(bridge_slave_1) entered blocking state [ 846.927166][ T9759] bridge0: port 2(bridge_slave_1) entered disabled state [ 846.934727][ T9759] bridge_slave_1: entered allmulticast mode [ 846.942891][ T9759] bridge_slave_1: entered promiscuous mode [ 847.062874][ T9664] veth1_macvtap: entered promiscuous mode [ 847.335130][ T9759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 847.475798][ T9759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 847.499993][ T9664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 847.511463][ T9664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 847.521740][ T9664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 847.532600][ T9664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 847.542741][ T9664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 847.553502][ T9664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 847.568697][ T9664] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 847.973093][ T9759] team0: Port device team_slave_0 added [ 848.021369][ T9664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 848.032231][ T9664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 848.042475][ T9664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 848.053237][ T9664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 848.063416][ T9664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 848.074201][ T9664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 848.089174][ T9664] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 848.121662][ T9759] team0: Port device team_slave_1 added [ 848.329846][ T9759] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 848.338352][ T9759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 848.364841][ T9759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 848.381801][ T5073] Bluetooth: hci1: command tx timeout [ 848.400436][ T9664] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 848.411554][ T9664] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 848.420588][ T9664] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 848.430221][ T9664] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 848.626910][ T9759] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 848.634629][ T9759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 848.660967][ T9759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 848.973271][ T9759] hsr_slave_0: entered promiscuous mode [ 848.986809][ T9759] hsr_slave_1: entered promiscuous mode [ 849.049318][ T9759] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 849.057722][ T9759] Cannot create hsr debugfs directory [ 851.149713][ T9842] loop0: detected capacity change from 0 to 512 [ 851.511368][ T9759] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 851.560633][ T9759] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 851.563140][ T9842] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 851.581956][ T9842] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/8/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 851.672408][ T9842] EXT4-fs error (device loop0): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 851.755474][ T9759] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 851.842944][ T9759] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 853.560246][ T9759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 853.867653][ T9759] 8021q: adding VLAN 0 to HW filter on device team0 [ 853.881659][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 853.889735][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 854.045020][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 854.052787][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 854.170004][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 854.177548][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 854.311819][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 854.319886][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 855.403987][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 855.589510][ T9875] loop2: detected capacity change from 0 to 64 [ 855.668297][ T9875] minix: Unknown parameter '@' [ 857.141408][ T9759] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 857.481565][ T9895] loop2: detected capacity change from 0 to 16 [ 858.225750][ T9605] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 858.240558][ T9605] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 858.259581][ T9605] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 858.288759][ T9605] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 858.305826][ T4304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 858.314166][ T4304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 858.323673][ T9605] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 858.337816][ T9605] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 858.739251][ T4304] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 858.747644][ T4304] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 858.890042][ T7163] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 859.039281][ T7163] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 859.332271][ T7163] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 859.606648][ T7163] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 859.943567][ T9923] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 860.265736][ T43] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 860.411294][ T9605] Bluetooth: hci4: command tx timeout [ 860.444229][ T7163] bridge_slave_1: left allmulticast mode [ 860.450113][ T7163] bridge_slave_1: left promiscuous mode [ 860.459138][ T7163] bridge0: port 2(bridge_slave_1) entered disabled state [ 860.535679][ T7163] bridge_slave_0: left allmulticast mode [ 860.544312][ T7163] bridge_slave_0: left promiscuous mode [ 860.551028][ T7163] bridge0: port 1(bridge_slave_0) entered disabled state [ 860.593531][ T43] usb 2-1: Using ep0 maxpacket: 8 [ 860.733966][ T43] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 860.745724][ T43] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 860.756222][ T43] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 860.766481][ T43] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 860.780010][ T43] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 860.791165][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 861.154081][ T43] usb 2-1: GET_CAPABILITIES returned 0 [ 861.160118][ T43] usbtmc 2-1:16.0: can't read capabilities [ 861.352390][ T7163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 861.387026][ T7163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 861.401164][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.410846][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.420681][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.430467][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.440270][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.450085][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.459883][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.469704][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.479505][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.489322][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.499127][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.508955][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.518759][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.528588][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.538392][ C1] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 861.569020][ T9921] usbtmc 2-1:16.0: Unable to send data, error -71 [ 861.582110][ T7163] bond0 (unregistering): Released all slaves [ 861.589471][ T9877] usb 2-1: USB disconnect, device number 5 [ 861.668651][ T9902] chnl_net:caif_netlink_parms(): no params data found [ 862.252197][ T9759] veth0_vlan: entered promiscuous mode [ 862.462191][ T9605] Bluetooth: hci4: command tx timeout [ 862.616190][ T9759] veth1_vlan: entered promiscuous mode [ 862.943508][ T7163] hsr_slave_0: left promiscuous mode [ 863.017992][ T7163] hsr_slave_1: left promiscuous mode [ 863.056927][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 863.065145][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 863.145823][ T7163] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 863.156126][ T7163] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 863.241438][ T7163] veth1_macvtap: left promiscuous mode [ 863.247309][ T7163] veth0_macvtap: left promiscuous mode [ 863.255132][ T7163] veth1_vlan: left promiscuous mode [ 863.261782][ T7163] veth0_vlan: left promiscuous mode [ 863.880581][ T9950] loop1: detected capacity change from 0 to 512 [ 864.085855][ T9950] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 864.099335][ T9950] ext4 filesystem being mounted at /root/syzkaller-testdir1675031667/syzkaller.V6O9fp/2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 864.245688][ T9950] EXT4-fs error (device loop1): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.1: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 864.553151][ T9605] Bluetooth: hci4: command tx timeout [ 864.780060][ T9958] loop0: detected capacity change from 0 to 64 [ 864.806575][ T7163] team0 (unregistering): Port device team_slave_1 removed [ 864.876230][ T9958] minix: Unknown parameter '@' [ 864.991158][ T7163] team0 (unregistering): Port device team_slave_0 removed [ 866.024047][ T9664] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 866.174554][ T9759] veth0_macvtap: entered promiscuous mode [ 866.341033][ T9759] veth1_macvtap: entered promiscuous mode [ 866.532473][ T9902] bridge0: port 1(bridge_slave_0) entered blocking state [ 866.540271][ T9902] bridge0: port 1(bridge_slave_0) entered disabled state [ 866.548229][ T9902] bridge_slave_0: entered allmulticast mode [ 866.557498][ T9902] bridge_slave_0: entered promiscuous mode [ 866.639731][ T9605] Bluetooth: hci4: command tx timeout [ 866.779860][ T9759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 866.797470][ T9759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 866.810164][ T9759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 866.820971][ T9759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 866.832053][ T9759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 866.844068][ T9759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 866.859437][ T9759] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 866.869030][ T9902] bridge0: port 2(bridge_slave_1) entered blocking state [ 866.876921][ T9902] bridge0: port 2(bridge_slave_1) entered disabled state [ 866.885043][ T9902] bridge_slave_1: entered allmulticast mode [ 866.894307][ T9902] bridge_slave_1: entered promiscuous mode [ 866.979175][ T9759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 866.990166][ T9759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 867.000381][ T9759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 867.011193][ T9759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 867.021384][ T9759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 867.032284][ T9759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 867.053946][ T9759] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 867.339420][ T9902] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 867.435030][ T9759] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 867.444287][ T9759] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 867.454639][ T9759] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 867.464164][ T9759] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 867.510499][ T9902] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 868.051464][ T9902] team0: Port device team_slave_0 added [ 868.119759][ T9902] team0: Port device team_slave_1 added [ 868.525713][ T9902] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 868.535021][ T9902] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 868.561535][ T9902] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 868.631561][ T9988] loop0: detected capacity change from 0 to 64 [ 868.668978][ T9988] hfs: unable to parse mount options [ 868.734940][ T9902] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 868.744758][ T9902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 868.772459][ T9902] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 869.270749][ T9991] loop0: detected capacity change from 0 to 512 [ 869.424462][ T9902] hsr_slave_0: entered promiscuous mode [ 869.477593][ T9902] hsr_slave_1: entered promiscuous mode [ 869.539958][ T9902] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 869.549936][ T9902] Cannot create hsr debugfs directory [ 869.607320][ T9991] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 869.647263][ T9991] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 869.731281][ T9991] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 869.744313][ T9991] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/17/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 870.187332][ T9988] overlayfs: upper fs needs to support d_type. [ 870.855882][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 871.287790][ T9902] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 871.393093][ T9902] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 871.491270][ T9902] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 871.618635][ T9902] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 872.714424][T10014] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 873.238818][ T9902] 8021q: adding VLAN 0 to HW filter on device bond0 [ 873.488859][ T9902] 8021q: adding VLAN 0 to HW filter on device team0 [ 873.616450][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 873.624695][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 873.747024][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 873.754587][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 874.691490][ T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 874.981318][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 875.121641][ T10] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 875.135151][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 875.147730][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 875.158310][ T10] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 875.171968][ T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 875.181484][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 875.533435][ T10] usb 1-1: GET_CAPABILITIES returned 70 [ 875.539809][ T10] usbtmc 1-1:16.0: can't read capabilities [ 875.781315][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.791003][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.800755][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.810548][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.820316][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.830061][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.839887][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.849695][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.859446][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.869173][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.878896][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.888648][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.898447][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.908162][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.917885][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 875.974171][T10025] usbtmc 1-1:16.0: Unable to send data, error -71 [ 876.181016][ T5121] usb 1-1: USB disconnect, device number 3 [ 876.195159][ T4304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 