last executing test programs: 3m23.159805926s ago: executing program 0 (id=183): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000100)) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ffffffffffffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4) sendfile(r2, r3, 0x0, 0xffffffff004) r4 = syz_open_dev$dvb_demux(&(0x7f0000001e00), 0x0, 0x2000) ioctl$DVB_DEMUX_DMX_SET_FILTER(r4, 0x403c6f2b, &(0x7f0000001e40)={0x4, {"0dbad96fff01000008ff002084000100", "3dfab043e15fad27a639f105b5e9f977", "a7c947420000000000000000ff4a70f3"}, 0x4000c, 0x5}) preadv(r4, &(0x7f0000000480)=[{&(0x7f0000000180)=""/1, 0x1}], 0x1, 0x7, 0xd) ioctl$DVB_DEMUX_DMX_START(r4, 0x6f29) shutdown(r1, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a64000000090a010400000000000000000a0000040900010073797a31000000000800054000000001090002e572797a300000000008000a400000000008000340000000140c000980080001400000008114001180090001006c6173740000000004000280440000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001800038014000080100001800c00028008000180fffffffc140000001100010000000000000000000100000a"], 0xd0}, 0x1, 0x0, 0x0, 0x4000854}, 0x40) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000180)=[@in6={0xa, 0x4e20, 0x4a51, @rand_addr=' \x01\x00', 0x80000001}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r6, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f00000000c0)={0x0, @in={{0x2, 0x0, @empty}}}, 0x90) syz_clone(0x2a809000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='fdinfo/3\x00') 3m13.707838912s ago: executing program 0 (id=192): syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x800) r3 = openat(0xffffffffffffff9c, &(0x7f0000000a40)='./file1\x00', 0x1a0402, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r3, 0xc400941b, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r4, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x30) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r5, 0x0, 0x40) r6 = socket$kcm(0xa, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) close(0x4) socket(0x2, 0x80002, 0x0) r7 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r7, 0x0, 0x482, &(0x7f0000000080)={0x84, @rand_addr=0x64010101, 0x4e23, 0x20003, 'wrr\x00', 0x9cac55234174523c, 0x40080005, 0x26}, 0x2c) sendmsg$sock(r6, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x4}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 3m7.185308275s ago: executing program 0 (id=198): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000500)={[{@debug}, {@delalloc}, {@inlinecrypt}, {@test_dummy_encryption}, {@errors_continue}, {@errors_continue}, {@delalloc}, {@barrier}]}, 0x1, 0xbc8, &(0x7f0000002380)="$eJzs3M9rHNcdAPDvjH7alrtyKaXuxSql2FC6ll1kalOoXVx66aHQXgsW8soIrX8gqTiSdVgl/0BIcg7kEkhiEnyIz74kkGsuiXONySFggmIlEEKiMPtDWku7+mGtNIr8+cDTvDdvZt73q5F23oPdDeC5NZT9SCOOR8SVJKJQ359GRG+11h9RqR23tDg/9u3i/FgSy8v/+SqJJCKeLM6PNa6V1LdH6o3+iPj470n88qX1407Pzk2OlsulqXr79Mz1W6enZ+f+NHF99FrpWunGmXN/GTk7cm74/EjHcv3u84v3v/ndP7+ofP/2D3e/fvXNJC7GQL2vOY961js2FEMrv5Nm3REx2oHr7wdd9Xya80y6Nzkp3eWgAABoK22aw/06CtEVq5O3QnzwSa7BAQAAAB2x3BWxDAAAABxwifU/AAAAHHCN9wE8WZwfa5R835Gwtx5fiojBWv5L9VLr6Y5KddsfPRFx+EkSzR9rTWqn7dhQRDz67Px7WYkWn0PebZWFiPhNq/ufVPMfrH8Sem3+aUQMd2D8oTXtn1P+Fzswft75A/B8enCp9iBb//xLV+Y/0eL5193i2fUs8n7+NeZ/S+vmf6v5d7WZ//17i2Pceev12+36svz/ev8f7zZKNn623VFS2/B4IeK33a3yT1byT9rkf2WLYxR+vF1q15d3/stvRJyM1vk3JBt/P9Hp8Ylyabj2s+UYCx+NvNNu/Lzzz+7/4Tb5b3D/+7N9t566Uvsv9fnf5cv32vVtnn/6ZW/y32qtt77nhdGZmakzEb3Jv9bvP7txvo1jGtfI8j/1+43//1v9/WevCZX630aW+UJ9m7VfXDPm3+7eeX+j/LO1X573/+r2739138tbHOMPH75yql1f8/o3K9n4j5LaWhgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIgkLUZEUq2nabEYcSQifhWH0/LN6Zk/jt/8/42rWV/EYPSk4xPl0nBEFGrtJGufqdZX22fXtP8cEcci4rXCoWq7OHazfDXv5AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhxJCIGIkmLEZFGxFIhTYvFvKMCAAAAOm4w7wAAAACAXWf9DwAAAAef9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77NiJBw+TiKhcOFQtmd56X0+ukQG7Lc07ACA3XXkHAOSmO+8AgNxsc41vugAHULJJf3/bnr6OxwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/nXy+IOHSURULhyqlkxvva+n5Rkn9jA6YDeleQcA5KZro87uvYsD2HvP/C9+tLNxAHuv9RofeJ4km/T3rx5Tebqnb9diAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD/GaiWJC1GRFqtp2mxGHE0IgajJxmfKJeGI+IXEfFpoacva/flHTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNz07NzlaLpemnqWS7Ox0FRWVpkqyP8KoVfJ+ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/Ts3OTo+VyaWo670gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvE3Pzk2OlsulqS1U7m3n4KZK3jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCfnwIAAP//198NMw==") creat(&(0x7f0000000e40)='./file1\x00', 