Warning: Permanently added '10.128.1.57' (ED25519) to the list of known hosts. 2024/04/24 05:00:50 fuzzer started 2024/04/24 05:00:50 dialing manager at 10.128.0.163:30004 [ 19.057122][ T30] audit: type=1400 audit(1713934850.351:66): avc: denied { node_bind } for pid=281 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 19.060583][ T30] audit: type=1400 audit(1713934850.351:67): avc: denied { name_bind } for pid=281 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 19.301385][ T30] audit: type=1400 audit(1713934850.601:68): avc: denied { integrity } for pid=288 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 19.304891][ T288] cgroup: Unknown subsys name 'net' [ 19.323608][ T30] audit: type=1400 audit(1713934850.601:69): avc: denied { mounton } for pid=288 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 19.351123][ T30] audit: type=1400 audit(1713934850.601:70): avc: denied { mount } for pid=288 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.351303][ T288] cgroup: Unknown subsys name 'devices' [ 19.372975][ T30] audit: type=1400 audit(1713934850.631:71): avc: denied { unmount } for pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.570506][ T288] cgroup: Unknown subsys name 'hugetlb' [ 19.575998][ T288] cgroup: Unknown subsys name 'rlimit' [ 19.700677][ T30] audit: type=1400 audit(1713934851.001:72): avc: denied { mounton } for pid=288 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 19.725527][ T30] audit: type=1400 audit(1713934851.001:73): avc: denied { mount } for pid=288 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 19.748698][ T30] audit: type=1400 audit(1713934851.001:74): avc: denied { setattr } for pid=288 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 19.761097][ T290] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). 2024/04/24 05:00:51 code coverage: enabled 2024/04/24 05:00:51 comparison tracing: enabled 2024/04/24 05:00:51 extra coverage: enabled 2024/04/24 05:00:51 delay kcov mmap: mmap returned an invalid pointer 2024/04/24 05:00:51 setuid sandbox: enabled 2024/04/24 05:00:51 namespace sandbox: enabled 2024/04/24 05:00:51 Android sandbox: enabled 2024/04/24 05:00:51 fault injection: enabled 2024/04/24 05:00:51 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/24 05:00:51 net packet injection: enabled 2024/04/24 05:00:51 net device setup: enabled 2024/04/24 05:00:51 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/24 05:00:51 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/24 05:00:51 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/24 05:00:51 USB emulation: enabled 2024/04/24 05:00:51 hci packet injection: /dev/vhci does not exist 2024/04/24 05:00:51 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2024/04/24 05:00:51 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2024/04/24 05:00:51 swap file: enabled [ 19.780265][ T30] audit: type=1400 audit(1713934851.081:75): avc: denied { relabelto } for pid=290 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.808342][ T288] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/24 05:00:51 starting 5 executor processes [ 20.424686][ T300] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.431634][ T300] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.439076][ T300] device bridge_slave_0 entered promiscuous mode [ 20.459162][ T300] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.465999][ T300] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.473277][ T300] device bridge_slave_1 entered promiscuous mode [ 20.561058][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.567906][ T302] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.575226][ T302] device bridge_slave_0 entered promiscuous mode [ 20.590655][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.597497][ T302] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.604717][ T302] device bridge_slave_1 entered promiscuous mode [ 20.620740][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.627609][ T305] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.634909][ T305] device bridge_slave_0 entered promiscuous mode [ 20.649528][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.656366][ T305] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.663607][ T305] device bridge_slave_1 entered promiscuous mode [ 20.703051][ T306] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.709952][ T306] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.717088][ T306] device bridge_slave_0 entered promiscuous mode [ 20.736802][ T306] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.743668][ T306] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.750896][ T306] device bridge_slave_1 entered promiscuous mode [ 20.770892][ T303] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.777734][ T303] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.784948][ T303] device bridge_slave_0 entered promiscuous mode [ 20.792618][ T303] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.799498][ T303] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.806540][ T303] device bridge_slave_1 entered promiscuous mode [ 20.907077][ T300] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.913938][ T300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.921040][ T300] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.927807][ T300] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.963982][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.970844][ T305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.977912][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.984739][ T305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.997438][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.004325][ T302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.011420][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.018169][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.044977][ T306] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.051846][ T306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.058941][ T306] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.065810][ T306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.074202][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.081962][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.089548][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.096516][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.103617][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.110872][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.118859][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.127203][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.134223][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.162270][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.169478][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.176589][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.184747][ T321] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.191599][ T321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.198965][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.206847][ T321] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.213813][ T321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.221225][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.229076][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.260337][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.269516][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.277241][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.285245][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.293049][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.301144][ T321] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.308057][ T321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.320504][ T305] device veth0_vlan entered promiscuous mode [ 21.341107][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.349682][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.357308][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.365048][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.372423][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.380454][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.387575][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.395736][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.402593][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.409757][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.417643][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.424409][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.431812][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.439779][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.446594][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.453775][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.461461][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.469191][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.477420][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.484670][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.497158][ T305] device veth1_macvtap entered promiscuous mode [ 21.510370][ T300] device veth0_vlan entered promiscuous mode [ 21.521011][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.529262][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.536949][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.544870][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.562931][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.570992][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.579214][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.587205][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.595422][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.603728][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program 2: mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r0, 0x8208200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380), 0x1, 0x0, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) [ 21.613711][ T306] device veth0_vlan entered promiscuous mode [ 21.625489][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.633478][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.644845][ T300] device veth1_macvtap entered promiscuous mode [ 21.655556][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready executing program 2: r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x400}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x8}}}}}}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x5, 0x0, &(0x7f0000000500)) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000005c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20, 0x80, 0x1c, {0x0, 0x0, 0xe405}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) [ 21.672354][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.680469][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.688456][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.697107][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.704583][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.712768][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.720912][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.728818][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.740000][ T302] device veth0_vlan entered promiscuous mode [ 21.753042][ T306] device veth1_macvtap entered promiscuous mode [ 21.759558][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.766948][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.774727][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.782457][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.790553][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.798602][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.806665][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.814895][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.822369][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.843210][ T302] device veth1_macvtap entered promiscuous mode [ 21.860954][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.868251][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.875619][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 21.884540][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.892884][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.899741][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.906869][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.915099][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.923132][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.929984][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.937215][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.945212][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.953245][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.960703][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.968661][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.976844][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.985205][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.993025][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 22.000724][ T323] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 22.008185][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) [ 22.027056][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 22.035008][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.043453][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.052124][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.060327][ T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008aec1, &(0x7f0000000040)=ANY=[@ANYRES64]) [ 22.085793][ T303] device veth0_vlan entered promiscuous mode [ 22.099668][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.108055][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.116448][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.124861][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = syz_open_pts(r0, 0x0) read(r0, 0x0, 0xd) timer_create(0x0, &(0x7f00000012c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) dup2(r1, r0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x6, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") chdir(&(0x7f0000000240)='./file0\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x4000, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f0000000b00)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) truncate(&(0x7f0000000040)='./file0\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x2000) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x0, 