876.203392][ T4304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 876.385999][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 876.394314][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 876.434964][ T9902] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 877.065882][ T9902] veth0_vlan: entered promiscuous mode [ 877.220660][ T9902] veth1_vlan: entered promiscuous mode [ 877.496818][T10041] loop0: detected capacity change from 0 to 512 [ 877.650476][ T9902] veth0_macvtap: entered promiscuous mode [ 877.808269][ T9902] veth1_macvtap: entered promiscuous mode [ 877.887331][T10041] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 877.905228][T10041] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/21/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 878.147654][T10041] EXT4-fs error (device loop0): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 878.173891][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 878.186115][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.198877][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 878.219595][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.233016][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 878.244680][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.255080][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 878.265984][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.282904][ T9902] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 878.412599][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 878.424187][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.434204][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 878.444784][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.454854][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 878.465733][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.475934][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 878.486629][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.500207][ T9902] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 878.562541][ T9902] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 878.571713][ T9902] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 878.580694][ T9902] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 878.589806][ T9902] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 880.167757][T10053] loop4: detected capacity change from 0 to 64 [ 880.216753][T10053] minix: Unknown parameter '@' [ 881.250414][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 881.945659][T10075] loop0: detected capacity change from 0 to 64 [ 882.027574][T10075] hfs: unable to parse mount options [ 882.569177][T10075] loop0: detected capacity change from 0 to 512 [ 882.639342][T10078] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 882.743663][T10075] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 882.862443][T10075] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 883.012411][T10075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 883.030411][T10075] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/22/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 883.509768][T10075] overlayfs: upper fs needs to support d_type. [ 883.661195][T10075] overlayfs: failed index dir cleanup (-512) [ 883.667409][T10075] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 884.220426][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 885.202198][ T10] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 885.557646][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 885.684546][ T10] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 885.696551][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 885.707408][ T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 885.717589][ T10] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 885.731097][ T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 885.740313][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 886.031515][ T10] usb 1-1: GET_CAPABILITIES returned 2f [ 886.037448][ T10] usbtmc 1-1:16.0: can't read capabilities [ 886.281051][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.290763][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.300593][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.310410][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.320230][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.329893][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.339469][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.349047][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.358609][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.368174][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.377742][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.387401][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.397054][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.406633][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.416200][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.425763][ C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 886.452072][T10102] usbtmc 1-1:16.0: Unable to send data, error -71 [ 886.481159][ T10] usb 1-1: USB disconnect, device number 4 [ 886.688011][ T4304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 886.696204][ T4304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 886.906485][ T3093] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 886.919618][ T3093] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 887.897251][T10116] loop0: detected capacity change from 0 to 64 [ 887.979022][T10116] minix: Unknown parameter '@' [ 888.994318][T10124] loop2: detected capacity change from 0 to 512 [ 889.196819][T10124] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 889.210099][T10124] ext4 filesystem being mounted at /root/syzkaller-testdir3691962834/syzkaller.6ryLLT/11/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 889.309853][T10124] EXT4-fs error (device loop2): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 889.840177][T10124] fuse: Bad value for 'fd' [ 890.122130][T10134] loop4: detected capacity change from 0 to 64 [ 890.139147][T10137] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 890.193583][T10134] hfs: unable to parse mount options [ 890.710503][T10134] loop4: detected capacity change from 0 to 512 [ 890.896391][T10134] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz-executor.4: iget: bad i_size value: -67835469387268086 [ 891.021284][T10134] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 891.125967][T10134] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 891.139795][T10134] ext4 filesystem being mounted at /root/syzkaller-testdir1979665159/syzkaller.Fz6fmM/9/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 891.537624][T10134] overlayfs: upper fs needs to support d_type. [ 892.106600][ T9759] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 892.570561][ T9604] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 893.071337][ T8] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 893.365911][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 893.541249][ T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 893.552797][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 893.563273][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 893.579013][ T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 893.594010][ T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 893.603534][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 894.018576][ T8] usb 5-1: GET_CAPABILITIES returned 2f [ 894.024711][ T8] usbtmc 5-1:16.0: can't read capabilities [ 