0x18) bind$netlink(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x42102) ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, 0x0) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) fallocate(0xffffffffffffffff, 0x73, 0x1000002, 0x5) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) getsockopt$TIPC_SRC_DROPPABLE(r6, 0x10f, 0x80, 0x0, &(0x7f0000000080)) pwrite64(r6, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) mlockall(0x4) r7 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x40, 0x0) ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0xfffffffc, 0xfe, "0062ba7d82000000161000000000f738096304"}) dup3(0xffffffffffffffff, r7, 0x80000) 3m2.868512493s ago: executing program 2 (id=202): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket(0x10, 0x80002, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$BTRFS_IOC_ENCODED_WRITE(0xffffffffffffffff, 0x40789440, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r2) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYRESOCT=r0], 0x1c}, 0x1, 0x0, 0x0, 0x48050}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, &(0x7f0000000280)) mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./cgroup\x00', &(0x7f00000004c0)='hpfs\x00', 0xc4, 0x0) sendmsg$key(r3, 0x0, 0x4008000) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10) fsopen(&(0x7f00000001c0)='bpf\x00', 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000200), r6) syz_usbip_server_init(0x2) sendmsg$NET_DM_CMD_STOP(r6, &(0x7f00000003c0)={&(0x7f0000000140), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r7, 0x400, 0x70bd26, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x4) socket$key(0xf, 0x3, 0x2) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000840)={r5, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xb5, 0x7, 0x4}, 0x9c) 2m58.463854202s ago: executing program 0 (id=207): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) read$FUSE(0xffffffffffffffff, &(0x7f00000005c0)={0x2020}, 0x2020) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000000)) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000700)=@ethtool_flash={0x33, 0xea6, '.\x00'}}) unshare(0x2a020480) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = open(&(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x400103842, 0x2) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800006, 0x12, r6, 0x0) r7 = syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x1) write$UHID_INPUT(r7, &(0x7f0000000d00)={0x8, {"7894e6e62ce0f10fcdce74f21ad5b47c923d4dec90cefd599912070f341d59a8802e33af9869738f25b2f72093dd0ffa688e8e417c6e0e09b99649818d7caca39e142ef69d9101397854c3f51bde013686a626b2120c03d98c0ad981069188fbbddb88bf41a6b29ed43d1244e6025e1e4a2f40577619ccee39385bfc86461023a7906e5c07d16415140f4ab26db004362c885ef2c9ee82d3dd7e2ac42ca05d81ccea87dc0ec4a8f222013d6d4d0b0c828f3d2e3151dce87bfb335c1ad67bb3323564022ab23a6ba54ca117ca592c8d4227922347ea6f7c9d3dbdbc8d235f2d03e688d5ca7718d60e911534f964bf20359a0057847e7d7fd2cc463784aab2b06ba95512cfc427da44aa73634b0797b9baab391aa176d259c047ee9d346e63903860ab3c571d064509a715c5c4c6edffce9e1701e8291c2d937e3ff18691fe9a665b1a3b717a40205f8efa239b37e6b33f5c8ac28e616f788d0294c8d39ff4a63aaca7d4c578a935dd84850432201081bc1b00c5797847eaff8cecf8af8a60f075b5ff1c3dc9e62f9a3cfc4333a7501dd8badfdc691a9d35d3fc2c0e8f1b21a2c619201004a0d82bace1738ba9ca93e6fbf8ebaa78b5423efb19d3337ad050a7a1a634737a0169921911b277ab235f8b186efd60c3eff58e974a856ba460c5fbd91c1b5c999a7f6b4474560e0c5698085e1ff96381999bf7338dddab4499c6ae315245ecc98d3ca2ebc11214a4115e9205e7d1705591be4029a5e92ae06c02ba39ac70