last executing test programs: 3m10.845541588s ago: executing program 2 (id=48): syz_emit_ethernet(0x4a, &(0x7f0000000140)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x1, 0x31, 0x3c, 0x65, 0x0, 0x9, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, @redirect={0x5, 0x1, 0x0, @local, {0x8, 0x4, 0x0, 0x9, 0x0, 0x68, 0x2, 0xe, 0x16, 0x7, @multicast2, @local, {[@end, @cipso={0x86, 0xa, 0x1, [{0x7, 0x2}, {0x0, 0x2}]}]}}}}}}}, 0x0) r0 = socket(0x10, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10) write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000340)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0) 3m7.30993706s ago: executing program 2 (id=57): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400", @ANYBLOB], 0x40}}, 0x0) 3m6.59800981s ago: executing program 1 (id=59): syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_le_read_resolv_list_size={{0x7}, {0x3, 0x6}}}}, 0x8) 3m5.830456664s ago: executing program 1 (id=62): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002200)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0xfff, 0x10000000, 0x1, 0xdfaa, 0x3, {0x7, 0x0, 0x5, 0x3, 0x6, 0xfff}, {0x5, 0x2, 0x7b, 0x7, 0x8, 0x1}, 0x6, 0xd, 0x10001}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 3m5.295409113s ago: executing program 1 (id=65): syz_mount_image$ext4(&(0x7f0000000800)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x2040d0, &(0x7f0000000600)={[{@nolazytime}, {@noacl}, {@delalloc}, {@quota}, {@test_dummy_encryption}, {@nomblk_io_submit}]}, 0xff, 0x4ab, &(0x7f0000000080)="$eJzs3DtsHEUfAPD/nu34+/KyCeGREMAQEBEPO3ECSYHEQ0KiAIQERSgPx4lCLjGKjYQjixgUhQYJIiFaBKJBUFNQUSGgQqKhgB5FipCbhFSH9m7vOJ99j1wuPj9+P2m9M3t7NzO7O7szO94NYMMaSf8kEVsj4o+IGIqIXP0KI+XZtYW5iX8W5iaSKBZf+ztJvxZXF+YmKqsm2XxLOdKfznIXknh2mXSnZ8+dyhcKk2ez+NjM6bfHpmfPPXHydP7E5InJM+NHjhw6eODwU+NPdqWct6V53f3e1J5dL75x6eWJo5fe/PnbpCbTteWo2wIdGoj5mm1S7+EupLCabKsJJ/1NV+3GxqVLBiNKFXWgVP+Hou/C9upnQ/HCBz3NHHBLFYvF4njjj+eLwDqWRK9zAPRG5UJ/deGzibQPvLgfvP5dea7cAUrLfS2byp2e/mpHdaCuf9tNcxFxdP765+kUS+5DAAB03w9p++fxcrtjcfsvF3fWrLc9GxsazsZSdkTE7RGxMyLuiCite1dE3H2D6Y/UxZe2f3KXOypYm9L239PZ2FZlytKtrDLcl8W2lco/kBw/WZjcn22TfTEwmMYPLPvrSZQGgeK3jxulP1LT/kunNP1KWzDLx+X+wcXfOZafyd90wTNX3o/Y3b9c+bMBvGwMa1dE7O4wjZOPfr1n8ZK+aqh1+ZtoPs7UluIXEY+U9/981JW/Imk+Pjn2vyhM7h+rHBVL/fLrxVcbpX9T5e+CdP9vXvb4r5Z/OKkdr51e8hObWqVx8c8PG/ZpRiKeiQ6O/03J64sSfzc/M3O9GLEpeWnJ8rM1N7gr8dL8QLn8+/YuX/93xH9b4p6ISA/ieyPivoi4P9t3D0TEgxGxt0n5f3r+obealL+n+z++KZ+h2tr/lf1QPhCqR0SrQN+pH79vlHx7579DpdC+bEk75792M9jhVgMAAIA1JRcRWyPJjVbDudzoaPl/+HfG5lxhanrmseNT75w5Vn5GYDgGcpU7XUNZPLL7n8PleKn3PV6aR5zP7pcezO4bf9r3/1J8dGKqcKzXhYcNbkuD+p/6q6/XuQNuuS6MowFrVLP6/+XhFcwIsOI6v/5rOcBa16IWe2EDrGOu4rBxLVf/z/cgH8DKa3z9n9Q0gHWuWsk/aWPlmse96h/eBNYeF3nYuFrX/1du1fuvgN5p/yn+1RJIkkVL4quI5t9Kep/nDgIfrY5sNA5ErtFHgzf6goieBPKrIxutApWKOnvuVH/bb7WYLZ7PFwq/f3czqff2vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAt/wYAAP//gN/guA==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc000ff}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)) 3m2.760733525s ago: executing program 1 (id=69): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3m2.686378989s ago: executing program 2 (id=70): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r2, r1, 0x7, 0x0, 0x0, @void, @value}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 3m2.028792259s ago: executing program 2 (id=73): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) tkill(0x0, 0x7) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000000000)={0xc, {"a2e3ad21ed0d30f91b5d390987f70906d038e7ff7fc6e5539b3275298b089b0708356e090890e0878f0e1ac6e7049b3350959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a3c8f674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea50900000000000000987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cfcdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe673852be227e4247caf9b059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2b9fe00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d2e98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab422f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5182cff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec6800068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1056}}, 0x100) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) syz_usb_connect$uac1(0x0, 0xda, &(0x7f0000000440)=ANY=[@ANYBLOB="1201b0c63e0739086b1d01014000010203010902c80003010000800904000000010100000a24010000060201020c24020502020602060006ff090401000001020000090401010101020000072401090100000924020206000300060c240201270320cbb2bb9bcb0905010900021f0504072501000006000904020000010200000904020101ffff00000724d17bf018000724015afd05000f2402020000859900354fa656e9470c2402011f024808bac2ad3d07240100010000110502"], &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0}) 3m0.963142836s ago: executing program 1 (id=78): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(r0, &(0x7f0000000040)='cpu.weight.nice\x00', 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r2, &(0x7f0000000000)={0x1f, @fixed}, 0x8) r3 = dup(r2) getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x13, 0x0, &(0x7f0000000980)) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0x10400, 0xb811}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MULTICAST_ROUTER={0x5, 0x19, 0x1}]}}}]}, 0x44}}, 0x40000) 3m0.55716689s ago: executing program 1 (id=79): socket$inet_udp(0x2, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) poll(&(0x7f0000001280), 0xa4, 0x3) 2m59.085634262s ago: executing program 2 (id=85): r0 = epoll_create1(0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xa000000f}) read$char_usb(r1, &(0x7f0000000100)=""/169, 0xa9) epoll_pwait(r0, &(0x7f0000000340)=[{}, {}, {}, {}], 0x4, 0xfffffffd, 0x0, 0x0) 2m57.755471782s ago: executing program 2 (id=90): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) read$FUSE(r1, &(0x7f0000000400)={0x2020}, 0x2020) 2m49.898097074s ago: executing program 32 (id=108): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000000)={0x20, 0x0, 0x8, 0x801, 0x0, 0x0, {0x3, 0x0, 0x2}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4004}, 0x40) 2m45.084634462s ago: executing program 33 (id=79): socket$inet_udp(0x2, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) poll(&(0x7f0000001280), 0xa4, 0x3) 2m42.335252443s ago: executing program 34 (id=90): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) read$FUSE(r1, &(0x7f0000000400)={0x2020}, 0x2020) 2m31.597513805s ago: executing program 4 (id=136): r0 = openat$audio(0xffffff9c, &(0x7f0000001140), 0x101000, 0x0) fsetxattr(r0, &(0x7f00000011c0)=@known='system.posix_acl_access\x00', &(0x7f0000001200)='\x00', 0x1, 0x2) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x0, 0xf5}, 0xe) shutdown(r1, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r2, 0x5421, &(0x7f0000000240)=0x2) connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) shutdown(r2, 0x1) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_newrule={0x24, 0x1a, 0x1, 0x0, 0x0, {0x81}, [@FIB_RULE_POLICY=@FRA_TABLE={0x8, 0xf, 0xfe}]}, 0x24}}, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/seq/clients\x00', 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041) read$char_usb(r4, &(0x7f0000000000)=""/38, 0x26) r5 = dup2(r2, r2) write$FUSE_NOTIFY_INVAL_INODE(r5, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000100)={r6}, 0x8) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 2m19.088340663s ago: executing program 4 (id=144): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0xb8}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000001c0)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 2m18.340071473s ago: executing program 4 (id=145): rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8) r0 = gettid() rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8) timer_create(0x2, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r0}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x989680}}, 0x0) tkill(r0, 0x30) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newtaction={0x7c, 0x32, 0xb, 0x5, 0x0, {}, [{0x68, 0x1, [@m_ct={0x64, 0x1, 0x0, 0x0, {{0x7}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x80000001, 0x0, 0x0, 0x0, 0x400}}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @private=0xa010102}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x40}, @TCA_CT_MARK={0x8, 0x5, 0x9}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8890}, 0x40) 2m17.182738845s ago: executing program 4 (id=146): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0xfe, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") open(&(0x7f0000000140)='./bus\x00', 0x147142, 0x89) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001"}) r1 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0) write$P9_RREADDIR(r1, &(0x7f0000000140)={0xb, 0x29, 0x2, {0x5}}, 0xb) 2m14.502556691s ago: executing program 4 (id=147): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip6_tables_targets\x00') prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffb) mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0) r2 = userfaultfd(0x801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000004c0)) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000200)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x1000, 0x1}) 2m11.596827944s ago: executing program 4 (id=149): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) recvmmsg(r1, &(0x7f0000003f40)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x10000, 0x0) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000200)=""/150, 0x96}], 0x1) 2m10.093591942s ago: executing program 35 (id=149): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) recvmmsg(r1, &(0x7f0000003f40)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x10000, 0x0) connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000200)=""/150, 0x96}], 0x1) 1m57.080127127s ago: executing program 6 (id=165): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x48, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0x47, 0x48, 0x29, 0x8, 0x1395, 0x300, 0x8175, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x96, 0x1, 0x2, 0x50, 0x2f, 0x7e, 0x0, [], [{{0x9, 0x5, 0xf, 0x0, 0x20, 0x1, 0xff, 0x8, [@generic={0x9, 0x4, "70e96808dcdad3"}]}}, {{0x9, 0x5, 0x3, 0x10, 0x10, 0x74, 0x4, 0x6, [@generic={0x9, 0x4, "034bcded850639"}]}}]}}]}}]}}, 0x0) 1m54.288015717s ago: executing program 6 (id=169): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00'], 0x1, 0x1d0, &(0x7f00000002c0)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPXUlkcWk0vtMXKTXMwjwcwQmnpkUXFlVXZiTk5qUfFChopbyUkVp08wsFy3v6bSLMHp8EeewyFJ00GH6YiPR9aMxhLOSVKaYmxsmQpnz3yQX8emcYTh0QrmjXWeeY11halT89LykqqyqrLmTZy4cWZjZ2Pjyol1UWl+qxhbUlw2NXUyMjlsURPYzGyoPslGe8K79lUPkxxYezz8mk8ZK71OZb5kvLBI6tSKqpkTvijNZjT8znCHp2yFhIaGk8QVCYsGE4YjdbYNriAnpjQwpCmEMSapsYm1bTkzJ4SZn81tgUJL8gmm0KMcS2dKWBwQqjr501LzrUOi24xtTx3YzvAcPs6zpqBP0Oi4BIPTQsH/MiBjEhoayjTWMi21XfClSOOvhNdqY6cMBnd7pmWwAGVpAJErocEtC9aTkLzCQ0dT0yglOaFhk0RCkluBoTLD1j2cqwUaGJCiTYWBgWE7IyxuIeAajDEKRsEoGAWjYBSMglEwCkbBKBgFo2BEAEAAAAD//zJAmMo=") pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_u}]}}) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) write$FUSE_GETXATTR(r2, &(0x7f00000001c0)={0x18, 0x0, 0x0, {0xfffffff9}}, 0x18) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lstat(&(0x7f0000000080)='./file0\x00', 0x0) 1m51.947388873s ago: executing program 6 (id=173): syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) ioperm(0x0, 0x2, 0x7e) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) 1m50.363130843s ago: executing program 6 (id=176): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0) preadv2(r1, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x7) 1m47.709386545s ago: executing program 6 (id=179): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f00000022c0)={0x1, 0x12c, @ioapic={0x100000, 0x7, 0x5, 0x7e, 0x0, [{0x1, 0x0, 0x80, '\x00', 0x8}, {0xe, 0xe, 0x1, '\x00', 0x4}, {0x6, 0xa9, 0x3, '\x00', 0x8}, {0x4, 0x10, 0x4, '\x00', 0x7}, {0x9, 0x6, 0x9, '\x00', 0x1}, {0x9, 0x40, 0x8c, '\x00', 0x31}, {0x5, 0x39, 0x8, '\x00', 0x6}, {0x7, 0xb, 0x6, '\x00', 0x7}, {0x9, 0x0, 0x2}, {0x9, 0x8, 0x10, '\x00', 0x7}, {0x9, 0x5, 0x74, '\x00', 0x1}, {0x81, 0xfb, 0x9, '\x00', 0x2}, {0x6, 0x9, 0x6, '\x00', 0x2d}, {0x5, 0x1, 0x2, '\x00', 0x9}, {0x3, 0xd, 0x0, '\x00', 0x2}, {0x2, 0x89, 0x0, '\x00', 0x7}, {0x8, 0x3, 0x9, '\x00', 0x5d}, {0xf8, 0x3d}, {0x1, 0x4e, 0x81, '\x00', 0x40}, {0x1, 0x5, 0x0, '\x00', 0x7}, {0x5, 0x7, 0x4, '\x00', 0x1}, {0xb5, 0x5, 0x8, '\x00', 0x4}, {0x7, 0x2, 0x7, '\x00', 0x7d}, {0x40, 0x55, 0x81, '\x00', 0xb8}]}}) 1m47.169379676s ago: executing program 5 (id=182): pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) splice(r1, 0x0, r0, 0x0, 0x1, 0x4) vmsplice(r0, &(0x7f00000013c0)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000240)) close_range(r0, 0xffffffffffffffff, 0x0) 1m45.996066054s ago: executing program 5 (id=184): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r0, 0x0, 0x0, 0x24004800, &(0x7f00000002c0)={0x2, 0x4e23, @remote}, 0x10) connect$netlink(r0, &(0x7f0000000000)=@unspec={0x0, 0xe803}, 0xc) 1m45.229578325s ago: executing program 5 (id=186): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4ed, &(0x7f00000005c0)="$eJzs3d9rW28ZAPDnpM1st8526sUcuBVRtqFL2tVtxYttgujVQJ33XW3TUpo2pUm3tQzp8FoEERW90StvBP8AQfYniDDQ+yGiDNnmhRdq5CQnW79d0nYsafZtPx94+77nR87zvAk5yXvOaU4Ax9Z4RNyOiIGIuBwRo9n8XFZiu1nS9V6+eDSXliTq9bv/TCLJ5rW2lWT1qexhQxHxnW9GfC9JmjN2qG5uLc+Wy6X1bLpYW1krVje3riytzC6WFkurU1OT16dvTF+bnuhaX29+/W8//dFvvnHzD19+8GzmH5e+n+Y7ki3b2Y9uaj4n+cZz0TIYEeu9CNYHA1l/8gdZOel9PgAA7C39jv+piPh8RLz6Rb+zAQAAAHqhfmsk/pNE1AEAAIAjK9e4BjbJFbJrAUYilysUmtfwfiZuRblSrX1pobKxOt+8VnYs8rmFpXJpIrtWeCzySTo92Wi/mb66a3oqIs5ExE9GhxvThblKeb7fBz8AAADgmEjH+SO5Zjut/jXaHP8DAAAAR8xYvxMAAAAAes74HwAAAI6+t8f/480qGTz8ZAAAAIBu+9adO2mpt+5/PX9/c2O5cv/KfKm6XFjZmCvMVdbXCouVymLjN/tW9tteuVJZ+0qsbjws1krVWrG6uTWzUtlYrc007us9UzrQfaIBAACArjpz4clfkojY/upwo6ROZMuM1eFoy73b6kmv8gAO30C/EwD6xgW+cHwZ4wP7DeyHDikPAACgdy5+9vX5/+HYcf7/9DPHBuCoe8fz/8AR4vw/HF+7zv//ql95AIfPGB/Y7zhAx/P/f+x+LgAAQG+MNEqSK2RjgJHI5QqFiNON2wLkk4WlcmkiIj4ZEX8ezX8inZ7sd9IAAAAAAAAAAAAAAAAAAAAAAAAA8DFTrydRBwAAAI60iNzfk4hIYihi9Asju48PnEj+PdqoI+LBL+/+7OFsLSLupbNez6/9vDG/tn61DwcwAAAAgLe0xumN2o38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiyly8ezbXKYcZ9/rWIGGsXfzCGGvVQ5CPi5KskBnc8LomIgS7E334cEWfbxU/StGIsy2J3/FxEDPc5/qkuxIfj7Em6/7nd7v2Xi/FG3f79N5iV9/V8vNP+L/d6/zfQYf93ep9tn8jqc09/V+wY/3HEucH2+59W/OQ997/3vru11WlZ/dcRF9t+/iQfiVWsrawVq5tbV5ZWZhdLi6XVqanJ69M3pq9NTxQXlsql7G/bGD/+3O//t1f/T3aIP9ap/0kzp3q9/TYv7Jr+79OHLz7dbsUk4vkPs3ab1/9sp/jZc//F7HMgXX6x1d5utnc6/9s/nd+r//Md+r/f63+p00Z3ufztH/y12cof8BEAQC9VN7eWZ8vl0vpBG+mg98ArH2Ij7cwHkEYXG+MfRhoax7PR7z0TAADQbW++9Pc7EwAAAAAAAAAAAAAAAAAAADi+Wv//3/ot5178nNjOeEOtRpIcel8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPby/wAAAP//nXrOGw==") socket$nl_route(0x10, 0x3, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000126abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3acb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r6, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x14, 0x1, 0x2, 0x201, 0x0, 0x0, {0xa, 0x0, 0x3}}, 0x14}}, 0x24040000) syz_open_procfs(0x0, 0x0) r7 = socket$inet(0xa, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470) 1m44.923185585s ago: executing program 6 (id=187): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)}) r2 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030021000b63d25a80648c2594f90124fc60350c030b022e0009083582c137153e", 0x23}], 0x1, 0x0, 0x0, 0x3000}, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000040)={0x1, 0x8, 0x3, 0x20000000000000}) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x11) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_emit_ethernet(0x48, &(0x7f0000000000)={@multicast, @random="777de85bf4dd", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x12, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, [{}]}}}}}}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f0000000680)=[@text16={0x10, &(0x7f0000000280)="66b9800000c00f326635010000000f3064660f38828e4258660f086766c744240012e93bf96766c7442402010000006766c744240600000000670f011c2466b9800000c00f326635002000000f300f01df66b80500000066b900200000a90a000f01c40f019f09000f01c2", 0x6b}], 0x1, 0x7d, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0xfffffffffffffda6) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000580)=""/133) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x89f1, &(0x7f0000000040)={'ip6tnl0\x00', @random='\a\x00\x00 \x00'}) ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f0000000100)={0xbc, 0x0, 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m41.301135236s ago: executing program 36 (id=187): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)}) r2 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030021000b63d25a80648c2594f90124fc60350c030b022e0009083582c137153e", 0x23}], 0x1, 0x0, 0x0, 0x3000}, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000040)={0x1, 0x8, 0x3, 0x20000000000000}) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x11) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_emit_ethernet(0x48, &(0x7f0000000000)={@multicast, @random="777de85bf4dd", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x12, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, [{}]}}}}}}, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f0000000680)=[@text16={0x10, &(0x7f0000000280)="66b9800000c00f326635010000000f3064660f38828e4258660f086766c744240012e93bf96766c7442402010000006766c744240600000000670f011c2466b9800000c00f326635002000000f300f01df66b80500000066b900200000a90a000f01c40f019f09000f01c2", 0x6b}], 0x1, 0x7d, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0xfffffffffffffda6) write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000580)=""/133) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x89f1, &(0x7f0000000040)={'ip6tnl0\x00', @random='\a\x00\x00 \x00'}) ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f0000000100)={0xbc, 0x0, 0x4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m38.748747852s ago: executing program 5 (id=195): capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x13}) r0 = socket$netlink(0x10, 0x3, 0xb) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000300)=0x11, 0x4) 1m37.989904964s ago: executing program 5 (id=197): r0 = socket$inet_tcp(0x2, 0x1, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getsockopt$inet_opts(r0, 0x0, 0x9, 0x0, &(0x7f0000000080)) 1m34.309900047s ago: executing program 5 (id=200): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) getpid() sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000015640)=""/102400, 0x19000) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0xff00) 1m18.335890625s ago: executing program 37 (id=200): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) getpid() sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000015640)=""/102400, 0x19000) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0xff00) 38.336468043s ago: executing program 7 (id=307): open_tree(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x88801) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./bus\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYBLOB="00e0c6e4d9182ec69e599fd4d32ba9c5146fbc43a33914b2b1a5ce8843b193dc82dbc512b6fabfe6fbdd2a8bdeeda78e17b18f1b6e80c81cd67046e6a85e7160112d613e4c6dcab2404d58291ec130b9fd2785ce8dd5538f70998f2d50005813ba6c65cd3c25a8e730e1cd7b11cf7f6cc0fba6b670c64374abd09518ffba0c5eb2e602b1a64ac897fc6ce9bee1d70bef22f10c7776c2f5077cb1de63832b1bab15c6caf549a1cd58106494d92d1159033b2e27eceae339414a62aca9cf6a00c07e2a181dd9668a64b5eefc8e5ebc6564442a8d322e89a2fbbade22dc834cff72c09dc653db003038d250e81aee10888e78a3677d68cc60de6f7d361115e53becaa81ee364dd85d11c2e56a01b87e0b194b2a5d3115f3b257fa54acf273f953e6be39e5b67fcd3a564e71fdbdf8b4ef42c07a9525ae4d7c"], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==") r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f00000001c0)={0x0, 0x8001, 0xffff, 0xfffffffffffffffd, 0x9, 0x0, 0x2401}) 37.077143603s ago: executing program 7 (id=313): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x800) accept4$unix(r1, 0x0, 0x0, 0x0) 34.90920643s ago: executing program 7 (id=320): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x5, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x24008854) 34.097969401s ago: executing program 7 (id=322): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REGS(r2, 0x8090ae81, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000000000009a000040"]) 33.229730073s ago: executing program 7 (id=327): r0 = socket$can_bcm(0x1d, 0x2, 0x2) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000300)=""/189, 0xbd}, {0x0}], 0x2) connect$can_bcm(r0, &(0x7f0000000040), 0x10) sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000001bbb8389", @ANYRES64=0x0, @ANYRES64=0x2710], 0x80}}, 0x0) 32.393821437s ago: executing program 7 (id=330): mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0xffffffff, 0x248480) ioctl$SNDRV_PCM_IOCTL_READN_FRAMES(r0, 0x80184153, &(0x7f0000000600)={0x0, &(0x7f0000000400)}) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioperm(0x0, 0x3, 0x3f) clock_nanosleep(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), 0x0) bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe, 0x8000, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113140000000000bf1000000000000025000200091bb0ff3d030000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200001400000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 17.20804335s ago: executing program 38 (id=330): mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0xffffffff, 0x248480) ioctl$SNDRV_PCM_IOCTL_READN_FRAMES(r0, 0x80184153, &(0x7f0000000600)={0x0, &(0x7f0000000400)}) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioperm(0x0, 0x3, 0x3f) clock_nanosleep(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), 0x0) bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe, 0x8000, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113140000000000bf1000000000000025000200091bb0ff3d030000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200001400000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 15.269310015s ago: executing program 8 (id=386): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_REGS(r2, 0x8090ae81, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000098000040"]) 13.526723353s ago: executing program 8 (id=392): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f0000000340)=ANY=[@ANYRES64=r1, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRESOCT=r0, @ANYRES8, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd7b1f81b6637f549a77ac6cb621635f9c08b2615964a3c53b727df50d049dc7604020000009206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb6117ddcf2c4d9816c0600000000000000582979726babd8f2858effddbd5feee735edc939b2815ff57b3a280b363527cb3b60c3f5b98754559020e241f54368c56a2df83e23f5902e98008682ad", @ANYRES16=r0, @ANYRESOCT=r1], 0x1, 0x711, &(0x7f00000004c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWDlUvdUspOoQS0kPPwpZj4bUcJKXIpjRKH/cecuopPegWeijp3dCeGwIlPeoYKOTiS3VTmdmZ3VntaHdlW4+6v5+ZmW/me8w3/9mZ2YfFF8D/raXZqD+OJJZm395K13d3FlpjOwuTeXYrIiYiohZRj0jSTclaZLk38ym+GXlOadnn49XFd798svtVe62eT1n52qB6FSb6N23nUzQjYixf9hs/pMXPDu6+p71bh7Y3qqRzhGnArhSBiz8+U6vwzPb7bHfyPv1nNu+Uqah+lOsWOKOS9nMz173UZyKmI2Iqov3Uz+8OtZPv4fO1fdodAAAAgKNqHL3KS3uxF1tx7ji6AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+qfPz/JJ9qRboZSTH+/0S+LfL0GTR8IMQvJtvLx8ffGQAAAAAAAAA4dq/vxV5sxblifT/JfvN/o/Qb/zfig9iIlViPq7EVy7EZm7Ee8xExU2poYmt5c3N9PqsZcWFAzevxeUXN64f38WbvavI8jhsAAAAAAAAAzrCpIfn3xvu3/SaWur//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAWZBEjLUX2XShSM9ErR4RU0W57YjPI2LidHs7oslsnlRlPT7pvgAAAMAzmupdTaZGqPPSh7EXW3GuWN9Pss/8l7LPy1PxQazFZqzGZrRiJW7nn6HTT/213Z2F1u7Owv106m/3R18fqetZi9H+7qF6z69mJRpxJ1azLVfjViSxn6nlrby6u7OQLu9X9+ujtE/JD3MDejNWSt9OZ5c/y9J/6P0WoX6kQxzRwUZrh5acyXLHOxGZy/uW1jhfRKA6EkPPTn3gnuaj1vnm58LgPVXH/KPBe58+UKrym5tTcTAS16PWOUOXBkci4tt//fQXd1tr9+7e2Zg9O4dU6cOhJQ5GYqEUicsvUCSGm8sicbGzvhQ/jZ/HbHw9+U6sx2r8MpZjM1aaRf5y/npO5zODI/XFdHntnWE9Sa/JZuf+VdWnZvT0KZrxkyy1HG9k5/RcrEYSDyJiJd7K/l2P+c7doHuGL45w1ddGuNOWXPlOtuiEKRqHl/3zaE0+L2lcz5fiWr7nzmR55S3dKL1cGaXiWTf686ik/q08kbbw24HPh5N2MBLzpUi8ctjrpR3SP+2n843W2r31u8vvj7i/N/Nleh39fsBT4lge0wOlZ/jlmMoP7nw2T7Jrai7Le6XTqyJe/1qNmM/yLnRa6X3ipnkXO/XaV+rP4kHc7lypxfVyIxaz0pey0uN9T6w073Knpd57eJqXvtOqd37YKb/fehCt9vuhiO3/+ds2wIts+rvTE41/N/7R+KTxu8bdxttTP578/uRrEzH+9/Ef1OfG3qy9lvwlPolfdz//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT2/j4aN7y63Wynp1oladlQyutdzaLwYSG1CmJ5HkQ+WMUDjZePhof2iDgxOTefcOZv3naRt8+kQxWuPwws1j7EayffB8TQ0/F8UoTyPsIsmHqSy9tCLiqftc7Lm7ZfzET9zwRPPItZp9x5UnihdsqXD/q3dYolF1vsYioqrwkBvH2HO4+QCn6trm/fevbTx89L3V+8vvrby3sjZ+48bi3OKNtxau3Vltrcy156UKJz+qHnBMym8nOiYi4vXhdQcM1AoAAAAAAAAAAAAco5H/eGB7hD9QqUiMRc//LAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4sqXZqD+OJObnrs6l67s7C610KtLdkvWIqEVE8quI5G8RN6M9xUypueSw/Xy8uvjul092v+q2VS/K1yK2D603qM2u7XyKZkSM5ctn0NPereHtTXSTkxXZSeco0oBdKQIHp+2/AQAA//8oifHY") ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x41, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0, 0x44}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1000000000000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000c00)=""/245, 0xf5, 0x2, 0x0, 0x0) 12.265832986s ago: executing program 0 (id=396): syz_mount_image$hfsplus(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80000c, &(0x7f0000000000)=ANY=[], 0x1, 0x6f4, &(0x7f00000002c0)="$eJzs3c1r5OYZAPBH47E9dmHjTfajLYEMCaSlprv2Gqd1L92WUnwIJU0PPZtdb9bsrDfYTnFCqb1N/4AecuopPfi29FBS6HGhPTcESq4+Bgq55OTbFGmk+fB82hmvneT3M5Je6f3Qq0cjaTTCKIBvrNX5KNfr9b3V+dd30/nDg6XaxMHSdJ5di4ipiChFlBuTSDYjy72dD/GddGFePum3ng82Vt789IvDzxpz5XzIypcG1ethqnvRfj5ENSIm8mm3yT4tfnR89R3t3elsr18jAyTNLUwD9koRuPjLyZuCcap32W/mPflvNh5U/STHLXBBJY3rZpe5iNmIqEQ0rvr52aH0bHs3fvvn3QEAAAA4qZlhBbpv1587iqPYjUtn1SUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Osrf/5/kQ6lIVyMp3v8/lS+LPP2V9Ml0Y/r0vDsCAAAAAAAAAGPw0lEcxW5cKubrSfbM/+W2Z/zfindiO9ZjK27EbqzFTuzEVixGxFxbQ1O7azs7W4tZzYgrA2reio971LzVv4+3B2/CP399mg0HAAAAAAAAgIurMiT/wWT3sj/Gauv5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXARJxERjkg1XivRclMoRUYmIqbTcfsTHRfrCeX+619Kk18KnZ94ZAAAAGK9K52xSGaHOc3txFLtxqZivJ9k9/7XsfrkS78Rm7MRG7EQt1uNufg+d3vWXDg+WaocHSw/Tobvdn31+oq5nLUbjt4fea/52VmIm7sVGtuRG3Ikk6plS0fm9xvTh4UHSo1+P0z4lP80N6M1EW/puOrr+UZb+c+evCOUTbeIplfrmzGW5k82ILDxu1bhc7Jnee2jo3ikPXNNilJq//FwZvKbeMX88eO2zx0r1/OXmXByPxK0oNffQtcGRiPjeP5789n5t88H9e9vzF2eTetobWuJ4JJbaInH9axSJ4RaySFxtzq/GL+M3MR+fT78RW7ERv4u12In1apG/ln+e0/Hc4Eh9Mts+98awnqTHZLV5/urVp2p09Cmq8YsstRYvRxJzcSk2IolHEZPr8Vr2dysWm2eD1h6+OsJRXxrhTNum8v1s0gxTzPQv+7fRmhyXNK6X2+Lads7NjoPLHUtaUXq+Z5SKa93o16M25e/mibSF9wdeH56145FYbIvEC/0+L42Q/rWejrdrmw+27q+9PeL6Xs2nxaezx4mk/mW25/TSPfx8VPKNu5yN096ln44074VmrzvjNZU/cWkodeVdbdZrHKm/ikdxN9qP1B/FcizHSlb6WlZ6suuKleZdb7bUeQ5P89JvWuXmg53271uPotb4PgTAxTb7g9mpmf/N/Gfmw5k/zdyfeb3y8+kfT784FZP/nvxJeWHi1dKLyd/jw/hD6/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4ve1333uwVqutb/VOlHpnJYNrrdWKN/INKtORSPJX5YxQOBmpwcGJ6Xzzv2w7HYnqqRos3tY4vHB1fF3tSiT7+Q5rLqkM3xfZW572RtrLSVfA08qn7nPxfqkzisaYEtXxNVh8YAeVGXpUFm9W68iaiIhehYecOCbGdQYCzsvNnYdv39x+970fbjxce2v9rfXNyeXllYWV5deWbt7bqK0vNMZtFZ7Jy2+BZ6F10W9fWop4aXjdAS9qBQAAAAAAAAAAAM7Q8f/oOIv/hXhy3hsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfKWtzkf5aSSxuHBjIZ0/PFiqpUORbpUsR0QpIpLfRyT/irgdjSHm2ppL+q3ng42VNz/94vCzVlvlonwpYr9vvdHs50NUI2Iin46rvTvD25tqJad7ZCfNyKQBe6UIHJy3/wcAAP//vGfxGQ==") openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x3e, 0x0, 0x0) 11.628668587s ago: executing program 8 (id=399): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e0301000000000064050000000000006916300000000000bf07000000000000260507000fff0720670600001f000000470600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0500000000000000000021"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000100)=ANY=[@ANYBLOB="5000000008021100000108021100000008021100000000000000000000000000010001"], 0x54) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="d7"}]}, 0x24}}, 0x0) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000100)='./file1\x00', 0x4002, &(0x7f00000003c0)=ANY=[@ANYBLOB='longad,uid=', @ANYRESDEC=0x0, @ANYBLOB=',uid=forget,volume=00000000000000000003,shortad,gid=', @ANYRESDEC=0x0, @ANYBLOB=',session=18446744073709551489,gid=ignore,lastblock=0000001002,partition=18446744073709551612,undelete,\x00'], 0x2, 0xc30, &(0x7f0000002740)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcZy9S+mYhXOqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgpYzOxbcUWRNi2KEmV9Pjb13Z15b/a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/cvHU6fSwWwEAPEiXx7526oz7PwA8Vq74/38AAAAAAAAAAAAAADjoUhTxZKSYv7yeJqr3HfVL7b6bt8aHR7avdiRVNQ9V5cuf+ukzZ8996YWh89281J79gPr322fjtbErFxsvz92YX5heXJyeaozPtifnpqZ3fYS91t9qsDoBjRuv35y6dm2xceb5s3fsvjXwfv8TxwcuDD178plu2fHhkZGxzSL13vK1e25Ix04zPA5HEScjxXPf/1lqRUQRez8X9Qc79lsdqToxWHVifHik6shMuzW7VO4c7Z6IIqLRU6nZPUfbj0XU+h5oH3bWjFgum182eLDs3th8a6F1dWa6MdpaWGovtedmR1OntWV/GlHE+RSxEhFr/Xcfri+KqEWK7x5bT1cj4lD3PHyxmhi8czuKfezjLpTtbPRFrBSPwJgdYP1RxKuR4ufvnIjJfJ2prjVfiHi1zB9GvFXmSxGp/GKci3hvm+8Rj6ZaFPEX5fhfWE9T1fWge1259PXGV2evzfWU7V5XPuL94a4rxUO6PxzZkg/GAb821aOIVnXFX0/3/psdAAAAAAAAAAAAAAAAAO63I1HEZyLFK//+x9W84qjmpR+7MPQHA7/aO2f86Q85Tln2+YhYLnY3J/dwnhg4mkZTeshziR9n9SjiT/L8v28/7MYAAAAAAAAAAAAAAAAAAAA81or4aaR48d0TaSV61xRvz15vXGldnemsCttd+7e7ZvrGxsZGI3WymXMi53LOlZyrOddyRpHr52zmnMi5nHMl52rOtZxxKNfP2cw5kXM550rO1ZxrOaOW6+ds5pzIuZxzJedqzrWccUDW7gUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DgpoohfRorvfHM9RYqIZsREdHK1/2G3DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo9acifhApGn/YvL2tFhGp+rfjRPnLuWgeLvOT0Rwq86VoXszZqrLW/PZDaD9705eK+Emk6K+/fXvA8/j3dd7d/hrEW9/afPfZWicPdXcOvN//xPFjF4ZGfuPpnV6n7RoweKk9e/NWY3x4ZGSsZ3Mtf/one7YN5M8t7k/XiYjFN958vTUzM71w7y/Kr8Aeqj9CL1LtcempF9WLqB2IZjycvvMYKO//70WK3333P7o3/M79vx6/0nl3+w4fv/jTzfv/i1sPtMv7f21rvXz/L+/p293/n+zZ9mL+3UhfLaK+dGO+73hEffGNN0+2b7SuT1+fnj136tSXh4a+fPZU3+GI+rX2zHTPq/tyugAAAAAAAAAAAAAAAAAenFTEVyJF6yfrqRERt6r5WgMXhp49+cyhOFTNt7pj3vZrY1cuNl6euzG/ML24OD3VGJ9tT85NTe/24+rVdK/x4ZF96cyHOrLP7T9Sf3lu/o2F9vU/Wtp2/9H6xauLSwutye13x5EoIpq9WwarBo8Pj1SNnmm3Zquqo9tOpv/o+lIR/xkpJs810ufztjz/f+sM/zvm/y9vPdA+zf//RM+28jNTKuIXkeJ3/vLp+HzVzqNx1znL5f42Ugye/1wuF4fLct02dJ4r0JkZWJb930jxj7+8s2x3PuSTm2VP7/rEPiLK8T8WKX7w59+L38zb7nz+w/bjf3TrgfZp/J/q2Xb0jucV7Lnr5PE/GSleevLt+K287YOe/9F99saJXPj28zn2afw/1bNtIH/ub9+frgMAAAAAAAAAADzS+lIRfxcpfjRSSy/kbbv5+39TWw+0T3//69M926buz3pFH/pizycVAAAAAA6IvlTETyPF9aW3b8+hvnP+d8/8z9/bnP85nLbsrf6c79eq5wbczz//6zWQP3di790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66lPVPP5p3ZcT301Urzy38/lcul4Wa67DvxA9Wv98tzsyYszM3OTraXW1Znpxth8a3K6rPtUpFj/m8/lukW1vnp3vfnOGu+ba7EvRIqRv++W7azF3l2b/KnNsqfLsp+IFP/1D3eW7a5j/anNsmfKsn8dKb7xz9uXPb5Z9mxZ9nuR4sffaHTLHi3Ldp+P+unNss9PzhX7MCoAAAAAAAAAAAAAAAAAAAA8bvpSEX8WKf7nxsrtufx5/f++nreVt77Vs97/Freqdf4HqvX/d3p9L+v/V88VWN7pUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OMpRRFvRor5y+tptb9831G/1J69eWt8eGT7akdSVfNQVb78qZ8+c/bcl14YOt/ND65/v30mXhu7crHx8tyN+YXpxcXpqcb4bHtybmp610fYa/2tBqsT0Ljx+s2pa9cWG2eeP1ttPpx33xp4v/+J4wMXhp49+Uy37PjwyMhYzyFqfff86XdJO2w/HEX8VaR47vs/Sz/qjyhi7+fiQ747++1I1YnBqhPjwyNVR2bardmlcudo90QUEY2eSs3uOXoAY7EnzYjlsvllgwfL7o3NtxZaV2emG6OthaX2UntudjR1Wlv2pxFFnE8RKxGx1n/34fqiiNcjxXePrad/6Y841D0PX7w89rVTZ3ZuR7GPfdyFsp2NvoiV4hEYswOsP4r4p0jx83dOxL/2R9Si8xNfiHi1zB9GvBWd8U7lF+NcxHvbfI94NNWiiP8rx//Cenqnv7wedK8rl77e+Orstbmest3ryiN/f3iQdr42feWBtmMH9Sjix9UVfz39m/+uAQAAAAAAAAAAAAAAAA6QIn49Urz47olUzQ/Oc4qfynuvznSm9XXn/nXnTG9sbGw0UiebOSdyLudcybmacy1nFLl+zmaZ9Y2Nifx+OedKztWcaznjUK6fs5lzIudyzpWcqznXckYt18/ZzDmRcznnSs7VnGs5w7xiAAAAAAAAAAAAAAAAAABgHxTVPym+8831tNHfWV96Ijq5aj3Qj73/DwAA//8H5/Ye") open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)=0x7) syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000440), 0x0, 0x0) 8.556040103s ago: executing program 0 (id=401): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, 0x0, 0x0) 8.549425564s ago: executing program 8 (id=402): open(0x0, 0x14927e, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r2, 0x0, 0x0) setsockopt$sock_int(r2, 0x1, 0x8, 0x0, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000800)="6323f577b4329898c7415aaf5cec9be2cbc8d7c15f2204fd82b2cbd1c7303eabd7e194f82752c4d09b8d5e721257d2eae9e484561b92fa0000b4900aae6dcefa03c451992bf8fb99bf66a590063bcff131bdf465a048932bee71225b4f5ac4748bc7f6356befa0d113ad0a2a947e9a039cd321e1b5", 0x75, 0x7) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, 0x0, 0x0) r3 = dup(0xffffffffffffffff) write$UHID_INPUT(r3, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r4 = syz_io_uring_complete(0x0) poll(&(0x7f0000000040)=[{r4, 0x7140}, {r1, 0x248}, {r2, 0x40}], 0x3, 0x7) 6.86170738s ago: executing program 0 (id=403): ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18) syz_emit_ethernet(0xba, &(0x7f0000000240)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xac, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x24, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @dev, {[@cipso={0x86, 0x70, 0x0, [{0x0, 0xc, "e2ffb28c599d1681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x8, "e706d30bd224"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "24001100"/16}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x0, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0) 6.486698547s ago: executing program 3 (id=405): socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) unshare(0x26020480) timerfd_create(0x1, 0x80000) poll(0x0, 0x0, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) socket$packet(0x11, 0x2, 0x300) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00009200000000000000000000000058b200"}) syz_open_pts(r0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x7fffffff, 0xc000000}, 0x0, 0x0) 5.667453894s ago: executing program 9 (id=406): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="3183000000000000000080"], 0x14}, 0x1, 0x0, 0x0, 0xffffbfb1}, 0x0) 5.493238304s ago: executing program 9 (id=407): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000200)='./file0\x00', 0x2, &(0x7f0000000a80)=ANY=[], 0x1, 0x24a, &(0x7f0000001140)="$eJzs2s9rXFUUB/DzkkjHlHQi/qIB8aIb3TyarFwINkgLYkCpjaCC9NW86DCTmTBvCIxIm51b/wTX4tKdIMV9Nv4FXbjLJssuxCfODHUSItRWbdJ8Pps5cOfLuTN3ZjgDd//Nb7bam1W+WQxiJsti7nLsxr0sFmMmZmNsN16/9cbdlz746ON3V9fWrlxL6erq9eWVlNKFl3/65KvvX7kzOP/hDxd+PBd7i5/uH6z8uvfC3sX9369/0apSq0rd3iAV6WavNyhudsq00araeUrvd8qiKlOrW5X9Q+ubnd729jAV3Y2F+e1+WVWp6A5TuxymQS8N+sNUfF60uinP87QwH0RE42GD69/dq+s4qJ+6EXVdP/1tnL8TC3ejGdkzKXv2cvb8jezF3eziQV03jyRnH33XnAAPe/48GZz/2eb8z7apoa4RsfX1zvrO+vhxvL66Ga3oRBmXohm/xZ8fk4lxffWdtSuX0shipK3bk/ztnfXZw/nlWJq0rOvG/WqUXx7n0+H8uZifzq9EM547vv/KsflGvPbqVD6PZvzyWfSiExuj1n/lby2n9PZ7a0fyS6PnAQA8afJ037HzW57/3fo4/w/mwyPz1VwszT3e105ENfyyXXQ6Zf9sFNcm/2NPyn5OT/FzRPzHLRr/RouYiTgZ79gpLx73LxP/h6kvDgAAAAAAAAAAAKfIg94HfOtRrmQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyAPwIAAP//7Lnhxg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0) 5.244203437s ago: executing program 0 (id=408): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000004830000000000000fa40000007010000080020207500feff0000820095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 4.51376493s ago: executing program 9 (id=409): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000000)=0xffb) ioctl$KVM_RUN(r3, 0xae80, 0x0) 4.288040086s ago: executing program 3 (id=410): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4004, 0xfffffdfc, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4008094) 3.595705313s ago: executing program 8 (id=411): setresuid(0xee00, 0xee01, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) get_robust_list(r0, 0x0, 0x0) 3.241217709s ago: executing program 3 (id=412): fsopen(0x0, 0x0) 3.14821148s ago: executing program 9 (id=413): mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 2.80125867s ago: executing program 0 (id=414): mkdir(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4) rename(&(0x7f0000001800)='./file0\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 2.731969324s ago: executing program 9 (id=415): syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[], 0xfe, 0x7fd, &(0x7f0000000b40)="$eJzs3U9oHde5APBvZNmWlfdMyHv4GeM4EycPbHCUK9lREFkkN1cjeZKre8W9V8Hm8UjMsxyM5STEL1B7UceblpaWULroMsmim3ZVumkptNBC21Wh3XYXCHSRtLTQQktAZWbujSTrn/8odtr+fsKaMzNnzvnO0fV8Gkl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASBrTtdp4Es28tXAm3VxjutOe22L/oL2frFls0W9EUvyLkZE4WG06+J8ruw8Un47G4WrtcIwUi5G49sCBB5/5j+GhwfFbBLTThjfaeOXqtUvnlpYW37yHgXwGvvqjNavfHo1bnNnZrJV32/lcfTZL8247nZqcrD15eqabzuTNrHu228vm0kYnq/fanfRY43g6PjV1Ms3GzrYXWrPT9WaWDlcbn35iolabTF8Ym8/qnW679eQLY93G6bzZzFuz5YHF7qLO08UL8cW8l/ay+lyaXri4tHhybUj71gVZVBpfs+WT5dVrhx9/8MO3PvjTxcWJ7YY7UZuYGB+fmBifTCKiVhte2fDU1FNP12rDtZvEuhr39EXL59AOn8Hhzg318380I49WLMSZSDf8aMR0dKIdc7HyAl69v2+Q///7yd//aqt+31mV/6ssP3T44MruQ1Hm/yPV2pHN8n/V9569m8S88x/7Vo810rgSV+NaXIpzsRRLsRhvfia9JjvX1tDORjYbWbQij260I4+5qJdb0v6WNKZiMiajFi/H6ZiJbqQxE3k0I4tunI1u9CIrX1GN6EQW9ehFOzqRxrFoxPFIYzymYipORhpZjMXZaMdCtGI2pqNetnIhLpbzfvKmuA588ZUfvvrrD98tv1qDSuNbTfHbEWWlP25RaV0yl/+5bRHxs506fcNdWR7kfwAAAOCfVlL+9L24/t8dD5elmbyZ/c82Rw0Xn96+NxECAAAAd6v8zf/hYrG7KD0cSXH9X1tb6bu7709wAAAAwI5IyvfYJRExGo9UpcHbpdb+EOCR+xYiAAAAcJfK3/8fKRajEdfLDRtf/wMAAAD/sF76fr9w8z32PxjcY3dofm/y4z9Ep7M7OfXemceTy/WiXv3yruq4XdXNAFb0Zg4l0b+hYNnW5PC1B4r14UZ2OBncPPeTvdXy4/LzoZU21sbx3L5qa5IkRQA35jcKINYHsL8/ik8DKNfia/FoVefR89Xy/GBPNdrRmbyZjTXazWfGo17fP9TLzvTeeu3iF6Ic/ldac/uTuHBxaXHs/15fOl/GcqNo5cbl/njX3Udxi1iW+zMQD6+/u3HR1O7yjRj9fkerfmurxz90ZX9RGLqNPr8UR/+trHN0tKo7unb8I0Wf42ObjX60Gt/4upEPr39hVVGc7a/dFMVj1dbHjj1WLTaIYmKrKIq5mFgdRX8Sbm8uNowiHoyIdx+9fubPP28n2cntojh5l1EA3C8Xyrv+FFmoSkdVFvrbcqXI/53O7j2xJu9UB9zqWS4pe1n9JJ+/7F13J/9bz+5/Xd7ijH6sqnOs+n5i+NAGeaW2wRn9jYtv/KJ/Rj/1nW+9979Hfvm9O87rI4Mq+waFh376wFCUUezrR3Gtv6ezO/n6p5mkyqrvF9vf37TfbnMiKaZw1/9ffiMOXLl67YmLl8+9uvjq4msTEycna6dqtaeSpP/FWy6/Y5B7ANjA0ThSJfJNn7GzyVN4ym8Aqtx9aqur6l2RPPTpnxQUOfH1WIrzcWLwhoJHNu53dNWfIZyIo/1gN7pq3dMfSfWElxPbXFsWtat2J7atO7rq8TIr/usbn9XXAgDulaPb5OFN8/+qa/cT21x3r83lx6u6xwcRbFZ3vNj57L2dDQD415B1Pk5Ge19OOp18/uXxqanxeu90lnbajRfTTj49m6V5q5d1Yrjems3S+U671260m0XhpXw666bdhfn5dqeXzrQ76Xy7m58pn/ye9h/93s3m6q1e3ujON7N6N0sb7Vav3uil03m3kc4vPN/Mu6ezTnlwdz5r5DN5o97L2620217oNLKxNO1m2aqK+XTW6uUzeVFspfOdfK7euRERzYW5LJ3Ouo1OPt9rVw0O+spbM+3OXNns7/bf79kGgM+HK1evXTq3tLT45p0VfnsrlTfvfcSNhQHgPljJ0h/9+837/PAdAAAAAAAAAAAAAAA+H+7y/X/rC/t2tsGRreosX49YvytZXl6+jS72xTZ1BjcY3OGJuieFGzvSzlBsNM/3sPDNiNiiTrL5rleeffbSZi0/f/3g6VsLY/P/KQejLAxHRP+trm9/tOcH71R1nrujIQ/d/lG/2Xp+NissJ1vUub/nJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYyN8DAAD//2/QZoE=") open(&(0x7f00009e1000)='./file0\x00', 