894.241009][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.250710][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.260369][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.269983][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.279576][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.289180][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.298779][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.308376][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.317958][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.327535][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.337116][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.346712][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.356292][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.365863][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.375451][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.385114][ C0] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 894.406046][T10160] usbtmc 5-1:16.0: Unable to send data, error -71 [ 894.445572][ T8] usb 5-1: USB disconnect, device number 4 [ 894.480488][ T8983] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 894.960648][ T1222] ieee802154 phy0 wpan0: encryption failed: -22 [ 894.967844][ T1222] ieee802154 phy1 wpan1: encryption failed: -22 [ 894.986261][ T8983] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 895.290464][ T8983] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 895.428986][ T8983] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 896.001786][ T8983] bridge_slave_1: left allmulticast mode [ 896.007789][ T8983] bridge_slave_1: left promiscuous mode [ 896.014634][ T8983] bridge0: port 2(bridge_slave_1) entered disabled state [ 896.131719][ T8983] bridge_slave_0: left allmulticast mode [ 896.137675][ T8983] bridge_slave_0: left promiscuous mode [ 896.146671][ T8983] bridge0: port 1(bridge_slave_0) entered disabled state [ 896.616641][ T5073] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 896.631180][ T5073] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 896.648565][ T5073] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 896.773628][ T5073] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 896.786169][ T5073] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 896.796449][ T5073] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 896.952522][ T8983] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 897.000470][ T8983] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 897.040053][ T8983] bond0 (unregistering): Released all slaves [ 898.080250][T10188] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 898.161632][ T8983] hsr_slave_0: left promiscuous mode [ 898.252672][ T8983] hsr_slave_1: left promiscuous mode [ 898.349498][ T8983] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 898.357907][ T8983] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 898.454539][ T8983] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 898.469222][ T8983] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 898.682689][ T8983] veth1_macvtap: left promiscuous mode [ 898.690588][ T8983] veth0_macvtap: left promiscuous mode [ 898.697132][ T8983] veth1_vlan: left promiscuous mode [ 898.702784][ T8983] veth0_vlan: left promiscuous mode [ 898.871900][ T5073] Bluetooth: hci0: command tx timeout [ 899.141934][T10199] loop0: detected capacity change from 0 to 64 [ 899.260553][T10199] hfs: unable to parse mount options [ 899.539657][T10207] loop4: detected capacity change from 0 to 512 [ 899.737418][T10199] loop0: detected capacity change from 0 to 512 [ 899.877716][T10207] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 899.891281][T10207] ext4 filesystem being mounted at /root/syzkaller-testdir1979665159/syzkaller.Fz6fmM/14/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 899.978117][T10199] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 900.013086][T10207] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 900.086794][T10199] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 900.188000][ T8983] team0 (unregistering): Port device team_slave_1 removed [ 900.218117][ T8983] team0 (unregistering): Port device team_slave_0 removed [ 900.272537][T10199] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 900.285502][T10199] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/30/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 900.563053][T10199] overlayfs: upper fs needs to support d_type. [ 900.729617][T10199] overlayfs: failed index dir cleanup (-512) [ 900.739275][T10199] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 901.202253][ T5073] Bluetooth: hci0: command tx timeout [ 901.246594][T10220] fuse: Bad value for 'fd' [ 901.689262][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 902.387909][T10171] chnl_net:caif_netlink_parms(): no params data found [ 903.265438][ T5073] Bluetooth: hci0: command tx timeout [ 903.783709][ T9759] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 904.443774][T10171] bridge0: port 1(bridge_slave_0) entered blocking state [ 904.453110][T10171] bridge0: port 1(bridge_slave_0) entered disabled state [ 904.463171][T10171] bridge_slave_0: entered allmulticast mode [ 904.472794][T10171] bridge_slave_0: entered promiscuous mode [ 904.625819][T10171] bridge0: port 2(bridge_slave_1) entered blocking state [ 904.633674][T10171] bridge0: port 2(bridge_slave_1) entered disabled state [ 904.642047][T10171] bridge_slave_1: entered allmulticast mode [ 904.651264][T10171] bridge_slave_1: entered promiscuous mode [ 905.169894][T10171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 905.267339][T10171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 905.352563][ T5073] Bluetooth: hci0: command tx timeout [ 905.813325][T10171] team0: Port device team_slave_0 added [ 906.002105][T10171] team0: Port device team_slave_1 added [ 906.268225][T10171] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 906.275408][T10171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 906.301774][T10171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 906.551662][T10171] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 906.558884][T10171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 906.588571][T10171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 907.239211][T10171] hsr_slave_0: entered promiscuous mode [ 907.322872][T10171] hsr_slave_1: entered promiscuous mode [ 907.385696][T10171] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 907.399098][T10171] Cannot create hsr debugfs directory [ 909.826643][T10171] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 909.866399][T10280] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 909.933046][T10171] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 910.057159][T10171] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 910.175251][T10171] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 910.587776][T10290] loop2: detected capacity change from 0 to 64 [ 910.649955][T10290] hfs: unable to parse mount options [ 911.168229][T10290] loop2: detected capacity change from 0 to 512 [ 911.385940][T10290] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: iget: bad i_size value: -67835469387268086 [ 911.421434][T10290] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 911.435679][T10290] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 911.448480][T10290] ext4 filesystem being mounted at /root/syzkaller-testdir3691962834/syzkaller.6ryLLT/18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 911.577948][T10290] overlayfs: upper fs needs to support d_type. [ 912.122662][T10171] 8021q: adding VLAN 0 to HW filter on device bond0 [ 912.200468][ T9604] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 912.282525][T10301] loop4: detected capacity change from 0 to 512 [ 912.301568][T10171] 8021q: adding VLAN 0 to HW filter on device team0 [ 912.377121][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 912.384666][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 