cf1ba082ccee070bf2feafa55ac6e863adb6f89a7475c2dc073058b0f8a52151d8c3ced025463656942bfd257ace6c54bd57985a44cef1c20777db47d12bd34371ef6f537e455b7787e3a853713877fa9465937602ceef8b9439507ab802ea4eaf5ee2ecd710b1840d8b8c995b5904434198abd8f0e830857ed1af53f3bcede9d57afb1cd7ad27bf222a6d1c58286c40d22211a3b2b7b7bbf5923a528fa4d781aaec1f67e013392b17197d2f6ff2d0e68bea94ce57cc516daffdf2348333a8dc596894540aa2a79437d95465fc27627b0e26871d5248c39e1a3badb319d449a7d67145418e1a35cb4bf950a5483d6e80763ea676b89d1f1e2cea20c590c76ae9fb228ffd638ccabdb3830cf944e1cccfb7ba8b1d1f0aabc498155ddda8404ebe2e25cfcfa9058af7d66bef79e592a579d556404ea3f28d6ddb3fdead9123247e23827f729eee41540d0f0e94027d65eee4e7c1c913c634f9abf546388cd2e4b351b16bd97faae3b54f5b2750495619ec36d97a1080564fa30a9f8a2700b77340b5bbd9cc377ee35420b5b762935047af7837e973a9da42ef93c11f145704d041054bcc4680363cbbee16a2bc0eaaa49cfa23330a666dff32daa17a6ea425f1ed2354d0c36893c895a0564e100d3e1385467405ca2706cfb62453faf72b1648727faeffb3c934bc4e48e4ce93af11bff3208cb3843da7ed68451b4af747ef72e2fb78a73990c95097c9504aacddffc5caadeb171e95ad113561144907d361fd28695239f6619360b9d0eead653cc83ab13fc7c0c60237e3363b6f319daa38d792426393e2396404a112ed9e70b378f494d4b540bf9b44d76b347a12c8cdaeed350a85698eb71bd126f75b9aa0ff7435926a4a4ce04e4187eae5a80b1ff56aa7f1b005a9a057b6ace4cf08c404f66c0b31974d151e9a2840ebcbfbfd898e6694b89fe78a68b90551c9d33c14914dceff64a699c1cf1570c2d1f53e905abef9f954fbdd100b1b18f10dbd673bd6c7a9693286cf2dc0ab9919466750aa42ccfa27e9ff4190dd784ec6f2e19270521f98561a959152b16a80f0b1e183375d3886936ae03ff4949777d30481c24bbae918d5fdcc8f46ff05e2370095bc85cde086dc1e32423f21c13c42490fb679462f35dd0c4ef06f8c3f24327af47ea2c73a856f112385094fe138022e308c157adb19b94ed0e8d94b805883318b33b22f371d62f0b764b2a44b65018bef417357aa997ea4ef95a2899963e06a3c553943e14d3364b73919f5e6d8395d56d522f1b19ae37d48f1534d92e4248824adb555281aea2fb317bfb30cdc7d4efada900006f45578a061b19e2eeefffdbf1974a1633182501611724079f926122c1c8fd9b1d8e6302d76ed90616abcfcac478e3b8d3be91eee5f9c653f8fed3afc1eb33d9314aaa021e8b53ab7ba3e59b301a6c757efd95c6661d7d3e8a73cdec7833f4608dc238d8e144a5b0196a9aea6fb30efdfdb05f9529c52af93cd78d857e3cc920bf30b2292380c662890f3679c09aea55c77a75dbb4da338c0fb737a5fc31252d9fa798f9dd70947f6cfa0474a7a835c694dfbb5c678216915d1f04c81d5df8f2efde80fdbce8248525d9b639f394847b9a8c2e7f7288b031df91db059eabb750c1bfe732b78001c2cca0f74cd8873cc2a892d26e1dbd48db297853775c21d68ce1daebee4f4d65bf8e448b1c80da35eaff3295ffe0aef68baff15f7585aba741699c3ed9a62f2c18200e40cbb383b844459ca9636d61645470d4f8b04704b84a7986d816c037d368d807ab936faa842a427cc4987ab506f3f08841195c893f39656547ff62730ec43aa78311d57defe4002301f6b9e1f6573f3a46715e2d1f899480e8bc97f5dfe48ad14df280126998d32dc0a63231584b5ee82d5f90d5ccd3eb3923cee0dfe0eb9b1ac54fd97214ad86c6459cf916ba0bfc9d4210a95346d753f4bc7440d78274c4cd1850907a2bf150a1c1b511bf0438494a6aa1a197f787c96b410d866b4cb284f74122ffbb2f5fa7c2c22f935c7e1542ff83f01e3024ee6e3d7fd0fba2754e635c8116a27f15586300d6522979822c1f97038f33c644ef82e9818f4a09388cb9a69514c929e9bc149fd7a26b458d89abb5e3ae1de29ed1f28d613878a24a9296c967339b9c6749f92c720982cb78a120bcf7593c6fbae36f9a06caa384a7e5d3f05442b0a69f72518a76a916968aae56abda54dac318fd726335e95592f80d030ef51aea41d5e348267fcea65e49d8e36e711fedb3fb9ad37d3fdf2185dcc3ff44736d6a0d4b4bd1810f89ec6e0e6b6f58f74d73ddd2a27fcfaf36d1aec6c3769787a1d3b8514487a399e6497bd0bf4c4242868d599aeb2202cae535e8118d478fc43b4c8bfdcf024f36f5d7c9f75c69bc9d4d5414e8bef740bcaf9027dbdb0f47643b984406c9ce1999d7631243c26d6824ae74ab71f536e40e934a5dfea7f5c5d10713c831df6ba168f4080a4b082e94bc23c0807aab7c0bc29f327d185a2a9302cc255aa54764c4eb8ef5b17d640afa30b36572294914d51ac146f87af6f5abd97823724aba25f589e769aa1047e72365e9ee67e7f90e80542cc842aebabc97679dd893075e8a1bd6934ac9e768e20bcf4c2fa29c5f7a103d3ff689c721e08ef1d0ca61ee3e07a815aa943879dd5c406dcff6a946b0a12980620cfb224912e27accbb63b1e2d571c65918c806060dcd08d5cef341e5c5705021ec19605b809a44d2a8f6f27e18f2b8fd268e23706564df5501096fd8f8261e27d5c8b582673f0c76bf78b27f754cddb5b64a33c87841681d8eef2b5abe8a8deabee587189f75b8b518909cd2a6f89910425e8647f25077829