0x989680}}, 0x0) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000000)) r3 = gettid() tkill(r3, 0x14) [ 22.138893][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.147502][ T335] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 22.164033][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000020000000000000004b64ffec850000007d000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) poll(0x0, 0x0, 0xffffffffffbffff8) timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r1, 0x0, &(0x7f0000000300)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x3, 0x4, 0x1, 0x0, r2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r3}, &(0x7f0000000840), &(0x7f0000000880)=r2}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r3, &(0x7f0000000d40), 0x0}, 0x20) [ 22.184306][ T303] device veth1_macvtap entered promiscuous mode [ 22.193919][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 22.203520][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 22.211571][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.221962][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.230354][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xffe, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f00000001c0), &(0x7f0000000200)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) [ 22.251176][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.267355][ T343] loop3: detected capacity change from 0 to 2048 [ 22.273913][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 22.283132][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.291595][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.368870][ T323] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 22.386696][ T323] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 22.388377][ T343] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 22.413291][ T343] ext4 filesystem being mounted at /root/syzkaller-testdir791737885/syzkaller.xazu0j/0/file0 supports timestamps until 2038 (0x7fffffff) [ 22.443354][ T343] fs-verity: sha512 using implementation "sha512-avx2" executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) pipe(0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000006c000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030069705f7674693000000000000000000018003480080035"], 0x4c}}, 0x0) executing program 1: ftruncate(0xffffffffffffffff, 0x0) unshare(0x2040400) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0) executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10) utimes(&(0x7f0000000280)='./file0\x00', 0x0) [ 22.578909][ T323] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 22.595539][ T323] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 22.605885][ T323] usb 3-1: Product: syz [ 22.613167][ T323] usb 3-1: Manufacturer: syz [ 22.617650][ T323] usb 3-1: SerialNumber: syz executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) times(0x0) executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0) executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0) executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='ext4_da_write_pages_extent\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='ext4_da_write_pages_extent\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f00000000c0), 0x12) ioctl$SIOCSIFHWADDR(r3, 0x4030582b, &(0x7f0000000980)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='ext4_remove_blocks\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='ext4_remove_blocks\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f00000000c0), 0x12) ioctl$SIOCSIFHWADDR(r3, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000a61a7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x3, 0x0, r1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, r2}, 0x38) executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) pipe(0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000006c000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030069705f7674693000000000000000000018003480080035"], 0x4c}}, 0x0) executing program 4: bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) socket$inet6_udp(0xa, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) pipe2(0x0, 0x0) syz_io_uring_setup(0x24fa, 0x0, 0x0, 0x0) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000080)={'veth1_macvtap\x00'}) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000408a25886a0000000000010902a4000100000000090400000103000000092100000001220b0009058103"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB='\x00\"h'], 0x0}, 0x0) executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c000000070000000000000002000006040000000500000000ffffff7f00000000000000000000000061"], 0x0, 0x3b}, 0x20) executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x20000000000003c9, &(0x7f0000000040)=[{}]}) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000001880)={[{@dmask={'dmask', 0x3d, 0x4}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@dmask={'dmask', 0x3d, 0x2}}, {}, {@errors_continue}, {}, {@errors_remount}, {@gid}, {@namecase}]}, 0x1, 0x1517, &(0x7f0000000340)="$eJzs3Au8TlW3MPAx5pyLTdKT5JY55lg8yWWSJLkk5JIkSZLklpAkSRKSW25JSJLckuSetHOLndzv93uSHEmShIQk8/upt9fp9PV5z3nf7/Ods8f/91vMsdczxjPnM/Z6nrXWb+/9bcchVetXq1SXmeGfgr/91wMAUgCgPwBcBQARAJTMVjLbhf2ZNPb4555E/Gs9MPVyz0BcTtL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2alvtq2dLv9o/f/3f/591y//+/Ifn8/x/rHzrSpP/pm/Q/fZP+p2/S//RN+p++Sf/TN+l/+ib9FyI9u9z3n/8bbL+/VJd7HpfYov9S3uX97hNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkV6cCRcZAPh9fLnnJYQQQgghhBBCiH+dkPFyz0AIIYQQQgghhBD/9yGA0WAgggyQEVIgE2SGKyALXAlZ4SpIwNWQDa6B7HAt5ICckAtyQx64DvKCBQIHDDHkg/yQhBAAboCCUAgKQxHwUBSKwY1QHG6CEnAzlITU+QC3QmkoA2WhHNwG5eF2qAAVoRLcAZWhClSFanAnVIe7oAbcDTXhHqgF90JtuA/qwP1QFx6AevAg1IeHoAE8DA2hETSGJtD0v5T/PHSFF6AbdIce0BN6wYvQG/pAX+gH/eElGAAvw0B4BQbBYBgCr8JQeA2GweswHN6AEfAmjIRRMBrGwFh4C8bB2zAe3oEJ8C5MhEkwGabAVJgG0+E9mAHvw0z4AFIRYBbMhjkwF+bBRzAfFkAafAwL4RNYBIthCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wM6Ku+BT2A2fwR74HPbCF//J/NPwx/xOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwByYC3NhHsyDeTEvEhIyMubDfJjEJBbAAlgQC2JhLIwePRbDYlgcb8ISWAJLYkkshaWwNJbBMlgOy2F5LI8VsAJWunU2AFbGqlgV78Q78S6sgTWwJtbEWlgLa2NtrIN1sC7WxXpYD+tjfWyADbAhNsTG2BibYlNshs2wOTbHltgSW2ErbI2tsQ22wbbYFtthO2yP7bEDdsCO2BE7YWfsjM/j8/gCvoDdsbLqib2wF/bG3tgX+2E/fAkH4Mv4Mr6Cg3AwDsFX8VV8DYfhKRyOb+AIHIHl1SgcjWOQ1Vs4DsfheByPE3ACTsRJOAmn4FSchtNxOs7A9/HCEZaKH+KHOBtn41ych/NwPi7ANEzDhXgaF+FiXIJLcRkux2W4ElfhSlyDa3ENrsf1uBE34mbcjFtxK27H7bgTd+Kn+Cl+hp/hINyLe3Ef7sP9uB8P4AE8iAfxEB7afAUAHsEjeBSP4jE8jifwOJ7Ek3gKT+MZPINn8Syew2fzfF1vZ6HVg0BdYJRRGVQGlaJSVGaVWWVRWVRWlVUlVEJlU9lUdpVd5VA5VC6VS+VReVRelVeRIsUqVvlUPpVUSVVAFVAFVUFVWBVWXnlVTBVTxVVxVUKVUCXVLaqUulWVVmVUC19OlVPlVUtfQVVUlVQlVVlVUVVVNVVNVVfVVQ1VQ9VUNVUtVUvVVvepOqon9sUH1IXO1FeDsYEagg1VI9VYNVGv4SOqmRqGzVUL1VI9pt7A4dhaNfNt1JOqrRqN7dTTKb+/0XVUz6lOqrPqop5XXVVz3011VxOxp+qlpmBv1Uf1Vf3UDKyiPsBUrKpeUYPUYDVEvarm4mtqmHpdDVdvqBHqTTVSjVKj1Rg1Vr2lxqm31Xj1jpqg3lUT1SQ1WU1RU9U0NV29p2ao99VM9YFKVR+qWWq2mqPmqnnqIzVfLVBp6mO1UH2iFqnFaolaqpap5WqFWqlWqdVqjVqr1qn1aoPaqDapzWqL2qq2qe1qh9qpdqlP1W71mdqjPld71Rfqwvv3fvWlOqC+UgfV1+qQ+kYdVt+qI+o7dVR1V8fUcXVC/aBOqh/VKXVanVE/qbPqZ3VO/aLOq6BAo1Zaa6MjnUFn1Ck6k86sr9BZ9JU6q75KJ/TVOpu+RmfX1+