last executing test programs: 3m40.157583074s ago: executing program 4 (id=717): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc) 3m38.488088416s ago: executing program 4 (id=719): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000004c0)=[@in={0x2, 0x4e24, @rand_addr=0x64010100}], 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000a00)=[@in={0x2, 0x0, @loopback}], 0x10) 3m38.395227298s ago: executing program 4 (id=720): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_COMPAT={0x2c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x87}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8}, @NFTA_RULE_COMPAT_FLAGS={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0xff}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELRULE={0x20, 0x8, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x17, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELRULE={0x2c, 0x8, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc0}}, 0x0) 3m38.01853435s ago: executing program 4 (id=725): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfe, 0x46c, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==") getpid() getpid() creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000780)='./bus\x00', 0x0, 0x841c00, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_script(r0, &(0x7f0000000200)={'#! ', './file1'}, 0xfffffde4) setxattr$incfs_id(&(0x7f0000000b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x3) 3m37.081499519s ago: executing program 4 (id=729): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='illinois\x00', 0x9) sendmmsg$inet(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000bc0)='#', 0x1}], 0x1}}], 0x1, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x0, 0x0, 0x21) 3m33.196278727s ago: executing program 4 (id=751): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82) r1 = fanotify_init(0x10, 0x0) fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r3) execveat(r2, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) 3m32.155458799s ago: executing program 32 (id=751): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82) r1 = fanotify_init(0x10, 0x0) fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r3) execveat(r2, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) 1m1.113038089s ago: executing program 2 (id=1254): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000009580)) 1m0.829111064s ago: executing program 2 (id=1257): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300000f000000000000000000000001001700"], 0x78}, 0x1, 0x7}, 0x0) 59.79191779s ago: executing program 2 (id=1260): ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010000001c00018008000300ac141439060001000200000005000200ff"], 0x30}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r3, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0) 59.43259075s ago: executing program 2 (id=1264): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) 59.223836119s ago: executing program 3 (id=1265): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000040000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000880)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="e43f6642531e", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x2, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x10, 0x100}}}}}}}, 0x0) 59.184781356s ago: executing program 2 (id=1266): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ffffffff850000002d000000850000002a000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) writev(r1, 0x0, 0x0) 59.07721231s ago: executing program 3 (id=1267): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000500)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x0, 0xff}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x29, 0x9c}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x0, 0x4}}}}}}}]}}, 0x0) syz_usb_connect$hid(0x3, 0x3f, 0x0, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r0, 0x0, 0x0) unlink(&(0x7f00000008c0)='./file1\x00') 58.329353729s ago: executing program 2 (id=1268): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) close(r3) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r5, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r4}, 0x20) connect$unix(r3, &(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 57.189536069s ago: executing program 33 (id=1268): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) close(r3) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r5, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r4}, 0x20) connect$unix(r3, &(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 54.711857931s ago: executing program 3 (id=1276): socket(0x40000000015, 0x5, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup, 0x24, 0x1, 0x800, &(0x7f00000002c0), 0x0, 0x0, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0], &(0x7f0000000440)=[0x0, 0x0]}, 0x40) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{0x1, 0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)}, 0x20) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_ext={0x1c, 0x24, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x481e}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x80000000}}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x4}, @exit, @call={0x85, 0x0, 0x0, 0x38}, @ldst={0x3, 0x1, 0x6, 0x7, 0x0, 0x0, 0xfffffffffffffffc}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000700)='GPL\x00', 0x3, 0xef, &(0x7f0000000740)=""/239, 0xa8b1e67b23de3956, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000840)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x29415, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000880)=[{0x0, 0x5, 0xc}, {0x3, 0x3, 0x5, 0x3}, {0x3, 0x3, 0xc, 0xb}, {0x0, 0x5, 0x9, 0x8}, {0x928, 0x4, 0x3, 0x5}], 0x10, 0x5, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000a40)={0x1}, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000d00)={'ip6_vti0\x00', &(0x7f0000000c80)={'ip6tnl0\x00', 0x0, 0x4, 0x6, 0x2, 0x6, 0x4, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7800, 0x80, 0x7ff, 0xd6e}}) r4 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6f94f90424fc600e0005000a000200053582c137153e3704000880fc0b09000300", 0x33fe0}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000a80)={'dummy0\x00'}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, 0x0, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000f40)={0xffffffffffffffff, 0x0, 0x0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0xb, 0x0, 0x0, &(0x7f0000000c40)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x5, '\x00', r3, @fallback=0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000d40)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000d80)={0x4, 0xe, 0x3, 0x6}, 0x10, 0x0, r1, 0x5, &(0x7f0000000f80)=[r0], &(0x7f0000000fc0)=[{0x5, 0x4, 0xd, 0x7}, {0x0, 0x1, 0x8, 0x4}, {0x1, 0x4, 0x9, 0x7}, {0x1, 0x2, 0x4, 0x5}, {0x0, 0x5, 0x5, 0xb}], 0x10, 0x1, @void, @value}, 0x94) 53.246377772s ago: executing program 3 (id=1280): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0xa00010, &(0x7f0000000840)=ANY=[@ANYBLOB='nodecompose,decompose,nobarrier,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6c733d69736f383835392d310000000072726965722c00bcd0f0b5c4e2957974ff5d7ea3c3dcee087e4983684e8a4c4e4e87b134e30ce77162b12885b964b3506ff3eae0f3599447b17861d19be70ad7e5dd7bdc7f1eb36e31ac14de48349767164f5f6431bbdeaef96a4f2bce64b5cfa76ce3a2c4302374bc5535d7e2eb8dfb2e5d58a37b7e378365e8b80902ba189e04b15cd3cea9e152d67b9a7eedc5dfe6d85a3ce7c342da8cc969b515197cb8bcc4a1009f38f4a85b7c742101ba5bc03115feca2b"], 0x6, 0x635, &(0x7f00000012c0)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=") setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xc, 0x0, 0x0) sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x31) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100) getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8) 52.399830388s ago: executing program 3 (id=1284): openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000300)='./bus\x00', 0x15d) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe) ftruncate(r4, 0x2008002) sendfile(r3, r4, 0x0, 0x80000001) 49.764051346s ago: executing program 3 (id=1289): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) 48.635582368s ago: executing program 34 (id=1289): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) 9.599254068s ago: executing program 1 (id=1376): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000ff000000004a2031bce247366132cc43d870cf3d0000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) syz_init_net_socket$x25(0x9, 0x5, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) chmod(&(0x7f0000000180)='./file0\x00', 0x0) timer_create(0x2, &(0x7f0000000000)={0x0, 0x0, 0x1}, &(0x7f0000000040)) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r4, 0x80041285, &(0x7f0000001080)) timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{}, {0x0, 0xe4c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="6c00000000010104feffffff131a000002000000240001801400018008000100e000000108000200e00000010c00002c00028014000180080001000000000008000200ac1e00010c0002800500013b596cf8b8f44942eddabee99e30223c36c8120b2820b5e51f2f97dd6e61ac00"/123], 0x6c}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="380000000301010400000057c40d7986271eb600240001801400018008000100e000000108000200e00000010c000280010001000000000083394eef3a7e7b5a009b35ae193d053ccdca8ae863e7bcd91194b89431797beda1aa9767e4ab01a26ddc88f7f5656abbba6afa1f09a8117a392b175e332d084848e179eb5d06f0e17ae9225d2dc187f78232f3ce58d8b9e435d16feb90af6a000000000000004f7dc9a84a0b1755e2351de3a68490056370dee2574b96c139beeb1b979ca77cfcead6237b8706b503f326ec8f52848613534258bc27bcd10b22597705e48341725c94122a06346550b98ed245c6c0de0043cc30"], 0x38}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@bridge_getvlan={0x20, 0x72, 0x7e3bfe4fa73db39f, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x20}}, 0x0) 8.214318178s ago: executing program 1 (id=1377): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x52) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000140)='./file1\x00', 0x400017e) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0xf8) mkdir(&(0x7f00000003c0)='./bus\x00', 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x181040, 0x0) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000280)={0x23, 0x6, 0x29e, 0x3ff, 0xe, "24b5727625f190de"}) setsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, 0x0, 0x0) mmap(&(0x7f00000d5000/0x1000)=nil, 0x1000, 0x100000d, 0x3032, 0xffffffffffffffff, 0xffffe000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) mmap$xdp(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000240)={{&(0x7f00004cd000/0x2000)=nil, 0x2000}, 0x1}) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) fspick(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8) r4 = syz_open_dev$radio(&(0x7f0000000000), 0x2, 0x2) r5 = epoll_create(0x6) r6 = dup3(r4, r5, 0x0) read$FUSE(r6, 0x0, 0x0) read$FUSE(r6, &(0x7f0000002340)={0x2020}, 0x2020) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') creat(&(0x7f00000002c0)='./file0\x00', 0x60) 7.863476858s ago: executing program 0 (id=1379): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, 0x0, 0x0, 0x24000045) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x45, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xc8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x2000, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r3, 0x58}, 0x10) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000000)={0x6, 'veth0_vlan\x00', {0x2}, 0x1}) socket$tipc(0x1e, 0x5, 0x0) write$tun(0xffffffffffffffff, &(0x7f00000006c0)={@val={0x0, 0x88f7}, @val={0x2, 0x0, 0x4, 0x10, 0x54bc, 0xff}, @x25={0x1, 0x0, 0xdb, "d4c955a52598a4a2d7b5c94a3a135de1a09efb35a632f43b20aef4cb57d22a8ec62dbb1af0d1afb1d2fcc8428fd2ac2076431670844961a92df7551649d89bc09c09ad7f4b7d163969ac1cf0"}}, 0x5d) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x24, 0x0, 0x1, 0x0, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_KEY={0x8, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000010}, 0x810) socket$nl_netfilter(0x10, 0x3, 0xc) 6.971229124s ago: executing program 0 (id=1381): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x28002) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8) r5 = gettid() timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r5}, 0x0) timer_settime(0x0, 0x5, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e03010000000000360500000000000069163e0000000000bf07000000000000260507000fff0720670600003f000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000400)={{0x1, 0x2, 0x800, 0x3}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r6, 0x54a2) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r6, 0x54a3) r7 = socket(0x11, 0x3, 0x9) setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f00000017c0)={0x3, 0x1000}, 0x4) getsockopt$bt_BT_SECURITY(r7, 0x107, 0x15, 0x0, 0x20000002) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r6, 0x5422) 6.612810636s ago: executing program 1 (id=1383): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newlink={0x4c, 0x10, 0x403, 0x70b528, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0xa1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x4c}, 0x1, 0xba01, 0x0, 0x4004}, 0x810) 5.099846638s ago: executing program 5 (id=1385): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0) r1 = gettid() getpriority(0x1, r1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) brk(0x8) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b7020000910c0000bfa30000000000000703000000feffff7a0af0ff0d00000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000009000000b7030000010000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa00000000690e000000000000008b798b4f7458d1863cc67c4c6a06fa28e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc7a65d073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f838f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b32176066599783568628f0309c3a01716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d247714358d8b170c3b5cad11f72cd9d88e56b95fe9f3de5cfcfa5c1da8ba181580d9db035efe38834de171b64f4b4c1b242786dcc5679e3d0613cdf05b02d7ad4f3b8af27a696e9b8809c2d68fddfcbd451e81d37c11f95094b91fff61ab9e69780b133d1dbca5a78695131c34c855dd793f90ca3973a4bd5606151b3600373d2bbfb7b3638e713e7275af06107949ff5dffe24d3c448ae6e4646b346fe0a21eef1e55d0659eac930d00000000000ff52b98317c45417b900a47c1ae1103c09fc173c1cf28bf7ef7a61523c6b2dbb35f5ae29877bb8e1b3e257056c0d205d391ed7b2089a72a93885b9fc8430ff"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x14) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x1f2f, 0xe, 0x0, &(0x7f00000007c0)="9f44948721919580684010a486dd", 0x0, 0x241, 0x0, 0x59, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1"}, 0x50) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x15}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) writev(r6, &(0x7f0000000a40)=[{&(0x7f00000003c0)="fb7515ea339f4da8704faaafdc9065a34854e60075ea8a48cce937593b5145ab35a1bb31aea1f4dc7dac92b93d03b6f263ed921cfd82ae3a097e59a7a4d444fd27c67d70a3bebf4233ed8129aec1329ec34f08209baeced0e00d6a0fef6195011b872d3b5f5c6d71d6e5a93a1cd1cc5cd88c7545a51f79c0bf320a34bd93a242f566afb286bd581d24135e2ade44b051b3feec77289d3984294d5a1a177d198ea537178ade46513e688dff3ce19e35b0538ff060588e1b8751090d4e67d57da860a9ca32866f", 0xc6}, {&(0x7f0000000180)="14a269dc64126f60e529317d7a32655de6464310725ac55d92ec0201abab403521b25b16c202249c82dd3508fc9c5edb06d776d1de869cc30f90669a7873566844bc5d5e8fa0344f33038398c6c5e58a9a1e6fba5c3908af63ee1f740b3b140341b043a9a49bfc1dad8f3ab5dbe22910f3", 0x71}, {&(0x7f0000000300)="e193ce5ef2a2943b81e3ad4f072fd19fd3e1c21c9f78553003e8262b", 0x1c}, {&(0x7f00000004c0)="5f01a623c3abb85a68e42b180592e71185c7f3916cf67189cd281b55dd3b80743de41e9a93b32c9d988cbfe184ba3b2243756be94d6731d61e23b98d051eb4a6b828c971e00f3a4062147e774bd447ea6443e7c883e0f1fbd5356c07be3abb5cd20fd3c14276a458229e1137e7257066e0577082309a9b9f934676965613b38dfc957c8668acf7bf9a5e873ec4f766fdfd3d994e9fcb2ca36c14e4e27a829e5bab07924ac865d2b1cc8f9f646af7975457739138f2e18153372de0829fe042a03d2a8eab270aa6e9ee0b6abeede3642b222ba5c67c5215e90178584ccc495224ef31473f93f75db9e95b14cacb7f27349f7c35db61772fd38c59090c9274", 0xfe}, {&(0x7f00000005c0)="f99adc37328aacf57dab5876d5a85f8fc4a4ef77a9ac2e45f32df7013cec2363ca73293228281f2bc104990270f4bd78f3d7828826cf2a1f", 0x38}, {&(0x7f0000000600)="60de62e0f7887293b0cbd8d494dd66ed7b86476368ebc68cc0e82fd5ee30e45e84b5e3374cf945034fb01c515742a643ec6874d82e9e6cab4db8bc4a779b5fd069f2592efa829a66e8e04c225dec639aaab53d92d1ace630855524205dd4e3b08c1f117e7a17cb3f86b7560aeabe534c6f79be7ffae0b7e6dab8c62a3fe817f16d7746ff29d41bf2e2bd1407c342485297424a1f05509aef90503c24632170c8a53326749d7df0025869541795adb98e6e7fa469e7f156e4c1702d66b585baefd1a2f6f9122618f8", 0xc8}, {&(0x7f0000000800)="ca4b00b072504fd2a2f9d92dea0f3ab52373bb6335f2944563bcc9cd535265c9203a80073139b27f96c7fec690d6c262ddfb0deb158cc32f109f0bc235742abb0bab03f417d08faf02b4d94a8f32282108d77c0391e6fd85a6640e0e8938794397ba1948e9f16cc768ff3f8bb1f9c13ae9797298847e6cdcb1bc4c39005e7a5554d7367de48ba5159da3666ce8cd19b66a46177969b85e5cf6ba9b1dc73fbf958634dc4b2e84d40976c162df4e1f78b22b3f57c512862bd6918fcda2fa5c7f10e8c9501fff16dddd26579a564c8c7e5da74e39d99f654ad046b581d6039c", 