f1b400b3abcaeff6f54ccc00f6fb7abeeefe0226e4e2b55fba0925b49be8310fc5a490384e4a5e7216b0fd0c09c00e3327ada8c59eb37443ac9148a9df92b0d4e6851cd93b784d3e0a236d9fe7c483f03d813fc98e632cf6255dc4a70a0458570776509ebfb545f35956c7e32493f6ad886ec858bfc29bffb7f2ae7eed7d83e3075554dd81e72c93f4c2e4dcdb0832e76861b983b17c2a6f887a988e4fd47459fd45134560b5b1bec10c50914f2d7f327a4e68a0c453f067035f243ca01aa22969481d5fb48d1da82f35222c4e8d249625c454159f7b00a85d43414eb5e7c8044922b323f2473af648d1dba5ffff34bd5e023a2fe4860d7568fa4d35ad20c461eb38bced561edcef853dbcdd7b69bb40e9cda525a71a286c956a1268cacad0bc0c79ed7632aedbb8dc78ba1a2adea2b650314072d1ebc08f9753d6d38e53a758ea4700160588e819239711a506f004ec57037cd6efcbb9cee3bba556eaaa008bf8e8390085b85653c7aa006dd836c7ad025bed9dec77a4a00b309776862fca4dd01dff16aa6bd70a876662093b85ffbb07b2f8b4361f5dc635f940571239a71865e8f1a289f449ae9a74266205c8b1fe8a732db502c9ea5e5c379b704d43ef795b40450aa498535803767d2c2cbd2749474d2997e00f37612fcc0ae7322b8c8e2a90cf66ada69bd05b82d5707562b37e40674f0a3f58d9c776a931b8768d5c23f17c5f9135e7a4ce0c6eb356d9fb4a53d112194c19e6f045d2bd44132a70b9ccd7e65d2787899785f7ee9185589136c847347142440e0a405c18ff3f31acb791a805dd281aaf97aee708dcce2f1aa53161b7716fa0978c0d02871637ad7e1af5a158b727a1dfc2ae1aafbb9c516469ee89fa0f1de23a17115ded5e9c560a468c5192943be74aeaba51083ca0379563f1fa78e29eca1eaf849cd00f419ceb59e640248c332c845e68e9a398281b962ae59aa5b18006b6ea6e0c5f1b30665e1fb975da11ed6a47bd44b4241bbf0443f178e8249805cc3f980a4bb2f46baab0a12e9e9b2aaa7e0ca22b2314a9e5ef6412f4efe31381e3d716244af3112444eabbb0c353acafc0f1179ad4c63b81e5f5bfd771591d24e5254fa72e30aa53717c24b49cee71cdd9368e207af5e992a04f06de912cfcfca38732f5c8393d466d209680ebfa5764897f04531138beff3f65691593e334c2ae2825ffa9353e8aeef37b90691ea5c78d7c86124abf6491a068bf03c3467e5e42ca4b58192d17856722207568777141ccbef3f3891708897af9c196be92056527a8da820d28dccaf4dfed4d38fb8fe826b238d31bad751631a0d8b1eabdfa7bffe65241238ff982d21b2222cdd3a536385d0ab2180ccdf4672d0b21156377fe640ee8c8744b9ba1efce91c295e83a4271a34a1f70adbc2ff0aa6ba9e1965061cadcd3d824636bbc1f977c78dde1859d752c86b099705616edf6e94523f108af79ab5073d26f3788c4d56f1b17b764c1bc387e531dab5dd71198c56b02c68552dc1098beec85dc1bbe2dde316e6093a9a33f578d789da9b2a9209ed6e73a0597bc62467afc42f0348c9b885b92f37569a953f6316d5c8b188539474da3836abeae7ec259cf8fd28f02593597e9206e05e8da4f4346aab36f179deb68a9dab9b550d6fe4f0c88563935328a699b9cbb2015be57c28beaf60be499114f04a96a2f7fb3bf3b5b31e422954c96790aa1e49c5bc1946df0df2b4be63c0aac1ddcf187714f6e67a076a823feaeba5db4a99e5f494ec939d1b0ecd23752c08c3b788704612127e7f080ef581b4990accd6dca7ce52844bc7bbc8c8752497c171d8e628c53609a920fb5a1bc740cb05e2035de72f636ef0498ed2f3cccb64d5740afbc30015442ca0511160787b2c763072c70035f7f3bbbd3966bcc80d021ce1482e27681b963a28189c2ee9d64d0622a94eac689d3fc1a4137c4d62a4c73fab4b0175a8ff8fa256118affd94aaeee33b155043f53d9e3d4eb82173df0938c6c3e51c118c1acf187c84f12090ad1dd663013e433455290f87ca88959f9f481e4dd05e6a483abe00f7c974e5ff602a7a6eaa71f8ac06c50afac0c2858b554f59bf88002766a619ae9b0864926d07b273238e1ebd456543f77ea800231dbf4479f0b90fc607", 0x1000}}, 0x1006) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x8, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2m57.930602757s ago: executing program 2 (id=209): r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) connect$unix(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRESOCT=r0, @ANYRES8=r0, @ANYRES8=r0, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x380, 0x0) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000019280)) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r2) sendmsg$IEEE802154_LIST_PHY(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x95}, 0x40000) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r4 = shmget$private(0x0, 0x4000, 0x54000000, &(0x7f000052f000/0x4000)=nil) shmat(r4, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0xc0686611, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000001340)) ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000180)=0x6f) write$dsp(r6, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000001340)={0x54, 