912.446836][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 912.454442][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 912.602042][T10301] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 912.617026][T10301] ext4 filesystem being mounted at /root/syzkaller-testdir1979665159/syzkaller.Fz6fmM/18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 912.756846][T10301] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #2: block 3: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 912.878682][T10171] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 912.889660][T10171] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 913.818037][T10301] fuse: Bad value for 'fd' [ 914.415461][ T9759] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 915.726869][T10171] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 916.602625][T10171] veth0_vlan: entered promiscuous mode [ 916.851311][T10171] veth1_vlan: entered promiscuous mode [ 917.636131][T10171] veth0_macvtap: entered promiscuous mode [ 917.777569][T10171] veth1_macvtap: entered promiscuous mode [ 918.034965][T10171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 918.051277][T10171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.063434][T10171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 918.074783][T10171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.084853][T10171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 918.095496][T10171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.105824][T10171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 918.116405][T10171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.130044][T10171] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 918.222936][T10171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 918.233803][T10171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.247458][T10171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 918.259134][T10171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.269139][T10171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 918.279714][T10171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.289776][T10171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 918.300436][T10171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 918.314273][T10171] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 918.697188][T10171] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 918.709150][T10171] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 918.720040][T10171] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 918.729259][T10171] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 919.213011][T10357] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 919.435545][T10361] loop0: detected capacity change from 0 to 64 [ 919.512640][T10361] hfs: unable to parse mount options [ 920.079197][T10361] loop0: detected capacity change from 0 to 512 [ 920.526956][T10361] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 920.587645][T10361] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 920.632687][T10361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 920.645778][T10361] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 920.933521][T10361] overlayfs: upper fs needs to support d_type. [ 921.133762][T10361] overlayfs: failed index dir cleanup (-512) [ 921.139885][T10361] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 921.534049][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 921.549261][T10379] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 922.431763][T10390] loop0: detected capacity change from 0 to 256 [ 922.733983][T10390] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 925.746666][T10430] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 927.365693][T10446] loop2: detected capacity change from 0 to 64 [ 927.447896][T10446] hfs: unable to parse mount options [ 927.573209][T10449] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 927.741273][ T9605] Bluetooth: hci2: command 0x0406 tx timeout [ 927.864615][T10446] loop2: detected capacity change from 0 to 512 [ 928.053006][T10446] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: iget: bad i_size value: -67835469387268086 [ 928.096496][T10446] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 928.116548][T10446] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 928.129315][T10446] ext4 filesystem being mounted at /root/syzkaller-testdir3691962834/syzkaller.6ryLLT/29/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 928.246440][T10446] overlayfs: upper fs needs to support d_type. [ 928.812868][T10458] loop4: detected capacity change from 0 to 256 [ 928.863446][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 928.871621][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 928.897255][ T9604] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 928.931142][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 928.939211][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 929.189192][T10458] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 930.077630][T10472] loop1: detected capacity change from 0 to 64 [ 930.173609][T10472] minix: Unknown parameter '@' [ 932.323446][T10491] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 933.364308][T10500] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 933.796843][T10505] loop1: detected capacity change from 0 to 64 [ 933.880073][T10505] hfs: unable to parse mount options [ 934.437647][T10505] loop1: detected capacity change from 0 to 512 [ 934.461033][T10511] loop0: detected capacity change from 0 to 256 [ 934.763107][T10505] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: iget: bad i_size value: -67835469387268086 [ 934.785759][T10505] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 934.803607][T10505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 934.816290][T10505] ext4 filesystem being mounted at /root/syzkaller-testdir408215855/syzkaller.yKoymu/3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 934.842940][T10511] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 934.988940][T10505] overlayfs: upper fs needs to support d_type. [ 935.316249][T10518] loop2: detected capacity change from 0 to 64 [ 935.387243][T10518] minix: Unknown parameter '@' [ 935.616365][T10171] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 937.989038][ T9605] Bluetooth: hci3: command 0x0406 tx timeout [ 938.219452][T10536] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 938.334382][T10537] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 940.794324][T10552] loop1: detected capacity change from 0 to 256 [ 941.027269][T10552] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 941.044253][T10555] loop4: detected capacity change from 0 to 64 [ 941.133532][T10555] hfs: unable to parse mount options [ 941.237699][T10557] loop2: detected capacity change from 0 to 64 [ 941.317312][T10557] minix: Unknown parameter '@' [ 941.546279][T10555] loop4: detected capacity change from 0 to 512 [ 941.706004][T10555] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz-executor.4: iget: bad i_size value: -67835469387268086 [ 941.753624][T10555] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 941.790365][T10555] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 941.807260][T10555] ext4 filesystem being mounted at /root/syzkaller-testdir1979665159/syzkaller.Fz6fmM/35/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 942.225270][T10555] overlayfs: upper fs needs to support d_type. [ 942.961123][ T5114] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 942.995778][ T9759] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 943.233872][ T5114] usb 1-1: device descriptor read/64, error -71 [ 943.519727][T10572] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 943.548766][ T5114] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 