0xde}, {&(0x7f0000000900)="82eb5f35bf0b3124b236cc8fce840cc12c798f34100cda4f707a3c1e499321f9f555e924e768f64d6da45e0bd96c4516f82c82505393ef10cc888455f5b624a42edd79501957c0688f618f49a6684fcb9992cdd47a8bd76fc70e3d5a88347b4b3910d7b694b4f8ce8cd4e623ada4fd4765b40f878b14f9e8fb4eb582c1bdd5168683d579678f5d156b09fd8533e4a7888be7114925de8f2a327269beda22e166ab7e0b9af5722a54a593cec2272ea4759b9efeddc2ee860d2616f91cb4a5ee4a48ad04f4f0ffc2c4e18128deaf6f9584b6183bd0e4680b", 0xd7}, {&(0x7f0000000a00)="662fff3bc90a6e", 0x7}], 0x9) 4.997647308s ago: executing program 0 (id=1386): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0xd8}) ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f00004e4000/0x3000)=nil, 0x3000}, 0x3}) 4.084923305s ago: executing program 0 (id=1387): syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c71756965742c6e6f646f74732c666c7573682c756d61736b3d30303030303030303030303030303030303030303030302c646f74732c646f74732c756d61736b3d30303030303030303030303030303030303037373737372c6e66732c646f74732c747a3d5554432c646f74732c646f74732c6e6f636173652c7379735f696d6d757461626c652c646f74732c00f8a7354494367fe599abb0e9fee8f6cdbd4415cc7bc52b6352f54afc78e51de6b37ae8efbdfe1689a174697f9528b4217d017a472c4c8e00a5cdd06438f130234c66db3e61a4ea6b90f67ddc19c74c6ac93054e1668cf0ff55fdebea678f16269706271797abeebc6b043e549356dfa4c7e8b4e091a7a6cfc601e4e66e509afea6dcc9d274ab27afd6f183050075b86a3ffc8dfcd249c141fd90a5331224d62867d9b87a8e7d0cf56567584e7adde32f223d2a9bd69b39c51152b3a827f49a0f7e23d51ac4128630c7668a0b38090b5c86636aee6face102356400fbbd"], 0xfd, 0x1bf, &(0x7f0000000480)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="85000000080000006a", @ANYRES32, @ANYBLOB="10000000000000250500"/24], &(0x7f0000000140)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x5a042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) r3 = syz_open_procfs(0x0, 0x0) read$FUSE(r3, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc86a00", "4617a9f6040839230fb7fead776dd8dc", "c6db0872", "a44a883fca4400"}, 0x28) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x800) connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) 3.897474449s ago: executing program 1 (id=1388): socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x10, 0x803, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffc, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) pipe(&(0x7f0000000100)) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4803}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0) 3.881140718s ago: executing program 5 (id=1389): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, 0x0, 0x0, 0x24000045) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x45, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xc8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x2000, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r3, 0x58}, 0x10) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000000)={0x6, 'veth0_vlan\x00', {0x2}, 0x1}) socket$tipc(0x1e, 0x5, 0x0) write$tun(0xffffffffffffffff, &(0x7f00000006c0)={@val={0x0, 0x88f7}, @val={0x2, 0x0, 0x4, 0x10, 0x54bc, 0xff}, @x25={0x1, 0x0, 0xdb, "d4c955a52598a4a2d7b5c94a3a135de1a09efb35a632f43b20aef4cb57d22a8ec62dbb1af0d1afb1d2fcc8428fd2ac2076431670844961a92df7551649d89bc09c09ad7f4b7d163969ac1cf0"}}, 0x5d) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x24, 0x0, 0x1, 0x0, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_KEY={0x8, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000010}, 0x810) socket$nl_netfilter(0x10, 0x3, 0xc) 3.409671565s ago: executing program 5 (id=1390): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_DPORT={0x6}, @IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x11}]}}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000030500000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007663616e000000000400028008000a"], 0x3c}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x4000000) 2.744044241s ago: executing program 5 (id=1391): syz_emit_ethernet(0x46, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0xd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2, 0x300}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) 2.350621033s ago: executing program 1 (id=1392): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef91", 0x12) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000400)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmmsg$unix(r2, &(0x7f0000003f40)=[{{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000c00)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000000340)=""/32, 0x20}], 0x1}}], 0x2, 0x100, 0x0) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001540)={&(0x7f00000001c0)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x40010}, 0x0) close(r2) 2.317745733s ago: executing program 0 (id=1393): r0 = syz_open_dev$loop(&(0x7f0000000040), 0x2, 0x40) ioctl$BLKDISCARD(r0, 0x1277, &(0x7f0000000080)=0xffffffffffffffff) set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x24, r1, 0x1, 0x80, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}]]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x2}]}}}]}, 0x3c}}, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x50, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x2a, 0x33, @action={{{}, {}, @device_b, @device_a, @initial, {0x0, 0x400}}, @ext_ch_sw={0x4, 0x4, {{0x0, 0x0, 0x2}, @val={0x76, 0x6, {0x4, 0x5, 0x27, 0x3}}}}}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0) getsockopt$SO_COOKIE(r2, 0x1, 0x39, &(0x7f00000000c0), &(0x7f0000000100)=0x8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r11, &(0x7f0000003980)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_ATTR(r11, &(0x7f0000000240)={0x78, 0x0, r12, {0x2000000007, 0x0, 0x0, {0x0, 0x0, 0x55, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0xa000}}}, 0x78) setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f0000000ac0)={0x3, &(0x7f0000000a80)=[{0x48, 0x3d}, {0x20, 0x1, 0x0, 0xfffff00c}, {0x16, 0x7, 0x7, 0x6}]}, 0x10) 1.516098568s ago: executing program 5 (id=1394): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x58, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x10}]}]}], {0x14, 0x10}}, 0xc0}}, 0x0) 1.306557999s ago: executing program 1 (id=1395): syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000100)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x65) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r3, 0x400455c8, 0x20000000008) r4 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(r4, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401) ioctl$BLKTRACESTART(r5, 0x1274, 0x0) ioctl$SG_BLKTRACETEARDOWN(r5, 0x1276, 0x0) ioctl$BLKTRACESTOP(r5, 0x1275, 0x0) r6 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x0, 0xfd, 0x5, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @loopback={0x0, 0x460c6}, 0x7801, 0x0, 0x1}}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r8 = fcntl$dupfd(r7, 0x0, r7) read$FUSE(r8, 0x0, 0x0) 74.827279ms ago: executing program 0 (id=1396): socket$inet_udplite(0x2, 0x2, 0x88) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) epoll_create(0xaf2) inotify_init1(0x0) memfd_secret(0x80000) epoll_create1(0x0) r0 = io_uring_setup(0x203c, &(0x7f00000000c0)={0x0, 0x750f, 0x8, 0x100003}) r1 = syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x11fffffc}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, 0xb, 0x0, {0x0, 0x0, r0}}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffd}}) io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 5 (id=1397): r0 = socket(0x2, 0x3, 0xff) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendmmsg$unix(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="643c87cf2bd21d995e613d73613b1e78334efea0", 0x14}], 0x1}}], 0x1, 0x0) kernel console output (not intermixed with test programs): T8181] exfat: Deprecated parameter 'utf8' [ 387.598646][ T8181] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 387.719878][ T8182] netlink: 104 bytes leftover after parsing attributes in process `syz.0.702'. [ 388.430227][ T8195] trusted_key: encrypted_key: insufficient parameters specified [ 388.468590][ T8197] loop2: detected capacity change from 0 to 512 [ 389.068647][ T8204] loop3: detected capacity change from 0 to 512 [ 389.218450][ T8203] netlink: 12 bytes leftover after parsing attributes in process `syz.1.705'. [ 389.495802][ T8204] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 389.651592][ T8204] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 389.707039][ T8204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.173810][ T8217] loop1: detected capacity change from 0 to 256 [ 390.255082][ T8220] netlink: 8 bytes leftover after parsing attributes in process `syz.4.713'. [ 390.273486][ T8220] netlink: 12 bytes leftover after parsing attributes in process `syz.4.713'. [ 390.275925][ T8217] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 390.348804][ T6027] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 390.510672][ T6027] usb 4-1: config 0 has an invalid interface number: 52 but max is 0 [ 390.565948][ T6027] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 390.654406][ T6027] usb 4-1: config 0 has no interface number 0 [ 390.680812][ T6027] usb 4-1: config 0 interface 52 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 390.711367][ T8224] loop2: detected capacity change from 0 to 512 [ 390.752433][ T6027] usb 4-1: config 0 interface 52 has no altsetting 0 [ 390.758077][ T8224] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 390.789283][ T6027] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 390.805139][ T6027] usb 4-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35 [ 390.824916][ T6027] usb 4-1: Product: syz [ 390.841567][ T8224] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 390.856340][ T6027] usb 4-1: Manufacturer: syz [ 390.867859][ T6027] usb 4-1: SerialNumber: syz [ 390.901546][ T6027] usb 4-1: config 0 descriptor?? [ 391.309465][ T8232] loop1: detected capacity change from 0 to 2048 [ 391.320198][ T8232] EXT4-fs: Ignoring removed nobh option [ 391.326049][ T8232] EXT4-fs: Ignoring removed mblk_io_submit option [ 392.004885][ T8224] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 392.102107][ T6027] usb 4-1: Can not set alternate setting to 1, error: -71 [ 392.119562][ T8224] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 392.150846][ T8224] System zones: 0-2, 18-18, 34-34 [ 392.159157][ T6027] synaptics_usb 4-1:0.52: probe with driver synaptics_usb failed with error -71 [ 392.184399][ T6027] usb 4-1: USB disconnect, device number 9 [ 392.190572][ T8232] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.226110][ T8224] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 392.250611][ T8224] EXT4-fs (loop2): 1 truncate cleaned up [ 392.304470][ T8224] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 392.504226][ T8224] netlink: 28 bytes leftover after parsing attributes in process `syz.2.716'. [ 392.532595][ T5835] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.622071][ T8241] netlink: 12 bytes leftover after parsing attributes in process `syz.4.720'. [ 392.781220][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.941030][ T8246] loop3: detected capacity change from 0 to 512 [ 392.994716][ T8248] loop4: detected capacity change from 0 to 512 [ 393.024909][ T8249] trusted_key: encrypted_key: insufficient parameters specified [ 393.065289][ T8246] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.724: casefold flag without casefold feature [ 393.141040][ T8248] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 393.201014][ T8246] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.724: couldn't read orphan inode 15 (err -117) [ 393.315055][ T8246] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 393.317133][ T8248] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 393.353994][ T8248] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.725: corrupted in-inode xattr: e_value size too large [ 393.389422][ T8248] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.725: couldn't read orphan inode 15 (err -117) [ 393.440366][ T8256] loop0: detected capacity change from 0 to 256 [ 393.445199][ T8248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 393.495439][ T8256] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 393.537302][ T8256] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 393.618631][ T8256] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 393.696586][ T8258] loop2: detected capacity change from 0 to 1024 [ 393.764088][ T5834] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 393.832405][ T5842] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.905748][ T5834] EXT4-fs error (device loop4): ext4_empty_dir:3135: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 394.039297][ T29] audit: type=1804 audit(1738714153.759:3): pid=8262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.726" name="/newroot/134/file0/bus" dev="loop0" ino=115 res=1 errno=0 [ 394.064759][ T5834] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 394.085135][ C0] vkms_vblank_simulate: vblank timer overrun [ 394.253540][ T5834] EXT4-fs error (device loop4): ext4_empty_dir:3135: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 394.270552][ T29] audit: type=1804 audit(1738714153.779:4): pid=8262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.726" name="/newroot/134/file0/bus" dev="loop0" ino=115 res=1 errno=0 [ 394.596884][ T5834] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 394.631706][ T5834] EXT4-fs error (device loop4): ext4_empty_dir:3135: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 394.707876][ T8258] hfsplus: xattr searching failed [ 394.798746][ T5834] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 394.819149][ C0] vkms_vblank_simulate: vblank timer overrun [ 394.914735][ T5834] EXT4-fs error (device loop4): ext4_empty_dir:3135: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 395.040478][ T5834] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 395.138711][ T5834] EXT4-fs error (device loop4): ext4_empty_dir:3135: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 395.194135][ T8273] loop3: detected capacity change from 0 to 256 [ 395.217295][ T8274] loop1: detected capacity change from 0 to 16 [ 395.246692][ T8273] exfat: Invalid uid '0x00000000ffffffff' [ 395.312252][ T8274] erofs (device loop1): mounted with root inode @ nid 36. [ 395.383661][ T8276] netlink: 12 bytes leftover after parsing attributes in process `syz.0.735'. [ 395.409646][ T8274] erofs (device loop1): bogus dirent @ nid 36 [ 395.810632][ T8282] trusted_key: encrypted_key: insufficient parameters specified [ 396.076397][ T8285] loop2: detected capacity change from 0 to 512 [ 396.238743][ T8289] netlink: 72 bytes leftover after parsing attributes in process `syz.0.742'. [ 396.391424][ T8293] loop1: detected capacity change from 0 to 128 [ 396.486453][ T8285] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 396.574238][ T8285] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 396.769082][ T8293] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 396.876348][ T8293] ext4 filesystem being mounted at /156/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 397.393779][ T5835] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 397.406538][ T8307] loop0: detected capacity change from 0 to 1024 [ 397.432449][ T6358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 397.821848][ T8307] hfsplus: xattr searching failed [ 398.017935][ T35] hfsplus: bad catalog file entry [ 398.028958][ T35] hfsplus: b-tree write err: -5, ino 3 [ 398.131081][ T8315] loop1: detected capacity change from 0 to 256 [ 398.158560][ T8315] exfat: Invalid uid '0x00000000ffffffff' [ 398.747019][ T8320] netlink: 8 bytes leftover after parsing attributes in process `syz.1.754'. [ 398.787799][ T8320] netlink: 20 bytes leftover after parsing attributes in process `syz.1.754'. [ 398.826890][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 398.844612][ T54] Bluetooth: hci1: unexpected event 0x06 length: 4 > 3 [ 398.928414][ T8324] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 399.396869][ T8335] lo: entered promiscuous mode [ 400.231714][ T8341] loop3: detected capacity change from 0 to 16 [ 400.413052][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 400.431405][ T8341] erofs (device loop3): mounted with root inode @ nid 36. [ 400.442656][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 400.451801][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 400.471168][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 400.484809][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 400.495478][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 400.530826][ T8341] 9p: Unknown access argument 18446744073709551615: -34 [ 400.854897][ T5852] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 400.866179][ T5852] Bluetooth: hci4: unexpected event 0x06 length: 4 > 3 [ 400.908563][ T5852] Bluetooth: hci1: command 0x0406 tx timeout [ 401.098028][ T5916] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 401.271055][ T8343] chnl_net:caif_netlink_parms(): no params data found [ 401.281646][ T5916] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 401.320966][ T5916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.342149][ T5916] usb 4-1: config 0 descriptor?? [ 401.363848][ T5916] cp210x 4-1:0.0: cp210x converter detected [ 401.501976][ T8343] bridge0: port 1(bridge_slave_0) entered blocking state [ 401.541747][ T8343] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.564130][ T8343] bridge_slave_0: entered allmulticast mode [ 401.608909][ T8343] bridge_slave_0: entered promiscuous mode [ 401.632716][ T8343] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.661701][ T8343] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.680645][ T8343] bridge_slave_1: entered allmulticast mode [ 401.703945][ T8343] bridge_slave_1: entered promiscuous mode [ 401.791241][ T5916] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -121 [ 401.850857][ T8343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 401.870324][ T8343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 402.049542][ T8376] loop1: detected capacity change from 0 to 256 [ 402.057100][ T8376] exfat: Deprecated parameter 'namecase' [ 402.088294][ T8376] exfat: Deprecated parameter 'utf8' [ 402.093964][ T8376] exfat: Bad value for 'errors' [ 402.138330][ T8343] team0: Port device team_slave_0 added [ 402.433016][ T8343] team0: Port device team_slave_1 added [ 403.097456][ T54] Bluetooth: hci2: command tx timeout [ 403.104366][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 403.118361][ T5916] cp210x 4-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 403.148300][ T5916] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 403.874949][ T8384] loop1: detected capacity change from 0 to 256 [ 403.882340][ T8384] exfat: Deprecated parameter 'utf8' [ 403.907399][ T8383] loop2: detected capacity change from 0 to 16 [ 403.963197][ T8383] erofs (device loop2): mounted with root inode @ nid 36. [ 404.099913][ T8384] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 404.216776][ T8386] loop0: detected capacity change from 0 to 1024 [ 404.256753][ T8386] EXT4-fs: Ignoring removed i_version option [ 404.288351][ T8386] EXT4-fs: inline encryption not supported [ 404.299898][ T8386] EXT4-fs (loop0): Test dummy encryption mode enabled [ 404.320360][ T8386] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 404.509421][ T8386] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 404.563328][ T5916] usb 4-1: cp210x converter now attached to ttyUSB0 [ 404.757136][ T8391] netlink: 'syz.2.777': attribute type 2 has an invalid length. [ 404.776172][ T8391] netlink: 'syz.2.777': attribute type 1 has an invalid length. [ 404.791340][ T5916] usb 4-1: USB disconnect, device number 10 [ 404.795004][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 404.824018][ T5916] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 404.850947][ T8343] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 404.865232][ T5916] cp210x 4-1:0.0: device disconnected [ 404.877836][ T8343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 404.979927][ T8343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 405.030597][ T8343] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 405.063435][ T8343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 405.157926][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 405.176061][ T5852] Bluetooth: hci2: command tx timeout [ 405.181895][ T8343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 405.352403][ T5896] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 405.527925][ T5896] usb 2-1: Using ep0 maxpacket: 8 [ 405.541877][ T5896] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 405.572644][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.627448][ T5896] usb 2-1: config 0 descriptor?? [ 405.809444][ T8343] hsr_slave_0: entered promiscuous mode [ 405.847280][ T8343] hsr_slave_1: entered promiscuous mode [ 405.898777][ T8343] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 405.917841][ T5896] asix 2-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 405.961978][ T8343] Cannot create hsr debugfs directory [ 406.449412][ T5896] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 406.491010][ T5896] asix 2-1:0.0: probe with driver asix failed with error -71 [ 406.541341][ T8417] loop0: detected capacity change from 0 to 16 [ 406.570109][ T8417] erofs (device loop0): mounted with root inode @ nid 36. [ 406.601496][ T5896] usb 2-1: USB disconnect, device number 4 [ 407.043532][ T8421] loop3: detected capacity change from 0 to 16 [ 407.066230][ T8421] erofs (device loop3): mounted with root inode @ nid 36. [ 407.229547][ T5841] Bluetooth: hci2: command tx timeout [ 408.014439][ T8428] loop3: detected capacity change from 0 to 8 [ 408.059795][ T8428] squashfs: Unknown parameter '' [ 408.335800][ T8343] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 408.366912][ T8436] loop3: detected capacity change from 0 to 256 [ 408.383235][ T8343] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 408.469984][ T8343] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 408.515220][ T8343] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 409.034286][ T8343] 8021q: adding VLAN 0 to HW filter on device bond0 [ 409.067350][ T8444] loop0: detected capacity change from 0 to 1024 [ 409.140920][ T8343] 8021q: adding VLAN 0 to HW filter on device team0 [ 409.149242][ T8444] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 409.195507][ T2950] bridge0: port 1(bridge_slave_0) entered blocking state [ 409.203146][ T2950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 409.261086][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state [ 409.269336][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 409.311206][ T5852] Bluetooth: hci2: command tx timeout [ 409.714736][ T8444] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4115: comm syz.0.797: Allocating blocks 497-513 which overlap fs metadata [ 409.800109][ T8444] EXT4-fs (loop0): pa ffff88807cbe3ae0: logic 256, phys. 385, len 8 [ 409.808830][ T8444] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 410.527216][ T975] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 410.592097][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 410.719225][ T975] usb 2-1: Using ep0 maxpacket: 8 [ 410.999920][ T975] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 411.035156][ T975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.136533][ T8463] loop2: detected capacity change from 0 to 16 [ 411.232854][ T8463] erofs (device loop2): mounted with root inode @ nid 36. [ 411.334343][ T975] usb 2-1: config 0 descriptor?? [ 411.388134][ T5852] Bluetooth: hci2: command 0x0405 tx timeout [ 411.707036][ T8343] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 411.862997][ T975] asix 2-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 412.278334][ T975] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 412.308032][ T975] asix 2-1:0.0: probe with driver asix failed with error -71 [ 412.357455][ T975] usb 2-1: USB disconnect, device number 5 [ 412.465778][ T8478] loop3: detected capacity change from 0 to 764 [ 412.478176][ T8475] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 412.859136][ T8482] loop0: detected capacity change from 0 to 256 [ 412.932556][ T8343] veth0_vlan: entered promiscuous mode [ 412.935720][ T8482] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 412.969231][ T8482] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 413.022495][ T8482] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 413.041425][ T8343] veth1_vlan: entered promiscuous mode [ 413.200970][ T8343] veth0_macvtap: entered promiscuous mode [ 413.251361][ T8343] veth1_macvtap: entered promiscuous mode [ 413.361167][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.390411][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.433218][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.464416][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.483841][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.583963][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.610117][ T8343] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 413.625373][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 413.636314][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.657044][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 413.678759][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.714093][ T8343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 413.768332][ T8343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.008761][ T8343] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 414.405804][ T8343] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 414.637303][ T8343] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 414.646316][ T8343] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 414.655225][ T8343] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 414.854573][ T8504] loop3: detected capacity change from 0 to 16 [ 414.873017][ T8504] erofs (device loop3): mounted with root inode @ nid 36. [ 415.409204][ T8508] netlink: 8 bytes leftover after parsing attributes in process `syz.1.815'. [ 415.422643][ T8505] loop0: detected capacity change from 0 to 1764 [ 415.437971][ T8508] netlink: 'syz.1.815': attribute type 18 has an invalid length. [ 415.453576][ T8509] loop2: detected capacity change from 0 to 1024 [ 415.475754][ T8508] netlink: 4 bytes leftover after parsing attributes in process `syz.1.815'. [ 415.604457][ T8509] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.722370][ T8509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.816'. [ 415.950623][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.077151][ T8519] loop0: detected capacity change from 0 to 512 [ 416.154636][ T8519] EXT4-fs (loop0): invalid journal inode [ 416.221202][ T8523] loop2: detected capacity change from 0 to 512 [ 416.225390][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.242003][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.256851][ T8523] EXT4-fs: Ignoring removed bh option [ 416.394037][ T8523] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 416.416831][ T2999] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.420765][ T8524] loop3: detected capacity change from 0 to 512 [ 416.446439][ T8523] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 416.461737][ T2999] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.514772][ T8524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 416.540089][ T8524] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 416.932602][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 417.183741][ T8539] trusted_key: encrypted_key: insufficient parameters specified [ 417.670256][ T8547] netlink: 8 bytes leftover after parsing attributes in process `syz.2.827'. [ 417.932108][ T8549] loop5: detected capacity change from 0 to 16 [ 417.954725][ T8550] capability: warning: `syz.0.828' uses deprecated v2 capabilities in a way that may be insecure [ 417.960536][ T8549] erofs (device loop5): mounted with root inode @ nid 36. [ 417.983758][ T8547] netlink: 'syz.2.827': attribute type 18 has an invalid length. [ 418.027505][ T8547] netlink: 4 bytes leftover after parsing attributes in process `syz.2.827'. [ 418.160360][ T8554] loop1: detected capacity change from 0 to 16 [ 418.260038][ T8554] erofs (device loop1): mounted with root inode @ nid 36. [ 419.449951][ T8570] loop2: detected capacity change from 0 to 1024 [ 419.474762][ T8570] EXT4-fs: Ignoring removed orlov option [ 419.540135][ T8570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 419.571066][ T8572] trusted_key: encrypted_key: insufficient parameters specified [ 419.706545][ T8570] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.834: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 419.872841][ T5842] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.002539][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.093680][ T8590] loop1: detected capacity change from 0 to 256 [ 420.313859][ T8590] FAT-fs (loop1): Directory bread(block 64) failed [ 420.358756][ T8590] FAT-fs (loop1): Directory bread(block 65) failed [ 420.365509][ T8590] FAT-fs (loop1): Directory bread(block 66) failed [ 420.427885][ T8590] FAT-fs (loop1): Directory bread(block 67) failed [ 420.465668][ T8590] FAT-fs (loop1): Directory bread(block 68) failed [ 420.486361][ T6027] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 420.494167][ T8590] FAT-fs (loop1): Directory bread(block 69) failed [ 420.532483][ T8590] FAT-fs (loop1): Directory bread(block 70) failed [ 420.658053][ T6027] usb 1-1: Using ep0 maxpacket: 8 [ 420.730457][ T8590] FAT-fs (loop1): Directory bread(block 71) failed [ 420.816376][ T6027] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 420.877418][ T8590] FAT-fs (loop1): Directory bread(block 72) failed [ 420.988545][ T6027] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.017545][ T8590] FAT-fs (loop1): Directory bread(block 73) failed [ 421.190677][ T6027] usb 1-1: config 0 descriptor?? [ 421.463089][ T6027] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 421.642752][ T8599] loop2: detected capacity change from 0 to 2048 [ 421.725451][ T8599] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 421.886971][ T8607] loop3: detected capacity change from 0 to 16 [ 421.924274][ T6027] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 421.958123][ T6027] asix 1-1:0.0: probe with driver asix failed with error -71 [ 422.949407][ T6027] usb 1-1: USB disconnect, device number 3 [ 423.711859][ T8607] erofs (device loop3): mounted with root inode @ nid 36. [ 424.250677][ T8619] trusted_key: encrypted_key: insufficient parameters specified [ 424.552679][ T8625] netlink: 11 bytes leftover after parsing attributes in process `syz.5.854'. [ 424.603455][ T8625] netlink: 60 bytes leftover after parsing attributes in process `syz.5.854'. [ 424.609414][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.632360][ T8625] netlink: 'syz.5.854': attribute type 1 has an invalid length. [ 424.652315][ T8625] netlink: 128 bytes leftover after parsing attributes in process `syz.5.854'. [ 425.548779][ T8637] loop5: detected capacity change from 0 to 256 [ 427.287110][ T8648] netlink: 4 bytes leftover after parsing attributes in process `syz.3.863'. [ 427.348087][ T8648] caif0: Master is either lo or non-ether device [ 427.517916][ T5916] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 427.521428][ T8652] trusted_key: encrypted_key: insufficient parameters specified [ 427.685569][ T8654] loop3: detected capacity change from 0 to 1024 [ 427.689153][ T5916] usb 2-1: Using ep0 maxpacket: 8 [ 427.709858][ T8654] hfsplus: Bad value for 'session' [ 427.722174][ T5916] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 427.749393][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.781991][ T8656] netlink: 341 bytes leftover after parsing attributes in process `syz.0.866'. [ 427.811603][ T5916] usb 2-1: config 0 descriptor?? [ 428.035273][ T5916] asix 2-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 428.467042][ T5916] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 428.482546][ T5916] asix 2-1:0.0: probe with driver asix failed with error -71 [ 428.530654][ T5916] usb 2-1: USB disconnect, device number 6 [ 429.438848][ T8672] loop0: detected capacity change from 0 to 2048 [ 429.509864][ T8672] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 430.231942][ T46] Bluetooth: Mini driver request failed [ 430.239346][ T46] bcm203x 3-1:0.0: probe with driver bcm203x failed with error -5 [ 430.868140][ T46] usb 3-1: USB disconnect, device number 7 [ 431.654851][ T8689] loop2: detected capacity change from 0 to 256 [ 431.671320][ T8685] loop0: detected capacity change from 0 to 128 [ 431.747040][ T8685] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 431.767527][ T8685] ext4 filesystem being mounted at /172/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 433.004492][ T5836] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 433.058926][ T8701] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'. [ 433.068121][ T8701] netlink: 'syz.1.881': attribute type 18 has an invalid length. [ 433.075906][ T8701] netlink: 4 bytes leftover after parsing attributes in process `syz.1.881'. [ 436.126293][ T8723] loop0: detected capacity change from 0 to 128 [ 436.890002][ T8723] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 436.963985][ T8723] ext4 filesystem being mounted at /175/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 437.037169][ T8723] fscrypt (loop0, inode 12): Unsupported encryption flags (0x08) [ 437.348030][ T46] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 437.540076][ T46] usb 1-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 437.572602][ T46] usb 1-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 437.600781][ T46] usb 1-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 437.659103][ T8739] loop2: detected capacity change from 0 to 512 [ 437.735590][ T46] usb 1-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 437.886802][ T46] usb 1-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 437.975653][ T46] usb 1-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice=33.c2 [ 437.991531][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.017858][ T46] usb 1-1: config 0 descriptor?? [ 438.064254][ T46] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 438.091912][ T46] usb 1-1: MIDIStreaming interface descriptor not found [ 438.213422][ T8747] netlink: 12 bytes leftover after parsing attributes in process `syz.1.898'. [ 438.346375][ T46] usb 1-1: USB disconnect, device number 4 [ 438.689445][ T8750] syzkaller0: entered promiscuous mode [ 438.723574][ T8750] syzkaller0: entered allmulticast mode [ 439.249762][ T8359] udevd[8359]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 439.510182][ T5836] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 442.484893][ T8785] loop2: detected capacity change from 0 to 16 [ 442.511508][ T8785] erofs (device loop2): mounted with root inode @ nid 36. [ 443.453373][ T8789] loop2: detected capacity change from 0 to 512 [ 443.512967][ T8789] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.911: casefold flag without casefold feature [ 443.598289][ T8789] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.911: couldn't read orphan inode 15 (err -117) [ 443.642279][ T8789] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.848145][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 444.348286][ T8794] loop2: detected capacity change from 0 to 1024 [ 444.439663][ T2950] hfsplus: b-tree write err: -5, ino 4 [ 444.690072][ T8798] loop2: detected capacity change from 0 to 1024 [ 444.701351][ T8798] EXT4-fs: Ignoring removed bh option [ 444.777020][ T8798] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 444.805142][ T29] audit: type=1800 audit(1738714204.569:5): pid=8798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.915" name="file0" dev="loop2" ino=13 res=0 errno=0 [ 444.871728][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 445.565741][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.238291][ T5896] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 446.438023][ T5896] usb 3-1: Using ep0 maxpacket: 8 [ 446.461843][ T5896] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 446.472546][ T5896] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 446.482074][ T5896] usb 3-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5 [ 446.506045][ T5896] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 446.546433][ T5896] usb 3-1: config 0 descriptor?? [ 447.256942][ T8809] loop3: detected capacity change from 0 to 128 [ 447.285943][ T8809] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 447.317225][ T8809] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 447.899357][ T8817] loop5: detected capacity change from 0 to 16 [ 449.154981][ T8817] erofs (device loop5): mounted with root inode @ nid 36. [ 449.241456][ T29] audit: type=1800 audit(1738714209.009:6): pid=8818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.918" name="bus" dev="loop3" ino=115 res=0 errno=0 [ 449.501392][ T29] audit: type=1800 audit(1738714209.029:7): pid=8809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.918" name="bus" dev="loop3" ino=115 res=0 errno=0 [ 449.646536][ T5886] usb 3-1: USB disconnect, device number 8 [ 450.054003][ T8822] loop5: detected capacity change from 0 to 2048 [ 450.112824][ T8825] loop0: detected capacity change from 0 to 2048 [ 450.144187][ T8822] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 450.372294][ T8822] UDF-fs: error (device loop5): udf_read_inode: (ino 1376) failed !bh [ 450.429150][ T8831] loop1: detected capacity change from 0 to 512 [ 450.479531][ T8825] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 450.487886][ T8822] UDF-fs: error (device loop5): udf_fill_super: Error in udf_iget, block=64, partition=0 [ 450.581850][ T8825] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 451.107930][ T5896] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 452.077714][ T5886] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 452.199198][ T5896] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 452.223746][ T5896] usb 4-1: config 0 has no interface number 0 [ 452.240584][ T5896] usb 4-1: too many endpoints for config 0 interface 153 altsetting 255: 255, using maximum allowed: 30 [ 452.319117][ T5886] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 452.348350][ T5896] usb 4-1: config 0 interface 153 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 452.364502][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.417203][ T5886] usb 6-1: Product: syz [ 452.421559][ T5896] usb 4-1: config 0 interface 153 has no altsetting 0 [ 452.428680][ T5886] usb 6-1: Manufacturer: syz [ 452.433336][ T5886] usb 6-1: SerialNumber: syz [ 452.448618][ T5896] usb 4-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34 [ 452.458430][ T5896] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.466498][ T5896] usb 4-1: Product: syz [ 452.474740][ T5896] usb 4-1: Manufacturer: syz [ 452.485675][ T5896] usb 4-1: SerialNumber: syz [ 452.498787][ T5896] usb 4-1: config 0 descriptor?? [ 452.743915][ T5896] hub 4-1:0.153: bad descriptor, ignoring hub [ 452.782482][ T5896] hub 4-1:0.153: probe with driver hub failed with error -5 [ 452.807213][ T5896] sierra 4-1:0.153: Sierra USB modem converter detected [ 453.727992][ T8855] bridge0: port 1(hsr_slave_1) entered blocking state [ 453.735078][ T8855] bridge0: port 1(hsr_slave_1) entered disabled state [ 453.742812][ T8855] hsr_slave_1: entered allmulticast mode [ 453.751152][ T8855] hsr_slave_1: left allmulticast mode [ 453.820204][ T5896] usb 4-1: USB disconnect, device number 11 [ 453.855354][ T5896] sierra 4-1:0.153: device disconnected [ 454.093107][ T5916] kernel write not supported for file 534/task/535/clear_refs (pid: 5916 comm: kworker/1:5) [ 454.388393][ T5886] cdc_ncm 6-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 454.432410][ T8859] bond0: (slave bond_slave_0): Releasing backup interface [ 454.469244][ T8864] loop3: detected capacity change from 0 to 2048 [ 454.514602][ T8864] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 455.573902][ T5886] cdc_ncm 6-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.5-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 455.595013][ T5886] usb 6-1: USB disconnect, device number 2 [ 455.687049][ T8872] loop5: detected capacity change from 0 to 1024 [ 455.803228][ T8874] loop3: detected capacity change from 0 to 256 [ 455.833445][ T8872] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 455.923492][ T8872] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 456.326682][ T8872] JBD2: no valid journal superblock found [ 456.555300][ T5886] cdc_ncm 6-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.5-1, CDC NCM (NO ZLP) [ 456.615478][ T8872] EXT4-fs (loop5): Could not load journal inode [ 459.222818][ T8893] loop1: detected capacity change from 0 to 2048 [ 459.406282][ T8903] bridge0: port 3(hsr_slave_1) entered blocking state [ 459.414809][ T8903] bridge0: port 3(hsr_slave_1) entered disabled state [ 459.423808][ T8903] hsr_slave_1: entered allmulticast mode [ 459.451711][ T8903] hsr_slave_1: left allmulticast mode [ 459.948670][ T8893] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 460.432310][ T8907] loop2: detected capacity change from 0 to 16 [ 460.473128][ T8907] erofs (device loop2): mounted with root inode @ nid 36. [ 461.021946][ T8910] loop5: detected capacity change from 0 to 512 [ 461.043547][ T8910] EXT4-fs: Ignoring removed i_version option [ 461.063620][ T8910] EXT4-fs: Ignoring removed mblk_io_submit option [ 461.091016][ T8910] EXT4-fs (loop5): Test dummy encryption mode enabled [ 461.124976][ T8910] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c018, mo2=0103] [ 461.404877][ T8910] EXT4-fs error (device loop5): ext4_orphan_get:1389: comm syz.5.954: inode #13: comm syz.5.954: iget: illegal inode # [ 461.419646][ T5835] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 461.448528][ T8910] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.954: couldn't read orphan inode 13 (err -117) [ 461.519010][ T8910] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 461.626708][ T8917] loop2: detected capacity change from 0 to 256 [ 461.635166][ T8910] EXT4-fs error (device loop5): ext4_resize_begin:60: comm syz.5.954: resize_inode disabled but reserved GDT blocks non-zero [ 462.107859][ T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 462.185376][ T8343] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.011336][ T8] usb 2-1: unable to get BOS descriptor or descriptor too short [ 463.038594][ T8] usb 2-1: config 4 has an invalid interface number: 128 but max is 0 [ 463.061244][ T8] usb 2-1: config 4 has no interface number 0 [ 463.095442][ T8] usb 2-1: config 4 interface 128 altsetting 58 endpoint 0xA has invalid maxpacket 1535, setting to 1024 [ 463.130847][ T8931] netlink: 'syz.0.959': attribute type 1 has an invalid length. [ 463.147785][ T8931] netlink: 224 bytes leftover after parsing attributes in process `syz.0.959'. [ 463.157620][ T8] usb 2-1: config 4 interface 128 has no altsetting 0 [ 463.233446][ T8] usb 2-1: New USB device found, idVendor=0763, idProduct=1011, bcdDevice=be.83 [ 463.275351][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 463.310181][ T8] usb 2-1: Product: syz [ 463.314440][ T8] usb 2-1: Manufacturer: syz [ 463.357940][ T8] usb 2-1: SerialNumber: syz [ 465.264284][ T8944] loop0: detected capacity change from 0 to 256 [ 465.303924][ T8944] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 465.352150][ T8944] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 465.409282][ T8944] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 465.780148][ T8949] bridge0: port 1(hsr_slave_1) entered blocking state [ 465.790237][ T8949] bridge0: port 1(hsr_slave_1) entered disabled state [ 465.800453][ T8949] hsr_slave_1: entered allmulticast mode [ 465.817417][ T8949] hsr_slave_1: left allmulticast mode [ 466.187673][ C0] vkms_vblank_simulate: vblank timer overrun [ 466.501491][ T8] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 467.198573][ T8] usb 2-1: USB disconnect, device number 7 [ 467.451646][ T8960] loop0: detected capacity change from 0 to 1024 [ 467.466652][ T6065] udevd[6065]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:4.128/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 467.473166][ T8960] EXT4-fs: Ignoring removed orlov option [ 467.547985][ T8960] EXT4-fs: Ignoring removed nomblk_io_submit option [ 467.615491][ T8960] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 467.887950][ T5885] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 467.969643][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 467.983360][ T8968] loop3: detected capacity change from 0 to 256 [ 468.015063][ T8968] exfat: Deprecated parameter 'namecase' [ 468.062882][ T8968] exfat: Deprecated parameter 'utf8' [ 468.090453][ T5885] usb 6-1: Using ep0 maxpacket: 32 [ 468.107980][ T8968] exfat: Bad value for 'errors' [ 468.126876][ T5885] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 468.175897][ T5885] usb 6-1: config 0 has no interface number 0 [ 468.199529][ T8970] loop1: detected capacity change from 0 to 512 [ 468.269457][ T5885] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 468.287803][ T5885] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 468.297725][ T5885] usb 6-1: Product: syz [ 468.302012][ T5885] usb 6-1: Manufacturer: syz [ 468.304142][ T8970] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.319710][ T8970] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 468.374495][ T5885] usb 6-1: SerialNumber: syz [ 468.386816][ T5885] usb 6-1: config 0 descriptor?? [ 468.388963][ T5835] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.396116][ T5885] smsc95xx v2.0.0 [ 468.682500][ T8977] loop2: detected capacity change from 0 to 1024 [ 468.735363][ T8979] loop1: detected capacity change from 0 to 256 [ 468.909576][ T8977] hfsplus: request for non-existent node 33554434 in B*Tree [ 469.198013][ T8977] hfsplus: request for non-existent node 33554434 in B*Tree [ 469.238519][ T8977] hfsplus: request for non-existent node 33554434 in B*Tree [ 469.266522][ T8984] bridge0: port 3(hsr_slave_1) entered blocking state [ 469.276047][ T8984] bridge0: port 3(hsr_slave_1) entered disabled state [ 469.284373][ T8984] hsr_slave_1: entered allmulticast mode [ 469.300818][ T8984] hsr_slave_1: left allmulticast mode [ 469.977780][ T5885] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 470.016485][ T5885] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 470.053126][ T8977] hfsplus: request for non-existent node 33554434 in B*Tree [ 470.087861][ T5885] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 470.135904][ T5885] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 470.168502][ T5885] usb 6-1: USB disconnect, device number 3 [ 471.851701][ T8997] loop1: detected capacity change from 0 to 128 [ 472.038552][ T8997] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 472.129056][ T9001] loop5: detected capacity change from 0 to 16 [ 472.909434][ T9001] erofs (device loop5): mounted with root inode @ nid 36. [ 472.997845][ T8997] ext4 filesystem being mounted at /208/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 473.032794][ T1083] hfsplus: request for non-existent node 33554434 in B*Tree [ 473.198030][ T1083] hfsplus: request for non-existent node 33554434 in B*Tree [ 473.318561][ T5841] Bluetooth: hci4: command 0x0406 tx timeout [ 473.465751][ T9006] loop5: detected capacity change from 0 to 512 [ 473.515772][ T9006] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 473.528703][ T9006] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 473.663598][ T8343] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.021120][ T9019] loop5: detected capacity change from 0 to 1024 [ 474.156352][ T9019] hfsplus: xattr searching failed [ 474.163733][ T5835] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 474.189927][ T9019] hfsplus: xattr searching failed [ 474.314545][ T9022] hfsplus: xattr searching failed [ 474.421246][ T9023] hfsplus: xattr searching failed [ 474.549955][ T9026] netlink: 36 bytes leftover after parsing attributes in process `syz.0.990'. [ 474.581923][ T9026] netlink: 16 bytes leftover after parsing attributes in process `syz.0.990'. [ 474.592415][ T9028] hfsplus: xattr searching failed [ 474.645149][ T9026] netlink: 36 bytes leftover after parsing attributes in process `syz.0.990'. [ 474.692970][ T9026] netlink: 36 bytes leftover after parsing attributes in process `syz.0.990'. [ 474.842838][ T9031] loop2: detected capacity change from 0 to 2048 [ 474.880627][ T9031] ext4: Unknown parameter 'nouser_xattr' [ 475.040231][ T9033] loop0: detected capacity change from 0 to 1024 [ 475.064517][ T9033] EXT4-fs: Ignoring removed orlov option [ 475.153633][ T9033] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 475.293820][ T9036] loop2: detected capacity change from 0 to 256 [ 475.325330][ T9036] exfat: Deprecated parameter 'namecase' [ 475.359486][ T9036] exfat: Deprecated parameter 'utf8' [ 475.387833][ T9036] exfat: Bad value for 'errors' [ 475.560894][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 476.119220][ T9049] loop0: detected capacity change from 0 to 128 [ 476.132501][ T9049] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 476.373343][ T1083] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 476.753869][ T9059] loop2: detected capacity change from 0 to 256 [ 476.931637][ T9059] exfat: Deprecated parameter 'utf8' [ 478.247635][ T9059] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 479.073332][ T9070] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1004'. [ 479.181718][ T9071] loop5: detected capacity change from 0 to 512 [ 479.203860][ T9070] caif0: Master is either lo or non-ether device [ 479.251044][ T9071] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 479.363885][ T9071] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 479.566064][ T9071] EXT4-fs error (device loop5): ext4_empty_dir:3094: inode #12: comm syz.5.1006: invalid size [ 479.798939][ T8343] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.048188][ T9102] loop2: detected capacity change from 0 to 1024 [ 483.065286][ T9105] loop1: detected capacity change from 0 to 2048 [ 483.118388][ T9102] EXT4-fs: Ignoring removed oldalloc option [ 483.124430][ T9102] EXT4-fs: Ignoring removed nomblk_io_submit option [ 483.164737][ T9105] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 483.173860][ T9102] EXT4-fs (loop2): Cannot use DAX on a filesystem that may contain inline data [ 483.457242][ T5835] UDF-fs: warning (device loop1): udf_evict_inode: Inode 1367 (mode 100000) has inode size 4102 different from extent length 4608. Filesystem need not be standards compliant. [ 483.891803][ T9118] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1026'. [ 483.978466][ T5896] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 484.133994][ T9122] loop1: detected capacity change from 0 to 256 [ 484.149679][ T9122] exfat: Deprecated parameter 'namecase' [ 484.155422][ T9122] exfat: Deprecated parameter 'utf8' [ 484.170257][ T5896] usb 1-1: config 0 has an invalid interface descriptor of length 8, skipping [ 484.187702][ T5896] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 484.209490][ T9122] exfat: Bad value for 'errors' [ 484.228294][ T5896] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 484.237447][ T5896] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 484.283732][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.327658][ T5896] usb 1-1: config 0 descriptor?? [ 484.464796][ T9131] futex_wake_op: syz.3.1032 tries to shift op by 32; fix this program [ 484.512933][ T9132] loop5: detected capacity change from 0 to 8 [ 484.601170][ T5886] usb 1-1: USB disconnect, device number 5 [ 484.648223][ T9132] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 486.219684][ T9153] loop1: detected capacity change from 0 to 256 [ 486.236333][ T9153] exfat: Deprecated parameter 'utf8' [ 486.267026][ T9153] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 487.084870][ T9165] loop5: detected capacity change from 0 to 512 [ 487.155348][ T9165] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.168072][ T9165] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 487.251226][ T8343] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.641311][ T9173] loop3: detected capacity change from 0 to 8192 [ 487.721334][ T9173] loop3: p1 p2 p3 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p2 [ 487.724133][ T9173] loop3: p1 start 408832 is beyond EOD, truncated [ 487.877622][ T9173] loop3: p2 start 6684676 is beyond EOD, truncated [ 487.909047][ T9181] loop2: detected capacity change from 0 to 764 [ 487.931306][ T9173] loop3: p4 start 1048576 is beyond EOD, truncated [ 487.952322][ T9173] loop3: p5 start 408832 is beyond EOD, truncated [ 487.965714][ T9173] loop3: p6 start 6684676 is beyond EOD, truncated [ 488.036159][ T9173] loop3: p7 start 408832 is beyond EOD, truncated [ 488.056408][ T9173] loop3: p8 start 6684676 is beyond EOD, truncated [ 488.066967][ T9173] loop3: p9 start 408832 is beyond EOD, truncated [ 488.077357][ T9173] loop3: p10 start 6684676 is beyond EOD, truncated [ 488.085760][ T9173] loop3: p11 start 408832 is beyond EOD, truncated [ 488.095592][ T9173] loop3: p12 start 6684676 is beyond EOD, truncated [ 488.102873][ T9173] loop3: p13 start 408832 is beyond EOD, truncated [ 488.137902][ T5886] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 488.157787][ T9173] loop3: p14 start 6684676 is beyond EOD, truncated [ 488.193540][ T9173] loop3: p15 start 408832 is beyond EOD, truncated [ 488.202987][ T9173] loop3: p16 start 6684676 is beyond EOD, truncated [ 488.241235][ T9173] loop3: p17 start 408832 is beyond EOD, truncated [ 488.263324][ T9187] loop2: detected capacity change from 0 to 512 [ 488.294419][ T9173] loop3: p18 start 6684676 is beyond EOD, truncated [ 488.312067][ T9187] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 488.323894][ T9173] loop3: p19 start 408832 is beyond EOD, truncated [ 488.324605][ T9187] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 488.340929][ T5886] usb 6-1: unable to get BOS descriptor or descriptor too short [ 488.344199][ T9187] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 488.358487][ T9173] loop3: p20 start 6684676 is beyond EOD, truncated [ 488.360846][ T5886] usb 6-1: not running at top speed; connect to a high speed hub [ 488.365653][ T9173] loop3: p21 start 408832 is beyond EOD, truncated [ 488.380644][ T9173] loop3: p22 start 6684676 is beyond EOD, truncated [ 488.396931][ T9173] loop3: p23 start 408832 is beyond EOD, truncated [ 488.403068][ T9187] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 488.407496][ T5886] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 488.415316][ T9187] System zones: 0-2, 18-18, 34-34 [ 488.435657][ T9173] loop3: p24 start 6684676 is beyond EOD, truncated [ 488.444655][ T5886] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 488.455362][ T9187] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 488.462240][ T9173] loop3: p25 start 408832 is beyond EOD, [ 488.472413][ T5886] usb 6-1: config 1 has no interface number 1 [ 488.481508][ T9187] EXT4-fs (loop2): 1 truncate cleaned up [ 488.490617][ T9173] truncated [ 488.490635][ T9173] loop3: p26 start 6684676 is beyond EOD, truncated [ 488.506750][ T9187] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 488.513415][ T5886] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 488.538743][ T9173] loop3: p27 start 408832 is beyond EOD, truncated [ 488.545549][ T9173] loop3: p28 start 6684676 is beyond EOD, truncated [ 488.552830][ T9173] loop3: p29 start 408832 is beyond EOD, truncated [ 488.559656][ T9173] loop3: p30 start 6684676 is beyond EOD, truncated [ 488.567298][ T9173] loop3: p31 start 408832 is beyond EOD, truncated [ 488.574420][ T9173] loop3: p32 start 6684676 is beyond EOD, truncated [ 488.581576][ T5886] usb 6-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 488.583122][ T9187] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1054'. [ 488.615237][ T9173] loop3: p33 start 408832 is beyond EOD, truncated [ 488.619004][ T5886] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 488.633797][ T9173] loop3: p34 start 6684676 is beyond EOD, truncated [ 488.642500][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.646445][ T9173] loop3: p35 start 408832 is beyond EOD, truncated [ 488.665283][ T9173] loop3: p36 start 6684676 is beyond EOD, truncated [ 488.666257][ T5886] usb 6-1: Product: syz [ 488.684935][ T9173] loop3: p37 start 408832 is beyond EOD, truncated [ 488.693741][ T5886] usb 6-1: Manufacturer: syz [ 488.705384][ T5886] usb 6-1: SerialNumber: syz [ 488.713511][ T9173] loop3: p38 start 6684676 is beyond EOD, truncated [ 488.731714][ T9173] loop3: p39 start 408832 is beyond EOD, truncated [ 488.740864][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 488.755823][ T9173] loop3: p40 start 6684676 is beyond EOD, truncated [ 488.765528][ T9173] loop3: p41 start 408832 is beyond EOD, truncated [ 488.777435][ T9173] loop3: p42 start 6684676 is beyond EOD, truncated [ 488.787286][ T9173] loop3: p43 start 408832 is beyond EOD, truncated [ 488.801995][ T9173] loop3: p44 start 6684676 is beyond EOD, truncated [ 488.811315][ T9173] loop3: p45 start 408832 is beyond EOD, truncated [ 488.824054][ T9173] loop3: p46 start 6684676 is beyond EOD, truncated [ 488.879274][ T9173] loop3: p47 start 408832 is beyond EOD, truncated [ 488.885887][ T9173] loop3: p48 start 6684676 is beyond EOD, truncated [ 488.943661][ T9173] loop3: p49 start 408832 is beyond EOD, truncated [ 488.962405][ T9173] loop3: p50 start 6684676 is beyond EOD, truncated [ 488.994602][ T9173] loop3: p51 start 408832 is beyond EOD, truncated [ 489.027791][ T9173] loop3: p52 start 6684676 is beyond EOD, truncated [ 489.051231][ T9173] loop3: p53 start 408832 is beyond EOD, truncated [ 489.104781][ T5886] usb 6-1: USB disconnect, device number 4 [ 489.226571][ T9173] loop3: p54 start 6684676 is beyond EOD, truncated [ 489.268129][ T9173] loop3: p55 start 408832 is beyond EOD, truncated [ 489.314661][ T9173] loop3: p56 start 6684676 is beyond EOD, truncated [ 489.367190][ T9173] loop3: p57 start 408832 is beyond EOD, truncated [ 489.374375][ T9173] loop3: p58 start 6684676 is beyond EOD, truncated [ 489.382221][ T9173] loop3: p59 start 408832 is beyond EOD, truncated [ 489.390270][ T9173] loop3: p60 start 6684676 is beyond EOD, truncated [ 489.402119][ T9173] loop3: p61 start 408832 is beyond EOD, truncated [ 489.411537][ T9173] loop3: p62 start 6684676 is beyond EOD, truncated [ 489.419528][ T9173] loop3: p63 start 408832 is beyond EOD, truncated [ 489.427966][ T9173] loop3: p64 start 6684676 is beyond EOD, truncated [ 489.435443][ T9173] loop3: p65 start 408832 is beyond EOD, truncated [ 489.636255][ T5841] Bluetooth: hci2: command 0x0405 tx timeout [ 489.700485][ T9173] loop3: p66 start 6684676 is beyond EOD, truncated [ 489.754865][ T9173] loop3: p67 start 408832 is beyond EOD, truncated [ 489.818115][ T9173] loop3: p68 start 6684676 is beyond EOD, truncated [ 490.244574][ T9173] loop3: p69 start 408832 is beyond EOD, truncated [ 490.272559][ T9173] loop3: p70 start 6684676 is beyond EOD, truncated [ 490.287730][ T9173] loop3: p71 start 408832 is beyond EOD, truncated [ 490.315200][ T9173] loop3: p72 start 6684676 is beyond EOD, truncated [ 490.345771][ T9173] loop3: p73 start 408832 is beyond EOD, truncated [ 490.407823][ T9173] loop3: p74 start 6684676 is beyond EOD, truncated [ 490.458216][ T9173] loop3: p75 start 408832 is beyond EOD, truncated [ 490.490673][ T9173] loop3: p76 start 6684676 is beyond EOD, truncated [ 490.495711][ T5826] udevd[5826]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 490.547879][ T9173] loop3: p77 start 408832 is beyond EOD, truncated [ 490.570741][ T9173] loop3: p78 start 6684676 is beyond EOD, truncated [ 490.585065][ T9202] netlink: 'syz.5.1059': attribute type 2 has an invalid length. [ 490.597952][ T9173] loop3: p79 start 408832 is beyond EOD, truncated [ 490.609099][ T9173] loop3: p80 start 6684676 is beyond EOD, truncated [ 490.615927][ T9173] loop3: p81 start 408832 is beyond EOD, truncated [ 490.623195][ T9173] loop3: p82 start 6684676 is beyond EOD, truncated [ 490.631005][ T9173] loop3: p83 start 408832 is beyond EOD, truncated [ 490.641999][ T9173] loop3: p84 start 6684676 is beyond EOD, truncated [ 490.652189][ T9173] loop3: p85 start 408832 is beyond EOD, truncated [ 490.664932][ T9202] netlink: 'syz.5.1059': attribute type 9 has an invalid length. [ 490.668706][ T9173] loop3: p86 start 6684676 is beyond EOD, truncated [ 490.689551][ T9173] loop3: p87 start 408832 is beyond EOD, truncated [ 490.699089][ T9173] loop3: p88 start 6684676 is beyond EOD, truncated [ 490.705935][ T9173] loop3: p89 start 408832 is beyond EOD, truncated [ 490.713461][ T9202] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.1059'. [ 490.752728][ T9173] loop3: p90 start 6684676 is beyond EOD, truncated [ 490.775506][ T9173] loop3: p91 start 408832 is beyond EOD, truncated [ 490.807998][ T9173] loop3: p92 start 6684676 is beyond EOD, truncated [ 490.818432][ T9173] loop3: p93 start 408832 is beyond EOD, truncated [ 490.831022][ T9173] loop3: p94 start 6684676 is beyond EOD, truncated [ 490.840392][ T9173] loop3: p95 start 408832 is beyond EOD, truncated [ 490.848117][ T9173] loop3: p96 start 6684676 is beyond EOD, truncated [ 490.854911][ T9173] loop3: p97 start 408832 is beyond EOD, truncated [ 490.898357][ T9173] loop3: p98 start 6684676 is beyond EOD, truncated [ 490.925166][ T9173] loop3: p99 start 408832 is beyond EOD, truncated [ 490.950840][ T9173] loop3: p100 start 6684676 is beyond EOD, truncated [ 490.997714][ T9173] loop3: p101 start 408832 is beyond EOD, truncated [ 491.106929][ T9173] loop3: p102 start 6684676 is beyond EOD, truncated [ 491.179065][ T9173] loop3: p103 start 408832 is beyond EOD, truncated [ 491.275750][ T9173] loop3: p104 start 6684676 is beyond EOD, truncated [ 491.376104][ T9173] loop3: p105 start 408832 is beyond EOD, truncated [ 491.433858][ T9217] loop5: detected capacity change from 0 to 128 [ 491.448766][ T9173] loop3: p106 start 6684676 is beyond EOD, truncated [ 491.511296][ T9216] loop0: detected capacity change from 0 to 1024 [ 491.537798][ T9173] loop3: p107 start 408832 is beyond EOD, truncated [ 491.645071][ T9217] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 491.666514][ T9173] loop3: p108 start 6684676 is beyond EOD, truncated [ 491.674268][ T9173] loop3: p109 start 408832 is beyond EOD, truncated [ 491.681719][ T9173] loop3: p110 start 6684676 is beyond EOD, truncated [ 491.688983][ T9173] loop3: p111 start 408832 is beyond EOD, truncated [ 491.697280][ T9173] loop3: p112 start 6684676 is beyond EOD, truncated [ 491.718814][ T9217] ext4 filesystem being mounted at /52/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 491.738812][ T9173] loop3: p113 start 408832 is beyond EOD, truncated [ 491.745624][ T9173] loop3: p114 start 6684676 is beyond EOD, truncated [ 491.759732][ T9216] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 491.762393][ T9217] fscrypt (loop5, inode 12): Unsupported encryption flags (0x08) [ 491.773574][ T9173] loop3: p115 start 408832 is beyond EOD, truncated [ 491.853463][ T9173] loop3: p116 start 6684676 is beyond EOD, truncated [ 491.892374][ T9173] loop3: p117 start 408832 is beyond EOD, truncated [ 491.927252][ T9173] loop3: p118 start 6684676 is beyond EOD, truncated [ 491.947715][ T9173] loop3: p119 start 408832 is beyond EOD, truncated [ 491.954785][ T9173] loop3: p120 start 6684676 is beyond EOD, truncated [ 491.969284][ T9173] loop3: p121 start 408832 is beyond EOD, truncated [ 491.982534][ T9173] loop3: p122 start 6684676 is beyond EOD, truncated [ 491.994451][ T9173] loop3: p123 start 408832 is beyond EOD, truncated [ 492.012974][ T9173] loop3: p124 start 6684676 is beyond EOD, truncated [ 492.024675][ T9216] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4115: comm syz.0.1064: Allocating blocks 497-513 which overlap fs metadata [ 492.038829][ T9173] loop3: p125 start 408832 is beyond EOD, truncated [ 492.038865][ T9173] loop3: p126 start 6684676 is beyond EOD, truncated [ 492.038886][ T9173] loop3: p127 start 408832 is beyond EOD, truncated [ 492.038908][ T9173] loop3: p128 start 6684676 is beyond EOD, truncated [ 492.038929][ T9173] loop3: p129 start 408832 is beyond EOD, truncated [ 492.038951][ T9173] loop3: p130 start 6684676 is beyond EOD, truncated [ 492.038973][ T9173] loop3: p131 start 408832 is beyond EOD, truncated [ 492.038994][ T9173] loop3: p132 start 6684676 is beyond EOD, truncated [ 492.039016][ T9173] loop3: p133 start 408832 is beyond EOD, truncated [ 492.039037][ T9173] loop3: p134 start 6684676 is beyond EOD, truncated [ 492.039059][ T9173] loop3: p135 start 408832 is beyond EOD, truncated [ 492.039081][ T9173] loop3: p136 start 6684676 is beyond EOD, truncated [ 492.039104][ T9173] loop3: p137 start 408832 is beyond EOD, truncated [ 492.039126][ T9173] loop3: p138 start 6684676 is beyond EOD, truncated [ 492.039149][ T9173] loop3: p139 start 408832 is beyond EOD, truncated [ 492.039171][ T9173] loop3: p140 start 6684676 is beyond EOD, truncated [ 492.039194][ T9173] loop3: p141 start 408832 is beyond EOD, truncated [ 492.039217][ T9173] loop3: p142 start 6684676 is beyond EOD, truncated [ 492.039239][ T9173] loop3: p143 start 408832 is beyond EOD, truncated [ 492.039261][ T9173] loop3: p144 start 6684676 is beyond EOD, truncated [ 492.039284][ T9173] loop3: p145 start 408832 is beyond EOD, truncated [ 492.039306][ T9173] loop3: p146 start 6684676 is beyond EOD, truncated [ 492.039328][ T9173] loop3: p147 start 408832 is beyond EOD, truncated [ 492.039351][ T9173] loop3: p148 start 6684676 is beyond EOD, truncated [ 492.039373][ T9173] loop3: p149 start 408832 is beyond EOD, truncated [ 492.039396][ T9173] loop3: p150 start 6684676 is beyond EOD, truncated [ 492.039418][ T9173] loop3: p151 start 408832 is beyond EOD, truncated [ 492.039441][ T9173] loop3: p152 start 6684676 is beyond EOD, truncated [ 492.039463][ T9173] loop3: p153 start 408832 is beyond EOD, truncated [ 492.039485][ T9173] loop3: p154 start 6684676 is beyond EOD, truncated [ 492.039508][ T9173] loop3: p155 start 408832 is beyond EOD, truncated [ 492.039531][ T9173] loop3: p156 start 6684676 is beyond EOD, truncated [ 492.039560][ T9173] loop3: p157 start 408832 is beyond EOD, truncated [ 492.039583][ T9173] loop3: p158 start 6684676 is beyond EOD, truncated [ 492.039607][ T9173] loop3: p159 start 408832 is beyond EOD, truncated [ 492.039629][ T9173] loop3: p160 start 6684676 is beyond EOD, truncated [ 492.039652][ T9173] loop3: p161 start 408832 is beyond EOD, truncated [ 492.039675][ T9173] loop3: p162 start 6684676 is beyond EOD, truncated [ 492.039698][ T9173] loop3: p163 start 408832 is beyond EOD, truncated [ 492.039720][ T9173] loop3: p164 start 6684676 is beyond EOD, truncated [ 492.039743][ T9173] loop3: p165 start 408832 is beyond EOD, truncated [ 492.039849][ T9173] loop3: p166 start 6684676 is beyond EOD, truncated [ 492.039943][ T9173] loop3: p167 start 408832 is beyond EOD, truncated [ 492.039968][ T9173] loop3: p168 start 6684676 is beyond EOD, truncated [ 492.039990][ T9173] loop3: p169 start 408832 is beyond EOD, truncated [ 492.040013][ T9173] loop3: p170 start 6684676 is beyond EOD, truncated [ 492.040036][ T9173] loop3: p171 start 408832 is beyond EOD, truncated [ 492.040058][ T9173] loop3: p172 start 6684676 is beyond EOD, truncated [ 492.040081][ T9173] loop3: p173 start 408832 is beyond EOD, truncated [ 492.040104][ T9173] loop3: p174 start 6684676 is beyond EOD, truncated [ 492.040127][ T9173] loop3: p175 start 408832 is beyond EOD, truncated [ 492.040150][ T9173] loop3: p176 start 6684676 is beyond EOD, truncated [ 492.040172][ T9173] loop3: p177 start 408832 is beyond EOD, truncated [ 492.040194][ T9173] loop3: p178 start 6684676 is beyond EOD, truncated [ 492.040217][ T9173] loop3: p179 start 408832 is beyond EOD, truncated [ 492.040239][ T9173] loop3: p180 start 6684676 is beyond EOD, truncated [ 492.040263][ T9173] loop3: p181 start 408832 is beyond EOD, truncated [ 492.040285][ T9173] loop3: p182 start 6684676 is beyond EOD, truncated [ 492.040307][ T9173] loop3: p183 start 408832 is beyond EOD, truncated [ 492.040330][ T9173] loop3: p184 start 6684676 is beyond EOD, truncated [ 492.040353][ T9173] loop3: p185 start 408832 is beyond EOD, truncated [ 492.040375][ T9173] loop3: p186 start 6684676 is beyond EOD, truncated [ 492.040397][ T9173] loop3: p187 start 408832 is beyond EOD, truncated [ 492.040419][ T9173] loop3: p188 start 6684676 is beyond EOD, truncated [ 492.040442][ T9173] loop3: p189 start 408832 is beyond EOD, truncated [ 492.040464][ T9173] loop3: p190 start 6684676 is beyond EOD, truncated [ 492.040487][ T9173] loop3: p191 start 408832 is beyond EOD, truncated [ 492.040510][ T9173] loop3: p192 start 6684676 is beyond EOD, truncated [ 492.040532][ T9173] loop3: p193 start 408832 is beyond EOD, truncated [ 492.040562][ T9173] loop3: p194 start 6684676 is beyond EOD, truncated [ 492.040585][ T9173] loop3: p195 start 408832 is beyond EOD, truncated [ 492.040607][ T9173] loop3: p196 start 6684676 is beyond EOD, truncated [ 492.040630][ T9173] loop3: p197 start 408832 is beyond EOD, truncated [ 492.040652][ T9173] loop3: p198 start 6684676 is beyond EOD, truncated [ 492.040675][ T9173] loop3: p199 start 408832 is beyond EOD, truncated [ 492.040697][ T9173] loop3: p200 start 6684676 is beyond EOD, truncated [ 492.040720][ T9173] loop3: p201 start 408832 is beyond EOD, truncated [ 492.040743][ T9173] loop3: p202 start 6684676 is beyond EOD, truncated [ 492.040766][ T9173] loop3: p203 start 408832 is beyond EOD, truncated [ 492.040788][ T9173] loop3: p204 start 6684676 is beyond EOD, truncated [ 492.040811][ T9173] loop3: p205 start 408832 is beyond EOD, truncated [ 492.040833][ T9173] loop3: p206 start 6684676 is beyond EOD, truncated [ 492.040855][ T9173] loop3: p207 start 408832 is beyond EOD, truncated [ 492.040952][ T9173] loop3: p208 start 6684676 is beyond EOD, truncated [ 492.041044][ T9173] loop3: p209 start 408832 is beyond EOD, truncated [ 492.041068][ T9173] loop3: p210 start 6684676 is beyond EOD, truncated [ 492.041091][ T9173] loop3: p211 start 408832 is beyond EOD, truncated [ 492.041114][ T9173] loop3: p212 start 6684676 is beyond EOD, truncated [ 492.041136][ T9173] loop3: p213 start 408832 is beyond EOD, truncated [ 492.041159][ T9173] loop3: p214 start 6684676 is beyond EOD, truncated [ 492.041181][ T9173] loop3: p215 start 408832 is beyond EOD, truncated [ 492.041203][ T9173] loop3: p216 start 6684676 is beyond EOD, truncated [ 492.055830][ T46] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 492.094266][ T9173] loop3: p217 start 408832 is beyond EOD, [ 492.270333][ T9229] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1068'. [ 492.338518][ T9216] EXT4-fs (loop0): pa ffff88807cbe3ae0: logic 256, phys. 385, len 8 [ 492.352795][ T9173] truncated [ 492.354476][ T9216] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5366: group 0, [ 492.379042][ T46] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 492.381135][ T9216] free 0, pa_free 1 [ 492.415445][ T46] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 492.473405][ T9173] loop3: p218 start 6684676 is beyond EOD, [ 492.490285][ T46] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 492.547467][ T9173] truncated [ 492.784881][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.794346][ T46] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 492.839718][ T46] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 492.861359][ T46] usb 6-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice=33.c2 [ 492.885838][ T46] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.899650][ T9173] loop3: p219 start 408832 is beyond EOD, truncated [ 492.906643][ T9173] loop3: p220 start 6684676 is beyond EOD, truncated [ 492.915534][ T9173] loop3: p221 start 408832 is beyond EOD, truncated [ 492.926070][ T46] usb 6-1: config 0 descriptor?? [ 492.931185][ T9173] loop3: p222 start 6684676 is beyond EOD, truncated [ 492.939482][ T9173] loop3: p223 start 408832 is beyond EOD, truncated [ 492.952080][ T46] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 492.959336][ T9173] loop3: p224 start 6684676 is beyond EOD, truncated [ 492.966089][ T9173] loop3: p225 start 408832 is beyond EOD, truncated [ 492.987744][ T46] usb 6-1: MIDIStreaming interface descriptor not found [ 493.024354][ T9173] loop3: p226 start 6684676 is beyond EOD, truncated [ 493.073936][ T9173] loop3: p227 start 408832 is beyond EOD, truncated [ 493.093728][ T9173] loop3: p228 start 6684676 is beyond EOD, truncated [ 493.127759][ T9173] loop3: p229 start 408832 is beyond EOD, truncated [ 493.171239][ T9173] loop3: p230 start 6684676 is beyond EOD, truncated [ 493.216728][ T9173] loop3: p231 start 408832 is beyond EOD, truncated [ 493.232100][ T5896] usb 6-1: USB disconnect, device number 5 [ 493.247967][ T975] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 493.265791][ T9173] loop3: p232 start 6684676 is beyond EOD, truncated [ 493.280490][ T9173] loop3: p233 start 408832 is beyond EOD, truncated [ 493.291513][ T9173] loop3: p234 start 6684676 is beyond EOD, truncated [ 493.302681][ T9173] loop3: p235 start 408832 is beyond EOD, truncated [ 493.321770][ T9173] loop3: p236 start 6684676 is beyond EOD, truncated [ 493.356447][ T9173] loop3: p237 start 408832 is beyond EOD, truncated [ 493.384042][ T9173] loop3: p238 start 6684676 is beyond EOD, truncated [ 493.394694][ T9173] loop3: p239 start 408832 is beyond EOD, truncated [ 493.399273][ T6065] udevd[6065]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 493.423543][ T9173] loop3: p240 start 6684676 is beyond EOD, truncated [ 493.438907][ T975] usb 3-1: Using ep0 maxpacket: 8 [ 493.444189][ T9173] loop3: p241 start 408832 is beyond EOD, truncated [ 493.455374][ T9173] loop3: p242 start 6684676 is beyond EOD, truncated [ 493.464994][ T975] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 3 [ 493.483054][ T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 493.493313][ T9173] loop3: p243 start 408832 is beyond EOD, truncated [ 493.515632][ T9173] loop3: p244 start 6684676 is beyond EOD, truncated [ 493.534322][ T975] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 493.556090][ T9173] loop3: p245 start 408832 is beyond EOD, truncated [ 493.577677][ T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 493.590630][ T9173] loop3: p246 start 6684676 is beyond EOD, truncated [ 493.597413][ T9173] loop3: p247 start 408832 is beyond EOD, truncated [ 493.618495][ T975] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 493.638330][ T9173] loop3: p248 start 6684676 is beyond EOD, truncated [ 493.647031][ T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 493.655484][ T9173] loop3: p249 start 408832 is beyond EOD, truncated [ 493.668893][ T9173] loop3: p250 start 6684676 is beyond EOD, truncated [ 493.677299][ T975] usb 3-1: config 0 descriptor?? [ 493.690242][ T9173] loop3: p251 start 408832 is beyond EOD, truncated [ 493.698998][ T9231] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 493.728042][ T9173] loop3: p252 start 6684676 is beyond EOD, truncated [ 493.770157][ T9173] loop3: p253 start 408832 is beyond EOD, truncated [ 493.776982][ T9173] loop3: p254 start 6684676 is beyond EOD, truncated [ 493.827228][ T9173] loop3: p255 start 408832 is beyond EOD, truncated [ 493.882342][ T8343] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 493.937425][ T975] usb 3-1: USB disconnect, device number 9 [ 494.093004][ T9246] loop0: detected capacity change from 0 to 128 [ 494.124021][ T9246] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 494.168391][ T9246] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 494.334409][ T5853] udevd[5853]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 494.750592][ T9262] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1080'. [ 495.195507][ T9274] netlink: 'syz.0.1082': attribute type 1 has an invalid length. [ 495.244432][ T9274] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1082'. [ 495.748469][ T9285] loop0: detected capacity change from 0 to 256 [ 495.862646][ T9285] exFAT-fs (loop0): start_clu is invalid cluster(0x400) [ 496.617314][ T9289] loop3: detected capacity change from 0 to 512 [ 496.718536][ T9289] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 496.828110][ T9289] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 496.836146][ T9289] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 496.930583][ T9289] System zones: 0-1, 15-15, 18-18, 34-34 [ 496.937314][ T9289] EXT4-fs (loop3): orphan cleanup on readonly fs [ 496.944514][ T9289] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 496.956272][ T9289] EXT4-fs warning (device loop3): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 496.975377][ T9289] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 496.982451][ T9297] loop0: detected capacity change from 0 to 256 [ 497.002851][ T9289] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1088: bg 0: block 40: padding at end of block bitmap is not set [ 497.035704][ T9289] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 497.048094][ T9297] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 497.061005][ T9289] EXT4-fs (loop3): 1 truncate cleaned up [ 497.085299][ T9299] loop1: detected capacity change from 0 to 256 [ 497.097032][ T9289] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 497.134242][ T9297] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 497.176597][ T9289] EXT4-fs error (device loop3): ext4_encrypted_get_link:46: inode #16: comm syz.3.1088: bad symlink. [ 497.221330][ T9297] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 497.318067][ T9303] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1093'. [ 497.404692][ T9302] loop2: detected capacity change from 0 to 512 [ 497.948178][ T9302] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e843c018, mo2=0002] [ 498.005040][ T9302] System zones: 0-2, 18-18, 34-35 [ 498.055624][ T5842] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.069534][ T9302] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 498.478147][ T9302] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 498.654761][ T9302] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.1094: corrupted inode contents [ 498.805534][ T9302] EXT4-fs error (device loop2): ext4_dirty_inode:6042: inode #2: comm syz.2.1094: mark_inode_dirty error [ 498.907007][ T9302] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.1094: corrupted inode contents [ 498.924209][ T9313] netlink: 'syz.0.1095': attribute type 1 has an invalid length. [ 498.970662][ T9313] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1095'. [ 499.050992][ T9302] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.1094: mark_inode_dirty error [ 499.374110][ T9323] loop3: detected capacity change from 0 to 16 [ 499.390636][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 499.403421][ T9325] loop5: detected capacity change from 0 to 512 [ 499.437660][ T9325] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 499.540191][ T9323] erofs (device loop3): mounted with root inode @ nid 36. [ 499.548302][ T9325] EXT4-fs (loop5): 1 truncate cleaned up [ 499.555777][ T9325] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 499.673221][ T9328] netlink: 173 bytes leftover after parsing attributes in process `syz.0.1101'. [ 499.857848][ T29] audit: type=1804 audit(1738714259.579:8): pid=9325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1099" name="/newroot/59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop5" ino=15 res=1 errno=0 [ 499.924944][ T9331] loop2: detected capacity change from 0 to 2048 [ 500.006473][ T9334] loop0: detected capacity change from 0 to 256 [ 500.013972][ T9331] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 500.052628][ T9335] loop1: detected capacity change from 0 to 512 [ 500.118122][ T9331] UDF-fs: unknown compression code (0) [ 500.123016][ T9335] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 500.176038][ T9335] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 500.193474][ T8343] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 500.574862][ T9343] netlink: 11 bytes leftover after parsing attributes in process `syz.0.1105'. [ 500.652101][ T9343] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1105'. [ 500.661380][ T9343] netlink: 'syz.0.1105': attribute type 1 has an invalid length. [ 500.670795][ T9343] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1105'. [ 500.725771][ T5835] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 500.846775][ T9346] loop5: detected capacity change from 0 to 256 [ 501.885712][ T9352] netlink: 'syz.0.1110': attribute type 2 has an invalid length. [ 501.931585][ T9352] netlink: 'syz.0.1110': attribute type 9 has an invalid length. [ 502.004347][ T9352] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1110'. [ 502.298623][ T9360] netlink: 'syz.2.1111': attribute type 1 has an invalid length. [ 502.358876][ T9360] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1111'. [ 504.307642][ T5841] Bluetooth: hci2: command 0x0405 tx timeout [ 504.343100][ T9367] loop0: detected capacity change from 0 to 256 [ 504.480123][ T9367] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 505.114753][ T9377] loop2: detected capacity change from 0 to 16 [ 505.203981][ T9377] erofs (device loop2): mounted with root inode @ nid 36. [ 505.775324][ T9380] loop0: detected capacity change from 0 to 512 [ 505.806697][ T9380] EXT4-fs: Ignoring removed nobh option [ 505.967953][ T9380] EXT4-fs: Ignoring removed mblk_io_submit option [ 506.276414][ T9380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 506.673158][ T9387] loop3: detected capacity change from 0 to 256 [ 506.993396][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.813482][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.170312][ T9423] loop2: detected capacity change from 0 to 256 [ 511.429862][ T9423] FAT-fs (loop2): Directory bread(block 1285) failed [ 511.454938][ T9423] FAT-fs (loop2): Directory bread(block 1286) failed [ 511.477442][ T9423] FAT-fs (loop2): Directory bread(block 1287) failed [ 511.488667][ T9423] FAT-fs (loop2): Directory bread(block 1288) failed [ 511.495673][ T9423] FAT-fs (loop2): Directory bread(block 1289) failed [ 511.503456][ T9423] FAT-fs (loop2): Directory bread(block 1290) failed [ 511.531428][ T9423] FAT-fs (loop2): Directory bread(block 1291) failed [ 511.573108][ T9423] FAT-fs (loop2): Directory bread(block 1292) failed [ 511.607253][ T9423] FAT-fs (loop2): Directory bread(block 1293) failed [ 511.654238][ T9423] FAT-fs (loop2): Directory bread(block 1294) failed [ 511.665805][ T9434] loop1: detected capacity change from 0 to 16 [ 512.712210][ T9434] erofs (device loop1): mounted with root inode @ nid 36. [ 513.223072][ T9446] loop3: detected capacity change from 0 to 256 [ 513.245265][ T9446] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 513.280036][ T9446] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 513.350492][ T9446] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 514.839039][ T9453] loop3: detected capacity change from 0 to 512 [ 514.997435][ T9453] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 515.778010][ T9453] EXT4-fs (loop3): 1 truncate cleaned up [ 515.785423][ T9453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 516.110206][ T5842] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 518.973028][ T9490] netlink: 'syz.2.1147': attribute type 1 has an invalid length. [ 519.371707][ T9496] loop0: detected capacity change from 0 to 8 [ 520.635286][ T9504] loop5: detected capacity change from 0 to 8192 [ 522.626401][ T9534] loop5: detected capacity change from 0 to 16 [ 522.654134][ T9535] loop3: detected capacity change from 0 to 16 [ 522.690027][ T9534] erofs (device loop5): unsupported i_format 16 of nid 36 [ 522.777168][ T9535] erofs (device loop3): mounted with root inode @ nid 36. [ 522.791961][ T5885] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 522.958735][ T5885] usb 3-1: Using ep0 maxpacket: 8 [ 522.972002][ T5885] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 523.005122][ T5885] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 523.035794][ T9537] loop0: detected capacity change from 0 to 2048 [ 523.047753][ T5885] usb 3-1: config 0 descriptor?? [ 523.098293][ T9537] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 523.266670][ T5885] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 523.670884][ T5885] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 523.732986][ T5885] asix 3-1:0.0: probe with driver asix failed with error -71 [ 523.830393][ T5885] usb 3-1: USB disconnect, device number 10 [ 524.979577][ T9547] loop2: detected capacity change from 0 to 2048 [ 525.100640][ T9547] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 525.496587][ T12] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 525.557905][ T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 525.636076][ T12] EXT4-fs (loop2): This should not happen!! Data will be lost [ 525.636076][ T12] [ 525.727839][ T12] EXT4-fs (loop2): Total free blocks count 0 [ 525.733924][ T12] EXT4-fs (loop2): Free/Dirty block details [ 525.788912][ T12] EXT4-fs (loop2): free_blocks=2415919104 [ 525.842164][ T12] EXT4-fs (loop2): dirty_blocks=32 [ 525.882436][ T12] EXT4-fs (loop2): Block reservation details [ 525.908349][ T12] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 526.879986][ T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 527.997998][ T9571] batadv_slave_1: entered promiscuous mode [ 528.077471][ T9570] batadv_slave_1: left promiscuous mode [ 528.398871][ T9579] loop0: detected capacity change from 0 to 256 [ 528.406317][ T9579] exfat: Deprecated parameter 'namecase' [ 528.458473][ T9579] exfat: Deprecated parameter 'utf8' [ 528.464811][ T9579] exfat: Bad value for 'errors' [ 528.557775][ T5886] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 529.013157][ T9590] loop0: detected capacity change from 0 to 256 [ 529.024408][ T9590] exfat: Deprecated parameter 'utf8' [ 529.985882][ T9590] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 530.347822][ T5886] usb 4-1: Using ep0 maxpacket: 8 [ 530.421158][ T5886] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 530.467948][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 530.519156][ T5886] usb 4-1: config 0 descriptor?? [ 530.744718][ T5886] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 530.854636][ T9595] loop1: detected capacity change from 0 to 16 [ 530.879645][ T9595] erofs (device loop1): mounted with root inode @ nid 36. [ 531.673414][ T5886] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 