0x2, 0x6, 0x401, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xc}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x54}}, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc00000000"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(0xffffffffffffffff, 0x400c4150, &(0x7f0000002380)={0x0, &(0x7f0000001380)="9cf68dea4c22718feb4c9e32e1bf30a72b35d7ffb169f6719020462ecc45325d715ddb68672a9b6a2fcb32070d58ba09f973e0722a78c6c96b8dde045efa92097bc097c36756ac561fbd8d1cbc64dd43dd41a68c5444f22dc62156b5d9ca60ea341caaf7e39057a7d0205040c0ac24e23d1368f163a5f74a009ab002ff095f4ddf42f26636eedf77f3aa6e5f35188484b492a493e7a4c1745acb97159241cc19d67bf229ee2e5dd59b7ff3ca0611172c1e0b799fe9d158f073000f11c08faaa8de7e7d3dd9d555f5c6998365f2e80aa6fc356aa9b168493477a45f4baeaea32180ea4a3106b28f54b4e684cf30bdf4f18e6ead124f06d743138a70802a16cfe345bf93d00a64874122334749c0d80acf5e70bf686fcc23f1eca8aa4079f7798721fcd5d683a25949ccdfbe9beef5d4d2984ce9192dae6762933730c9abdca08e287fecabb85f6a927e290f493534eed6e71ecff2641af25b8c8fb4f2e360d60af79bc37a7ce379e1b2813260ac728ec70de1f4b1742f9ba9f883a86cb01d432c129eae61eb753102b60b596d77ad84407e34ad93f585035cb9be70b4e13c23f4021231f239cc2ed9048c17addbad603f5cf064dc16e4aa989b8e3902ce41da108a5f6868e4ad931171de3237e9a1d37940514b226310f36b7eead7c5330e23248b981396ee5464106b7c38bb13311f99d66081ddc649c2a5be9379755e74d5dbcabb648cfe8adceeb944d879f44077c36a710fe540adec36b6e9f0c14c0c61d4121339f1c3cddaad34ff512bc8ff6540672ff985562a6d580b65bdf0df6b447175b97fca53d2b8782d744af97861d794c483b6d36c2a71c186631dc0a895038bcd75091b15d6aadda82ac295b21407013fce9b74e372540a02f9b0ffa6decf0024e84a5cdb0f9aca742a8ab6c56a263da0f310d9dab13e9d909510b7680ab6ff0016f714eaa1db221a47db2c19bf7f0036a89e85362cf9f5fa5b42f1783c98945b07e7486d6e8c7bb9ebcefaaef2231724f350cb0ddcf793ac21e1314148eeb3bc33b781104287e716ec4a0cdeb893d8b6302bfb3aafc8bedc0292cbfddf4bf614c889700b241e5e24b15e7f8775a0f3e7445a4e5d567b4fefc85599089ee95642e7afe8bb95a3b2cf3a4fe3a956b35e0a7dbcea590d025152934bffda6c21e62bb260ff37e57f213f9034edadd45cd3e023ccced12a16cb039ef5741048451d545753c038f36b93f5cdaddd98b36462fb8ddd78e739c79786526b3b8d2b9c29fe14a51f173dbc21eac0949ff47ab0684c0d01770a42722e01a5f4359265f94fbc8c9ec9394544bcc69fdf46ec57e09e1ed0085c2fdcfd67b2ce3abe8defc9769cf9221b69b00dac772dbbef640703a67650b85c78081784fe61587f17f21f36b5d2553b403fdfae9e058f58dfc5896ce869c6ac06149f41a586a12b4901ad95ebe72265c76989cd4bf4b06d795d1fa8e679a5a054b6bcb9ec5eb42cc161852b534fac3ffbf068ec2d21003f3adc1729a78d0912f8ae01219da60082f1cd7a3ef71e14ab3ebe1e6dcd8b4f5e31f905f747ad8f2648fa8b3db5b805936183af278e45afca59ae19cf0fdb17eab4880baf8e643c946d2429227ce68ef9e9fa877775347ea146c1e6fc96d77d333bf36c0458f79afc498496c786a7b0730a39ec2622ccd8544ac3baa0a34c9e6c976afabdd373600af3aa07ca20e36087dbefe2ae1327eb1e32d9baa5927464ecd394f10945376e068dbdba0fa5272c61cd3307288ec0ac936c12d38caf89181de93e2fbf29c6ab2fed7fdd6f44afbdf86395c58a83e07eb14ee237ba8880b3baebc802e33e8a6d5991c05f83288ee629aa12f27aafcdc2120fe03175a5bb58631fe479a91ea31bba1bf383140e0f5341882990d45d5e0f1a548095180ee7b3de3a84a6316e22194f5b077dfb705f564d3e7cf01ac0d11d9b4b6658b0ef13388c080276966be9930d21d4fd0998657420899dde4e963d4cf82a11d7f95dccc938509c5992f5311ed8ae4913398fe2d757a05cd998b6b9f6d2e2c8a6d557bb955d47670ccc49ee9aaa7f608ebd3e98c0afb5dc874e15263398fe5f3dfc98cdc1f93a3f51dd3bf1a0d257fa7040f7fdb0f1176fbdef1deb5685444adea4cf3ac621dc7d9c54359037b7d6de41d531a3beab82e28dec4cc88fe575323ca40f23f5a94f4433e35a8b3cad8e4b4ae988c23f40a9b43f9edd60a5d6099e6cd6b1e37d4a31adb868cb68293a1b276530d7fd3a6f553f1b2f7c73df5cfafaa222199e6832071196783d230b162ef4c13b9faf13fcdfe81a91199087e1b8e4d4c8ef21cdd0ab5d25d693667272510720450ea340f9ee8e2dcae618288ffe89c12b2a99a4aefda1c786dca05045a62c32759f5d4eba06cbdb50b009dc5c96cdb7e0c4de400851a554214646e03fcd6e055b8d5d4ef7e0f78e9a11f9b8f35898309e9956837537c18b16b252bba1bd2881bae327c7abf3c2b6c711ba92e7943ef607187431ebe4847316e6b8e89f0ada12654c7fadd15ac9a4be200ee5827a917fe421d01056167da0605facd2838f7cfc5c8870abd09931f2470b45aa6e8748f1dc5eedae12d59bbe84d54b673394c4