0x60c42, 0x8) 1.690987086s ago: executing program 9 (id=416): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000380)=""/138, 0x0}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x0, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 1.601625899s ago: executing program 3 (id=417): ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18) syz_emit_ethernet(0xae, &(0x7f0000000240)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xa0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x21, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @dev, {[@cipso={0x86, 0x63, 0x0, [{0x0, 0xc, "e2ffb28c599d1681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "24001100"/16}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x0, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0) 1.164748939s ago: executing program 0 (id=418): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40241, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x20000, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) pselect6(0x40, &(0x7f00000045c0)={0x0, 0x3, 0x0, 0x0, 0x0, 0x100000000000}, 0x0, &(0x7f0000004640)={0xf8}, 0x0, 0x0) ioctl$RTC_PIE_ON(r1, 0x7005) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000540), 0x0, 0x0, 0x0}) 884.027171ms ago: executing program 3 (id=419): r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r0], 0x0, 0x333, &(0x7f0000000440)="$eJzs3cFLG1kcwPFfYoxJRJPDsssuLD52L7uXQbN7XjYsCksDFTWlWiiMOmlDpolkgiWlVD31WnrvqdCDePQmtP4DXnprL7305qXQQz2UTslkRpNJojFGbc33A2Ve3nu/zJu8l/Kb0Rn3bz65l89aWlYvSzCiJCAiciCSkKB4Au426JTDUm9d/hz++ObX2fmFa6l0enJGqanU3F9JpdTo2Mv7D6Nut50h2Uvc3v+QfL/3497P+1/m7uYslbNUoVhWulosvivri6ahlnNWXlNq2jR0y1C5gmWUau3FWnvWLK6sVJReWB6JrZQMy1J6oaLyRkWVi6pcqij9jp4rKE3T1EhMcJLM5syMnuoyeKnHg8E5KZVS+oCIRJtaMpuXMiAAAHCp/Pl/sJrSd5X/y6iT/wckEBLx8v+t33bLwze2R938fyfcKv//+23tvRry/4iIdJP/P5NT5P/NGVF/OVP+j2/DWLipKtDwqpr/x9zvr2Pj1ta4UyD/BwAAAAAAAAAAAAAAAAAAAADge3Bg23HbtuPe1vt3dAuB+xpXUrv5HxKRSHX2beb/KpudX5CIc+NedY7Nx6uZ1Uxt63bYFRFTDBmXuHx21oOrWvbuPFJVCXllrrnxa6uZAacllZWcEz8hcUn442176v/05ISqceMPb1OK1ccnJS4/tI5PNsa7+w/LH7/XxWsSl9dLUhRTlp11fRT/aEKp/66nffFRpx8AAAAAAFeBpg61PH/XtHbttaeMpLLOZaI21wdq59fjLc/PQ/FfQpd99AAAAAAA9Aer8iCvm6ZROqYQlZP7dF8IddY57KsZPK7zQN0RdjqesHMhQ+Ssx/W8w0+1oeD9IkVDU8St7G483vH3bL7W62uC0kFUyD/4sWqFOuXeN9wDOazxLhuF23zOMt38PsFjVsJgz9bzT09ffOrdF+SfbW8FNDYFWnTe6HZfEf+qcwqD5/3/DgAAAICLd5T0ezX/1jfX/SER98f6axc7PgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+sG5PNLPV/Dvk0cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoF99DQAA//9tIP7y") syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="040ed7e54e20"], 0x7) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYRES32=r2], 0x24}}, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0) 577.827052ms ago: executing program 8 (id=420): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nls={'nls', 0x3d, 'cp437'}}]}, 0x1, 0x5d4, &(0x7f0000001980)="$eJzs3cFvHFcdB/DvbGLHDlK6SZOmICSscgA1IlnvRiZISEApyEIVqsSlVyvZ1FY2aWRvkdsDCohz+y+Ugzlz4ISClANn/gWjHhHcfQua2Vl7k2xdu3a96/D5SG/fe/tm3vzeL7OjmbWiDfB/a/m9zDxJkeVr72yW/e2tTm97q3N/2E5yLkkjmUtSlG//NcnnyaMMSr45HBipX1B8unx79fEnVwe9ubpU2xf77Xcwu7E0B7FW9XHN1z7yfHsrXEhyqa5h4p4O/Wvs8BE/lwDANCuSM+Pebybn65v18jlgcFc8uMc+1R5NOgAAAAA4Aa/sZCebuTDpOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA0qX//v6hLY9heSDH8/f/Z+r3U7VPtyaQDAAAAAAAAAIBj8J2d7GQzF4b9p0X1N/83qs7l6vUb+TAb6WY917OZlfTTz3oWkzRHJprdXOn31xcPsGd77J7tk1kvAAAAAAAAALyk/pDlvb//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANCiSM4OqKpeH7WYaZ5PMJZktt3uUPB62T7Mnkw4AAAAATsArO9nJZi4M+0+L6pn/teq5fy4f5kH6WUs/vXRzp/ouYPDU39je6vS2tzr3y/LivD/776HCqGbM4LuH8UduVVtc2d1jOb/Mb3ItC3k361nLb7OSfrpZyNtVayVFmvW3F81hnOPj/ekzvXe/LNbXq0jmczdrVWzXczsfpJc7aVRrqLbZ/4i/L7NT/KR2wBzdqetyRb+q6+nQrDIys5uRVp37MhsX98/EIc+T54+0mMbud1CXv4acn6/rMtdvT3XO2yNn32v7ZyJptf8zXMm16VnSV/R8Jjojmbh6gEw8XO09uLd6d+P0Z2K2zsbgKnq4q+Ub1b4XspZf54PcSTe30sqtLOVmOlnKj7I0ktcrB/isNQ73Wfvu9+vGTJJf1PV0KPN6cSSvo1e6ZjU2+s5eli4d/xXp7LfqRnmyvjV1V6SLz12bh5l4df9M/Olp+brRe3BvfXXl4QGP9726LjPw86nKRHm+XCr/sares2dHOfbq2LHFauzy7ljjhbEru2Nf9kmdre/hXpypXY1dHTvWqcZeHxkbd5cDwNQ7/+b52fl/z/9z/rP5P86vzr8z99a5W+e+PZuZf5z925m/NP7c+HHxZj7L7/ae/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK9u46OP7630et11DY1T15iZjjBeysakr0zA1+1G//7DGxsfffyDtfsr73ff7z64ubjUvnmztfTDWzfurvW6rcHrpMMEAI7R3k3/pCMBAAAAAAAAAAAAAAC+yEn8d+JJrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHi5Lb+XmScpsti63ir721udXlmG7b0t55IUZePvST5PHmVQ0hyZrvii4xSfLt9effzJ1b255obbV2XmSKt4JpbGczEddb72kecrdjOzkORSXcPE/S8AAP//njD/fg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdir(&(0x7f00000002c0)='./bus\x00', 0x0) rmdir(&(0x7f00000000c0)='./bus/file0\x00') renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000080)='./bus/file0\x00', 0x1) 0s ago: executing program 3 (id=421): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = open(&(0x7f0000000040)='./bus\x00', 0x145542, 0x0) fgetxattr(r2, &(0x7f00000001c0)=@known='security.selinux\x00', 0x0, 0x0) kernel console output (not intermixed with test programs): family 0 port 6081 - 0 [ 237.521412][ T5792] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.532171][ T5792] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.541207][ T5792] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.943872][ T4334] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.952013][ T4334] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.166224][ T3651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.175317][ T3651] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.468303][ T5804] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 241.222574][ T4531] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.230668][ T4531] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.466750][ T4531] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.474967][ T4531] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.577833][ T3651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.586143][ T3651] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.602045][ T4596] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.610137][ T4596] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.012166][ T4596] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.020149][ T4596] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.293549][ T5976] warning: `syz.2.6' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 242.355298][ T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.364746][ T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.754735][ T5982] loop1: detected capacity change from 0 to 512 [ 242.805271][ T29] audit: type=1326 audit(1731902319.603:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5981 comm="syz.2.7" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x0 [ 242.972597][ T4596] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.980678][ T4596] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.050295][ T4531] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 243.060794][ T4531] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.504574][ T5982] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.519014][ T5982] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 243.813140][ T5796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.239327][ T6014] loop2: detected capacity change from 0 to 256 [ 246.279076][ T6014] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 246.820673][ T6014] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 246.833238][ T6014] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 246.841119][ T6014] UDF-fs: Scanning with blocksize 512 failed [ 247.104243][ T6014] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 247.277313][ T6014] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 248.189948][ T5863] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 248.353019][ T5863] usb 5-1: Using ep0 maxpacket: 16 [ 248.394013][ T5863] usb 5-1: config 0 has an invalid interface number: 248 but max is 0 [ 248.402709][ T5863] usb 5-1: config 0 has no interface number 0 [ 248.451029][ T5863] usb 5-1: New USB device found, idVendor=05f9, idProduct=4002, bcdDevice=f1.ae [ 248.460787][ T5863] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 248.484614][ T5863] usb 5-1: Product: syz [ 248.489039][ T5863] usb 5-1: Manufacturer: syz [ 248.502899][ T5863] usb 5-1: SerialNumber: syz [ 248.573468][ T6040] netlink: 4 bytes leftover after parsing attributes in process `syz.2.22'. [ 248.595451][ T5863] usb 5-1: config 0 descriptor?? [ 248.624130][ T5863] hub 5-1:0.248: bad descriptor, ignoring hub [ 248.630516][ T5863] hub 5-1:0.248: probe with driver hub failed with error -5 [ 248.852984][ T5844] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 249.012496][ T6031] loop4: detected capacity change from 0 to 1024 [ 249.062282][ T5844] usb 1-1: Using ep0 maxpacket: 16 [ 249.115459][ T5844] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 249.183893][ T6031] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 249.218282][ T5844] usb 1-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 249.227976][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.228124][ T5844] usb 1-1: Product: syz [ 249.228231][ T5844] usb 1-1: Manufacturer: syz [ 249.228336][ T5844] usb 1-1: SerialNumber: syz [ 249.432773][ T5846] usb 5-1: USB disconnect, device number 2 [ 249.453654][ T29] audit: type=1326 audit(1731902326.283:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.26" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 249.476081][ T29] audit: type=1326 audit(1731902326.283:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.26" exe="/root/syz-executor" sig=0 arch=40000003 syscall=264 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 249.498398][ T29] audit: type=1326 audit(1731902326.283:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.26" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 249.674117][ T5844] usb 1-1: config 0 descriptor?? [ 249.700456][ T29] audit: type=1326 audit(1731902326.463:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.26" exe="/root/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 249.727230][ T29] audit: type=1326 audit(1731902326.463:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.26" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 249.755028][ T29] audit: type=1326 audit(1731902326.463:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6046 comm="syz.2.26" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 250.571178][ T5844] usb 1-1: Found UVC 0.00 device syz (045e:0721) [ 250.579389][ T5844] usb 1-1: No valid video chain found. [ 250.604817][ T5844] usb 1-1: USB disconnect, device number 2 [ 250.795160][ T6057] loop2: detected capacity change from 0 to 1024 [ 250.870896][ T6057] EXT4-fs: Ignoring removed orlov option [ 250.877415][ T6057] EXT4-fs: Ignoring removed nobh option [ 251.074079][ T6057] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.279753][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.655227][ T6082] loop2: detected capacity change from 0 to 2048 [ 254.179269][ T6082] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.312219][ T29] audit: type=1326 audit(1731902331.153:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6091 comm="syz.0.41" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 254.448257][ T6090] loop3: detected capacity change from 0 to 2048 [ 254.553966][ T6090] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 254.565770][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.611237][ T6090] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 254.612908][ T6099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.44'. [ 254.663344][ T6099] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 254.717690][ T6090] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field [ 254.760612][ T5846] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 254.932929][ T5846] usb 1-1: Using ep0 maxpacket: 16 [ 255.036365][ T5846] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.050980][ T5846] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.062417][ T5846] usb 1-1: New USB device found, idVendor=046d, idProduct=c091, bcdDevice= 0.00 [ 255.068430][ T6099] loop1: detected capacity change from 0 to 2048 [ 255.071930][ T5846] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.091229][ T6099] udf: Bad value for 'session' [ 255.731987][ T6110] loop4: detected capacity change from 0 to 2048 [ 255.741331][ T6110] ======================================================= [ 255.741331][ T6110] WARNING: The mand mount option has been deprecated and [ 255.741331][ T6110] and is ignored by this kernel. Remove the mand [ 255.741331][ T6110] option from the mount to silence this warning. [ 255.741331][ T6110] ======================================================= [ 255.781193][ T6110] udf: Bad value for 'anchor' [ 257.374754][ T5846] usbhid 1-1:32.0: can't add hid device: -71 [ 257.381479][ T5846] usbhid 1-1:32.0: probe with driver usbhid failed with error -71 [ 257.405154][ T5846] usb 1-1: USB disconnect, device number 3 [ 258.102980][ T5844] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 258.183308][ T29] audit: type=1326 audit(1731902335.043:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 258.284294][ T29] audit: type=1326 audit(1731902335.123:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 258.306701][ T29] audit: type=1326 audit(1731902335.123:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=40000003 syscall=334 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 258.331579][ T29] audit: type=1326 audit(1731902335.123:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 258.354613][ T29] audit: type=1326 audit(1731902335.133:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 258.522853][ T5844] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 258.533660][ T5844] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 258.543162][ T5844] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 258.552571][ T5844] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.742785][ T29] audit: type=1326 audit(1731902335.233:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 258.765228][ T29] audit: type=1326 audit(1731902335.233:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 258.789034][ T29] audit: type=1326 audit(1731902335.233:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.54" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 258.894523][ T5844] usb 4-1: config 0 descriptor?? [ 259.209469][ T6127] loop0: detected capacity change from 0 to 512 [ 259.885797][ T6127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.899330][ T6127] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.977861][ T5844] usb 4-1: Direct firmware load for ar3k/ramps_0xaee71267_40.dfu failed with error -2 [ 259.992389][ T5844] usb 4-1: Falling back to sysfs fallback for: ar3k/ramps_0xaee71267_40.dfu [ 260.007179][ T6140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.57'. [ 260.132931][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.705540][ T6146] netlink: 4 bytes leftover after parsing attributes in process `syz.0.61'. [ 260.770599][ T6146] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 261.158069][ T6146] loop0: detected capacity change from 0 to 2048 [ 261.167647][ T6146] udf: Bad value for 'session' [ 261.523467][ T6157] loop1: detected capacity change from 0 to 512 [ 261.532792][ T6157] ext4: Unknown parameter 'noacl' [ 261.742354][ T5846] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 261.912784][ T5846] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 261.923521][ T5846] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 261.933217][ T5846] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 261.998408][ T5846] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 262.011303][ T5846] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.020868][ T5846] usb 5-1: Product: syz [ 262.025484][ T5846] usb 5-1: Manufacturer: syz [ 262.030322][ T5846] usb 5-1: SerialNumber: syz [ 262.293064][ T29] audit: type=1326 audit(1731902339.113:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6156 comm="syz.1.65" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7fc00000 [ 262.326523][ T5846] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found [ 262.333996][ T5846] cdc_ncm 5-1:1.0: bind() failure [ 262.433458][ T5846] usb 5-1: USB disconnect, device number 3 [ 263.976805][ T6166] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 264.487843][ T6176] loop3: detected capacity change from 0 to 1024 [ 264.526285][ T6176] Bluetooth: MGMT ver 1.23 [ 264.992092][ T5863] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 265.163337][ T5863] usb 3-1: Using ep0 maxpacket: 8 [ 265.188542][ T5863] usb 3-1: unable to get BOS descriptor or descriptor too short [ 265.254564][ T5863] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 265.263658][ T5863] usb 3-1: config 1 has an invalid descriptor of length 164, skipping remainder of the config [ 265.274420][ T5863] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 265.286170][ T5863] usb 3-1: config 1 has no interface number 1 [ 265.293168][ T5863] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 265.306441][ T5863] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x2 has an invalid bInterval 189, changing to 11 [ 265.318015][ T5863] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x2 has invalid maxpacket 32903, setting to 1024 [ 265.489619][ T6189] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.515228][ T5863] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 265.524942][ T5863] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.533901][ T5863] usb 3-1: Product: syz [ 265.538313][ T5863] usb 3-1: Manufacturer: syz [ 265.543327][ T5863] usb 3-1: SerialNumber: syz [ 265.894409][ T5863] usb 3-1: USB disconnect, device number 2 [ 266.159857][ T6196] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.81'. [ 266.320929][ T5967] udevd[5967]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 266.407242][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 268.343808][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 268.503693][ T6217] netlink: 208 bytes leftover after parsing attributes in process `syz.0.89'. [ 268.553455][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 269.350285][ T6227] loop0: detected capacity change from 0 to 1024 [ 269.438101][ T6227] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 269.469576][ T6231] netlink: 4 bytes leftover after parsing attributes in process `syz.3.93'. [ 269.875856][ T5799] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.322415][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 272.425636][ T6252] netlink: 4 bytes leftover after parsing attributes in process `syz.4.102'. [ 272.447738][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 272.510101][ T6254] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 272.550521][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 272.980127][ T6251] loop4: detected capacity change from 0 