ocOqfOpXPrPPo6nVdbTdpp1rHOp/PrpL5eF9A36IK6kC6si2ivi+pi+kZdXN+kS+ibdUl9iy6lb9WldRldVpfTt+ny+nZdQVfUlfQdurKuoqvqavpOXV3fpWvou3VNfY+upe/VtfV9uo6+X9fVD+h6+kFdXz+kG+iHdUPdSDfWTXRT/Yhuph/VzXUL3VI/plvpx3Vr/YRuo5/UbfVTup1+WrfXz+gO+lndUT+nO+nOuov+RZ/XQXfT3XUP3VP30i/q3rqP7qv76f76JT1Av6wH6lf0ID1YDxnwqh6qX9PD9Ot6uH5Dj9Bv6pF6lB6tx+ix+i09Tr+tx+t39AT9rp6oJ+nJOiNM1dN0379Vmqkvnf/OH/Kn6Av5A3999o16k96st+itepvernfonXqX3qV36916j96j9+q9ep/ep/fr/fqAPqAP6oP6kD6kD+vD+og+oo/qo/qYPq5/0j/ok/pHfUqf1qf1T/qsPqvP/e01AINGGW2MiUwGk9GkmEwms7nCZDFXmqzmKpMwV5ts5hqT3VxrcpicJpfJbfKY60xeYw0ZZ9jEJp/Jb5LmelPA3GAKmkKmsClivClqipkbTcIg/DP5fzG/pZN/O6ZNU9PUNDPNTHPT3LQ0LU0r08q0Nq1NG9PGtDVtTTvTzrQ37U0H08F0NB1NJ9PJdDFdTFfT1XRDMD1MD9PLvGh6mz6mr+ln+puXzAAzwAw0A80gM8gMMUPMUDPUDDPDzHAz3BgAGGlGmtFmtBlrxppxZpwZb8abCWaCmWgmmslmsplqpprpZrqZYWaYmWamSTWpZpaZZeaYOWaemWfmm/kmzaSZhWahWWQWm8VmqVlqlpvlZqVZaVab1WatWWvWm/VmkdlkNpktZovZZraZHWaH2WV2md1mt9lj9pi9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmRPmhDlpTppT5pQ5Y86Ys+asOWfOmfPm/IXTvkhFKjKRiTJEGaKUKCXKHGWOskRZoqxR1igRJaJsUbYoe3RtlCPKGeWKckd5ouuivJGNKHIRR3GUL8ofJaProwLRDVHBqFBUOCoS+ahoVCy6MSoe3RSViG6OSka3RKWiW6PSUZmobFQuui0qH90eVYgqRpWiO6LKUZWoalQtujOqHt0V1YjujmpG90S1onuj2tF9UZ3o/qhu9EBUL3owqh89FDWIHo4aRo2ixlGTqOm/tH4Ip3I+6rvZ7jYj9LS97Iu2t+1j+9p+tr99yQ6wL9uB9hU7yA62Q+yrdqh9zQ6zr9vh9g07wr5pR9pRdrQdY8fat+w4+7Ydb9+xE+y7dqKdZCfbKXaqnWan2/fsDPu+nWk/sKn2QzvLzrZz7Fw7z35k59sFNs1+bBfaT+wiu9gusUvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Ta73e6wO+0u+6ndbT+ze+zndq/9wu6zv3/sfWUP2q/tIfuNPWy/tUfsd/ao/d4es8ftCfuDPWl/tKfsaXvG/mTP2p/tOfuLPW/DhZP7Cx/vZMhQBspAKZRCmSkzZaEslJWyUoISlI2yUXbKTjkoB+WiXJSH8lBeyksXMDHlo3yUpCQVoAJUkApSYSpMnjwVo2JUnIpTCSpBJakklaJSVJpKU1kqS7fRbXQ73U4VqSLdQXdQFapC1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUgBpQQ2pIjakxNaWm1IyaUXNqTi2pJbWiVtSaWlMbakNtqS21o3bUntpTB+pAHakjdaJO1IW6UFfqSt2oG/WgHtSLelFv6k19qS/1p/40gAbQQBpIg2gQDaEhNJSG0jAaRsPpDRpBb9JIGkWjaQyNpbdoHI2j8TSeJtAEmkgTaTJNpqk0labTdJpBM2gmzaRUSqVZNIvm0ByaR/NoPs2nNEqjhbSQFtEiWkJLaBktoxW0glbRKlpDa2gdraMNtIE20SbaQltoG22jHbSDdtEu2k27aQ/tob20l/bRPtpP++kAHaCDdJAO0SE6TIfpCB2ho3SUjtExOkEn6CSdpFN0is7QGTpLP9M5+oXOU6AUl8lldle4LO5Kl9Vd5f5jnMvldnncdS6vsy6Hy/mHmJxzBV0hV9gVcd4VdcXcjX+KS7syrqwr525z5d3trsKf4uqrtv32g+juHlfN3emqu7tcDXe3q+nucbXcva62e8jVcQ+7uq6Rq+eauPruIdfAPewaukausWviWrnHXWv3hGvjnnRt3VN/iue7BW6VW+3WuLVut/vMnXE/ucPuW3fW/ey6ue6uv3vJDXAvu4HuFTfIDf5TPMK96Ua6UW60G+PGurf+FE92U9xUN81Nd++5Ge79P8Xz3Ecu1aW5WW62m+Pm/hpfmFOa+9gtdJ+4RW6xW+KWumVuuVvhVv59rkvderfBbXS73Kdui9vqtrntbofb+Wt8YR173Odur/vCHXLfuP3uS3fAHXEH3de/xhfWd8R95466790xd9ydcD+4k+5Hd8qd/nX9F9b+g/vFnXfBASMr1mw44gyckVM4E2fmKzgLX8lZ+SpO8NWcja/h7Hwt5+CcnItzcx6+jvOyZWLHzDHn4/yc5Ou5AN/ABbkQF+Yi7LkoF+MbuTjfxCX4Zi7Jt3ApvpVLcxkuy+X4Ni7Pt3MFrsiV+A6uzFW4KlfjO7k638U1+G6uyfdwLb6Xa/N9XIfv57r8ANfjB7k+P8QN+GFuyI24MTfhpvwIN+NHuTm34Jb8GLfix7k1P8Ft+Eluy09xO36a2/Mz3IGf5Y78HHfiztyFn+eu/AJ34+7cg3tyL36Re3Mf7sv9uD+/xAP4ZR7Ir/AgHsxD+FUeyq/xMH6dh/MbPILf5JE8ikfzGB7Lb/E4fpvH8zs8gd/liTyJJ/MUnsrTeDq/xzP4fZ7JH3Aqf8izeDbP4bk8jz/i+byA0/hjXsif8CJezEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grI2/nHbyTd/GnvJs/4z38Oe/lL3gf/xvv5y/5AH/FB/lrPsTf8GH+lo/wd3yUv+djfJxP8A98kn/kU3yaz/BPfJZ/5nP8C5/nwBBjrGIdmziKM8QZ45Q4U5w5viLOEl8ZZ42vihPx1XG2+Jo4e3xtnCPOGeeKc8d54uvivLGNKXYxx3GcL84fJ+Pr4wLxDXHBuFBcOC4S+7hoXCy+MS4e3xSXiG+OS8a3xKXiW+PScZn4oXvKxbfF5ePb4wpxxbhSfEdcOa4SV42rxXfG1eO74hrx3XHN+J64RHxvXDu+L64T3x/XhQfievGDcf34obhB/HDcMG4UN46bxE3jR+Jm8aNx87hF3DJ+LG4VPx63jp+I28RPxm3jpy65v0fcM+4Vvxi/GIdwt56TnJucl/woOT+5IJmW/Di5MPlJclFycXJJcmlyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmMyhGoZwaNXXnvjI5/BZ/QpPpPP7K/wWfyVPqu/yif81T6bv8Zn99f6HD6nz+Vz+zz+Op/XW0/eefaxz+fz+6S/3hfwN/iCvpAv7It474v6Yr6Jb+qb+mb+Ud/ct/At/WP+Mf+4f9w/4Z/wT/q2/infzj/t2/tnfAf/rH/WP+c7+c6+i3/ed/Uv+G6+u+/he/hevpfv7Xv7vr6v7+/7+wF+gB/oB/pBfpAf4of4oX6oH+aH+eF+uB/hR/iRfqQf7Uf7sX6sH+fH+fF+vJ/gJ/iJfqKf7Cf7qX6qn+6n+xl+hp/pZ/rUgql+lp/l5/g5fp6f5+f7+T7Np/mFfqFf5Bf5JX6JX+aX+RV+hV/lV/k1fo1f59f5DX6D3+Q3+S1+i9/mt/kdfoff5Xf53X633+P3+L1+r9/n950Jfr8/4L/yB/3X/pD/xh/23/oj/jt/1H/vj/nj/oT/wZ/0P/pT/rQ/43/yZ/3P/pz/xZ/3wY9LvJ0Yn3gnMSHxbmJiYlJicmJKYmpiWmJ64r3EjMT7iZmJDxKpiQ8TsxKzE3MScxPzEh8l5icWJNISHycWJj5JLEosTixJLE0sSyxPhHDdljjkC/lDMlwfCoQbQsFQKBQORYIPRUOxcGMoHm4KJcLNoWS4JZQKt4bSoUwoGx4ODUOj0Dg0CU3DI6FZeDQ0Dy1Cy/BYaBUeD63DE6FNeDK0DU+FduHp0D48EzqEZ0PH8FzoFDqHLuH50DW8ELoFHXqEnqFXeDH0Dn1C39Av9A8vhQHh5TAwvBIGhcFhSHg1DA2vhWHh9TA8IIwIb4aRYVQYHcYUaDnr6Qsni2F8eCdMCO+GiWFSmBymhKlhWpge3gszwvthZvggpIYPw6wwO8wJc8O88FGYHxaEtPBxWBg+CYvC4rAkLA2QsjysCCvDqrA6rAlrw7qwPmwIG8OmsDlsCVvDtrA97Ag7w67wadgdPgt7wudhb/gi7Av/FvaHL8OB8FU4GL4Oh8I34XD4NhwJ34Wj4ftwLBwPJ8IP4WT4MZwKp8OZ8FM4G34O58IvPc7L76wJIYQQQvxD9CX29/xDpP7+r/rbV3oBwJVbcx/8jzXX5fht3EflaZUAgCe7d3zg961y5R49evztsYs0RPlnA0DiYn4GuBgvhpbwOLSBFlD8fzu/PqrzWb5E/eQtAJn/XU4KXIwv1r/pL+qPSr1k/dkABfNfzMkEF+OL9Uv8qXb0a/2czS5RP9OX4wCa/7u8LHAxvli/GDwKT0GbPzxSCCGEEEIIIYT4TR9Vtv2lrm8vXJ/nMRdzMsLF+FLX50IIIYQQQgghhLj8nunc5YlH2rRp0f4vBhX/epcM0ssgw/8f07gcg0seIP+ZAcDlXs7fBwjw6y2+v37M5X5nEkIIIYQQQvyrXTzpv9wzEUIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQggh0q//F39y7HKvUQghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhLjc/lcAAAD//1YAItA=") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) [ 22.771942][ T383] loop1: detected capacity change from 0 to 256 [ 22.799434][ T383] exfat: Deprecated parameter 'utf8' [ 22.805026][ T383] exfat: Deprecated parameter 'namecase' executing program 1: sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0) executing program 1: syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000000c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000140)={'#! ', './file0'}, 0xb) write$cgroup_pressure(r0, &(0x7f00000001c0)={'some'}, 0x2f) [ 22.834387][ T383] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f3f, chksum : 0xf1b3ac68, utbl_chksum : 0xe619d30d) [ 22.859323][ T330] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 22.890453][ T387] loop1: detected capacity change from 0 to 512 [ 22.920650][ T387] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_INIT(r2, &(0x7f0000000380)={0x50}, 0x50) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) [ 22.936510][ T387] ext4 filesystem being mounted at /root/syzkaller-testdir3472849816/syzkaller.lNVdz7/11/bus supports timestamps until 2038 (0x7fffffff) executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) pipe(0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000006c000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030069705f7674693000000000000000000018003480080035"], 0x4c}}, 0x0) executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='qdisc_create\x00', r0}, 0x28) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) times(0x0) executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x20000000000003c9, &(0x7f0000000040)=[{}]}) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000001880)={[{@dmask={'dmask', 0x3d, 0x4}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@dmask={'dmask', 0x3d, 0x2}}, {}, {@errors_continue}, {}, {@errors_remount}, {@gid}, {@namecase}]}, 0x1, 