ae11fdde454a7e38d5472978fc964deeb314b9f01b24ad84ff44f528a3cddbd76ae7d2d696cbc8cd9b1958bcd55af865ae49bc526afec4e2cb581b87e919a11867fc57d54b77e29dd8d5a456788153837dc600670660de68384c6d02d24482829ecf3b7eda2cd88d7524e5ebbba5c63c45415c533b893fadfd4a72ca59376413c828401a2b7f8541bf15f263e12ba6251ef46fc5ea57f9578efa83a506dac756a1c8040d760c13160f2254ff4ae6b29521de86ac6018484c54acf830934130a77786eaf0cbd148bd1c2ad0dd8bca68b0af6920e1ddf5386796eeacbab964e2094fbe7de180c5329dcbb5879245d0e2cd79952a4969e510eb0e2e38ac180169f889e8da0edec682938adb702cd1ab7d73697e4bc40022c81a8d0bd7602fd2748ec4e5b7789b9e063b704b0c840d19ff177b7a0bc780e50ffcb1f5a4946963a6434f370bfb9314b30480a8b8c15ef3b70eee19e0d4207c259b06a33dce9094a8b8b455c33bd65b9ff997b5bf4d5ecd3f25a4b76ea3b0e23e6e05b348f001ea998777e4f1704f1b71593f16dbfaab111b38dcb84a0eebd7dcab17537b64d63333c76b2d97b0bfd9e627217512ac3405648982cc61a9bc74adda9cecc3a445f012e50ac03bd56767e3239c05b5d58d2a0ee7883b652bf91d779cdf6370b01c58386d0c3dc76fd8bdedc701a7e765ae12fd13a8e8140057b786beb47e07433303f864875cbcf2f45da8c7b220e8ca93ad405f00a25d0cf9c24af5a9709458cbdc858fd8b5fef9955aeb6cd8ad19bce3aa63f472e5b6c7ceb11ba79bd0f8df089c95fb7404eab69819170243bc3b4e03f1ac971fad24ba0e68af718856f41ff4f2b86620ecf7261f9eb5fae22f1b3964de835bcc6e45df5f84e09e3d8cdd631a3aa4aa0c768e046e79b0da875e6f1e4bfa4f48d133375b6f14fd3db15b9ec4134d2a8335338e9586cd74b480bba9f4e529b7b18d6b949e109d411e738f77e5f1b7870259bd4a3cd6940123ff81d77e490b2d57266713775fa714e06e0fcf0f0df13ed710c95690aa7f5e36b2d1c652dcc37e57627b03b1c7d2147cc1854dee4076699fdbacf68b0d6acd96e1087e5229e6981a430e091d0a3ca9fc73aa517c0cc454b7e5ea9329de428067207a4e1f23338d35f9f897dbefcdc2815a8568d321c6b4b2b2f0c7368c014fe75c23623eb0ea690f919e4d549ca80426307b6954506cea3680fabc028091fb394df982c5cb716521e46cb0f748e8b84205b98f4b0cd96d474184e7e07d66bf51ea4a11ea7c19512024173e0eea7e7561d02bf3d981f13d9f7fdd2fca6f22187ee66a1cfcb8cb5b189c1508ae12ab697a58bd893a888de16b0651a66bf9b096d8d333dcd5b230dd2bbac761fb1f140207d64872d968e393a43c17d76392d10053f749097b2029291a8f5ad74167872a758a2d359d860f8ae984fa2cc28aadf936f1d43182f3a4ffeb6c3d55b3ffbb456982a5acc3423ccba2da7fe47184ed6046022980dea61bacddf34a158d4655de5fca902a6b785ca19972c0686f99dd94c32942ea16e51fd95c9bc7f01eed13c0036564669641a94ff16c4e9042b14470b6471946fd0190ccead8dd07b5c5cb87a5aae2514ea150003ed7e2664552335591f01f7673f670cde02df74bb692980d5b21e32919871215c6250fced6280180b81e0b7af6cb2d895d4da4973e331e94a1d4da8a10ef70317c04943c284cc7a64ba974f7ed190be9aeda4b3005efda4fd464b197f61057dae9a248cbcf75cfee89664667bdd4b82b65d8737246788f0eb2af950e1dc84aac5f4e1df05e0fdc3baa3134211bc63dc0175519983c60cccc6cc568b9233a7aa658a9b7792b4701de45eb5923f6cf7093f109eef6431898cdcf56d2388dcfe4f2bca64adbc00ca48c903191e3062ef7b3041576722f41ae59554976302b8d4ebeb4089152fe88bba9a10ce3b68f7cd9c39200766b9b7f5b41e361989552c15648b1d56c07e5f74632a720f80275822e86fa376ebe561214b5b01658f29839aa2280d0f52dd8b7e180697f8321d904f122a66472636a7f2c27b0348760cb63b563095809a718d02f58e19b579f5581559116e9b48b8410050aab0539c003c686522b32c12cad6baf2b391e759c130f6278ff01e157b54dea30beb5591fe8ae1158ab42083ee269910df41ccb92c6e82463497557cb020978569468bb6eaaa8a8a9c668fb8492edf7a4a0a0a13e6b5317a6601f0ab398404a08b58d5d338cd96315d009e152881519ecc418604d59b6f9ff81167d8c4347371a17be662e6916b9e037fe4138fddc3be44b297bf924cf8c3a2af15e4452b9ce252b46b9a7f9cc477b9e11e5e8ef88e0a1430de1763b6d6d333cfcebf94d3bd6a5fd384a647ad123c8f8ba9fdd5733a7d8def2016fd8b71206be47c1131bec77e5e5cee51a628253e38ff4f5b414aeefe36ec97a84625c2f9f3ce75fbf6ce357d503c4eda541a6829369f84ffadeb86696facb7cacb673946780227e77be46790b4c1d488f232624289d0fcfb77fb7cea24eca3050ea16386fa54fda477101fe33e2cea7dc81371aa168deb17f18caafc400085fa988b5925783129901746c3ccb095137984ec32e0149a9ebda28682fd46efbf41a074505c8ed437c28cb1823cb9b5a267d16a463584d9f06db9b1f83e14c4bdf81f5a7d7d13550977e99c9a9a8aab3e39e339f76e5e4e16b8a8c54981310856aaf77695f39858d0829008756aff815466f4620602ad986d8ab05f2c767d78f1b5192718427de6f2dcf1f058dfd2155232cfc2775c70f4f9abf9cd69519f1c98475963b45e5e4055f90336fefd344065ecd46b8a5e174a8ee45b7b316fef5fcc66227702c7dcad7b7a50df26d16ac52bd14e5609614377550572fa0c6e28ad03e21931549ca8d0f723937acde7ed6d62bfcb39f7a41c7aef6f217a15ae0ce396efc5dd7c9308a1d6a36901dd55bc939c862700f08bd89453e476d239876ea7fed4ba7b13b2e022a01a1281298ed8ac81addc9199db00af6825e915c2518e867eced663b07adcda46b09e51476174a08ba8a2a9d519e3a31d5296b906e49484bf24ef14a45d705ef9504cbd75d4da16db8f789da7e304266df90", 