to 2048 [ 272.989944][ T6251] udf: Bad value for 'session' [ 273.208184][ T6258] loop0: detected capacity change from 0 to 256 [ 273.364138][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 273.376043][ T0] NOHZ tick-stop error: local softirq work is pending, handler #50!!! [ 273.429123][ T6258] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 273.472585][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 273.481309][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 273.702012][ T6258] loop0: detected capacity change from 256 to 0 [ 273.758845][ T6261] syz.0.104: attempt to access beyond end of device [ 273.758845][ T6261] loop0: rw=524288, sector=160, nr_sectors = 1 limit=0 [ 273.773348][ T6261] syz.0.104: attempt to access beyond end of device [ 273.773348][ T6261] loop0: rw=524288, sector=161, nr_sectors = 1 limit=0 [ 273.790741][ T6261] syz.0.104: attempt to access beyond end of device [ 273.790741][ T6261] loop0: rw=524288, sector=162, nr_sectors = 1 limit=0 [ 273.806222][ T6261] syz.0.104: attempt to access beyond end of device [ 273.806222][ T6261] loop0: rw=524288, sector=163, nr_sectors = 1 limit=0 [ 273.820043][ T6261] syz.0.104: attempt to access beyond end of device [ 273.820043][ T6261] loop0: rw=524288, sector=164, nr_sectors = 1 limit=0 [ 273.834002][ T6261] syz.0.104: attempt to access beyond end of device [ 273.834002][ T6261] loop0: rw=524288, sector=165, nr_sectors = 1 limit=0 [ 273.847850][ T6261] syz.0.104: attempt to access beyond end of device [ 273.847850][ T6261] loop0: rw=524288, sector=166, nr_sectors = 1 limit=0 [ 273.861909][ T6261] syz.0.104: attempt to access beyond end of device [ 273.861909][ T6261] loop0: rw=524288, sector=167, nr_sectors = 1 limit=0 [ 273.875735][ T6261] syz.0.104: attempt to access beyond end of device [ 273.875735][ T6261] loop0: rw=0, sector=160, nr_sectors = 1 limit=0 [ 273.965317][ T6258] syz.0.104: attempt to access beyond end of device [ 273.965317][ T6258] loop0: rw=524288, sector=160, nr_sectors = 1 limit=0 [ 274.640973][ T5799] Buffer I/O error on dev loop0, logical block 0, lost sync page write [ 274.876458][ T6265] loop4: detected capacity change from 0 to 512 [ 274.963132][ T6265] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 275.335933][ T34] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.679973][ T34] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.774089][ T6265] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 275.787395][ T6265] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 276.846268][ T5790] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 276.868679][ T34] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.930635][ T5790] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 276.963320][ T5790] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 277.092685][ T5790] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 277.128341][ T34] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.173769][ T5790] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 277.202963][ T5790] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 277.802938][ T34] bridge_slave_1: left allmulticast mode [ 277.808775][ T34] bridge_slave_1: left promiscuous mode [ 277.815316][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.908246][ T34] bridge_slave_0: left allmulticast mode [ 277.914471][ T34] bridge_slave_0: left promiscuous mode [ 277.921025][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 278.554330][ T5792] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.663198][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 278.874565][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 278.988547][ T34] bond0 (unregistering): Released all slaves [ 279.342084][ T5790] Bluetooth: hci3: command tx timeout [ 279.965314][ T34] hsr_slave_0: left promiscuous mode [ 280.021597][ T34] hsr_slave_1: left promiscuous mode [ 280.064584][ T6291] loop3: detected capacity change from 0 to 2048 [ 280.083358][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 280.091116][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 280.108461][ T6291] udf: Bad value for 'anchor' [ 280.194712][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 280.203691][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 280.373694][ T34] veth1_macvtap: left promiscuous mode [ 280.379493][ T34] veth0_macvtap: left promiscuous mode [ 280.385718][ T34] veth1_vlan: left promiscuous mode [ 280.391288][ T34] veth0_vlan: left promiscuous mode [ 280.494911][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.501918][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 281.437666][ T5790] Bluetooth: hci3: command tx timeout [ 281.698519][ T5793] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 281.707363][ T5793] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 281.719466][ T5793] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 281.733540][ T5793] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 281.752756][ T5793] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 281.762413][ T5793] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 282.100004][ T6307] loop3: detected capacity change from 0 to 512 [ 282.194455][ T6307] EXT4-fs: Ignoring removed nobh option [ 282.200310][ T6307] EXT4-fs: Ignoring removed nobh option [ 282.507796][ T6307] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 282.508748][ T34] team0 (unregistering): Port device team_slave_1 removed [ 282.516685][ T6307] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.119: invalid indirect mapped block 2683928664 (level 1) [ 282.545726][ T34] team0 (unregistering): Port device team_slave_0 removed [ 282.717689][ T6272] chnl_net:caif_netlink_parms(): no params data found [ 282.793045][ T6307] EXT4-fs (loop3): 1 truncate cleaned up [ 282.800509][ T6307] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.553282][ T5793] Bluetooth: hci3: command tx timeout [ 283.750686][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.839447][ T5793] Bluetooth: hci5: command tx timeout [ 284.372710][ T6303] chnl_net:caif_netlink_parms(): no params data found [ 284.612754][ T5790] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 284.634104][ T5790] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 284.648521][ T5790] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 284.659921][ T5790] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 284.669869][ T5790] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 284.678350][ T5790] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 286.827199][ T5793] Bluetooth: hci3: command tx timeout [ 286.832977][ T5790] Bluetooth: hci5: command tx timeout [ 286.838488][ T5790] Bluetooth: hci6: command tx timeout [ 287.405999][ T6272] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.414579][ T6272] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.422689][ T6272] bridge_slave_0: entered allmulticast mode [ 287.431851][ T6272] bridge_slave_0: entered promiscuous mode [ 287.508026][ T6272] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.515872][ T6272] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.523897][ T6272] bridge_slave_1: entered allmulticast mode [ 287.533041][ T6272] bridge_slave_1: entered promiscuous mode [ 287.742114][ T6328] chnl_net:caif_netlink_parms(): no params data found [ 287.825307][ T6272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 287.968548][ T6272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 288.665837][ T6272] team0: Port device team_slave_0 added [ 288.694247][ T6303] bridge0: port 1(bridge_slave_0) entered blocking state [ 288.702040][ T6303] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.709765][ T6303] bridge_slave_0: entered allmulticast mode [ 288.718168][ T6303] bridge_slave_0: entered promiscuous mode [ 288.859154][ T6272] team0: Port device team_slave_1 added [ 288.862871][ T51] Bluetooth: hci6: command tx timeout [ 288.870543][ T5790] Bluetooth: hci5: command tx timeout [ 288.889535][ T6358] loop4: detected capacity change from 0 to 1024 [ 288.965553][ T6303] bridge0: port 2(bridge_slave_1) entered blocking state [ 288.973483][ T6303] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.983227][ T6303] bridge_slave_1: entered allmulticast mode [ 288.992565][ T6303] bridge_slave_1: entered promiscuous mode [ 289.085361][ T6358] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 289.095479][ T6358] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 289.180027][ T6358] jbd2_journal_init_inode: Cannot locate journal superblock [ 289.190125][ T6358] EXT4-fs (loop4): Could not load journal inode [ 289.466956][ T6303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 289.574859][ T6272] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 289.582222][ T6272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 289.608430][ T6272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 289.629506][ T6303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 289.797903][ T6303] team0: Port device team_slave_0 added [ 289.821344][ T6303] team0: Port device team_slave_1 added [ 290.124476][ T6272] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 290.131849][ T6272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.158964][ T6272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 290.341530][ T6303] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 290.348952][ T6303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.377563][ T6303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 290.813654][ T6303] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 290.820858][ T6303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.847285][ T6303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 290.896584][ T5863] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 290.945677][ T51] Bluetooth: hci6: command tx timeout [ 290.951527][ T5790] Bluetooth: hci5: command tx timeout [ 291.081138][ T5863] usb 5-1: config 0 has no interfaces? [ 291.114268][ T5863] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 291.125557][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=2 [ 291.134013][ T5863] usb 5-1: SerialNumber: syz [ 291.261208][ T5863] usb 5-1: config 0 descriptor?? [ 291.301258][ T6328] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.310404][ T6328] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.318354][ T6328] bridge_slave_0: entered allmulticast mode [ 291.327206][ T6328] bridge_slave_0: entered promiscuous mode [ 291.682243][ T6272] hsr_slave_0: entered promiscuous mode [ 291.714802][ T5846] usb 5-1: USB disconnect, device number 4 [ 291.769124][ T6272] hsr_slave_1: entered promiscuous mode [ 291.812089][ T6272] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 291.820007][ T6272] Cannot create hsr debugfs directory [ 291.827700][ T6328] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.835932][ T6328] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.844421][ T6328] bridge_slave_1: entered allmulticast mode [ 291.852656][ T6328] bridge_slave_1: entered promiscuous mode [ 291.973847][ T6303] hsr_slave_0: entered promiscuous mode [ 291.986625][ T6303] hsr_slave_1: entered promiscuous mode [ 292.062995][ T6303] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 292.070929][ T6303] Cannot create hsr debugfs directory [ 292.481591][ T6328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 292.817183][ T6328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 293.023927][ T51] Bluetooth: hci6: command tx timeout [ 293.316997][ T6328] team0: Port device team_slave_0 added [ 293.343707][ T6328] team0: Port device team_slave_1 added [ 293.502018][ T6393] dccp_invalid_packet: pskb_may_pull failed [ 293.748900][ T6328] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 293.756165][ T6328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.782420][ T6328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 293.935086][ T6328] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 293.943320][ T6328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.972129][ T6328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 294.377691][ T6272] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 294.470940][ T6272] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 294.504461][ T6328] hsr_slave_0: entered promiscuous mode [ 294.577836][ T6328] hsr_slave_1: entered promiscuous mode [ 294.641514][ T6328] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 294.649472][ T6328] Cannot create hsr debugfs directory [ 294.729422][ T6303] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 294.784523][ T6272] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 294.992439][ T6303] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 295.067126][ T6272] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 295.130148][ T6303] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 295.423501][ T6303] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 296.524757][ T6272] 8021q: adding VLAN 0 to HW filter on device bond0 [ 296.725763][ T6328] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 296.846143][ T6272] 8021q: adding VLAN 0 to HW filter on device team0 [ 296.913682][ T6328] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 297.082919][ T6328] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 297.133888][ T4026] bridge0: port 1(bridge_slave_0) entered blocking state [ 297.141545][ T4026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 297.198436][ T6328] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 297.314953][ T4026] bridge0: port 2(bridge_slave_1) entered blocking state [ 297.315544][ T4026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 297.389900][ T6303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.054665][ T6303] 8021q: adding VLAN 0 to HW filter on device team0 [ 298.177618][ T78] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.185422][ T78] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.203590][ T78] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.211502][ T78] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.942709][ T6328] 8021q: adding VLAN 0 to HW filter on device bond0 [ 299.086516][ T6328] 8021q: adding VLAN 0 to HW filter on device team0 [ 299.169531][ T78] bridge0: port 1(bridge_slave_0) entered blocking state [ 299.177371][ T78] bridge0: port 1(bridge_slave_0) entered forwarding state [ 299.294839][ T4596] bridge0: port 2(bridge_slave_1) entered blocking state [ 299.302613][ T4596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 300.743825][ T6272] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 301.865779][ T6303] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 302.237944][ T6440] netlink: 4 bytes leftover after parsing attributes in process `syz.3.139'. [ 302.469787][ T6328] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 303.607087][ T4869] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 303.895798][ T4869] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.110659][ T4869] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.415132][ T4869] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.099214][ T6272] veth0_vlan: entered promiscuous mode [ 305.115357][ T4869] bridge_slave_1: left allmulticast mode [ 305.121264][ T4869] bridge_slave_1: left promiscuous mode [ 305.128128][ T4869] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.202551][ T4869] bridge_slave_0: left allmulticast mode [ 305.208457][ T4869] bridge_slave_0: left promiscuous mode [ 305.220478][ T4869] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.059689][ T4869] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 306.122329][ T4869] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 306.186437][ T4869] bond0 (unregistering): Released all slaves [ 306.406761][ T6272] veth1_vlan: entered promiscuous mode [ 306.873919][ T4869] hsr_slave_0: left promiscuous mode [ 306.895240][ T4869] hsr_slave_1: left promiscuous mode [ 306.913368][ T4869] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 306.921231][ T4869] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 306.955481][ T4869] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 306.963391][ T4869] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 307.024879][ T4869] veth1_macvtap: left promiscuous mode [ 307.030697][ T4869] veth0_macvtap: left promiscuous mode [ 307.037183][ T4869] veth1_vlan: left promiscuous mode [ 307.043072][ T4869] veth0_vlan: left promiscuous mode [ 308.116877][ T4869] team0 (unregistering): Port device team_slave_1 removed [ 308.155042][ T4869] team0 (unregistering): Port device team_slave_0 removed [ 308.540963][ T6303] veth0_vlan: entered promiscuous mode [ 308.763875][ T6303] veth1_vlan: entered promiscuous mode [ 308.821168][ T6272] veth0_macvtap: entered promiscuous mode [ 308.866764][ T6272] veth1_macvtap: entered promiscuous mode [ 308.984162][ T6328] veth0_vlan: entered promiscuous mode [ 309.054769][ T6485] netlink: 12 bytes leftover after parsing attributes in process `syz.3.143'. [ 309.149008][ T6328] veth1_vlan: entered promiscuous mode [ 309.163295][ T6272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.174166][ T6272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.184387][ T6272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.195257][ T6272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.205473][ T6272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.217130][ T6272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.232142][ T6272] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 309.337791][ T6485] netlink: 300 bytes leftover after parsing attributes in process `syz.3.143'. [ 309.348217][ T6485] netlink: 296 bytes leftover after parsing attributes in process `syz.3.143'. [ 309.360042][ T6485] unsupported nlmsg_type 40 [ 309.402939][ T6303] veth0_macvtap: entered promiscuous mode [ 309.416250][ T6485] hub 6-0:1.0: USB hub found [ 309.484564][ T6485] hub 6-0:1.0: 1 port detected [ 309.560343][ T4869] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.642595][ T6303] veth1_macvtap: entered promiscuous mode [ 309.674958][ T6272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.686731][ T6272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.698487][ T6272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.710333][ T6272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.721168][ T6272] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.732155][ T6272] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.747070][ T6272] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 309.749856][ T6489] loop4: detected capacity change from 0 to 1024 [ 309.812595][ T6489] EXT4-fs: Ignoring removed orlov option [ 309.818615][ T6489] EXT4-fs: Ignoring removed nomblk_io_submit option [ 309.876888][ T4869] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.054134][ T6489] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 310.097215][ T4869] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.214840][ T29] audit: type=1800 audit(1731902387.074:19): pid=6489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.146" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 