943.646578][T10575] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 943.817562][ T5114] usb 1-1: device descriptor read/64, error -71 [ 943.972497][ T5114] usb usb1-port1: attempt power cycle [ 944.441238][ T5114] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 944.566085][ T5114] usb 1-1: device descriptor read/8, error -71 [ 944.883301][ T5114] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 945.011261][ T5114] usb 1-1: device descriptor read/8, error -71 [ 945.168227][ T5114] usb usb1-port1: unable to enumerate USB device [ 947.243741][T10598] loop1: detected capacity change from 0 to 256 [ 947.419469][T10598] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 947.542636][T10602] loop0: detected capacity change from 0 to 64 [ 947.613501][T10602] minix: Unknown parameter '@' [ 947.666060][T10603] loop4: detected capacity change from 0 to 64 [ 947.786492][T10603] hfs: unable to parse mount options [ 948.217956][T10603] loop4: detected capacity change from 0 to 512 [ 948.371250][T10603] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz-executor.4: iget: bad i_size value: -67835469387268086 [ 948.488142][T10603] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 948.547551][T10603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 948.564909][T10603] ext4 filesystem being mounted at /root/syzkaller-testdir1979665159/syzkaller.Fz6fmM/39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 948.853093][T10610] overlayfs: upper fs needs to support d_type. [ 948.924156][T10613] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 948.937712][T10615] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 949.152444][T10610] overlayfs: failed index dir cleanup (-512) [ 949.158667][T10610] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 949.729343][ T9759] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 950.242059][ T5120] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 950.461592][ T5120] usb 4-1: device descriptor read/64, error -71 [ 950.774612][ T29] audit: type=1326 audit(1718347844.785:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 950.797959][ T29] audit: type=1326 audit(1718347844.785:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 950.814105][ T5120] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 950.825196][ T29] audit: type=1326 audit(1718347844.835:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 950.852615][ T29] audit: type=1326 audit(1718347844.835:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 950.877163][ T29] audit: type=1326 audit(1718347844.845:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 950.900447][ T29] audit: type=1326 audit(1718347844.845:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 950.928456][ T29] audit: type=1326 audit(1718347844.845:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf744d5a7 code=0x7ffc0000 [ 950.953072][ T29] audit: type=1326 audit(1718347844.855:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 950.976021][ T29] audit: type=1326 audit(1718347844.855:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf744d579 code=0x7ffc0000 [ 950.998869][ T29] audit: type=1326 audit(1718347844.855:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10629 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf744d5a7 code=0x7ffc0000 [ 952.015540][T10642] loop4: detected capacity change from 0 to 256 [ 952.375370][T10642] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 952.539658][T10650] loop3: detected capacity change from 0 to 64 [ 952.565646][T10650] minix: Unknown parameter '@' [ 953.067715][T10656] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 953.741333][T10662] loop0: detected capacity change from 0 to 64 [ 953.791395][T10662] hfs: unable to parse mount options [ 954.142023][T10662] loop0: detected capacity change from 0 to 512 [ 954.234062][T10662] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 954.278819][T10662] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 954.308126][T10662] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 954.322248][T10662] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 954.416213][T10670] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 954.477761][T10662] overlayfs: upper fs needs to support d_type. [ 955.349065][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 956.400268][ T1222] ieee802154 phy0 wpan0: encryption failed: -22 [ 956.407050][ T1222] ieee802154 phy1 wpan1: encryption failed: -22 [ 956.511282][ T5120] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 956.758155][ T5120] usb 4-1: device descriptor read/64, error -71 [ 957.003441][T10687] loop0: detected capacity change from 0 to 256 [ 957.071060][ T5120] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 957.189005][T10687] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 957.468818][ T5120] usb 4-1: device descriptor read/64, error -71 [ 957.609519][ T5120] usb usb4-port1: attempt power cycle [ 957.987973][T10691] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 958.139014][ T5120] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 958.285211][ T5120] usb 4-1: device descriptor read/8, error -71 [ 958.621778][ T5120] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 958.745076][T10694] loop0: detected capacity change from 0 to 64 [ 958.792238][ T5120] usb 4-1: device descriptor read/8, error -71 [ 958.829950][T10694] minix: Unknown parameter '@' [ 958.934275][ T5120] usb usb4-port1: unable to enumerate USB device [ 959.946643][T10701] loop0: detected capacity change from 0 to 64 [ 960.040004][T10701] hfs: unable to parse mount options [ 960.282754][T10705] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 960.369397][T10701] loop0: detected capacity change from 0 to 512 [ 960.623155][T10701] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 960.713418][T10701] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 960.767052][T10701] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 960.780057][T10701] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/60/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 960.920233][T10701] overlayfs: upper fs needs to support d_type. [ 961.463915][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 961.852826][T10721] loop1: detected capacity change from 0 to 256 [ 962.060201][T10721] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 962.140184][T10727] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 963.041210][T10735] loop0: detected capacity change from 0 to 64 [ 963.075639][T10735] minix: Unknown parameter '@' [ 963.261127][ T5114] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 963.481599][ T5114] usb 2-1: device descriptor read/64, error -71 [ 963.622132][ T5073] Bluetooth: hci1: command 0x0406 tx timeout [ 963.831267][ T5114] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 964.060990][ T5114] usb 2-1: device descriptor read/64, error -71 [ 964.199281][ T5114] usb usb2-port1: attempt power cycle [ 964.636674][ T5114] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 964.741911][ T5114] usb 2-1: device descriptor read/8, error -71 [ 964.986741][T10744] loop0: detected capacity change from 0 to 64 [ 965.016632][T10744] hfs: unable to parse mount options [ 965.071121][ T5114] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 965.180261][ T5114] usb 2-1: device descriptor read/8, error -71 [ 965.302542][T10744] loop0: detected capacity change from 0 to 512 [ 965.358275][ T5114] usb usb2-port1: unable to enumerate USB device [ 965.461665][T10744] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 965.603541][T10744] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 965.663414][T10744] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 965.676494][T10744] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/65/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 