531.750442][ T5886] asix 4-1:0.0: probe with driver asix failed with error -71 [ 531.846797][ T5886] usb 4-1: USB disconnect, device number 12 [ 532.362455][ T9609] loop5: detected capacity change from 0 to 128 [ 533.038339][ T9609] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 533.230227][ T9609] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 533.284601][ T9609] fscrypt (loop5, inode 12): Unsupported encryption flags (0x08) [ 533.371519][ T9622] loop3: detected capacity change from 0 to 128 [ 533.411502][ T9622] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 533.492637][ T9622] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 533.598381][ T5886] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 533.635390][ T9626] loop0: detected capacity change from 0 to 512 [ 533.661848][ T9626] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 533.777017][ T5886] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 533.838485][ T5886] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 533.897187][ T5886] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 533.970519][ T9628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 533.979186][ T9628] 8021q: adding VLAN 0 to HW filter on device team0 [ 534.006774][ T5886] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 534.022170][ T9628] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 534.042805][ T5886] usb 6-1: config 0 has an invalid descriptor of length 50, skipping remainder of the config [ 534.055489][ T5886] usb 6-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice=33.c2 [ 534.096151][ T5886] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.106542][ T9628] syz.2.1191 (9628) used greatest stack depth: 17936 bytes left [ 534.210682][ T5886] usb 6-1: config 0 descriptor?? [ 534.418366][ T9634] loop1: detected capacity change from 0 to 16 [ 534.427578][ T9634] erofs (device loop1): mounted with root inode @ nid 36. [ 534.552343][ T5886] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 534.559515][ T5886] usb 6-1: MIDIStreaming interface descriptor not found [ 534.779286][ T46] usb 6-1: USB disconnect, device number 6 [ 535.037422][ T9643] loop3: detected capacity change from 0 to 764 [ 535.149302][ T9643] Symlink component flag not implemented [ 535.155599][ T9643] Symlink component flag not implemented (101) [ 535.186900][ T8359] udevd[8359]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 536.692847][ T8343] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 537.689824][ T9662] loop5: detected capacity change from 0 to 1024 [ 537.713267][ T9662] EXT4-fs: Ignoring removed nomblk_io_submit option [ 537.736706][ T9662] EXT4-fs (loop5): Test dummy encryption mode enabled [ 537.784009][ T9662] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 538.983153][ T9659] fscrypt (loop5): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 539.115922][ T9683] loop3: detected capacity change from 0 to 512 [ 539.232227][ T8343] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.262356][ T9683] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 539.377908][ T9683] ext4 filesystem being mounted at /238/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 539.427108][ T9683] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.1206: corrupted inode contents [ 539.535969][ T9689] loop1: detected capacity change from 0 to 128 [ 539.555458][ T9683] EXT4-fs error (device loop3): ext4_dirty_inode:6042: inode #2: comm syz.3.1206: mark_inode_dirty error [ 539.633005][ T9683] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.1206: corrupted inode contents [ 539.646789][ T9689] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 539.649102][ T9689] ext4 filesystem being mounted at /249/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 539.729512][ T9689] fscrypt (loop1, inode 12): Unsupported encryption flags (0x08) [ 539.888862][ T9683] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.1206: mark_inode_dirty error [ 539.970896][ T9695] loop5: detected capacity change from 0 to 16 [ 539.988649][ T9695] erofs (device loop5): mounted with root inode @ nid 36. [ 540.002481][ T5835] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 540.423540][ T5842] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 540.448759][ T9702] syz.1.1212 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 542.202142][ T9731] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1219'. [ 542.421248][ T46] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 542.708034][ T46] usb 2-1: Using ep0 maxpacket: 32 [ 542.727640][ T9736] loop3: detected capacity change from 0 to 512 [ 542.791021][ T46] usb 2-1: config 0 interface 0 has no altsetting 0 [ 542.953217][ T46] usb 2-1: New USB device found, idVendor=0a5c, idProduct=2033, bcdDevice=39.2b [ 543.001418][ T9736] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.003647][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 543.027782][ T9736] ext4 filesystem being mounted at /243/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 543.061520][ T9740] loop2: detected capacity change from 0 to 128 [ 543.137597][ T46] usb 2-1: Product: syz [ 543.141875][ T46] usb 2-1: Manufacturer: syz [ 543.159831][ T9740] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 543.173393][ T46] usb 2-1: SerialNumber: syz [ 543.189486][ T46] usb 2-1: config 0 descriptor?? [ 543.247491][ T9740] ext4 filesystem being mounted at /252/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 543.255122][ T46] usb 2-1: Direct firmware load for BCM2033-MD.hex failed with error -2 [ 543.275327][ T5842] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.285705][ T9740] fscrypt (loop2, inode 12): Unsupported encryption flags (0x08) [ 543.294510][ T46] usb 2-1: Falling back to sysfs fallback for: BCM2033-MD.hex [ 543.385363][ T9746] loop0: detected capacity change from 0 to 8 [ 543.393495][ T9746] squashfs: Unknown parameter 'àY¦ṉǜÃ\ž³ÆzÝö' [ 544.356169][ T5846] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 544.410764][ T9749] loop3: detected capacity change from 0 to 128 [ 544.510226][ T9749] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 544.527193][ T9749] ext4 filesystem being mounted at /244/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 544.615646][ T9751] loop0: detected capacity change from 0 to 1024 [ 544.623946][ T9749] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 544.683102][ T9751] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 544.764521][ T9751] EXT4-fs (loop0): Test dummy encryption mode enabled [ 544.793547][ T9756] loop2: detected capacity change from 0 to 16 [ 544.838221][ T9756] erofs (device loop2): mounted with root inode @ nid 36. [ 544.847319][ T9751] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 545.064327][ T5841] erofs (device loop2): failed to decompress -26 in[46, 0] out[9000] [ 545.117247][ T9758] erofs (device loop2): failed to decompress -26 in[46, 4050] out[8192] [ 545.150745][ T9749] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 545.201338][ T9758] erofs (device loop2): read error -117 @ 0 of nid 89 [ 545.226004][ T29] audit: type=1800 audit(1738714304.989:9): pid=9758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1227" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 545.254328][ T9760] fscrypt: loop3: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13 [ 545.276610][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 545.460779][ T5842] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 545.709410][ T9766] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1228'. [ 545.757869][ T9766] netlink: 'syz.5.1228': attribute type 1 has an invalid length. [ 545.767444][ T9766] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1228'. [ 546.318463][ T9777] cgroup: Unknown subsys name 'cpuset' [ 546.374689][ T9777] loop0: detected capacity change from 0 to 1024 [ 546.423852][ T9777] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 546.465497][ T9777] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 546.480357][ T9777] EXT4-fs (loop0): orphan cleanup on readonly fs [ 546.539079][ T9783] loop2: detected capacity change from 0 to 8 [ 546.546409][ T9783] squashfs: Unknown parameter 'àY¦ṉǜÃ\ž³ÆzÝö' [ 546.860639][ T9777] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5838: Corrupt filesystem [ 547.134584][ T9777] EXT4-fs (loop0): Remounting filesystem read-only [ 547.202353][ T9785] netlink: 'syz.5.1237': attribute type 2 has an invalid length. [ 547.219076][ T9777] Quota error (device loop0): write_blk: dquota write failed [ 547.227073][ T9777] Quota error (device loop0): write_blk: dquota write failed [ 547.266226][ T9785] netlink: 'syz.5.1237': attribute type 9 has an invalid length. [ 547.287023][ T9777] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 547.300435][ T9785] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.1237'. [ 547.356836][ T9777] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 547.367620][ T975] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 547.428665][ T9777] EXT4-fs (loop0): 1 orphan inode deleted [ 547.471828][ T9777] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 547.533793][ T975] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 547.557635][ T975] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 547.595160][ T975] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 547.638536][ T975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.699404][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.711135][ T975] usb 4-1: config 0 descriptor?? [ 547.916817][ T9792] loop2: detected capacity change from 0 to 2048 [ 548.041557][ T9792] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 548.114563][ T9800] netlink: 260 bytes leftover after parsing attributes in process `syz.5.1243'. [ 548.125593][ T9792] ext4 filesystem being mounted at /257/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 548.199862][ T9792] fs-verity: sha256 using implementation "sha256-avx2" [ 548.392891][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 548.519013][ T9808] loop0: detected capacity change from 0 to 256 [ 548.546061][ T975] hid-led 0003:0FC5:B080.0001: probe with driver hid-led failed with error -71 [ 548.580207][ T9808] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 548.596983][ T975] usb 4-1: USB disconnect, device number 13 [ 548.620541][ T9808] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 548.686886][ T9808] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 549.475840][ T9818] cgroup: Unknown subsys name 'cpuset' [ 549.684682][ T9822] loop0: detected capacity change from 0 to 512 [ 549.789353][ T9822] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 549.810949][ T9822] ext4 filesystem being mounted at /265/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 549.895387][ T9833] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1255'. [ 550.703755][ T5836] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 551.024825][ T9841] netlink: 18 bytes leftover after parsing attributes in process `syz.3.1259'. [ 551.077063][ T9843] netlink: 18 bytes leftover after parsing attributes in process `syz.3.1259'. [ 551.143120][ T9846] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1260'. [ 551.175215][ T9846] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1260'. [ 551.185149][ T9846] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1260'. [ 551.196024][ T9846] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1260'. [ 551.480846][ T9853] loop5: detected capacity change from 0 to 256 [ 551.508791][ T9853] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 551.547797][ T9853] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 551.647987][ T5885] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 551.775692][ T9853] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 551.849328][ T5885] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 551.891229][ T5885] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 552.088274][ T5885] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 552.333314][ T5885] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 552.349070][ T5885] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 552.366371][ T9858] loop3: detected capacity change from 0 to 1024 [ 552.393434][ T5885] usb 1-1: config 0 descriptor?? [ 552.667153][ T9858] hfsplus: xattr searching failed [ 552.826545][ T9861] netlink: 260 bytes leftover after parsing attributes in process `syz.5.1269'. [ 552.916926][ T5885] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 552.938542][ T5916] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 552.946741][ T5885] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 553.019741][ T5885] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 553.155177][ T5916] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 553.205883][ T5916] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 553.210343][ T5885] usb 1-1: USB disconnect, device number 6 [ 553.242831][ T5916] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 553.261513][ T5916] usb 4-1: Product: syz [ 553.265754][ T5916] usb 4-1: Manufacturer: syz [ 553.289003][ T5916] usb 4-1: SerialNumber: syz [ 553.530602][ T5916] cdc_ncm 4-1:1.0: bind() failure [ 553.541701][ T9857] hfsplus: xattr search failed [ 553.590296][ T5916] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 553.607968][ T5916] cdc_ncm 4-1:1.1: bind() failure [ 553.665711][ T5916] usb 4-1: USB disconnect, device number 14 [ 557.324257][ T9879] netlink: 'syz.3.1276': attribute type 2 has an invalid length. [ 557.368320][ T9879] netlink: 'syz.3.1276': attribute type 9 has an invalid length. [ 557.394479][ T9879] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1276'. [ 557.678114][ T9890] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 557.810555][ T5852] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 557.827998][ T5852] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 557.837389][ T5852] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 557.851200][ T5852] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 557.858668][ T9894] loop3: detected capacity change from 0 to 1024 [ 557.870314][ T5852] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 557.896736][ T5852] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 558.684703][ T5209] udevd[5209]: worker [5853] terminated by signal 33 (Unknown signal 33) [ 558.841980][ T5209] udevd[5209]: worker [5853] failed while handling '/devices/virtual/bluetooth/hci3/hci3:0' [ 559.957871][ T5841] Bluetooth: hci4: command tx timeout [ 560.688186][ T9913] loop5: detected capacity change from 0 to 512 [ 560.908277][ T9913] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 560.931195][ T9913] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 561.087725][ T9913] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 561.143528][ T9913] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 561.159219][ T1083] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 561.247752][ T9913] System zones: 0-2, 18-18, 34-34 [ 561.326020][ T9913] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 561.347103][ T9893] chnl_net:caif_netlink_parms(): no params data found [ 561.457107][ T9913] EXT4-fs (loop5): 1 truncate cleaned up [ 561.543321][ T1083] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 561.555302][ T9913] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 561.652160][ T9913] EXT4-fs error (device loop5): ext4_generic_delete_entry:2687: inode #2: block 3: comm syz.5.1285: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 561.682637][ T9929] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 561.716415][ T1083] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 561.786362][ T9913] EXT4-fs error (device loop5) in ext4_delete_entry:2758: Corrupt filesystem [ 561.982218][ T1083] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 562.019064][ T8343] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.037890][ T5841] Bluetooth: hci4: command tx timeout [ 562.474198][ T9893] bridge0: port 1(bridge_slave_0) entered blocking state [ 562.498415][ T9893] bridge0: port 1(bridge_slave_0) entered disabled state [ 562.517040][ T9893] bridge_slave_0: entered allmulticast mode [ 562.536872][ T9893] bridge_slave_0: entered promiscuous mode [ 562.580047][ T9893] bridge0: port 2(bridge_slave_1) entered blocking state [ 562.587368][ T9893] bridge0: port 2(bridge_slave_1) entered disabled state [ 562.616041][ T9893] bridge_slave_1: entered allmulticast mode [ 562.633385][ T9893] bridge_slave_1: entered promiscuous mode [ 564.151439][ T5841] Bluetooth: hci4: command tx timeout [ 565.028422][ T9893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 565.225942][ T9893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 565.309365][ T9953] loop5: detected capacity change from 0 to 256 [ 565.407710][ T5852] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 565.425083][ T5852] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 565.435231][ T5852] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 565.446354][ T5852] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 565.456874][ T5852] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 565.464669][ T5852] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 566.411692][ T5852] Bluetooth: hci4: command tx timeout [ 566.626129][ T9893] team0: Port