310.233253][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.246717][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.256833][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.267635][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.277840][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.288595][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.298793][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.309679][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.324741][ T6303] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 310.376818][ T4869] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.399491][ T6489] loop4: detected capacity change from 1024 to 64 [ 310.446091][ T6328] veth0_macvtap: entered promiscuous mode [ 310.459800][ T6496] bio_check_eod: 19 callbacks suppressed [ 310.459876][ T6496] syz.4.146: attempt to access beyond end of device [ 310.459876][ T6496] loop4: rw=524288, sector=192, nr_sectors = 18 limit=64 [ 310.480282][ T6496] syz.4.146: attempt to access beyond end of device [ 310.480282][ T6496] loop4: rw=0, sector=192, nr_sectors = 8 limit=64 [ 310.522819][ T29] audit: type=1800 audit(1731902387.354:20): pid=6496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.146" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 310.525501][ T6328] veth1_macvtap: entered promiscuous mode [ 310.579094][ T6272] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.588345][ T6272] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.597557][ T6272] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.606771][ T6272] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.659027][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.670137][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.680470][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.682444][ T6489] syz.4.146: attempt to access beyond end of device [ 310.682444][ T6489] loop4: rw=0, sector=192, nr_sectors = 2 limit=64 [ 310.691141][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.714480][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.725433][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.736315][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.747686][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.762706][ T6303] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 311.013251][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.024705][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.034981][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.045774][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.056605][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.067396][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.077672][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.088459][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.098690][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.109501][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.124853][ T6328] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 311.200673][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.213685][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.225947][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.237359][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.247521][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.258972][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.269417][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.280310][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.290458][ T6328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.301300][ T6328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.316216][ T6328] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 311.352172][ T6303] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.365456][ T6303] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.375834][ T6303] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.385003][ T6303] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.499002][ T6328] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.508249][ T6328] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.517523][ T6328] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.526762][ T6328] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.677990][ T4869] bridge_slave_1: left allmulticast mode [ 311.685219][ T4869] bridge_slave_1: left promiscuous mode [ 311.691903][ T4869] bridge0: port 2(bridge_slave_1) entered disabled state [ 311.770543][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 311.859105][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 311.877605][ T4869] bridge_slave_0: left allmulticast mode [ 311.883743][ T4869] bridge_slave_0: left promiscuous mode [ 311.890338][ T4869] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.929954][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 311.953711][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 311.986491][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 312.015703][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 312.083816][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 312.144186][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 312.391063][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 312.436380][ T5792] EXT4-fs warning (device loop4): ext4_empty_dir:3090: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 313.389463][ T4869] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 313.459620][ T4869] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 313.523274][ T4869] bond0 (unregistering): Released all slaves [ 313.803732][ T6338] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.965484][ T6490] kmmpd-loop4: attempt to access beyond end of device [ 313.965484][ T6490] loop4: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 313.981018][ T6490] Buffer I/O error on dev loop4, logical block 64, lost sync page write [ 314.925260][ T4869] hsr_slave_0: left promiscuous mode [ 314.953595][ T4869] hsr_slave_1: left promiscuous mode [ 314.982439][ T4869] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 314.990204][ T4869] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 315.026919][ T4869] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 315.034750][ T4869] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 315.077541][ T4869] veth1_macvtap: left promiscuous mode [ 315.083725][ T4869] veth0_macvtap: left promiscuous mode [ 315.089642][ T4869] veth1_vlan: left promiscuous mode [ 315.095361][ T4869] veth0_vlan: left promiscuous mode [ 315.790274][ T4869] team0 (unregistering): Port device team_slave_1 removed [ 315.855767][ T4869] team0 (unregistering): Port device team_slave_0 removed [ 317.130416][ T4869] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.337404][ T4869] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.470627][ T6545] loop3: detected capacity change from 0 to 128 [ 317.482047][ T5790] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 317.513989][ T5790] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 317.528041][ T5790] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 317.528624][ T4869] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.579623][ T5790] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 317.592778][ T5790] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 317.603261][ T5790] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 317.620365][ T6545] mmap: syz.3.152 (6545) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 317.648807][ T6545] cgroup: Unknown subsys name 'cpuset' [ 317.768219][ T4869] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.985705][ T29] audit: type=1800 audit(1731902394.834:21): pid=6545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.152" name="bus" dev="loop3" ino=1048602 res=0 errno=0 [ 318.152400][ T29] audit: type=1800 audit(1731902394.894:22): pid=6545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.152" name="bus" dev="loop3" ino=1048602 res=0 errno=0 [ 318.412708][ T4869] bridge_slave_1: left allmulticast mode [ 318.418644][ T4869] bridge_slave_1: left promiscuous mode [ 318.427929][ T4869] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.441537][ T4869] bridge_slave_0: left allmulticast mode [ 318.447676][ T4869] bridge_slave_0: left promiscuous mode [ 318.454340][ T4869] bridge0: port 1(bridge_slave_0) entered disabled state [ 319.165666][ T4869] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 319.246569][ T4869] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 319.287108][ T4869] bond0 (unregistering): Released all slaves [ 319.748563][ T51] Bluetooth: hci1: command tx timeout [ 320.226006][ T4869] hsr_slave_0: left promiscuous mode [ 320.249934][ T4869] hsr_slave_1: left promiscuous mode [ 320.292440][ T4869] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 320.300233][ T4869] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 320.358028][ T4869] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 320.366044][ T4869] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 320.412376][ T4869] veth1_macvtap: left promiscuous mode [ 320.418243][ T4869] veth0_macvtap: left promiscuous mode [ 320.425028][ T4869] veth1_vlan: left promiscuous mode [ 320.430594][ T4869] veth0_vlan: left promiscuous mode [ 320.950164][ T4869] team0 (unregistering): Port device team_slave_1 removed [ 321.009679][ T4869] team0 (unregistering): Port device team_slave_0 removed [ 321.494246][ T5844] Bluetooth: Configuration file not found ar3k/ramps_0xaee71267_40.dfu [ 321.504632][ T5844] Bluetooth: Loading sysconfig file failed [ 321.510692][ T5844] ath3k 4-1:0.0: probe with driver ath3k failed with error -110 [ 321.713861][ T5844] usb 4-1: USB disconnect, device number 2 [ 321.829805][ T51] Bluetooth: hci1: command tx timeout [ 322.078955][ T6544] chnl_net:caif_netlink_parms(): no params data found [ 322.939021][ T4869] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.947741][ T4869] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.178303][ T4334] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.187595][ T4334] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.668364][ T6544] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.678227][ T6544] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.686202][ T6544] bridge_slave_0: entered allmulticast mode [ 323.695405][ T6544] bridge_slave_0: entered promiscuous mode [ 323.712511][ T6544] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.720302][ T6544] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.728272][ T6544] bridge_slave_1: entered allmulticast mode [ 323.737555][ T6544] bridge_slave_1: entered promiscuous mode [ 323.922050][ T51] Bluetooth: hci1: command tx timeout [ 324.086409][ T4334] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 324.094761][ T4334] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 324.328136][ T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 324.337651][ T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 324.448731][ T6544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 324.639898][ T6544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 324.944475][ T6626] loop3: detected capacity change from 0 to 512 [ 324.973171][ T6626] EXT4-fs: inline encryption not supported [ 325.007176][ T6626] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 325.113710][ T3651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 325.122173][ T3651] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 325.130696][ T4869] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 325.139048][ T4869] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 325.213692][ T6544] team0: Port device team_slave_0 added [ 325.311446][ T6544] team0: Port device team_slave_1 added [ 325.817326][ T6631] loop5: detected capacity change from 0 to 512 [ 325.922152][ T6631] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 326.022893][ T51] Bluetooth: hci1: command tx timeout [ 326.166808][ T6544] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 326.174206][ T6544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.201159][ T6544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 326.314312][ T6631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.328337][ T6631] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 326.394937][ T6544] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 326.402172][ T6544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.430796][ T6544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 326.462717][ T6631] EXT4-fs error (device loop5): ext4_xattr_block_list:768: inode #15: comm syz.5.160: corrupted xattr block 32: bad e_name length [ 326.560341][ T6631] EXT4-fs (loop5): Remounting filesystem read-only [ 326.674719][ T6639] loop7: detected capacity change from 0 to 1024 [ 327.101367][ T6272] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.487686][ T6646] loop7: detected capacity change from 0 to 1024 [ 327.494036][ T6544] hsr_slave_0: entered promiscuous mode [ 327.614373][ T6544] hsr_slave_1: entered promiscuous mode [ 327.653794][ T6544] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 327.662371][ T6544] Cannot create hsr debugfs directory [ 327.726309][ T6648] loop5: detected capacity change from 0 to 512 [ 328.005432][ T6648] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 328.018916][ T6648] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 328.247192][ T6648] EXT4-fs error (device loop5): ext4_do_update_inode:5121: inode #2: comm syz.5.162: corrupted inode contents [ 328.647501][ T6658] loop3: detected capacity change from 0 to 512 [ 328.658749][ T6648] EXT4-fs error (device loop5): ext4_dirty_inode:5984: inode #2: comm syz.5.162: mark_inode_dirty error [ 328.739195][ T6648] EXT4-fs error (device loop5): ext4_do_update_inode:5121: inode #2: comm syz.5.162: corrupted inode contents [ 328.880619][ T6648] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #2: comm syz.5.162: mark_inode_dirty error [ 328.974590][ T6658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 328.988989][ T6658] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 329.023328][ T6544] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 329.066279][ T6659] EXT4-fs warning (device loop5): ext4_empty_dir:3098: inode #18: comm syz.5.162: directory missing '.' [ 329.084361][ T6544] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 329.128024][ T6544] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 329.202526][ T5898] usb 8-1: new full-speed USB device number 2 using dummy_hcd [ 329.233411][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.246363][ T6544] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 329.393357][ T5898] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 329.405976][ T5898] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 147, setting to 64 [ 329.417800][ T5898] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 329.427338][ T5898] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.493999][ T5898] usb 8-1: config 0 descriptor?? [ 329.502206][ T6660] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 329.516406][ T5898] hub 8-1:0.0: USB hub found [ 329.525915][ T6272] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.762160][ T5898] hub 8-1:0.0: 1 port detected [ 329.822352][ T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 330.042313][ T8] usb 7-1: Using ep0 maxpacket: 8 [ 330.067941][ T8] usb 7-1: config 0 has an invalid interface number: 150 but max is 0 [ 330.076945][ T8] usb 7-1: config 0 has an invalid interface number: 112 but max is 0 [ 330.085676][ T8] usb 7-1: config 0 has an invalid interface number: 3 but max is 0 [ 330.094154][ T8] usb 7-1: config 0 has 3 interfaces, different from the descriptor's value: 1 [ 330.106673][ T8] usb 7-1: config 0 has no interface number 0 [ 330.114541][ T8] usb 7-1: config 0 has no interface number 1 [ 330.120896][ T8] usb 7-1: config 0 has no interface number 2 [ 330.125545][ T6668] loop3: detected capacity change from 0 to 1024 [ 330.127585][ T8] usb 7-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 330.147610][ T8] usb 7-1: too many endpoints for config 0 interface 112 altsetting 233: 104, using maximum allowed: 30 [ 330.159617][ T8] usb 7-1: config 0 interface 112 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 104 [ 330.173490][ T8] usb 7-1: too many endpoints for config 0 interface 3 altsetting 75: 205, using maximum allowed: 30 [ 330.184942][ T8] usb 7-1: config 0 interface 3 altsetting 75 has 0 endpoint descriptors, different from the interface descriptor's value: 205 [ 330.202634][ T8] usb 7-1: config 0 interface 150 has no altsetting 0 [ 330.209796][ T8] usb 7-1: config 0 interface 112 has no altsetting 0 [ 330.218067][ T8] usb 7-1: config 0 interface 3 has no altsetting 0 [ 330.225349][ T8] usb 7-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 330.234935][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.614843][ T6660] loop7: detected capacity change from 0 to 2048 [ 330.679587][ T6544] 8021q: adding VLAN 0 to HW filter on device bond0 [ 330.691385][ T8] usb 7-1: config 0 descriptor?? [ 330.766988][ T6660] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 330.778278][ T8] usb 7-1: selecting invalid altsetting 0 [ 330.826136][ T6671] loop5: detected capacity change from 0 to 2048 [ 330.875987][ T5898] hub 8-1:0.0: hub_hub_status failed (err = -32) [ 330.882847][ T5898] hub 8-1:0.0: config failed, can't get hub status (err -32) [ 330.887846][ T6544] 8021q: adding VLAN 0 to HW filter on device team0 [ 331.042698][ T8] usb 7-1: string descriptor 0 read error: -71 [ 331.097807][ T78] bridge0: port 1(bridge_slave_0) entered blocking state [ 331.105596][ T78] bridge0: port 1(bridge_slave_0) entered forwarding state [ 331.135819][ T6671] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.156708][ T5898] usbhid 8-1:0.0: can't add hid device: -32 [ 331.164056][ T5898] usbhid 8-1:0.0: probe with driver usbhid failed with error -32 [ 331.265198][ T8] usb 7-1: USB disconnect, device number 2 [ 331.268415][ T78] bridge0: port 2(bridge_slave_1) entered blocking state [ 331.279072][ T78] bridge0: port 2(bridge_slave_1) entered forwarding state [ 331.341102][ T5898] usb 8-1: USB disconnect, device number 2 [ 331.405712][ T6671] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 332.075973][ T6033] udevd[6033]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.150/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 332.096087][ T6681] loop3: detected capacity change from 0 to 128 [ 332.306427][ T6681] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 332.372830][ T6687] loop6: detected capacity change from 0 to 8 [ 332.384429][ T6681] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 332.509696][ T6687] unable to read inode lookup table [ 332.603118][ T6681] syz.3.168 (pid 6681) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 332.808521][ T5789] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 332.820149][ T6272] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.512257][ T6544] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 