0xfd9}) 2m53.403040778s ago: executing program 0 (id=212): openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='net/fib_triestat\x00') preadv(r0, &(0x7f0000000640)=[{&(0x7f0000000480)=""/134, 0x86}], 0x1, 0x800, 0x78) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) shutdown(0xffffffffffffffff, 0x1) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x87d4b69a72310a97) r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x0, 0x0, 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0xe4}, 0x94) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) tkill(r7, 0xb) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}}) connect$llc(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048054}, 0x0) 2m50.280634163s ago: executing program 2 (id=215): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x9, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008080) socket$inet_smc(0x2b, 0x1, 0x0) syz_open_procfs(0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) read$char_usb(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000440)={[0x3, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) socket$packet(0x11, 0x2, 0x300) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r5, 0xc0245720, &(0x7f0000000080)={0x1}) r6 = socket(0x2b, 0x1, 0x1) connect$inet6(r6, &(0x7f00000001c0)={0xa, 0x4e1f, 0x2, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c) setsockopt$inet6_tcp_int(r6, 0x6, 0x17, &(0x7f0000000040)=0x7, 0x4) 2m46.509857005s ago: executing program 2 (id=219): r0 = socket(0x10, 0x3, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'}) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={0x0, &(0x7f00000004c0)=""/175, 0x44, 0xaf, 0x0, 0x1}, 0x28) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x4, 0x3, 0x1, 0x100, 0xffffffffffffffff, 0x3, '\x00', 0x0, r1, 0x2, 0x3, 0x3, 0x5}, 0x50) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x4a102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = userfaultfd(0x801) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298}) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x457, &(0x7f0000000bc0)="$eJzs281vFOUfAPDvTLvl11/BVsQ38KWKRuJLSwGVgwc1mnjAxEQPevDQtAtBFjC0JkJIBGPwZIyJd+PRf8GTXozxZOJV74aEGC6CpzWzO9PuLrtLt+x2kf18koHnmZc+3+/OPLvPzLMbwMiazf5JIrZHxO8RMV2vNu8wW//v2tXzS9evnl9Kolp9+6+ktt/fV88vFbsWx03llX1pRPpZEnvatLty9tyJxUqlfCavz6+e/HB+5ey5546fXDxWPlY+deDw4UMHF1584cDzfclzKtK89MZ7X7155Ium/Fvy6JPZbhufrFb73Nxw7WgoJ+NDDISejEVEdrpKtf4/HWOxfvKm4/VPhxocMFDVarU61XnzhSpwB0uiua7Lw6goPuiz+99iaR0EvDy44cfQXXmlfgOU5X0tX+pbxteeGJRa7m/7aTYi3r3wzzfZEoN5DgEA0OSHbPzzbDbaaR3/pXFfw3535XNDMxFxd0TsjIh74lTsioh7I2r73h8RD/TYfuskyY3jn/TyphLboGz891I+t9U8/itGfzEzltd21PIvJUePV8r766/J+/kwurzQpY0fX/vty07bGsd/2ZK1X4wF8zguj29rPmZ5cXXxVnJudOVixO7xdvknazMBSUQ8GBG7N9nG8ae/e6jTtpvn30Uf5pmq30Y8VT//F6Il/0LSfX5y/n9RKe+fL66KG/3y66W3OrV/S/n3QXb+/9/2+l/LfyZpnK9d6b2NS3983vGeZrPX/0TyTq08ka/7eHF19cxCxERypB504/oD68cW9WL/LP99e9v3/52x/krsiYjsIn44Ih6JiEfz2B+LiMcjYm+X/H9+9YkPWtdNbjj/wcryX+7p/K8XJqJ1TfvC2Imfvm9qdGa9mOd/vfv5P1Qr7cvXbOT9byNxbe5qBgAAgP+eNCK2R5LOrZXTdG6u/h3+XRFp5fTK6jNHT390arn+G4GZKKXFk67phuehC/ltfb1+MSLqXy0oth/Mnxt/PTZZq88tna4sDzt5GHFTHfp/VvlzbNjRAQPn91owunrq/8ng4gC2ns9/GF299f9tA4sD2Gqldv1/chiRAFuv3ef/J0OIA9h6Lf3ftB+MEM//YHTp/zC69H8YSSuTcfMfyXctFH9pk4ffsYUo3RZhDKwQ6W0RhsKACsN9XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiXfwMAAP//EBbjLA==") syz_mount_image$vfat(&(0x7f00000024c0), &(0x7f00000001c0)='./bus\x00', 0x204b82f, 0x0, 0x3, 0x0, &(0x7f0000000240)) chdir(0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x83) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$gtp(&(0x7f00000033c0), r5) ioctl$NS_GET_PARENT(r4, 0xb702, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') lseek(r7, 