965.852626][T10744] overlayfs: upper fs needs to support d_type. [ 966.455657][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 967.182069][T10756] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 967.524623][T10762] loop4: detected capacity change from 0 to 256 [ 967.801218][T10762] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 968.500444][T10769] loop2: detected capacity change from 0 to 64 [ 968.594846][T10769] minix: Unknown parameter '@' [ 969.037366][T10777] loop3: detected capacity change from 0 to 64 [ 969.096090][T10777] hfs: unable to parse mount options [ 969.393769][ T10] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 969.517324][T10777] loop3: detected capacity change from 0 to 512 [ 969.721267][ T10] usb 1-1: device descriptor read/64, error -71 [ 969.792547][T10777] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz-executor.3: iget: bad i_size value: -67835469387268086 [ 969.910282][T10777] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 970.016765][ T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 970.044690][T10777] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 970.061734][T10777] ext4 filesystem being mounted at /root/syzkaller-testdir351443799/syzkaller.MceLhj/21/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 970.208108][T10777] overlayfs: upper fs needs to support d_type. [ 970.231375][ T10] usb 1-1: device descriptor read/64, error -71 [ 970.362935][ T10] usb usb1-port1: attempt power cycle [ 970.666186][ T9902] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 970.852405][ T10] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 971.003891][ T10] usb 1-1: device descriptor read/8, error -71 [ 971.162300][T10796] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 971.292616][ T10] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 971.394460][ T10] usb 1-1: device descriptor read/8, error -71 [ 971.526490][ T10] usb usb1-port1: unable to enumerate USB device [ 971.940902][T10803] loop4: detected capacity change from 0 to 256 [ 972.159663][T10803] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 972.992182][T10810] syz-executor.3[10810] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 972.992773][T10810] syz-executor.3[10810] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 973.152314][T10813] loop0: detected capacity change from 0 to 64 [ 973.218778][T10813] minix: Unknown parameter '@' [ 973.926328][T10821] loop0: detected capacity change from 0 to 64 [ 974.016266][T10821] hfs: unable to parse mount options [ 974.403844][T10825] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 974.418909][T10821] loop0: detected capacity change from 0 to 512 [ 974.530009][T10821] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 974.556770][T10821] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 974.595372][T10821] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 974.609112][T10821] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/71/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 974.833718][T10821] overlayfs: upper fs needs to support d_type. [ 975.410416][T10836] loop2: detected capacity change from 0 to 256 [ 975.483252][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 975.571370][ T5120] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 975.656458][T10836] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 975.801221][ T5120] usb 4-1: device descriptor read/64, error -71 [ 976.142247][ T5120] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 976.397650][ T5120] usb 4-1: device descriptor read/64, error -71 [ 976.590368][ T5120] usb usb4-port1: attempt power cycle [ 977.121489][ T5120] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 977.242488][ T5120] usb 4-1: device descriptor read/8, error -71 [ 977.400202][T10854] loop2: detected capacity change from 0 to 64 [ 977.728387][ T5120] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 977.921272][ T5120] usb 4-1: device descriptor read/8, error -71 [ 978.084000][ T5120] usb usb4-port1: unable to enumerate USB device [ 978.531099][T10868] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 978.964909][T10874] loop4: detected capacity change from 0 to 64 [ 979.036625][T10874] hfs: unable to parse mount options [ 979.429655][T10874] loop4: detected capacity change from 0 to 512 [ 979.533115][T10874] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz-executor.4: iget: bad i_size value: -67835469387268086 [ 979.768588][T10874] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 979.875361][T10874] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 979.892558][T10874] ext4 filesystem being mounted at /root/syzkaller-testdir1979665159/syzkaller.Fz6fmM/57/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 980.311922][T10888] overlayfs: upper fs needs to support d_type. [ 980.847786][ T9759] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 981.395356][T10894] loop0: detected capacity change from 0 to 64 [ 982.357878][T10897] loop4: detected capacity change from 0 to 4096 [ 982.420913][T10897] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 982.451709][ T10] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 982.745811][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 982.753886][T10897] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 982.921592][ T10] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 982.932478][ T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 982.942149][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 983.738377][T10913] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 984.061031][ T5073] Bluetooth: hci4: command 0x0406 tx timeout [ 984.668513][T10924] loop2: detected capacity change from 0 to 64 [ 984.719626][T10924] hfs: unable to parse mount options [ 985.048376][T10924] loop2: detected capacity change from 0 to 512 [ 985.227285][T10924] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: iget: bad i_size value: -67835469387268086 [ 985.237986][ T5120] usb 1-1: USB disconnect, device number 13 [ 985.359564][T10924] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 985.436990][T10924] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 985.449928][T10924] ext4 filesystem being mounted at /root/syzkaller-testdir3691962834/syzkaller.6ryLLT/54/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 985.761657][T10924] overlayfs: upper fs needs to support d_type. [ 985.837382][T10932] loop0: detected capacity change from 0 to 64 [ 986.433531][ T9604] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 986.913531][T10940] netlink: 196 bytes leftover after parsing attributes in process `syz-executor.0'. [ 987.975126][T10952] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 988.471237][ T25] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 988.711122][ T25] usb 2-1: device descriptor read/64, error -71 [ 988.801363][ T5120] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 988.993003][ T25] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 989.095385][ T5120] usb 3-1: Using ep0 maxpacket: 8 [ 989.221330][ T25] usb 2-1: device descriptor read/64, error -71 [ 989.235287][ T5120] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 989.246107][ T5120] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 989.255539][ T5120] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 989.300151][T10966] loop3: detected capacity change from 0 to 64 [ 989.329915][T10966] hfs: unable to parse mount options [ 989.352325][ T25] usb usb2-port1: attempt power cycle [ 989.536505][T10966] loop3: detected capacity change from 0 to 512 [ 989.579794][T10966] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz-executor.3: iget: bad i_size value: -67835469387268086 [ 989.604990][T10969] loop0: detected capacity change from 0 to 64 [ 989.659063][T10969] minix: Unknown parameter '@' [ 989.671453][T10966] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 989.690002][T10966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 989.704445][T10966] ext4 filesystem being mounted at /root/syzkaller-testdir351443799/syzkaller.MceLhj/37/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 989.795168][ T25] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 989.836700][T10966] overlayfs: upper fs needs to support d_type. [ 989.922140][ T25] usb 2-1: device descriptor read/8, error -71 [ 990.230954][ T25] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 990.264540][ T9902] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 990.381788][ T25] usb 2-1: device descriptor read/8, error -71 [ 990.522572][ T25] usb usb2-port1: unable to enumerate USB device [ 991.366034][T10983] loop1: detected capacity change from 0 to 256 [ 991.509521][T10983] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf23980c3, utbl_chksum : 0xe619d30d) [ 991.630058][ T10] usb 3-1: USB disconnect, device number 4 [ 992.059300][T10986] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 994.567890][T11002] loop2: detected capacity change from 0 to 64 [ 994.585688][T11002] minix: Unknown parameter '@' [ 995.020395][T11005] loop0: detected capacity change from 0 to 64 [ 995.082444][T11005] hfs: unable to parse mount options [ 995.282973][T11007] loop1: detected capacity change from 0 to 2048 [ 995.407248][T11005] loop0: detected capacity change from 0 to 512 [ 995.473335][T11007] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 995.558496][T11005] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz-executor.0: iget: bad i_size value: -67835469387268086 [ 995.595920][T11005] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 995.628407][T11005] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 995.631832][T11007] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 995.641363][T11005] ext4 filesystem being mounted at /root/syzkaller-testdir3798071858/syzkaller.aEGtmC/87/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 995.787780][T11005] overlayfs: upper fs needs to support d_type. [ 996.013755][T10171] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 996.284549][ T9528] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 996.317989][T11018] loop4: detected capacity change from 0 to 1024 [ 996.730178][T11022] loop0: detected capacity change from 0 to 64 [ 996.867374][T11022] ===================================================== [ 996.874840][T11022] BUG: KMSAN: uninit-value in hfs_revalidate_dentry+0x30b/0x3f0 [ 996.883031][T11022] hfs_revalidate_dentry+0x30b/0x3f0 [ 996.890139][T11022] lookup_one_qstr_excl+0x320/0x530 [ 996.896150][T11022] do_renameat2+0xa17/0x1d50 [ 996.901052][T11022] __ia32_sys_renameat2+0x153/0x200 [ 996.906433][T11022] ia32_sys_call+0x388d/0x40a0 [ 996.911512][T11022] __do_fast_syscall_32+0xb4/0x120 2024/06/14 06:51:31 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 996.916971][T11022] do_fast_syscall_32+0x38/0x80 [ 996.922123][T11022] do_SYSENTER_32+0x1f/0x30 [ 996.926842][T11022] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 996.933496][T11022] [ 996.935904][T11022] Uninit was created at: [ 996.940365][T11022] __alloc_pages+0x9d6/0xe70 [ 996.945443][T11022] new_slab+0x2de/0x1400 [ 996.949867][T11022] ___slab_alloc+0x121d/0x34a0 [ 996.954949][T11022] kmem_cache_alloc_lru+0x6da/0xc20 [ 996.960317][T11022] hfs_alloc_inode+0x5a/0xd0 [ 996.965254][T11022] alloc_inode+0x86/0x460 [ 996.969744][T11022] iget_locked+0x2bf/0xee0 [ 996.975181][T11022] hfs_btree_open+0x16c/0x1aa0 [ 996.980121][T11022] hfs_mdb_get+0x1fe2/0x28b0 [ 996.985022][T11022] hfs_fill_super+0x1cf6/0x23c0 [ 996.991865][T11022] mount_bdev+0x397/0x520 [ 996.996411][T11022] hfs_mount+0x4d/0x60 [ 997.000663][T11022] legacy_get_tree+0x114/0x290 [ 997.006455][T11022] vfs_get_tree+0xa7/0x570 [ 997.011210][T11022] do_new_mount+0x71f/0x15e0 [ 997.016014][T11022] path_mount+0x742/0x1f20 [ 997.020710][T11022] __se_sys_mount+0x725/0x810 [ 997.025777][T11022] __ia32_sys_mount+0xe3/0x150 [ 997.031336][T11022] ia32_sys_call+0x3a9a/0x40a0 [ 997.036408][T11022] __do_fast_syscall_32+0xb4/0x120 [ 997.041845][T11022] do_fast_syscall_32+0x38/0x80 [ 997.046909][T11022] do_SYSENTER_32+0x1f/0x30 [ 997.051734][T11022] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 997.058289][T11022] [ 997.061208][T11022] CPU: 1 PID: 11022 Comm: syz-executor.0 Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 997.071549][T11022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 997.081864][T11022] ===================================================== [ 997.088914][T11022] Disabling lock debugging due to kernel taint [ 997.096737][T11022] Kernel panic - not syncing: kmsan.panic set ... [ 997.103288][T11022] CPU: 1 PID: 11022 Comm: syz-executor.0 Tainted: G B 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 997.115024][T11022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 997.125229][T11022] Call Trace: [ 997.128632][T11022] [ 997.131669][T11022] dump_stack_lvl+0x216/0x2d0 [ 997.136564][T11022] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 997.142575][T11022] dump_stack+0x1e/0x30 [ 997.146929][T11022] panic+0x4e2/0xcd0 [ 997.151023][T11022] ? kmsan_get_metadata+0xf1/0x1d0 [ 997.156336][T11022] kmsan_report+0x2d5/0x2e0 [ 997.161040][T11022] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 997.167519][T11022] ? __msan_warning+0x95/0x120 [ 997.172447][T11022] ? hfs_revalidate_dentry+0x30b/0x3f0 [ 997.178113][T11022] ? lookup_one_qstr_excl+0x320/0x530 [ 997.183689][T11022] ? do_renameat2+0xa17/0x1d50 [ 997.188704][T11022] ? __ia32_sys_renameat2+0x153/0x200 [ 997.194258][T11022] ? ia32_sys_call+0x388d/0x40a0 [ 997.199417][T11022] ? __do_fast_syscall_32+0xb4/0x120 [ 997.205180][T11022] ? do_fast_syscall_32+0x38/0x80 [ 997.210422][T11022] ? do_SYSENTER_32+0x1f/0x30 [ 997.215309][T11022] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 997.222053][T11022] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 997.228068][T11022] ? kmsan_get_metadata+0x146/0x1d0 [ 997.233454][T11022] ? kmsan_get_metadata+0x146/0x1d0 [ 997.238833][T11022] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 997.244839][T11022] ? __rcu_read_unlock+0x7b/0xe0 [ 997.250086][T11022] ? __d_lookup+0x8bf/0x940 [ 997.254807][T11022] ? kmsan_get_metadata+0x146/0x1d0 [ 997.260205][T11022] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 997.266215][T11022] __msan_warning+0x95/0x120 [ 997.270979][T11022] hfs_revalidate_dentry+0x30b/0x3f0 [ 997.276490][T11022] ? __pfx_hfs_revalidate_dentry+0x10/0x10 [ 997.282516][T11022] lookup_one_qstr_excl+0x320/0x530 [ 997.287924][T11022] do_renameat2+0xa17/0x1d50 [ 997.292696][T11022] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 997.298733][T11022] __ia32_sys_renameat2+0x153/0x200 [ 997.304131][T11022] ia32_sys_call+0x388d/0x40a0 [ 997.309133][T11022] __do_fast_syscall_32+0xb4/0x120 [ 997.314555][T11022] ? irqentry_exit+0x16/0x60 [ 997.319341][T11022] do_fast_syscall_32+0x38/0x80 [ 997.324407][T11022] do_SYSENTER_32+0x1f/0x30 [ 997.329115][T11022] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 997.335693][T11022] RIP: 0023:0xf7467579 [ 997.339897][T11022] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 997.359796][T11022] RSP: 002b:00000000f5ef05ac EFLAGS: 00000206 ORIG_RAX: 0000000000000161 [ 997.368412][T11022] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000240 [ 997.376535][T11022] RDX: 0000000000000005 RSI: 0000000020000280 RDI: 0000000000000000 [ 997.384649][T11022] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 997.392763][T11022] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 997.400877][T11022] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 997.409100][T11022] [ 997.412549][T11022] Kernel Offset: disabled [ 997.416939][T11022] Rebooting in 86400 seconds..