334.036083][ T6704] loop3: detected capacity change from 0 to 128 [ 334.254452][ T6706] loop5: detected capacity change from 0 to 512 [ 334.264321][ T6706] EXT4-fs: Ignoring removed nobh option [ 334.456157][ T6696] input: syz0 as /devices/virtual/input/input13 [ 334.698185][ T6706] EXT4-fs (loop5): mounted filesystem 00800000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.716652][ T6706] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 335.317629][ T6704] EXT4-fs (loop3): Test dummy encryption mode enabled [ 335.361352][ T6272] EXT4-fs (loop5): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 335.462268][ T6704] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 335.593494][ T6704] ext4 filesystem being mounted at /53/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 335.944524][ T6704] fscrypt (loop3): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 336.476451][ T6544] veth0_vlan: entered promiscuous mode [ 336.509752][ T6544] veth1_vlan: entered promiscuous mode [ 336.632453][ T6544] veth0_macvtap: entered promiscuous mode [ 336.668042][ T6544] veth1_macvtap: entered promiscuous mode [ 336.714115][ T5789] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 336.745078][ T6742] loop6: detected capacity change from 0 to 128 [ 336.773473][ T6544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.784294][ T6544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.795615][ T6544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.807097][ T6544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.818357][ T6544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.830604][ T6544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.842354][ T6741] loop7: detected capacity change from 0 to 1024 [ 336.849284][ T6544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.864139][ T6544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.880051][ T6544] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 336.898795][ T6544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 336.909621][ T6544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.919834][ T6544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 336.930624][ T6544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.940797][ T6544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 336.951617][ T6544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.965781][ T6544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 336.977625][ T6544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.992491][ T6544] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 337.015318][ T6544] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.025485][ T6544] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.034636][ T6544] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.043792][ T6544] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.772976][ T6741] hfsplus: request for non-existent node 16777216 in B*Tree [ 337.784630][ T6741] hfsplus: request for non-existent node 16777216 in B*Tree [ 337.994484][ T6741] hfsplus: request for non-existent node 16777216 in B*Tree [ 338.002540][ T6741] hfsplus: request for non-existent node 16777216 in B*Tree [ 338.034767][ T6751] hfsplus: request for non-existent node 16777216 in B*Tree [ 338.042514][ T6751] hfsplus: request for non-existent node 16777216 in B*Tree [ 338.582549][ T3651] hfsplus: request for non-existent node 16777216 in B*Tree [ 338.590096][ T3651] hfsplus: request for non-existent node 16777216 in B*Tree [ 338.788857][ T29] audit: type=1326 audit(1731902415.534:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.5.178" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 338.814341][ T29] audit: type=1326 audit(1731902415.534:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.5.178" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 338.856429][ T6303] VFS: Lookup of '. ' in vfat loop6 would have caused loop [ 338.953701][ T6766] netlink: 4 bytes leftover after parsing attributes in process `syz.3.181'. [ 339.049304][ T6766] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 339.064370][ T29] audit: type=1326 audit(1731902415.704:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.5.178" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 339.087309][ T29] audit: type=1326 audit(1731902415.784:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.5.178" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 339.112733][ T29] audit: type=1326 audit(1731902415.794:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.5.178" exe="/root/syz-executor" sig=0 arch=40000003 syscall=180 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 339.135700][ T29] audit: type=1326 audit(1731902415.794:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.5.178" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 339.158598][ T6303] VFS: Lookup of '. ' in vfat loop6 would have caused loop [ 340.381617][ T6782] loop7: detected capacity change from 0 to 128 [ 340.437627][ T59] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.525816][ T6782] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256 [ 340.742400][ T59] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.857991][ T6782] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 340.950064][ T59] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.227195][ T59] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.316320][ T6792] loop5: detected capacity change from 0 to 512 [ 341.762460][ T6792] EXT4-fs (loop5): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 341.934987][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 341.941827][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 342.002070][ T59] bridge_slave_1: left allmulticast mode [ 342.007991][ T59] bridge_slave_1: left promiscuous mode [ 342.014832][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.152074][ T59] bridge_slave_0: left allmulticast mode [ 342.158014][ T59] bridge_slave_0: left promiscuous mode [ 342.164900][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.383764][ T6794] loop3: detected capacity change from 0 to 2048 [ 342.817355][ T6794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 342.895325][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 342.942664][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 342.955850][ T29] audit: type=1800 audit(1731902419.814:29): pid=6794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.188" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 342.982525][ T59] bond0 (unregistering): Released all slaves [ 343.452535][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.988417][ T5790] Bluetooth: hci0: command 0x0406 tx timeout [ 344.138981][ T59] hsr_slave_0: left promiscuous mode [ 344.192198][ T59] hsr_slave_1: left promiscuous mode [ 344.213945][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 344.222221][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.288234][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.297975][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 344.422762][ T59] veth1_macvtap: left promiscuous mode [ 344.428538][ T59] veth0_macvtap: left promiscuous mode [ 344.437558][ T59] veth1_vlan: left promiscuous mode [ 344.443326][ T59] veth0_vlan: left promiscuous mode [ 345.280432][ T6822] loop7: detected capacity change from 0 to 128 [ 345.350016][ T6824] loop3: detected capacity change from 0 to 256 [ 345.452269][ T6822] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (16076!=39978) [ 345.692856][ T6822] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 346.013820][ T5790] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 346.024892][ T5790] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 346.039361][ T5790] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 346.092148][ T6822] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:517: comm syz.7.191: Block bitmap for bg 0 marked uninitialized [ 346.560836][ T5790] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 346.633478][ T5790] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 346.642943][ T5790] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 346.734847][ T59] team0 (unregistering): Port device team_slave_1 removed [ 346.864196][ T6328] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 346.895737][ T59] team0 (unregistering): Port device team_slave_0 removed [ 347.447401][ T6272] EXT4-fs (loop5): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 347.911865][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 347.921239][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 347.992997][ T4869] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 348.001068][ T4869] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 348.090857][ T6841] capability: warning: `syz.5.195' uses 32-bit capabilities (legacy support in use) [ 348.708818][ T5790] Bluetooth: hci2: command tx timeout [ 349.133263][ T6847] loop7: detected capacity change from 0 to 2048 [ 349.146733][ T6847] udf: Bad value for 'anchor' [ 349.690715][ T6829] chnl_net:caif_netlink_parms(): no params data found [ 350.814568][ T5790] Bluetooth: hci2: command tx timeout [ 351.212955][ T6829] bridge0: port 1(bridge_slave_0) entered blocking state [ 351.220746][ T6829] bridge0: port 1(bridge_slave_0) entered disabled state [ 351.229337][ T6829] bridge_slave_0: entered allmulticast mode [ 351.238532][ T6829] bridge_slave_0: entered promiscuous mode [ 351.369549][ T6829] bridge0: port 2(bridge_slave_1) entered blocking state [ 351.377612][ T6829] bridge0: port 2(bridge_slave_1) entered disabled state [ 351.385632][ T6829] bridge_slave_1: entered allmulticast mode [ 351.394960][ T6829] bridge_slave_1: entered promiscuous mode [ 351.811850][ T6829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 351.898698][ T6829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 352.026039][ T6869] loop8: detected capacity change from 0 to 512 [ 352.183817][ T6829] team0: Port device team_slave_0 added [ 352.325829][ T6829] team0: Port device team_slave_1 added [ 352.482032][ T6869] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.495308][ T6869] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 352.577523][ T6829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 352.585162][ T6829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 352.611592][ T6829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 352.862092][ T5790] Bluetooth: hci2: command tx timeout [ 353.002940][ T6829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 353.010253][ T6829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 353.042592][ T6829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 353.125145][ T6544] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.139201][ T6872] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 353.530286][ T6829] hsr_slave_0: entered promiscuous mode [ 353.626876][ T6829] hsr_slave_1: entered promiscuous mode [ 353.644090][ T6829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 353.654610][ T6829] Cannot create hsr debugfs directory [ 353.946271][ T6890] loop7: detected capacity change from 0 to 256 [ 354.528372][ T6896] loop3: detected capacity change from 0 to 512 [ 354.755914][ T6896] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #15: comm syz.3.203: casefold flag without casefold feature [ 354.838301][ T6896] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.203: couldn't read orphan inode 15 (err -117) [ 354.862091][ T8] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 354.943924][ T6896] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.957542][ T5790] Bluetooth: hci2: command tx timeout [ 355.629158][ T8] usb 8-1: config 5 has an invalid interface number: 112 but max is 1 [ 355.638364][ T8] usb 8-1: config 5 has an invalid interface number: 138 but max is 1 [ 355.647466][ T8] usb 8-1: config 5 has no interface number 0 [ 355.654319][ T8] usb 8-1: config 5 has no interface number 1 [ 355.660535][ T8] usb 8-1: config 5 interface 112 has no altsetting 0 [ 355.668222][ T8] usb 8-1: config 5 interface 138 has no altsetting 0 [ 355.958836][ T6829] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 355.975946][ T8] usb 8-1: New USB device found, idVendor=413c, idProduct=8172, bcdDevice=5f.12 [ 355.987977][ T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.997571][ T8] usb 8-1: Product: syz [ 356.001988][ T8] usb 8-1: Manufacturer: syz [ 356.009157][ T8] usb 8-1: SerialNumber: syz [ 356.229134][ T6829] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 356.363811][ T6829] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 356.554203][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.565382][ T6829] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 356.600326][ T8] usb 8-1: unknown number of interfaces: 2 [ 356.746107][ T8] usb 8-1: USB disconnect, device number 3 [ 357.531003][ T6912] loop8: detected capacity change from 0 to 1024 [ 357.560809][ T6829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 357.666479][ T6829] 8021q: adding VLAN 0 to HW filter on device team0 [ 357.713303][ T3651] bridge0: port 1(bridge_slave_0) entered blocking state [ 357.720986][ T3651] bridge0: port 1(bridge_slave_0) entered forwarding state [ 357.939164][ T6829] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 357.952523][ T6829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 357.992407][ T3651] bridge0: port 2(bridge_slave_1) entered blocking state [ 357.999901][ T3651] bridge0: port 2(bridge_slave_1) entered forwarding state [ 359.130408][ T6921] loop3: detected capacity change from 0 to 1024 [ 359.204841][ T6921] EXT4-fs: inline encryption not supported [ 359.300926][ T6921] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 359.312078][ T6921] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 359.322734][ T6921] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 359.405992][ T6921] EXT4-fs error (device loop3): ext4_get_journal_inode:5762: inode #5: comm syz.3.209: unexpected bad inode w/o EXT4_IGET_BAD [ 359.522563][ T6921] EXT4-fs (loop3): no journal found [ 359.528025][ T6921] EXT4-fs (loop3): can't get journal size [ 359.596897][ T6921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 359.718786][ T6921] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.630889][ T6829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 362.853214][ T6969] loop3: detected capacity change from 0 to 512 [ 364.114111][ T6829] veth0_vlan: entered promiscuous mode [ 364.165523][ T6977] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 364.262361][ T6829] veth1_vlan: entered promiscuous mode [ 364.529401][ T6977] loop3: detected capacity change from 0 to 1024 [ 364.620784][ T6829] veth0_macvtap: entered promiscuous mode [ 364.800411][ T6829] veth1_macvtap: entered promiscuous mode [ 365.105731][ T6829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.116530][ T6829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.130312][ T6829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.141088][ T6829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.151302][ T6829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.162259][ T6829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.172475][ T6829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.184209][ T6829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.198171][ T6829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 365.452422][ T6829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.463194][ T6829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.473509][ T6829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.484246][ T6829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.494769][ T6829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.505565][ T6829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.515794][ T6829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.526799][ T6829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.545261][ T6829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 365.878897][ T6829] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.889775][ T6829] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.899101][ T6829] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.908257][ T6829] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.535084][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 369.545973][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 369.557646][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 369.570965][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 369.583809][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 369.715016][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 371.193193][ T7016] chnl_net:caif_netlink_parms(): no params data found [ 371.952463][ T51] Bluetooth: hci4: command tx timeout [ 372.601968][ T8] usb 9-1: new full-speed USB device number 2 using dummy_hcd [ 373.079317][ T8] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16531, setting to 64 [ 373.091852][ T8] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 373.101147][ T8] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.288036][ T7016] bridge0: port 1(bridge_slave_0) entered blocking state [ 373.295772][ T7016] bridge0: port 1(bridge_slave_0) entered disabled state [ 373.303714][ T7016] bridge_slave_0: entered allmulticast mode [ 373.315634][ T7016] bridge_slave_0: entered promiscuous mode [ 373.365563][ T8] usb 9-1: config 0 descriptor?? [ 373.383680][ T7047] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 373.426313][ T8] hub 9-1:0.0: USB hub found [ 373.499303][ T7016] bridge0: port 2(bridge_slave_1) entered blocking state [ 373.510024][ T7016] bridge0: port 2(bridge_slave_1) entered disabled state [ 373.521199][ T7016] bridge_slave_1: entered allmulticast mode [ 373.530566][ T7016] bridge_slave_1: entered promiscuous mode [ 373.654319][ T8] hub 9-1:0.0: 1 port detected [ 373.982336][ T51] Bluetooth: hci4: command tx timeout [ 374.084775][ T7016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 374.180394][ T7016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 374.360779][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 374.369050][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 374.911614][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 374.920037][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 375.024855][ T44] usb 9-1: USB disconnect, device number 2 [ 375.043492][ T8] usb 9-1-port1: cannot reset (err = -71) [ 375.057007][ T8] usb 9-1-port1: attempt power cycle [ 375.086440][ T7016] team0: Port device team_slave_0 added [ 375.127331][ T7016] team0: Port device team_slave_1 added [ 375.503944][ T7016] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 375.513535][ T7016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 375.539944][ T7016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 375.835176][ T7016] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 375.842999][ T7016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 375.872734][ T7016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 376.062809][ T51] Bluetooth: hci4: command tx timeout [ 376.368389][ T7016] hsr_slave_0: entered promiscuous mode [ 376.408944][ T7016] hsr_slave_1: entered promiscuous mode [ 376.473990][ T7016] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 376.482324][ T7016] Cannot create hsr debugfs directory [ 378.141956][ T51] Bluetooth: hci4: command tx timeout [ 378.409054][ T7086] loop8: detected capacity change from 0 to 1024 [ 378.483680][ T7086] hfsplus: unable to parse mount options [ 379.005787][ T8] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 379.282024][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 379.825539][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 379.836954][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 379.846971][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 379.856339][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.101524][ T8] usb 4-1: config 0 descriptor?? [ 380.148667][ T8] hub 4-1:0.0: USB hub found [ 380.594382][ T8] hub 4-1:0.0: 1 port detected [ 381.287540][ T8] hub 4-1:0.0: activate --> -90 [ 382.045179][ T7016] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 382.104136][ T44] usb 4-1: USB disconnect, device number 3 [ 382.253155][ T8] hub 4-1:0.0: hub_ext_port_status failed (err = -71) [ 382.260239][ T8] usb 4-1-port1: connect-debounce failed [ 382.382769][ T7016] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 382.494371][ T7016] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 382.532339][ T7016] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 384.174917][ T7016] 8021q: adding VLAN 0 to HW filter on device bond0 [ 384.291266][ T7016] 8021q: adding VLAN 0 to HW filter on device team0 [ 384.348369][ T7130] loop7: detected capacity change from 0 to 8 [ 384.377577][ T7130] squashfs: Unknown parameter '€' [ 384.419066][ T4334] bridge0: port 1(bridge_slave_0) entered blocking state [ 384.426824][ T4334] bridge0: port 1(bridge_slave_0) entered forwarding state [ 384.443170][ T4334] bridge0: port 2(bridge_slave_1) entered blocking state [ 384.450859][ T4334] bridge0: port 2(bridge_slave_1) entered forwarding state [ 384.492972][ T51] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 384.501567][ T51] Bluetooth: hci1: Injecting HCI hardware error event [ 384.509339][ T51] Bluetooth: hci1: hardware error 0x00 [ 384.939376][ T29] audit: type=1326 audit(1731902461.664:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.9.252" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 384.962946][ T29] audit: type=1326 audit(1731902461.674:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.9.252" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 385.113372][ T7130] loop7: detected capacity change from 0 to 2048 [ 385.114644][ T7128] loop8: detected capacity change from 0 to 512 [ 385.198837][ T29] audit: type=1326 audit(1731902461.934:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.9.252" exe="/root/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 385.221265][ T29] audit: type=1326 audit(1731902461.934:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.9.252" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 385.244269][ T29] audit: type=1326 audit(1731902461.934:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.9.252" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 385.268165][ T29] audit: type=1326 audit(1731902462.124:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.9.252" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 385.294034][ T29] audit: type=1326 audit(1731902462.124:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.9.252" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 385.319188][ T29] audit: type=1326 audit(1731902462.124:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.9.252" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 385.671180][ T7128] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 385.684359][ T7128] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 385.739973][ T7130] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 385.878190][ T7128] EXT4-fs error (device loop8): ext4_xattr_block_find:1877: inode #15: comm syz.8.255: corrupted xattr block 33: invalid header [ 386.361256][ T6544] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 387.132526][ T6328] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 387.183529][ T51] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 387.600625][ T7016] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 388.114108][ T7016] veth0_vlan: entered promiscuous mode [ 388.140983][ T7149] loop8: detected capacity change from 0 to 1024 [ 388.150829][ T6328] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.219147][ T4531] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.557574][ T4531] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.968006][ T4531] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.676947][ T4531] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.884213][ T7016] veth1_vlan: entered promiscuous mode [ 391.070495][ T7016] veth0_macvtap: entered promiscuous mode [ 391.119650][ T4531] bridge_slave_1: left allmulticast mode [ 391.126436][ T4531] bridge_slave_1: left promiscuous mode [ 391.137151][ T4531] bridge0: port 2(bridge_slave_1) entered disabled state [ 391.293875][ T4531] bridge_slave_0: left allmulticast mode [ 391.299802][ T4531] bridge_slave_0: left promiscuous mode [ 391.306881][ T4531] bridge0: port 1(bridge_slave_0) entered disabled state [ 391.308099][ T13] hfsplus: b-tree write err: -5, ino 4 [ 392.014448][ T4531] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 392.103962][ T4531] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 392.139885][ T4531] bond0 (unregistering): Released all slaves [ 392.328025][ T7016] veth1_macvtap: entered promiscuous mode [ 392.723671][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 392.735269][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.746668][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 392.757514][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.771155][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 392.784872][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.795538][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 392.806663][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.809613][ T7166] loop3: detected capacity change from 0 to 2048 [ 392.816752][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 392.816844][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.821967][ T7016] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 392.865084][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 392.879436][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.890524][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 392.901443][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.911737][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 392.922545][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.932700][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 392.943571][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.953892][ T7016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 392.964798][ T7016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.984400][ T7016] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 393.006079][ T7016] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 393.015499][ T7016] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 393.024816][ T7016] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 393.034032][ T7016] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 393.051378][ T7166] loop3: p3 < > p4 < > [ 393.056837][ T7166] loop3: partition table partially beyond EOD, truncated [ 393.065234][ T7166] loop3: p3 start 4284289 is beyond EOD, truncated [ 393.507555][ T7175] loop7: detected capacity change from 0 to 1024 [ 393.930442][ T4531] hsr_slave_0: left promiscuous mode [ 393.968562][ T4531] hsr_slave_1: left promiscuous mode [ 394.085657][ T4531] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 394.093714][ T4531] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 394.176435][ T4531] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 394.184627][ T4531] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 394.226412][ T4531] veth1_macvtap: left promiscuous mode [ 394.232314][ T4531] veth0_macvtap: left promiscuous mode [ 394.238218][ T4531] veth1_vlan: left promiscuous mode [ 394.243965][ T4531] veth0_vlan: left promiscuous mode [ 394.358460][ T7180] loop3: detected capacity change from 0 to 512 [ 394.432556][ T7180] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent [ 395.629704][ T7184] usb usb9: usbfs: process 7184 (syz.7.270) did not claim interface 0 before use [ 395.689080][ T7182] loop3: detected capacity change from 0 to 2048 [ 395.853064][ T4531] team0 (unregistering): Port device team_slave_1 removed [ 395.879985][ T7182] EXT4-fs: Mount option(s) incompatible with ext2 [ 395.889474][ T4531] team0 (unregistering): Port device team_slave_0 removed [ 395.965942][ T7188] loop9: detected capacity change from 0 to 256 [ 396.089897][ T7188] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d) [ 396.637138][ T7188] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000008) [ 396.647911][ T7188] exFAT-fs (loop9): Filesystem has been set read-only [ 396.755850][ T7190] loop7: detected capacity change from 0 to 2048 [ 396.917898][ T7190] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 397.053102][ T7188] syz.9.271 (7188) used greatest stack depth: 4984 bytes left [ 398.031959][ T44] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 398.304145][ T7205] loop9: detected capacity change from 0 to 512 [ 398.340589][ T7205] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended [ 398.412052][ T44] usb 9-1: Using ep0 maxpacket: 16 [ 398.432796][ T44] usb 9-1: config 0 has an invalid interface number: 29 but max is 0 [ 398.441179][ T44] usb 9-1: config 0 has no interface number 0 [ 398.447714][ T44] usb 9-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16 [ 398.457957][ T44] usb 9-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024 [ 398.469486][ T44] usb 9-1: config 0 interface 29 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 398.625249][ T44] usb 9-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0 [ 398.634905][ T44] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 398.643309][ T44] usb 9-1: Product: syz [ 398.647702][ T44] usb 9-1: Manufacturer: syz [ 398.652769][ T44] usb 9-1: SerialNumber: syz [ 398.737612][ T44] usb 9-1: config 0 descriptor?? [ 398.748397][ T7201] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 398.822598][ T7201] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 398.849997][ T7205] EXT4-fs error (device loop9): ext4_orphan_get:1388: inode #17: comm syz.9.276: iget: bad i_size value: -6917529027641081756 [ 398.932699][ T7205] EXT4-fs error (device loop9): ext4_orphan_get:1393: comm syz.9.276: couldn't read orphan inode 17 (err -117) [ 398.996846][ T7205] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 399.144072][ T7205] Quota error (device loop9): do_check_range: Getting block 144 out of range 0-5 [ 399.451111][ T6829] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.070417][ T51] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 400.122092][ T44] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 400.382120][ T44] usb 10-1: Using ep0 maxpacket: 8 [ 400.396882][ T44] usb 10-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 400.407661][ T44] usb 10-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 400.417127][ T44] usb 10-1: config 1 has no interface number 1 [ 400.478090][ T7227] loop7: detected capacity change from 0 to 512 [ 400.500348][ T44] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 400.509973][ T44] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 400.518548][ T44] usb 10-1: Product: syz [ 400.523155][ T44] usb 10-1: Manufacturer: syz [ 400.528106][ T44] usb 10-1: SerialNumber: syz [ 400.577381][ T7227] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 400.634716][ T7227] EXT4-fs (loop7): orphan cleanup on readonly fs [ 400.750545][ T7227] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.282: bg 0: block 248: padding at end of block bitmap is not set [ 400.824118][ T7227] Quota error (device loop7): write_blk: dquota write failed [ 400.833331][ T7227] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 400.846177][ T7227] EXT4-fs error (device loop7): ext4_acquire_dquot:6879: comm syz.7.282: Failed to acquire dquot type 1 [ 401.073093][ T44] hub 10-1:1.2: bad descriptor, ignoring hub [ 401.079842][ T44] hub 10-1:1.2: probe with driver hub failed with error -5 [ 401.094502][ T7227] EXT4-fs (loop7): 1 truncate cleaned up [ 401.114383][ T7227] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 401.317436][ T44] usb 10-1: USB disconnect, device number 2 [ 401.506031][ T7227] syz.7.282 (7227) used greatest stack depth: 3912 bytes left [ 401.888198][ T5967] udevd[5967]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 401.892420][ T6328] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.280867][ T5863] usb 9-1: USB disconnect, device number 7 [ 402.684381][ T4531] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.694052][ T4531] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 402.725218][ T3651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 402.733490][ T3651] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 403.377712][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.384583][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.733336][ T7260] netlink: 'syz.3.290': attribute type 5 has an invalid length. [ 404.135268][ T7264] loop0: detected capacity change from 0 to 8 [ 404.264766][ T7269] loop3: detected capacity change from 0 to 256 [ 404.404959][ T7264] SQUASHFS error: zlib decompression failed, data probably corrupt [ 404.413705][ T7264] SQUASHFS error: Failed to read block 0x4e8: -5 [ 404.442567][ T29] audit: type=1800 audit(1731902481.284:38): pid=7264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.227" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 404.465623][ T7271] loop8: detected capacity change from 0 to 512 [ 404.710235][ T7277] trusted_key: encrypted_key: insufficient parameters specified [ 404.912365][ T7269] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x1119eb70) [ 404.923162][ T7269] exFAT-fs (loop3): invalid boot region [ 404.928915][ T7269] exFAT-fs (loop3): failed to recognize exfat type [ 404.976915][ T7278] loop0: detected capacity change from 0 to 128 [ 405.068944][ T7271] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 405.179316][ T7271] EXT4-fs warning (device loop8): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 405.215823][ T7278] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 405.233158][ T7271] EXT4-fs (loop8): mount failed [ 405.243921][ T7278] ext4 filesystem being mounted at /1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 405.582491][ T7290] loop7: detected capacity change from 0 to 1024 [ 405.789483][ T8] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 406.054922][ T8] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 406.066467][ T8] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.082866][ T7016] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 406.133248][ T8] usb 10-1: config 0 descriptor?? [ 406.157062][ T8] cp210x 10-1:0.0: cp210x converter detected [ 406.454185][ T7301] loop8: detected capacity change from 0 to 256 [ 406.473287][ T7301] vfat: Unknown parameter '18446744073709551615' [ 406.617973][ T8] usb 10-1: cp210x converter now attached to ttyUSB0 [ 406.885719][ T8] usb 10-1: USB disconnect, device number 3 [ 406.917488][ T8] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 406.955631][ T4596] hfsplus: b-tree write err: -5, ino 8 [ 407.194051][ T44] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 407.272473][ T5898] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 407.323432][ T8] cp210x 10-1:0.0: device disconnected [ 407.365945][ T44] usb 1-1: Using ep0 maxpacket: 8 [ 407.384081][ T44] usb 1-1: config 0 has an invalid interface number: 25 but max is 0 [ 407.389763][ T7312] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 407.394214][ T44] usb 1-1: config 0 has no interface number 0 [ 407.416316][ T44] usb 1-1: config 0 interface 25 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 407.429009][ T44] usb 1-1: config 0 interface 25 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 407.439512][ T44] usb 1-1: config 0 interface 25 altsetting 2 endpoint 0xB has invalid wMaxPacketSize 0 [ 407.449721][ T44] usb 1-1: config 0 interface 25 has no altsetting 0 [ 407.489082][ T44] usb 1-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f [ 407.491096][ T7312] netlink: 8 bytes leftover after parsing attributes in process `syz.7.305'. [ 407.498803][ T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 407.519476][ T44] usb 1-1: Product: syz [ 407.525049][ T44] usb 1-1: Manufacturer: syz [ 407.529903][ T44] usb 1-1: SerialNumber: syz [ 407.536519][ T5898] usb 9-1: Using ep0 maxpacket: 16 [ 407.563992][ T5898] usb 9-1: config 0 has an invalid interface number: 29 but max is 0 [ 407.572821][ T5898] usb 9-1: config 0 has no interface number 0 [ 407.579333][ T5898] usb 9-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024 [ 407.590904][ T5898] usb 9-1: config 0 interface 29 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 407.606223][ T44] usb 1-1: config 0 descriptor?? [ 407.713418][ T44] usbtouchscreen 1-1:0.25: probe with driver usbtouchscreen failed with error -90 [ 407.739103][ T5898] usb 9-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0 [ 407.748913][ T5898] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 407.757343][ T5898] usb 9-1: Product: syz [ 407.761857][ T5898] usb 9-1: Manufacturer: syz [ 407.766696][ T5898] usb 9-1: SerialNumber: syz [ 407.813992][ T5898] usb 9-1: config 0 descriptor?? [ 407.829492][ T7307] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22 [ 407.869649][ T44] usb 1-1: USB disconnect, device number 4 [ 408.065847][ T5898] usb 9-1: USB disconnect, device number 8 [ 408.448137][ T7321] loop7: detected capacity change from 0 to 256 [ 408.632973][ T7321] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 408.876310][ T7328] loop0: detected capacity change from 0 to 512 [ 408.885700][ T7328] EXT4-fs: Ignoring removed nomblk_io_submit option [ 409.069120][ T7328] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 409.077718][ T7328] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 409.602638][ T7328] EXT4-fs (loop0): 1 truncate cleaned up [ 409.610100][ T7328] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 409.759574][ T7337] loop3: detected capacity change from 0 to 2048 [ 409.923600][ T7016] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 409.935037][ T7337] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 410.652064][ T5790] Bluetooth: hci6: command 0x0406 tx timeout [ 410.676262][ T7343] Invalid ELF header type: 3 != 1 [ 410.962319][ T7364] netlink: 44 bytes leftover after parsing