0x1517, &(0x7f0000000340)="$eJzs3Au8TlW3MPAx5pyLTdKT5JY55lg8yWWSJLkk5JIkSZLklpAkSRKSW25JSJLckuSetHOLndzv93uSHEmShIQk8/upt9fp9PV5z3nf7/Ods8f/91vMsdczxjPnM/Z6nrXWb+/9bcchVetXq1SXmeGfgr/91wMAUgCgPwBcBQARAJTMVjLbhf2ZNPb4555E/Gs9MPVyz0BcTtL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2alvtq2dLv9o/f/3f/591y//+/Ifn8/x/rHzrSpP/pm/Q/fZP+p2/S//RN+p++Sf/TN+l/+ib9FyI9u9z3n/8bbL+/VJd7HpfYov9S3uX97hNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkV6cCRcZAPh9fLnnJYQQQgghhBBCiH+dkPFyz0AIIYQQQgghhBD/9yGA0WAgggyQEVIgE2SGKyALXAlZ4SpIwNWQDa6B7HAt5ICckAtyQx64DvKCBQIHDDHkg/yQhBAAboCCUAgKQxHwUBSKwY1QHG6CEnAzlITU+QC3QmkoA2WhHNwG5eF2qAAVoRLcAZWhClSFanAnVIe7oAbcDTXhHqgF90JtuA/qwP1QFx6AevAg1IeHoAE8DA2hETSGJtD0v5T/PHSFF6AbdIce0BN6wYvQG/pAX+gH/eElGAAvw0B4BQbBYBgCr8JQeA2GweswHN6AEfAmjIRRMBrGwFh4C8bB2zAe3oEJ8C5MhEkwGabAVJgG0+E9mAHvw0z4AFIRYBbMhjkwF+bBRzAfFkAafAwL4RNYBIthCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wM6Ku+BT2A2fwR74HPbCF//J/NPwx/xOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwByYC3NhHsyDeTEvEhIyMubDfJjEJBbAAlgQC2JhLIwePRbDYlgcb8ISWAJLYkkshaWwNJbBMlgOy2F5LI8VsAJWunU2AFbGqlgV78Q78S6sgTWwJtbEWlgLa2NtrIN1sC7WxXpYD+tjfWyADbAhNsTG2BibYlNshs2wOTbHltgSW2ErbI2tsQ22wbbYFtthO2yP7bEDdsCO2BE7YWfsjM/j8/gCvoDdsbLqib2wF/bG3tgX+2E/fAkH4Mv4Mr6Cg3AwDsFX8VV8DYfhKRyOb+AIHIHl1SgcjWOQ1Vs4DsfheByPE3ACTsRJOAmn4FSchtNxOs7A9/HCEZaKH+KHOBtn41ych/NwPi7ANEzDhXgaF+FiXIJLcRkux2W4ElfhSlyDa3ENrsf1uBE34mbcjFtxK27H7bgTd+Kn+Cl+hp/hINyLe3Ef7sP9uB8P4AE8iAfxEB7afAUAHsEjeBSP4jE8jifwOJ7Ek3gKT+MZPINn8Syew2fzfF1vZ6HVg0BdYJRRGVQGlaJSVGaVWWVRWVRWlVUlVEJlU9lUdpVd5VA5VC6VS+VReVRelVeRIsUqVvlUPpVUSVVAFVAFVUFVWBVWXnlVTBVTxVVxVUKVUCXVLaqUulWVVmVUC19OlVPlVUtfQVVUlVQlVVlVUVVVNVVNVVfVVQ1VQ9VUNVUtVUvVVvepOqon9sUH1IXO1FeDsYEagg1VI9VYNVGv4SOqmRqGzVUL1VI9pt7A4dhaNfNt1JOqrRqN7dTTKb+/0XVUz6lOqrPqop5XXVVz3011VxOxp+qlpmBv1Uf1Vf3UDKyiPsBUrKpeUYPUYDVEvarm4mtqmHpdDVdvqBHqTTVSjVKj1Rg1Vr2lxqm31Xj1jpqg3lUT1SQ1WU1RU9U0NV29p2ao99VM9YFKVR+qWWq2mqPmqnnqIzVfLVBp6mO1UH2iFqnFaolaqpap5WqFWqlWqdVqjVqr1qn1aoPaqDapzWqL2qq2qe1qh9qpdqlP1W71mdqjPld71Rfqwvv3fvWlOqC+UgfV1+qQ+kYdVt+qI+o7dVR1V8fUcXVC/aBOqh/VKXVanVE/qbPqZ3VO/aLOq6BAo1Zaa6MjnUFn1Ck6k86sr9BZ9JU6q75KJ/TVOpu+RmfX1+ocOqfOpXPrPPo6nVdbTdpp1rHOp/PrpL5eF9A36IK6kC6si2ivi+pi+kZdXN+kS+ibdUl9iy6lb9WldRldVpfTt+ny+nZdQVfUlfQdurKuoqvqavpOXV3fpWvou3VNfY+upe/VtfV9uo6+X9fVD+h6+kFdXz+kG+iHdUPdSDfWTXRT/Yhuph/VzXUL3VI/plvpx3Vr/YRuo5/UbfVTup1+WrfXz+gO+lndUT+nO+nOuov+RZ/XQXfT3XUP3VP30i/q3rqP7qv76f76JT1Av6wH6lf0ID1YDxnwqh6qX9PD9Ot6uH5Dj9Bv6pF6lB6tx+ix+i09Tr+tx+t39AT9rp6oJ+nJOiNM1dN0379Vmqkvnf/OH/Kn6Av5A3999o16k96st+itepvernfonXqX3qV36916j96j9+q9ep/ep/fr/fqAPqAP6oP6kD6kD+vD+og+oo/qo/qYPq5/0j/ok/pHfUqf1qf1T/qsPqvP/e01AINGGW2MiUwGk9GkmEwms7nCZDFXmqzmKpMwV5ts5hqT3VxrcpicJpfJbfKY60xeYw0ZZ9jEJp/Jb5LmelPA3GAKmkKmsClivClqipkbTcIg/DP5fzG/pZN/O6ZNU9PUNDPNTHPT3LQ0LU0r08q0Nq1NG9PGtDVtTTvTzrQ37U0H08F0NB1NJ9PJdDFdTFfT1XRDMD1MD9PLvGh6mz6mr+ln+puXzAAzwAw0A80gM8gMMUPMUDPUDDPDzHAz3BgAGGlGmtFmtBlrxppxZpwZb8abCWaCmWgmmslmsplqpprpZrqZYWaYmWamSTWpZpaZZeaYOWaemWfmm/kmzaSZhWahWWQWm8VmqVlqlpvlZqVZaVab1WatWWvWm/VmkdlkNpktZovZZraZHWaH2WV2md1mt9lj9pi9Zq/ZZ/aZ/Wa/OWAOmIPmoDlkDpnD5rA5Yo6Yo+aoOWaOmRPmhDlpTppT5pQ5Y86Ys+asOWfOmfPm/IXTvkhFKjKRiTJEGaKUKCXKHGWOskRZoqxR1igRJaJsUbYoe3RtlCPKGeWKckd5ouuivJGNKHIRR3GUL8ofJaProwLRDVHBqFBUOCoS+ahoVCy6MSoe3RSViG6OSka3RKWiW6PSUZmobFQuui0qH90eVYgqRpWiO6LKUZWoalQtujOqHt0V1YjujmpG90S1onuj2tF9UZ3o/qhu9EBUL3owqh89FDWIHo4aRo2ixlGTqOm/tH4Ip3I+6rvZ7jYj9LS97Iu2t+1j+9p+tr99yQ6wL9uB9hU7yA62Q+yrdqh9zQ6zr9vh9g07wr5pR9pRdrQdY8fat+w4+7Ydb9+xE+y7dqKdZCfbKXaqnWan2/fsDPu+nWk/sKn2QzvLzrZz7Fw7z35k59sFNs1+bBfaT+wiu9gusUvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Ta73e6wO+0u+6ndbT+ze+zndq/9wu6zv3/sfWUP2q/tIfuNPWy/tUfsd/ao/d4es8ftCfuDPWl/tKfsaXvG/mTP2p/tOfuLPW/DhZP7Cx/vZMhQBspAKZRCmSkzZaEslJWyUoISlI2yUXbKTjkoB+WiXJSH8lBeyksXMDHlo3yUpCQVoAJUkApSYSpMnjwVo2JUnIpTCSpBJakklaJSVJpKU1kqS7fRbXQ73U4VqSLdQXdQFapC1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUgBpQQ2pIjakxNaWm1IyaUXNqTi2pJbWiVtSaWlMbakNtqS21o3bUntpTB+pAHakjdaJO1IW6UFfqSt2oG/WgHtSLelFv6k19qS/1p/40gAbQQBpIg2gQDaEhNJSG0jAaRsPpDRpBb9JIGkWjaQyNpbdoHI2j8TSeJtAEmkgTaTJNpqk0labTdJpBM2gmzaRUSqVZNIvm0ByaR/NoPs2nNEqjhbSQFtEiWkJLaBktoxW0glbRKlpDa2gdraMNtIE20SbaQltoG22jHbSDdtEu2k27aQ/tob20l/bRPtpP++kAHaCDdJAO0SE6TIfpCB2ho3SUjtExOkEn6CSdpFN0is7QGTpLP9M5+oXOU6AUl8lldle4LO5Kl9Vd5f5jnMvldnncdS6vsy6Hy/mHmJxzBV0hV9gVcd4VdcXcjX+KS7syrqwr525z5d3trsKf4uqrtv32g+juHlfN3emqu7tcDXe3q+nucbXcva62e8jVcQ+7uq6Rq+eauPruIdfAPewaukausWviWrnHXWv3hGvjnnRt3VN/iue7BW6VW+3WuLVut/vMnXE/ucPuW3fW/ey6ue6uv3vJDXAvu4HuFTfIDf5TPMK96Ua6UW60G+PGurf+FE92U9xUN81Nd++5Ge79P8Xz3Ecu1aW5WW62m+Pm/hpfmFOa+9gtdJ+4RW6xW+KWumVuuVvhVv59rkvderfBbXS73Kdui9vqtrntbofb+Wt8YR173Odur/vCHXLfuP3uS3fAHXEH3de/xhfWd8R95466790xd9ydcD+4k+5Hd8qd/nX9F9b+g/vFnXfBASMr1mw44gyckVM4E2fmKzgLX8lZ+SpO8NWcja/h7Hwt5+CcnItzcx6+jvOyZWLHzDHn4/yc5Ou5AN/ABbkQF+Yi7LkoF+MbuTjfxCX4Zi7Jt3ApvpVLcxkuy+X4Ni7Pt3MFrsiV+A6uzFW4KlfjO7k638U1+G6uyfdwLb6Xa/N9XIfv57r8ANfjB7k+P8QN+GFuyI24MTfhpvwIN+NHuTm34Jb8GLfix7k1P8Ft+Eluy09xO36a2/Mz3IGf5Y78HHfiztyFn+eu/AJ34+7cg3tyL36Re3Mf7sv9uD+/xAP4ZR7Ir/AgHsxD+FUeyq/xMH6dh/MbPILf5JE8ikfzGB7Lb/E4fpvH8zs8gd/liTyJJ/MUnsrTeDq/xzP4fZ7JH3Aqf8izeDbP4bk8jz/i+byA0/hjXsif8CJezEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grI2/nHbyTd/GnvJs/4z38Oe/lL3gf/xvv5y/5AH/FB/lrPsTf8GH+lo/wd3yUv+djfJxP8A98kn/kU3yaz/BPfJZ/5nP8C5/nwBBjrGIdmziKM8QZ45Q4U5w5viLOEl8ZZ42vihPx1XG2+Jo4e3xtnCPOGeeKc8d54uvivLGNKXYxx3GcL84fJ+Pr4wLxDXHBuFBcOC4S+7hoXCy+MS4e3xSXiG+OS8a3xKXiW+PScZn4oXvKxbfF5ePb4wpxxbhSfEdcOa4SV42rxXfG1eO74hrx3XHN+J64RHxvXDu+L64T3x/XhQfievGDcf34obhB/HDcMG4UN46bxE3jR+Jm8aNx87hF3DJ+LG4VPx63jp+I28RPxm3jpy65v0fcM+4Vvxi/GIdwt56TnJucl/woOT+5IJmW/Di5MPlJclFycXJJcmlyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmMyhGoZwaNXXnvjI5/BZ/QpPpPP7K/wWfyVPqu/yif81T6bv8Zn99f6HD6nz+Vz+zz+Op/XW0/eefaxz+fz+6S/3hfwN/iCvpAv7It474v6Yr6Jb+qb+mb+Ud/ct/At/WP+Mf+4f9w/4Z/wT/q2/infzj/t2/tnfAf/rH/WP+c7+c6+i3/ed/Uv+G6+u+/he/hevpfv7Xv7vr6v7+/7+wF+gB/oB/pBfpAf4of4oX6oH+aH+eF+uB/hR/iRfqQf7Uf7sX6sH+fH+fF+vJ/gJ/iJfqKf7Cf7qX6qn+6n+xl+hp/pZ/rUgql+lp/l5/g5fp6f5+f7+T7Np/mFfqFf5Bf5JX6JX+aX+RV+hV/lV/k1fo1f59f5DX6D3+Q3+S1+i9/mt/kdfoff5Xf53X633+P3+L1+r9/n950Jfr8/4L/yB/3X/pD/xh/23/oj/jt/1H/vj/nj/oT/wZ/0P/pT/rQ/43/yZ/3P/pz/xZ/3wY9LvJ0Yn3gnMSHxbmJiYlJicmJKYmpiWmJ64r3EjMT7iZmJDxKpiQ8TsxKzE3MScxPzEh8l5icWJNISHycWJj5JLEosTixJLE0sSyxPhHDdljjkC/lDMlwfCoQbQsFQKBQORYIPRUOxcGMoHm4KJcLNoWS4JZQKt4bSoUwoGx4ODUOj0Dg0CU3DI6FZeDQ0Dy1Cy/BYaBUeD63DE6FNeDK0DU+FduHp0D48EzqEZ0PH8FzoFDqHLuH50DW8ELoFHXqEnqFXeDH0Dn1C39Av9A8vhQHh5TAwvBIGhcFhSHg1DA2vhWHh9TA8IIwIb4aRYVQYHcYUaDnr6Qsni2F8eCdMCO+GiWFSmBymhKlhWpge3gszwvthZvggpIYPw6wwO8wJc8O88FGYHxaEtPBxWBg+CYvC4rAkLA2QsjysCCvDqrA6rAlrw7qwPmwIG8OmsDlsCVvDtrA97Ag7w67wadgdPgt7wudhb/gi7Av/FvaHL8OB8FU4GL4Oh8I34XD4NhwJ34Wj4ftwLBwPJ8IP4WT4MZwKp8OZ8FM4G34O58IvPc7L76wJIYQQQvxD9CX29/xDpP7+r/rbV3oBwJVbcx/8jzXX5fht3EflaZUAgCe7d3zg961y5R49evztsYs0RPlnA0DiYn4GuBgvhpbwOLSBFlD8fzu/PqrzWb5E/eQtAJn/XU4KXIwv1r/pL+qPSr1k/dkABfNfzMkEF+OL9Uv8qXb0a/2czS5RP9OX4wCa/7u8LHAxvli/GDwKT0GbPzxSCCGEEEIIIYT4TR9Vtv2lrm8vXJ/nMRdzMsLF+FLX50IIIYQQQgghhLj8nunc5YlH2rRp0f4vBhX/epcM0ssgw/8f07gcg0seIP+ZAcDlXs7fBwjw6y2+v37M5X5nEkIIIYQQQvyrXTzpv9wzEUIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQggh0q//F39y7HKvUQghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhLjc/lcAAAD//1YAItA=") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) [ 23.015949][ T391] overlayfs: statfs failed on './file0' [ 23.028910][ T343] syz-executor.3 (343) used greatest stack depth: 19952 bytes left [ 23.028991][ T6] usb 5-1: new high-speed USB device number 2 using dummy_hcd executing program 1: r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) pwritev2(r0, &(0x7f0000000540)=[{&(0x7f00000001c0)="04", 