device team_slave_0 added [ 566.672820][ T1083] bridge_slave_1: left allmulticast mode [ 566.688077][ T1083] bridge_slave_1: left promiscuous mode [ 566.703442][ T1083] bridge0: port 2(bridge_slave_1) entered disabled state [ 566.870400][ T1083] bridge_slave_0: left allmulticast mode [ 566.912373][ T1083] bridge_slave_0: left promiscuous mode [ 566.918742][ T1083] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.547783][ T5852] Bluetooth: hci3: command tx timeout [ 568.136424][ T1083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 568.155368][ T1083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 568.167083][ T1083] bond0 (unregistering): Released all slaves [ 568.202708][ T9893] team0: Port device team_slave_1 added [ 568.289835][ T9964] lo: left promiscuous mode [ 568.434199][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.488424][ T9964] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 569.671980][ T5852] Bluetooth: hci3: command tx timeout [ 570.423337][ T9893] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 570.451959][ T9893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 570.514817][ T9893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 570.812745][ T9998] loop5: detected capacity change from 0 to 256 [ 571.917729][ T5852] Bluetooth: hci3: command tx timeout [ 572.793303][ T9893] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 572.850407][ T9893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 572.953343][ T9893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 573.948243][ T5852] Bluetooth: hci3: command tx timeout [ 573.974079][ T1083] hsr_slave_0: left promiscuous mode [ 574.155036][ T1083] hsr_slave_1: left promiscuous mode [ 574.342248][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 574.450990][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 574.532504][ T1083] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 574.559428][ T1083] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 574.700700][ T1083] veth1_macvtap: left promiscuous mode [ 574.730950][ T1083] veth0_macvtap: left promiscuous mode [ 574.788516][ T1083] veth1_vlan: left promiscuous mode [ 574.820859][ T1083] veth0_vlan: left promiscuous mode [ 575.217008][T10031] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1319'. [ 575.230114][T10031] netlink: 'syz.5.1319': attribute type 18 has an invalid length. [ 575.238455][T10031] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1319'. [ 576.931785][T10040] loop1: detected capacity change from 0 to 256 [ 578.376938][ T1083] team0 (unregistering): Port device team_slave_1 removed [ 578.488461][ T1083] team0 (unregistering): Port device team_slave_0 removed [ 579.785945][ T9893] hsr_slave_0: entered promiscuous mode [ 579.977474][ T9893] hsr_slave_1: entered promiscuous mode [ 580.053415][ T9893] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 580.107042][ T9893] Cannot create hsr debugfs directory [ 580.406370][T10022] pim6reg1: entered promiscuous mode [ 580.428216][T10022] pim6reg1: entered allmulticast mode [ 582.272611][T10088] loop5: detected capacity change from 0 to 256 [ 583.871077][T10086] loop0: detected capacity change from 0 to 40427 [ 583.955722][T10086] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 584.004557][T10086] F2FS-fs (loop0): invalid crc value [ 584.062250][T10086] F2FS-fs (loop0): Found nat_bits in checkpoint [ 584.202025][T10086] F2FS-fs (loop0): Start checkpoint disabled! [ 584.286446][T10086] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 584.465094][T10098] F2FS-fs (loop0): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x1f7/0xcf0 [ 584.526977][T10095] loop5: detected capacity change from 0 to 32768 [ 584.823756][T10095] JBD2: Ignoring recovery information on journal [ 584.965807][ T62] kworker/u8:4: attempt to access beyond end of device [ 584.965807][ T62] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 584.973703][T10095] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 584.985367][ T62] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 585.016308][ T62] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 585.449737][ T8343] ocfs2: Unmounting device (7,5) on (node local) [ 586.011938][T10105] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1335'. [ 586.035539][T10105] netlink: 'syz.5.1335': attribute type 18 has an invalid length. [ 586.059047][T10105] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1335'. [ 587.311112][T10111] netlink: 'syz.0.1337': attribute type 2 has an invalid length. [ 587.319393][T10111] netlink: 'syz.0.1337': attribute type 9 has an invalid length. [ 587.327341][T10111] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1337'. [ 588.936357][ T9954] chnl_net:caif_netlink_parms(): no params data found [ 589.082015][T10120] loop0: detected capacity change from 0 to 256 [ 590.528670][ T9954] bridge0: port 1(bridge_slave_0) entered blocking state [ 590.535936][ T9954] bridge0: port 1(bridge_slave_0) entered disabled state [ 590.553731][ T9954] bridge_slave_0: entered allmulticast mode [ 590.562489][ T9954] bridge_slave_0: entered promiscuous mode [ 590.625871][ T9954] bridge0: port 2(bridge_slave_1) entered blocking state [ 590.647799][ T9954] bridge0: port 2(bridge_slave_1) entered disabled state [ 590.658382][ T9954] bridge_slave_1: entered allmulticast mode [ 590.671049][ T9954] bridge_slave_1: entered promiscuous mode [ 590.850303][T10143] netlink: 'syz.1.1346': attribute type 2 has an invalid length. [ 590.858329][T10143] netlink: 'syz.1.1346': attribute type 9 has an invalid length. [ 590.866113][T10143] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1346'. [ 591.069589][ T9954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 591.111452][ T9954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 591.141767][T10152] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1349'. [ 591.180683][T10152] netlink: 'syz.1.1349': attribute type 18 has an invalid length. [ 591.199908][T10152] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1349'. [ 591.265839][ T9893] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 591.388814][ T9954] team0: Port device team_slave_0 added [ 591.399680][ T9893] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 591.466341][ T9893] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 591.557761][ T9954] team0: Port device team_slave_1 added [ 591.691043][ T9893] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 591.960523][T10167] loop1: detected capacity change from 0 to 256 [ 592.027204][ T9954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 592.038593][T10170] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1350'. [ 592.067402][ T9954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 592.375053][ T9954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 592.395494][T10170] nlmon0: Master is either lo or non-ether device [ 592.429201][ T9954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 592.436226][ T9954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 592.578560][ T9954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 593.286021][ T9954] hsr_slave_0: entered promiscuous mode [ 593.336645][ T9954] hsr_slave_1: entered promiscuous mode [ 593.383961][ T9954] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 593.411410][ T9954] Cannot create hsr debugfs directory [ 593.507339][T10186] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1359'. [ 593.554498][T10186] netlink: 'syz.0.1359': attribute type 18 has an invalid length. [ 593.568495][T10186] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1359'. [ 593.637662][ T5886] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 593.788773][ T5886] usb 6-1: Using ep0 maxpacket: 8 [ 593.815290][ T5886] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 593.853809][ T5886] usb 6-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5 [ 593.891830][ T5886] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.943549][ T5886] usb 6-1: config 0 descriptor?? [ 594.949356][T10216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1365'. [ 596.526524][ T5886] usb 6-1: USB disconnect, device number 7 [ 596.585651][T10218] loop5: detected capacity change from 0 to 256 [ 599.074400][ T9893] 8021q: adding VLAN 0 to HW filter on device bond0 [ 599.290903][ T9954] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 599.333908][T10216] nlmon0: Master is either lo or non-ether device [ 599.397739][ T9954] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 599.426392][T10228] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1369'. [ 599.458254][T10228] netlink: 'syz.1.1369': attribute type 18 has an invalid length. [ 599.515449][ T9893] 8021q: adding VLAN 0 to HW filter on device team0 [ 599.517748][T10228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1369'. [ 599.557216][ T9954] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 599.595675][ T9954] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 599.750568][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 599.757882][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 599.802126][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 599.809443][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 599.958811][T10234] input: syz0 as /devices/virtual/input/input11 [ 601.005265][ T9954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 601.028739][T10250] loop0: detected capacity change from 0 to 256 [ 601.821234][T10258] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1376'. [ 602.630736][T10262] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1378'. [ 602.722195][T10262] nlmon0: Master is either lo or non-ether device [ 602.763106][ T9954] 8021q: adding VLAN 0 to HW filter on device team0 [ 602.898131][ T2950] bridge0: port 1(bridge_slave_0) entered blocking state [ 602.905433][ T2950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 602.945238][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state [ 602.953861][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 603.275114][T10272] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1380'. [ 603.286857][T10272] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1380'. [ 603.962283][ T9893] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 604.494853][ T46] Bluetooth: Mini driver request failed [ 604.500889][ T46] bcm203x 2-1:0.0: probe with driver bcm203x failed with error -5 [ 604.511826][ T46] usb 2-1: USB disconnect, device number 8 [ 605.574312][T10288] bridge0: port 1(vlan2) entered blocking state [ 605.582259][T10288] bridge0: port 1(vlan2) entered disabled state [ 605.599350][T10288] vlan2: entered allmulticast mode [ 605.615641][T10288] bridge0: entered allmulticast mode [ 605.763101][T10288] vlan2: left allmulticast mode [ 605.807794][T10288] bridge0: left allmulticast mode [ 606.963039][T10305] loop0: detected capacity change from 0 to 256 [ 607.220999][T10310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1388'. [ 607.310654][T10310] nlmon0: Master is either lo or non-ether device [ 607.674030][T10316] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1390'. [ 607.684856][T10316] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1390'. [ 608.211928][ T9893] veth0_vlan: entered promiscuous mode [ 608.305910][ T9954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 608.377772][ T9893] veth1_vlan: entered promiscuous mode [ 609.582023][ T9893] veth0_macvtap: entered promiscuous mode [ 609.618850][ T9893] veth1_macvtap: entered promiscuous mode [ 609.846801][T10342] CUSE: unknown device info "€" [ 609.852122][T10342] CUSE: zero length info key specified [ 610.051024][T10341] bridge2: entered promiscuous mode [ 610.516857][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.527833][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.551285][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.845468][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.867954][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.883280][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.903550][ T9893] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 611.625421][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.658339][T10343] Oops: general protection fault, probably for non-canonical address 0xdffffc000000002b: 0000 [#1] PREEMPT SMP KASAN PTI [ 611.663107][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.671064][T10343] KASAN: null-ptr-deref in range [0x0000000000000158-0x000000000000015f] [ 611.671103][T10343] CPU: 1 UID: 0 PID: 10343 Comm: syz.1.1395 Not tainted 6.14.0-rc1-next-20250204-syzkaller #0 [ 611.671127][T10343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 611.671141][T10343] RIP: 0010:qca_close+0x72/0x2e0 [ 611.671173][T10343] Code: 64 af f6 f8 48 89 2c 24 42 80 7c 2d 00 00 74 08 4c 89 f7 e8 20 28 5d f9 4d 8b 26 49 8d bc 24 5a 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 28 84 c0 4c 89 eb 0f 85 de 01 00 00 45 0f b6 ac 24 5a [ 611.671193][T10343] RSP: 0018:ffffc90003fafb90 EFLAGS: 00010206 [ 611.671215][T10343] RAX: 000000000000002b RBX: ffff88802474e800 RCX: ffff88803109bc00 [ 611.684784][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.689406][T10343] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000015a [ 611.689425][T10343] RBP: 1ffff110048e9d37 R08: ffffffff8187d8b3 R09: 1ffffffff286072e [ 611.689440][T10343] R10: dffffc0000000000 R11: ffffffff88c8a130 R12: 0000000000000000 [ 611.689455][T10343] R13: dffffc0000000000 R14: ffff88802474e9b8 R15: 0000000000000000 [ 611.689470][T10343] FS: 000055556f46f500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 611.689487][T10343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 611.689500][T10343] CR2: 000000110c436247 CR3: 00000000579a4000 CR4: 00000000003526f0 [ 611.689517][T10343] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 611.689530][T10343] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 611.689543][T10343] Call Trace: [ 611.689553][T10343] [ 611.689561][T10343] ? __die_body+0x5f/0xb0 [ 611.689596][T10343] ? die_addr+0xb0/0xe0 [ 611.689626][T10343] ? exc_general_protection+0x3dd/0x5d0 [ 611.689670][T10343] ? asm_exc_general_protection+0x26/0x30 [ 611.689703][T10343] ? __pfx_qca_close+0x10/0x10 [ 611.689731][T10343] ? enable_work+0x2e3/0x360 [ 611.689764][T10343] ? qca_close+0x72/0x2e0 [ 611.689795][T10343] hci_uart_tty_close+0x205/0x290 [ 611.689832][T10343] tty_ldisc_kill+0xa3/0x1a0 [ 611.689862][T10343] tty_ldisc_release+0x1a1/0x200 [ 611.885037][T10343] tty_release_struct+0x2b/0xe0 [ 611.889914][T10343] tty_release+0xd06/0x12c0 [ 611.894438][T10343] ? __pfx_tty_release+0x10/0x10 [ 611.899394][T10343] __fput+0x3e9/0x9f0 [ 611.903394][T10343] task_work_run+0x24f/0x310 [ 611.908018][T10343] ? _raw_spin_unlock+0x28/0x50 [ 611.912975][T10343] ? __pfx_task_work_run+0x10/0x10 [ 611.918117][T10343] ? syscall_exit_to_user_mode+0xa3/0x340 [ 611.923862][T10343] syscall_exit_to_user_mode+0x13f/0x340 [ 611.929605][T10343] do_syscall_64+0x100/0x230 [ 611.934209][T10343] ? clear_bhb_loop+0x35/0x90 [ 611.938908][T10343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.944869][T10343] RIP: 0033:0x7f4f3cf8cda9 [ 611.949308][T10343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 611.968928][T10343] RSP: 002b:00007ffc5df24388 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 611.977359][T10343] RAX: 0000000000000000 RBX: 00007f4f3d1a7ba0 RCX: 00007f4f3cf8cda9 [ 611.985342][T10343] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 611.993320][T10343] RBP: 00007f4f3d1a7ba0 R08: 000000000000026c R09: 00007ffc5df2468f [ 612.001331][T10343] R10: 00007f4f3d1a7ac0 R11: 0000000000000246 R12: 00000000000953e4 [ 612.009402][T10343] R13: 00007ffc5df24490 R14: 0000000000000032 R15: ffffffffffffffff [ 612.017483][T10343] [ 612.020527][T10343] Modules linked in: [ 612.026637][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.029517][T10343] ---[ end trace 0000000000000000 ]--- [ 612.036696][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.043270][T10343] RIP: 0010:qca_close+0x72/0x2e0 [ 612.052487][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.057402][T10343] Code: 64 af f6 f8 48 89 2c 24 42 80 7c 2d 00 00 74 08 4c 89 f7 e8 20 28 5d f9 4d 8b 26 49 8d bc 24 5a 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 28 84 c0 4c 89 eb 0f 85 de 01 00 00 45 0f b6 ac 24 5a [ 612.087116][T10343] RSP: 0018:ffffc90003fafb90 EFLAGS: 00010206 [ 612.093264][T10343] RAX: 000000000000002b RBX: ffff88802474e800 RCX: ffff88803109bc00 [ 612.101352][T10343] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000015a [ 612.106165][ T9893] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 612.109475][T10343] RBP: 1ffff110048e9d37 R08: ffffffff8187d8b3 R09: 1ffffffff286072e [ 612.109497][T10343] R10: dffffc0000000000 R11: ffffffff88c8a130 R12: 0000000000000000 [ 612.109513][T10343] R13: dffffc0000000000 R14: ffff88802474e9b8 R15: 0000000000000000 [ 612.109529][T10343] FS: 000055556f46f500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 612.109548][T10343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 612.109564][T10343] CR2: 000000110c436247 CR3: 00000000579a4000 CR4: 00000000003526f0 [ 612.109583][T10343] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 612.109595][T10343] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 612.109624][T10343] Kernel panic - not syncing: Fatal exception [ 612.109925][T10343] Kernel Offset: disabled