attributes in process `syz.8.317'. [ 411.086565][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.134023][ T7366] loop0: detected capacity change from 0 to 256 [ 411.391469][ T7366] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 411.409539][ T7366] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 413.314918][ T7395] : renamed from ipvlan1 [ 413.976091][ T7419] netlink: 44 bytes leftover after parsing attributes in process `syz.8.329'. [ 414.422811][ T7428] netlink: 8 bytes leftover after parsing attributes in process `syz.3.332'. [ 414.432070][ T7428] netlink: 12 bytes leftover after parsing attributes in process `syz.3.332'. [ 414.441166][ T7428] netlink: 40 bytes leftover after parsing attributes in process `syz.3.332'. [ 414.779237][ T7433] loop3: detected capacity change from 0 to 1024 [ 414.965800][ T7433] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 415.488194][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.619408][ T7456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 417.105845][ T7455] loop9: detected capacity change from 0 to 2048 [ 417.154587][ T7455] udf: Bad value for 'session' [ 417.297989][ T7466] netlink: 44 bytes leftover after parsing attributes in process `syz.8.344'. [ 418.430005][ T7477] loop0: detected capacity change from 0 to 256 [ 418.785012][ T7485] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 419.108481][ T7477] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 419.189748][ T7490] loop9: detected capacity change from 0 to 256 [ 419.464112][ T8] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 419.555358][ T7490] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 419.723549][ T8] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 419.739305][ T8] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 419.749555][ T8] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 419.763085][ T8] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 419.772715][ T8] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.895561][ T8] usb 9-1: config 0 descriptor?? [ 420.175190][ T7498] loop3: detected capacity change from 0 to 512 [ 420.190377][ T7498] EXT4-fs: inline encryption not supported [ 420.350981][ T8] plantronics 0003:047F:FFFF.0001: collection stack underflow [ 420.359565][ T8] plantronics 0003:047F:FFFF.0001: item 0 2 0 12 parsing failed [ 420.469491][ T8] plantronics 0003:047F:FFFF.0001: parse failed [ 420.476500][ T8] plantronics 0003:047F:FFFF.0001: probe with driver plantronics failed with error -22 [ 420.666565][ T7498] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 420.679168][ T7498] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 420.680641][ T5898] usb 9-1: USB disconnect, device number 9 [ 420.689933][ T7498] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.354: Corrupt directory, running e2fsck is recommended [ 420.817243][ T7498] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 420.829524][ T7498] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.354: corrupted in-inode xattr: invalid ea_ino [ 420.905568][ T7498] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.354: couldn't read orphan inode 15 (err -117) [ 420.984566][ T7498] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 421.193019][ T7498] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 421.205084][ T7498] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 421.215710][ T7498] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.354: Corrupt directory, running e2fsck is recommended [ 421.289740][ T7510] loop0: detected capacity change from 0 to 128 [ 421.300455][ T7510] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 421.372145][ T7510] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 421.669883][ T7498] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 421.682690][ T7498] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 421.694543][ T7498] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.354: Corrupt directory, running e2fsck is recommended [ 422.043419][ T7517] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 422.074019][ T7519] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 422.086547][ T7498] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 422.086716][ T7498] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 422.086827][ T7498] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.354: Corrupt directory, running e2fsck is recommended [ 422.174773][ T4334] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 422.382790][ T7498] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 3: comm syz.3.354: path /104/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 422.459495][ T7498] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 8: comm syz.3.354: path /104/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=33261, rec_len=1050, size=1024 fake=0 [ 422.622856][ T7504] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 422.856153][ T7520] loop9: detected capacity change from 0 to 2048 [ 422.906687][ T7520] udf: Bad value for 'session' [ 423.253450][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.178087][ T7542] loop8: detected capacity change from 0 to 256 [ 424.291522][ T7542] exFAT-fs (loop8): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 424.298491][ T7540] loop0: detected capacity change from 0 to 128 [ 424.736125][ T7540] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 424.855942][ T7540] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 424.930626][ T29] audit: type=1326 audit(1731902501.784:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7552 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744d579 code=0x7fc00000 [ 424.958300][ T7540] EXT4-fs (loop0): shut down requested (2) [ 425.561420][ T29] audit: type=1326 audit(1731902502.404:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7552 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf744d579 code=0x7fc00000 [ 425.617297][ T7016] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 426.289147][ T7568] loop3: detected capacity change from 0 to 256 [ 426.655778][ T7573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.370'. [ 426.839870][ T7579] loop9: detected capacity change from 0 to 512 [ 426.850057][ T7579] EXT4-fs: Ignoring removed nobh option [ 426.856481][ T7579] EXT4-fs: Ignoring removed nobh option [ 427.023638][ T7583] loop3: detected capacity change from 0 to 1024 [ 427.074290][ T7583] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 427.082473][ T7579] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2 [ 427.105282][ T7579] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.373: invalid indirect mapped block 2683928664 (level 1) [ 427.242864][ T7579] EXT4-fs (loop9): 1 truncate cleaned up [ 427.249723][ T7579] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 427.294464][ T7570] bpf: Bad value for 'gid' [ 427.344520][ T7583] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 428.051565][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.201352][ T6829] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.160284][ T7606] netlink: 4 bytes leftover after parsing attributes in process `syz.0.376'. [ 429.523381][ T7604] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 429.664816][ T5790] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 429.680391][ T5790] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 429.714099][ T5790] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 429.785843][ T7613] trusted_key: encrypted_key: insufficient parameters specified [ 429.787563][ T7605] loop8: detected capacity change from 0 to 1764 [ 429.804531][ T5790] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 430.117969][ T5790] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 430.127960][ T5790] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 430.494513][ T7601] loop0: detected capacity change from 0 to 2048 [ 430.514622][ T7601] udf: Bad value for 'session' [ 431.973004][ T7610] chnl_net:caif_netlink_parms(): no params data found [ 432.225490][ T51] Bluetooth: hci3: command tx timeout [ 433.109210][ T7651] loop8: detected capacity change from 0 to 1024 [ 433.134916][ T7651] hfsplus: unable to parse mount options [ 433.175207][ T7653] loop9: detected capacity change from 0 to 16 [ 433.487616][ T7653] erofs: (device loop9): mounted with root inode @ nid 36. [ 433.648323][ T7653] syz.9.391: attempt to access beyond end of device [ 433.648323][ T7653] loop9: rw=0, sector=4294967295, nr_sectors = 1 limit=16 [ 433.965961][ T7610] bridge0: port 1(bridge_slave_0) entered blocking state [ 433.973854][ T7610] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.982109][ T7610] bridge_slave_0: entered allmulticast mode [ 434.038053][ T7610] bridge_slave_0: entered promiscuous mode [ 434.146696][ T7610] bridge0: port 2(bridge_slave_1) entered blocking state [ 434.154609][ T7610] bridge0: port 2(bridge_slave_1) entered disabled state [ 434.162713][ T7610] bridge_slave_1: entered allmulticast mode [ 434.172188][ T7610] bridge_slave_1: entered promiscuous mode [ 434.413318][ T51] Bluetooth: hci3: command tx timeout [ 434.517193][ T7610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 434.644083][ T7610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 435.088704][ T7610] team0: Port device team_slave_0 added [ 435.143670][ T7666] loop9: detected capacity change from 0 to 512 [ 435.182898][ T7610] team0: Port device team_slave_1 added [ 435.201180][ T7666] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 435.214762][ T7666] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 435.357588][ T7668] loop0: detected capacity change from 0 to 1024 [ 435.385963][ T7666] EXT4-fs (loop9): 1 truncate cleaned up [ 435.393891][ T7666] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 435.502799][ T7668] hfsplus: Filesystem is marked locked, mounting read-only. [ 435.573241][ T7673] netlink: 4 bytes leftover after parsing attributes in process `syz.8.399'. [ 435.628822][ T7610] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 435.636431][ T7610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 435.662661][ T7610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 435.694576][ T7673] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 435.823565][ T7610] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 435.831265][ T7610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 435.857553][ T7610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 436.023726][ T7668] hfsplus: invalid catalog entry type in lookup [ 436.311330][ T7676] loop8: detected capacity change from 0 to 2048 [ 436.365458][ T7676] udf: Bad value for 'session' [ 436.472502][ T51] Bluetooth: hci3: command tx timeout [ 436.630998][ T7610] hsr_slave_0: entered promiscuous mode [ 436.674842][ T7610] hsr_slave_1: entered promiscuous mode [ 436.802825][ T7610] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 436.810813][ T7610] Cannot create hsr debugfs directory [ 436.863709][ T7679] binder: 7678:7679 ioctl c0306201 0 returned -14 [ 439.063883][ T51] Bluetooth: hci3: command tx timeout [ 439.794096][ T6829] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 440.899987][ T7701] loop9: detected capacity change from 0 to 128 [ 441.627725][ T7610] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 441.696569][ T7610] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 441.756569][ T7610] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 441.825897][ T7610] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 443.019695][ T7610] 8021q: adding VLAN 0 to HW filter on device bond0 [ 443.198766][ T7610] 8021q: adding VLAN 0 to HW filter on device team0 [ 443.262703][ T4596] bridge0: port 1(bridge_slave_0) entered blocking state [ 443.270391][ T4596] bridge0: port 1(bridge_slave_0) entered forwarding state [ 443.487437][ T4596] bridge0: port 2(bridge_slave_1) entered blocking state [ 443.495170][ T4596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 443.991598][ T7727] loop9: detected capacity change from 0 to 764 [ 444.078936][ T7727] rock: directory entry would overflow storage [ 444.085411][ T7727] rock: sig=0x4654, size=5, remaining=4 [ 445.727385][ T7739] loop3: detected capacity change from 0 to 128 [ 445.774673][ T7740] binder: 7737:7740 ioctl 4018620d 0 returned -22 [ 445.850715][ T51] Bluetooth: hci0: unexpected event for opcode 0x204e [ 446.573754][ T7744] loop8: detected capacity change from 0 to 1024 [ 446.773710][ T7744] ===================================================== [ 446.781011][ T7744] BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x10e5/0x16f0 [ 446.789861][ T7744] hfsplus_rename_cat+0x10e5/0x16f0 [ 446.796230][ T7744] hfsplus_rename+0x209/0x2e0 [ 446.801022][ T7744] vfs_rename+0x1d9d/0x2280 [ 446.806486][ T7744] do_renameat2+0x18cc/0x1d50 [ 446.811284][ T7744] __ia32_sys_renameat2+0x14f/0x1f0 [ 446.816970][ T7744] ia32_sys_call+0x230f/0x40d0 [ 446.823017][ T7744] __do_fast_syscall_32+0xb0/0x110 [ 446.828315][ T7744] do_fast_syscall_32+0x38/0x80 [ 446.834824][ T7744] do_SYSENTER_32+0x1f/0x30 [ 446.839485][ T7744] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 446.846273][ T7744] [ 446.848644][ T7744] Uninit was stored to memory at: [ 446.853967][ T7744] hfsplus_create_cat+0x17f6/0x1800 [ 446.859271][ T7744] hfsplus_mknod+0x201/0x560 [ 446.866230][ T7744] hfsplus_mkdir+0x58/0x70 [ 446.870751][ T7744] vfs_mkdir+0x4a0/0x780 [ 446.875458][ T7744] do_mkdirat+0x529/0x810 [ 446.879891][ T7744] __ia32_sys_mkdir+0x9f/0xe0 [ 446.884769][ T7744] ia32_sys_call+0x3152/0x40d0 [ 446.889653][ T7744] __do_fast_syscall_32+0xb0/0x110 [ 446.894948][ T7744] do_fast_syscall_32+0x38/0x80 [ 446.899894][ T7744] do_SYSENTER_32+0x1f/0x30 [ 446.904591][ T7744] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 446.911043][ T7744] [ 446.913587][ T7744] Uninit was created at: [ 446.917953][ T7744] __alloc_pages_noprof+0x9a7/0xe00 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 446.923407][ T7744] alloc_pages_mpol_noprof+0x299/0x990 [ 446.929054][ T7744] alloc_pages_noprof+0x1bf/0x1e0 [ 446.934390][ T7744] allocate_slab+0x320/0x12e0 [ 446.940593][ T7744] ___slab_alloc+0x12ef/0x35e0 [ 446.946104][ T7744] kmem_cache_alloc_lru_noprof+0x584/0xb30 [ 446.952454][ T7744] hfsplus_alloc_inode+0x5a/0xd0 [ 446.957619][ T7744] alloc_inode+0x86/0x460 [ 446.962298][ T7744] iget_locked+0x250/0x1290 [ 446.967625][ T7744] hfsplus_iget+0x59/0xae0 [ 446.973297][ T7744] hfsplus_btree_open+0x13e/0x1d00 [ 446.978573][ T7744] hfsplus_fill_super+0x1113/0x2700 [ 446.984067][ T7744] mount_bdev+0x39a/0x520 [ 446.988512][ T7744] hfsplus_mount+0x4d/0x60 [ 446.993209][ T7744] legacy_get_tree+0x114/0x290 [ 446.998089][ T7744] vfs_get_tree+0xb1/0x5a0 [ 447.002933][ T7744] do_new_mount+0x71f/0x15e0 [ 447.007640][ T7744] path_mount+0x742/0x1f10 [ 447.012359][ T7744] __se_sys_mount+0x722/0x810 [ 447.017212][ T7744] __ia32_sys_mount+0xe3/0x150 [ 447.022859][ T7744] ia32_sys_call+0x2530/0x40d0 [ 447.027761][ T7744] __do_fast_syscall_32+0xb0/0x110 [ 447.033073][ T7744] do_fast_syscall_32+0x38/0x80 [ 447.039453][ T7744] do_SYSENTER_32+0x1f/0x30 [ 447.044384][ T7744] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 447.050848][ T7744] [ 447.053404][ T7744] CPU: 0 UID: 0 PID: 7744 Comm: syz.8.420 Not tainted 6.12.0-rc7-syzkaller-00216-gf66d6acccbc0 #0 [ 447.064427][ T7744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 447.074726][ T7744] ===================================================== [ 447.081957][ T7744] Disabling lock debugging due to kernel taint [ 447.088221][ T7744] Kernel panic - not syncing: kmsan.panic set ... [ 447.094779][ T7744] CPU: 0 UID: 0 PID: 7744 Comm: syz.8.420 Tainted: G B 6.12.0-rc7-syzkaller-00216-gf66d6acccbc0 #0 [ 447.107028][ T7744] Tainted: [B]=BAD_PAGE [ 447.111293][ T7744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 447.121452][ T7744] Call Trace: [ 447.124845][ T7744] [ 447.127853][ T7744] dump_stack_lvl+0x216/0x2d0 [ 447.132678][ T7744] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 447.138605][ T7744] dump_stack+0x1e/0x30 [ 447.142907][ T7744] panic+0x4e2/0xcf0 [ 447.146934][ T7744] ? kmsan_get_metadata+0x81/0x1c0 [ 447.152167][ T7744] kmsan_report+0x2c7/0x2d0 [ 447.156788][ T7744] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 447.163190][ T7744] ? kmsan_get_metadata+0x13e/0x1c0 [ 447.168484][ T7744] ? __msan_warning+0x95/0x120 [ 447.173394][ T7744] ? hfsplus_rename_cat+0x10e5/0x16f0 [ 447.178887][ T7744] ? hfsplus_rename+0x209/0x2e0 [ 447.184275][ T7744] ? vfs_rename+0x1d9d/0x2280 [ 447.189068][ T7744] ? do_renameat2+0x18cc/0x1d50 [ 447.194044][ T7744] ? __ia32_sys_renameat2+0x14f/0x1f0 [ 447.199546][ T7744] ? ia32_sys_call+0x230f/0x40d0 [ 447.204610][ T7744] ? __do_fast_syscall_32+0xb0/0x110 [ 447.209992][ T7744] ? do_fast_syscall_32+0x38/0x80 [ 447.215105][ T7744] ? do_SYSENTER_32+0x1f/0x30 [ 447.219874][ T7744] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 447.226608][ T7744] ? hfsplus_bnode_dump+0xca0/0xcd0 [ 447.231933][ T7744] ? kmsan_get_metadata+0x13e/0x1c0 [ 447.237231][ T7744] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 447.243173][ T7744] ? hfsplus_brec_remove+0x91d/0x9d0 [ 447.248691][ T7744] ? kmsan_get_metadata+0x13e/0x1c0 [ 447.254001][ T7744] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 447.259928][ T7744] __msan_warning+0x95/0x120 [ 447.264666][ T7744] hfsplus_rename_cat+0x10e5/0x16f0 [ 447.270070][ T7744] ? kmsan_get_metadata+0x13e/0x1c0 [ 447.275362][ T7744] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 447.281819][ T7744] ? kmsan_get_metadata+0x13e/0x1c0 [ 447.287147][ T7744] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 447.293139][ T7744] ? from_kgid+0x370/0x9a0 [ 447.297700][ T7744] ? capable_wrt_inode_uidgid+0x36b/0x4a0 [ 447.303553][ T7744] ? kmsan_get_metadata+0x13e/0x1c0 [ 447.308889][ T7744] hfsplus_rename+0x209/0x2e0 [ 447.313710][ T7744] ? __pfx_hfsplus_rename+0x10/0x10 [ 447.319014][ T7744] vfs_rename+0x1d9d/0x2280 [ 447.323659][ T7744] ? end_current_label_crit_section+0x124/0x2a0 [ 447.330067][ T7744] do_renameat2+0x18cc/0x1d50 [ 447.334887][ T7744] __ia32_sys_renameat2+0x14f/0x1f0 [ 447.340224][ T7744] ia32_sys_call+0x230f/0x40d0 [ 447.345142][ T7744] __do_fast_syscall_32+0xb0/0x110 [ 447.350413][ T7744] ? irqentry_exit+0x16/0x60 [ 447.355122][ T7744] do_fast_syscall_32+0x38/0x80 [ 447.360068][ T7744] do_SYSENTER_32+0x1f/0x30 [ 447.364658][ T7744] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 447.371125][ T7744] RIP: 0023:0xf7f83579 [ 447.375275][ T7744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 447.395003][ T7744] RSP: 002b:00000000f570655c EFLAGS: 00000206 ORIG_RAX: 0000000000000161 [ 447.403548][ T7744] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000380 [ 447.411613][ T7744] RDX: 0000000000000004 RSI: 0000000020000080 RDI: 0000000000000001 [ 447.419728][ T7744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 447.427804][ T7744] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 447.435864][ T7744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 447.443945][ T7744] [ 447.447215][ T7744] Kernel Offset: disabled [ 447.451606][ T7744] Rebooting in 86400 seconds..