0x1}], 0x1, 0x2, 0x0, 0x0) executing program 1: syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x4000, &(0x7f0000000240)=ANY=[], 0x1, 0x1208, &(0x7f0000001540)="$eJzs3E9rHGUcB/BftoltU/NHrdX2oA968TQ0OXgSJEgKkj1IbYRWEKZ2osuOu8vOElhRW09eBd+FePQmiG8gF1+Dt1w89iCOsNM/id2qBc029vO5zI/5zXef52FhYZZ5Zv+Nrz/p7lTZTj6K1txctAYR6XaKFK2466Wt5nj12tZGu715OaVLG1fWXk8pLb/84/uffffKT6Mz732//MPJ2Fv9YP/X9V/2zu2d3//9ysedKnWq1OuPUp6u9/uj/HpZnIhO1c1Seqcs8qpInV5VDA/2007ZHwzGKe/dWFocDIuqSnlvnLrFOI36aTQcp/yjvNNLWZalpcXgoRb+/uT2t7fruo6o64V4Kuq6rk/HYpyJp2MpluNWRDwTz8ZzcTaej3PxQrwY5ydXHdUSAAAAAAAAAAAAAAAAAAAA4MnwV/v/V2LV/n8AAAAAAAAAAAAAAAAAAAA4Au9evba10W5vXk7pVET51e727nZzbPobO9GJMoq4GCvxW0x2/zea+tLb7c2LaWI1vixv3snf3N0+cTi/NnmdwJ38/KR3N7/W5NPh/MlYPJhfj5U4O3389Sn5hW8iXnv1QD6Llfj5w+hHGTcmY9/Pf7GW0lu3mjnFvfEvTK4DAACA/4Ms3TP1/j3LHtZv8o/w/8Cf7u/n48L8bNdORDX+tJuXZTE8XJx64Izinxet/+iTW/GYLPC4Facfj2kcq2LWv0wchftf+qxnAgAAAAAAAAAAwKP4154ZjLmIB1vzMeXJsjfj82w2qwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YgWMBAAAAAGH+1ml0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE0BAAD//7PKyQ8=") r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000bc0)={'wpan1\x00'}) syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r1) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) r4 = getpid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x30, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_PID={0x8, 0x1c, r4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4045030}, 0x80c0) [ 23.077525][ T396] loop0: detected capacity change from 0 to 256 [ 23.119395][ T396] exfat: Deprecated parameter 'utf8' [ 23.120574][ T404] device pim6reg1 entered promiscuous mode [ 23.124581][ T396] exfat: Deprecated parameter 'namecase' [ 23.154585][ T402] loop1: detected capacity change from 0 to 8192 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000e80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a50500000000d8292cd0d0dae568290277d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f786ff03000000000000a0e3ccae669e173a64bc1cfd6587d452d46b7cc957d7757af4c35235138d5521f9453559c3421e0000d5661cfeecf9c66c54c3e0c34111ce25d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6200000003a00000000000000abecc2f4799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696487925bfacba8313f541cd027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70000000000000000000900d7900a820b6327944e9a217b9800e02a92895614cd50cbe43a1ed25268816b004519c9c5cff097d8005542020009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b223fa8b148871c8d31d24291c25449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f98858822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff08000000e1ff003853e59de7621e3489554525735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315ff9a8ff11c17551580000000000000000000000000000000000000000000000000000000000000000000000a1e0e5c8e9e24aec1a20479b9d64460d875ea919ae1b574f84071e60ada78cb563cda6d8e84430316a7e12e367a2bb57127628a6d68e08c709c3d8b2d4e5c2fc78cb70027a07348bfd61a1b7f9aea727b956e6c65b6836c40707fa7ab86ab7bce3c18e70a1945d5d46c4ce732b59e5801a7fc490d464a373f7e7a5b17585bfa63f4526850ae5f360926eb889ea2675ce0f9aad30f086053fbed70f3ff737cfbf1f16f1d201676050d856f6c495d37998f4f8a19c407d368aa6b18806b9aa0294c26040e8a915316f27e4388ee921d0ea74ab22f079d39ecc55b05ff4c44e84ffdaee9223c031e5e628df49b935d2b002ba693e17f4b363a2d115f5aae68d4d86df32083cf93df777ee947618f5434b4db0495f97a56f17c520152bf8314f34a98f5f1858f5d050756618f743b4fa22ed34bfacc5c4e172e5db03ea87b977ac61dbf0e02398c1a7f026024674cc49de860c067b7d7fedf6a68ca7e82a930813f6df9c8bb872a989b3f0dc9c9ab6c595b7ed71b5ad26ba973f00dd83a1d32b324fe99367bf32fee832e652d22f77f8c2bebe3c12876229e6c93d1751d11e3c3761dd47f7c24e1865c8af96ad5b97e1d3dc9fbfbb9f84cebec934c85e852cb405294e7d138c37e484342e6d7af8828f57c15cefbb495eae1cdcd73521b4ffa6249d2b1729475a1ffca6f9c8b14588956f191192547f63d8d1d7c19b69b182422eaf553c9299ffe56a7fe45017b12603a748659aaf3cdd49ca7fc2937431f41674a53605bb46a75bc91bf7cbca9bfacc455c4c1516d2511bf5366cfd1220dce09de28b1321eba0"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r2 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0) r3 = openat$cgroup_procs(r1, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f00000000c0), 0x12) write$cgroup_freezer_state(r2, &(0x7f0000000400)='FROZEN\x00', 0x7) write$cgroup_freezer_state(r2, &(0x7f0000000080)='THAWED\x00', 0x7) executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000978f0049a148090018110001", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0xfd, 0x9, 0x1, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r2}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x4, r2}, 0x38) [ 23.160573][ T396] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f3f, chksum : 0xf1b3ac68, utbl_chksum : 0xe619d30d) executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000020000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) poll(0x0, 0x0, 0xffffffffffbffff8) timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000300)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) [ 23.201332][ T402] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 23.428874][ T6] usb 5-1: config index 0 descriptor too short (expected 164, got 36) [ 23.437099][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 23.448685][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 23.458714][ T6] usb 5-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00 [ 23.469615][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 23.482054][ T6] usb 5-1: config 0 descriptor?? [ 23.519881][ T330] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 23.748911][ T323] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 23.755185][ T323] cdc_ncm 3-1:1.0: setting rx_max = 16384 [ 23.939933][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 23.946840][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 23.953762][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 23.960707][ T323] cdc_ncm 3-1:1.0: setting tx_max = 184 [ 23.967190][ T323] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM, 42:42:42:42:42:42 [ 23.977146][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 23.984061][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 23.992278][ T323] usb 3-1: USB disconnect, device number 2 [ 23.998079][ T323] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM [ 24.006301][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 24.013123][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 24.021181][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 24.028043][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 24.034983][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 24.041776][ T6] itetech 0003:258A:6A88.0001: unknown main item tag 0x0 [ 24.049324][ T6] itetech 0003:258A:6A88.0001: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.4-1/input0 [ 24.062702][ T20] ================================================================== [ 24.070577][ T20] BUG: KASAN: use-after-free in worker_thread+0xaaa/0x12a0 [ 24.077604][ T20] Read of size 8 at addr ffff88810e282c60 by task kworker/0:1/20 [ 24.085155][ T20] [ 24.087323][ T20] CPU: 0 PID: 20 Comm: kworker/0:1 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 24.097086][ T20] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 24.106986][ T20] Workqueue: 0x0 (wg-crypt-wg1) [ 24.111770][ T20] Call Trace: [ 24.114886][ T20] [ 24.117655][ T20] dump_stack_lvl+0x151/0x1b7 [ 24.122167][ T20] ? io_uring_drop_tctx_refs+0x190/0x190 [ 24.127635][ T20] ? panic+0x751/0x751 [ 24.131541][ T20] ? __schedule+0xcd4/0x1590 [ 24.135969][ T20] print_address_description+0x87/0x3b0 [ 24.141351][ T20] kasan_report+0x179/0x1c0 [ 24.145686][ T20] ? _raw_spin_lock_irqsave+0x210/0x210 [ 24.151071][ T20] ? worker_thread+0xaaa/0x12a0 [ 24.155756][ T20] ? worker_thread+0xaaa/0x12a0 [ 24.160443][ T20] __asan_report_load8_noabort+0x14/0x20 [ 24.165912][ T20] worker_thread+0xaaa/0x12a0 [ 24.170425][ T20] ? _raw_spin_lock+0x1b0/0x1b0 [ 24.175114][ T20] kthread+0x421/0x510 [ 24.179016][ T20] ? worker_clr_flags+0x180/0x180 [ 24.183885][ T20] ? kthread_blkcg+0xd0/0xd0 [ 24.188304][ T20] ret_from_fork+0x1f/0x30 [ 24.192569][ T20] [ 24.195421][ T20] [ 24.197592][ T20] Allocated by task 323: [ 24.201819][ T20] ____kasan_kmalloc+0xdb/0x110 [ 24.206499][ T20] __kasan_kmalloc+0x9/0x10 [ 24.210838][ T20] __kmalloc+0x13a/0x270 [ 24.214918][ T20] kvmalloc_node+0x1f0/0x4d0 [ 24.219370][ T20] alloc_netdev_mqs+0x8c/0xc90 [ 24.223943][ T20] alloc_etherdev_mqs+0x33/0x40 [ 24.228631][ T20] usbnet_probe+0x1ff/0x2830 [ 24.233058][ T20] usb_probe_interface+0x5b6/0xa90 [ 24.238004][ T20] really_probe+0x28d/0x970 [ 24.242345][ T20] __driver_probe_device+0x1a0/0x310 [ 24.247465][ T20] driver_probe_device+0x54/0x3d0 [ 24.252325][ T20] __device_attach_driver+0x2c5/0x470 [ 24.257533][ T20] bus_for_each_drv+0x183/0x200 [ 24.262220][ T20] __device_attach+0x312/0x510 [ 24.266819][ T20] device_initial_probe+0x1a/0x20 [ 24.271680][ T20] bus_probe_device+0xbe/0x1e0 [ 24.276280][ T20] device_add+0xb60/0xf10 [ 24.280459][ T20] usb_set_configuration+0x190f/0x1e80 [ 24.285745][ T20] usb_generic_driver_probe+0x8b/0x150 [ 24.291123][ T20] usb_probe_device+0x144/0x260 [ 24.295809][ T20] really_probe+0x28d/0x970 [ 24.300148][ T20] __driver_probe_device+0x1a0/0x310 [ 24.305271][ T20] driver_probe_device+0x54/0x3d0 [ 24.310135][ T20] __device_attach_driver+0x2c5/0x470 [ 24.315338][ T20] bus_for_each_drv+0x183/0x200 [ 24.320025][ T20] __device_attach+0x312/0x510 [ 24.324625][ T20] device_initial_probe+0x1a/0x20 [ 24.329485][ T20] bus_probe_device+0xbe/0x1e0 [ 24.334086][ T20] device_add+0xb60/0xf10 [ 24.338250][ T20] usb_new_device+0x1034/0x1bf0 [ 24.342941][ T20] hub_event+0x2def/0x4770 [ 24.347191][ T20] process_one_work+0x6bb/0xc10 [ 24.351881][ T20] worker_thread+0xad5/0x12a0 [ 24.356420][ T20] kthread+0x421/0x510 [ 24.360322][ T20] ret_from_fork+0x1f/0x30 [ 24.364551][ T20] [ 24.366719][ T20] Freed by task 323: [ 24.370453][ T20] kasan_set_track+0x4b/0x70 [ 24.374881][ T20] kasan_set_free_info+0x23/0x40 [ 24.379652][ T20] ____kasan_slab_free+0x126/0x160 [ 24.384599][ T20] __kasan_slab_free+0x11/0x20 [ 24.389199][ T20] slab_free_freelist_hook+0xbd/0x190 [ 24.394405][ T20] kfree+0xc8/0x220 [ 24.398069][ T20] kvfree+0x35/0x40 [ 24.401697][ T20] netdev_freemem+0x3f/0x60 [ 24.406042][ T20] netdev_release+0x7f/0xb0 [ 24.410376][ T20] device_release+0x95/0x1c0 [ 24.414804][ T20] kobject_put+0x178/0x260 [ 24.419060][ T20] put_device+0x1f/0x30 [ 24.423049][ T20] free_netdev+0x34f/0x440 [ 24.427413][ T20] usbnet_disconnect+0x245/0x390 [ 24.432178][ T20] usb_unbind_interface+0x1fa/0x8c0 [ 24.437211][ T20] device_release_driver_internal+0x50b/0x7d0 [ 24.443142][ T20] device_release_driver+0x19/0x20 [ 24.448061][ T20] bus_remove_device+0x2f8/0x360 [ 24.452834][ T20] device_del+0x663/0xe90 [ 24.456999][ T20] usb_disable_device+0x380/0x720 [ 24.461858][ T20] usb_disconnect+0x32a/0x890 [ 24.466372][ T20] hub_event+0x1d42/0x4770 [ 24.470624][ T20] process_one_work+0x6bb/0xc10 [ 24.475316][ T20] worker_thread+0xe02/0x12a0 [ 24.479824][ T20] kthread+0x421/0x510 [ 24.483731][ T20] ret_from_fork+0x1f/0x30 [ 24.487984][ T20] [ 24.490157][ T20] Last potentially related work creation: [ 24.495715][ T20] kasan_save_stack+0x3b/0x60 [ 24.500222][ T20] __kasan_record_aux_stack+0xd3/0xf0 [ 24.505429][ T20] kasan_record_aux_stack_noalloc+0xb/0x10 [ 24.511073][ T20] insert_work+0x56/0x320 [ 24.515237][ T20] __queue_work+0x92a/0xcd0 [ 24.519576][ T20] queue_work_on+0x105/0x170 [ 24.524020][ T20] usbnet_link_change+0xeb/0x100 [ 24.528778][ T20] usbnet_probe+0x1dd3/0x2830 [ 24.533292][ T20] usb_probe_interface+0x5b6/0xa90 [ 24.538238][ T20] really_probe+0x28d/0x970 [ 24.542577][ T20] __driver_probe_device+0x1a0/0x310 [ 24.547706][ T20] driver_probe_device+0x54/0x3d0 [ 24.552559][ T20] __device_attach_driver+0x2c5/0x470 [ 24.557767][ T20] bus_for_each_drv+0x183/0x200 [ 24.562452][ T20] __device_attach+0x312/0x510 [ 24.567055][ T20] device_initial_probe+0x1a/0x20 [ 24.571913][ T20] bus_probe_device+0xbe/0x1e0 [ 24.576518][ T20] device_add+0xb60/0xf10 [ 24.580681][ T20] usb_set_configuration+0x190f/0x1e80 [ 24.585978][ T20] usb_generic_driver_probe+0x8b/0x150 [ 24.591356][ T20] usb_probe_device+0x144/0x260 [ 24.596045][ T20] really_probe+0x28d/0x970 [ 24.600381][ T20] __driver_probe_device+0x1a0/0x310 [ 24.605503][ T20] driver_probe_device+0x54/0x3d0 [ 24.610366][ T20] __device_attach_driver+0x2c5/0x470 [ 24.615571][ T20] bus_for_each_drv+0x183/0x200 [ 24.620259][ T20] __device_attach+0x312/0x510 [ 24.624860][ T20] device_initial_probe+0x1a/0x20 [ 24.629718][ T20] bus_probe_device+0xbe/0x1e0 [ 24.634321][ T20] device_add+0xb60/0xf10 [ 24.638483][ T20] usb_new_device+0x1034/0x1bf0 [ 24.643173][ T20] hub_event+0x2def/0x4770 [ 24.647426][ T20] process_one_work+0x6bb/0xc10 [ 24.652115][ T20] worker_thread+0xad5/0x12a0 [ 24.656626][ T20] kthread+0x421/0x510 [ 24.660530][ T20] ret_from_fork+0x1f/0x30 [ 24.664785][ T20] [ 24.666951][ T20] The buggy address belongs to the object at ffff88810e282000 [ 24.666951][ T20] which belongs to the cache kmalloc-4k of size 4096 [ 24.680847][ T20] The buggy address is located 3168 bytes inside of [ 24.680847][ T20] 4096-byte region [ffff88810e282000, ffff88810e283000) [ 24.694127][ T20] The buggy address belongs to the page: [ 24.699599][ T20] page:ffffea000438a000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10e280 [ 24.709655][ T20] head:ffffea000438a000 order:3 compound_mapcount:0 compound_pincount:0 [ 24.717813][ T20] flags: 0x4000000000010200(slab|head|zone=1) [ 24.723721][ T20] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043380 [ 24.732143][ T20] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 24.740553][ T20] page dumped because: kasan: bad access detected [ 24.746816][ T20] page_owner tracks the page as allocated [ 24.752358][ T20] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 360, ts 22658206557, free_ts 22654910822 [ 24.772586][ T20] post_alloc_hook+0x1a3/0x1b0 [ 24.777181][ T20] prep_new_page+0x1b/0x110 [ 24.781521][ T20] get_page_from_freelist+0x3550/0x35d0 [ 24.786902][ T20] __alloc_pages+0x27e/0x8f0 [ 24.791332][ T20] new_slab+0x9a/0x4e0 [ 24.795235][ T20] ___slab_alloc+0x39e/0x830 [ 24.799661][ T20] __slab_alloc+0x4a/0x90 [ 24.803825][ T20] kmem_cache_alloc_trace+0x142/0x210 [ 24.809036][ T20] kernfs_iop_get_link+0x65/0x5f0 [ 24.813895][ T20] pick_link+0x6c8/0xdf0 [ 24.817983][ T20] step_into+0xb8c/0xe70 [ 24.822053][ T20] path_openat+0x1816/0x2f40 [ 24.826575][ T20] do_filp_open+0x21c/0x460 [ 24.830915][ T20] do_sys_openat2+0x13f/0x830 [ 24.835427][ T20] __x64_sys_openat+0x243/0x290 [ 24.840113][ T20] do_syscall_64+0x3d/0xb0 [ 24.844369][ T20] page last free stack trace: [ 24.848884][ T20] free_unref_page_prepare+0x7c8/0x7d0 [ 24.854174][ T20] free_unref_page+0xe8/0x750 [ 24.858688][ T20] __free_pages+0x61/0xf0 [ 24.862856][ T20] __free_slab+0xec/0x1d0 [ 24.867020][ T20] __unfreeze_partials+0x165/0x1a0 [ 24.871966][ T20] put_cpu_partial+0xc4/0x120 [ 24.876480][ T20] __slab_free+0x1c8/0x290 [ 24.880733][ T20] ___cache_free+0x109/0x120 [ 24.885245][ T20] qlink_free+0x4d/0x90 [ 24.889239][ T20] qlist_free_all+0x44/0xb0 [ 24.893577][ T20] kasan_quarantine_reduce+0x15a/0x180 [ 24.898873][ T20] __kasan_slab_alloc+0x2f/0xe0 [ 24.903560][ T20] slab_post_alloc_hook+0x53/0x2c0 [ 24.908507][ T20] kmem_cache_alloc+0xf5/0x200 [ 24.913107][ T20] getname_flags+0xba/0x520 [ 24.917474][ T20] user_path_at_empty+0x2d/0x1a0 [ 24.922221][ T20] [ 24.924388][ T20] Memory state around the buggy address: [ 24.929861][ T20] ffff88810e282b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.937760][ T20] ffff88810e282b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.945657][ T20] >ffff88810e282c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.953553][ T20] ^ [ 24.960593][ T20] ffff88810e282c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.968487][ T20] ffff88810e282d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.976382][ T20] ================================================================== [ 24.984278][ T20] Disabling lock debugging due to kernel taint [ 25.004548][ T39] usb 5-1: USB disconnect, device number 2 [ 25.331966][ T425] device pim6reg1 entered promiscuous mode [ 25.347326][ T431] loop0: detected capacity change from 0 to 256 [ 25.365487][ T429] loop3: detected capacity change from 0 to 8192 [ 25.379647][ T431] exfat: Deprecated parameter 'utf8' [ 25.384883][ T431] exfat: Deprecated parameter 'namecase' [ 25.401965][ T429] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 25.446706][ T436] request_module fs-autofs succeeded, but still no fs? [ 25.466184][ T431] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f3f, chksum : 0xf1b3ac68, utbl_chksum : 0xe619d30d) [ 25.538615][ T448] loop1: detected capacity change from 0 to 256 [ 25.562478][ T450] device pim6reg1 entered promiscuous mode [ 25.587334][ T444] loop4: detected capacity change from 0 to 8192 [ 25.620812][ T444] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 25.663940][ T30] kauditd_printk_skb: 62 callbacks suppressed [ 25.663953][ T30] audit: type=1400 audit(1713934856.961:138): avc: denied { create } for pid=455 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 25.708351][ T458] loop2: detected capacity change from 0 to 256 [ 25.730285][ T458] exfat: Deprecated parameter 'utf8' [ 25.747460][ T458] exfat: Deprecated parameter 'namecase' [ 25.773179][ T458] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0xf1b3ac68, utbl_chksum : 0xe619d30d) [ 25.800194][ T469] device pim6reg1 entered promiscuous mode [ 25.862166][ T470] loop0: detected capacity change from 0 to 8192 [ 25.920646][ T470] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 26.056239][ T464] loop1: detected capacity change from 0 to 40427 [ 26.088954][ T488] device pim6reg1 entered promiscuous mode [ 26.093795][ T464] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 26.102479][ T464] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 26.133529][ T464] F2FS-fs (loop1): Found nat_bits in checkpoint [ 26.185011][ T464] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 26.195194][ T464] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 26.255483][ T30] audit: type=1400 audit(1713934857.551:139): avc: denied { read append } for pid=462 comm="syz-executor.1" path="/root/syzkaller-testdir3472849816/syzkaller.lNVdz7/24/bus/rdma.current" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 26.306319][ T30] audit: type=1400 audit(1713934857.591:140): avc: denied { setattr } for pid=462 comm="syz-executor.1" name="rdma.current" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 26.488617][ T30] audit: type=1400 audit(1713934857.781:141): avc: denied { create } for pid=509 comm="syz-executor.0" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1 [ 26.544627][ T30] audit: type=1400 audit(1713934857.811:142): avc: denied { read } for pid=509 comm="syz-executor.0" name="file2" dev="sda1" ino=1951 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1 [ 26.594371][ T30] audit: type=1400 audit(1713934857.811:143): avc: denied { open } for pid=509 comm="syz-executor.0" path="/root/syzkaller-testdir809084173/syzkaller.0fAhII/15/file2" dev="sda1" ino=1951 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1 [ 26.650686][ T30] audit: type=1400 audit(1713934857.811:144): avc: denied { create } for pid=511 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 26.691178][ T30] audit: type=1400 audit(1713934857.811:145): avc: denied { write } for pid=511 comm="syz-executor.3" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 26.776723][ T518] loop3: detected capacity change from 0 to 40427 [ 26.865545][ T518] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 26.880867][ T518] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 26.927925][ T518] F2FS-fs (loop3): Found nat_bits in checkpoint [ 27.005343][ T518] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 27.012499][ T518] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 27.223104][ T536] loop1: detected capacity change from 0 to 40427 [ 27.235048][ T536] F2FS-fs (loop1): Invalid segment count (0) [ 27.241512][ T536] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 27.254130][ T536] F2FS-fs (loop1): invalid crc value [ 27.260978][ T536] F2FS-fs (loop1): Found nat_bits in checkpoint [ 27.297407][ T536] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 27.304476][ T536] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 27.311952][ T39] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 27.324997][ T30] audit: type=1400 audit(1713934858.621:146): avc: denied { ioctl } for pid=535 comm="syz-executor.1" path="/root/syzkaller-testdir3472849816/syzkaller.lNVdz7/29/file2/bus" dev="loop1" ino=14 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 27.353794][ T536] attempt to access beyond end of device [ 27.353794][ T536] loop1: rw=2049, want=45112, limit=40427 [ 27.385554][ T300] attempt to access beyond end of device [ 27.385554][ T300] loop1: rw=2049, want=45128, limit=40427 [ 27.510810][ T30] audit: type=1326 audit(1713934858.811:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=551 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e78f73ea9 code=0x7ffc0000 [ 27.688873][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 27.706154][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 27.721830][ T39] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 27.731614][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.740644][ T39] usb 3-1: config 0 descriptor?? [ 28.338872][ T39] usbhid 3-1:0.0: can't add hid device: -71 [ 28.344814][ T39] usbhid: probe of 3-1:0.0 failed with error -71 [ 28.351731][ T39] usb 3-1: USB disconnect, device number 3