0x5, 0x2) sendmsg$GTP_CMD_NEWPDP(r5, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003640)={&(0x7f00000035c0)={0x2c, r6, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@GTPA_I_TEI={0x8, 0x8, 0x3}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_LINK={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8800}, 0x40884) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000006c0), 0x400000, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r4, 0x800c6613, &(0x7f00000000c0)=@v1={0x0, @aes256, 0x3, @desc4}) symlink(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000001c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000008c0)=@newqdisc={0x74, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0x3}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_choke={{0xa}, {0xc, 0x2, [@TCA_CHOKE_MAX_P={0x8, 0x3, 0xb}]}}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x1d, 0x407, 0x2, 0x0, 0x3, 0x4}}, {0x4}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x1d4}, 0x8840) 2m41.868029776s ago: executing program 0 (id=222): r0 = socket$igmp(0x2, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) rt_tgsigqueueinfo(r1, r1, 0x2a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pipe2$9p(&(0x7f0000002740), 0x80080) r4 = fsopen(&(0x7f0000000040)='ceph\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='test_dummy_encryption', 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002280)='/proc/cpuinfo\x00', 0x0, 0x0) read$FUSE(r5, &(0x7f0000000200)={0x2020}, 0x2020) mount(0x0, 0x0, 0x0, 0x2204c96, 0x0) r6 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f00000001c0)='\x00', 0x0, r6) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') lseek(r7, 0xfffd, 0x0) socket$inet6(0xa, 0x2, 0x0) r8 = socket(0x10, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000022c0)=ANY=[@ANYBLOB="9feb01001800000000000000400000004000000002000000000000000000000300000000020000000200000003000000000000000000000105000000080000000000000001000005000000000000000001000000000000000000a122d481344281c0bb15a77142f5c1de50b2f0400350b2d8548651b10d6af451b983e9cc134849cab4c6f15d498ee0804617d6d5975d6e49fedca8af49f989048cfc5304b1bba50752a9811f359c8e9e101de17491f5ceea003b0373"], 0x0, 0x5a}, 0x20) write(r8, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x200000001300, 0x200000001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00"/108]}, 0xe4) r9 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x89ff, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0xd1, 0x0, 0x0, @loopback, @multicast1}}}}) 2m39.564954642s ago: executing program 2 (id=226): r0 = socket$can_bcm(0x1d, 0x2, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x13, &(0x7f0000000080)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="00000000000300006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500"], &(0x7f0000000000)='GPL\x00', 0x9, 0xde, &(0x7f00000001c0)=""/222, 0x41000, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9ba}, 0x94) r1 = socket$unix(0x1, 0x5, 0x0) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r2, &(0x7f00000000c0)={0x1d, r3}, 0x10) sendmsg$can_bcm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r1, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x1) sendmsg$can_bcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-aes-aesni)\x00'}, 0x58) r5 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r5, 0x10e, 0x2, &(0x7f0000000780)=0x2, 0x4) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ffffffffffffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0) write$cgroup_int(r7, &(0x7f0000000000), 0xffffff6a) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4) sendfile(r6, r7, 0x0, 0xffffffff004) bind$can_raw(r7, &(0x7f0000000180), 0x10) close(r6) ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000000)={r4, 0x9, 0x9, 0x3}) socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xd, 0x5, &(0x7f0000000140)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r8, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001e40)=ANY=[@ANYRES32, @ANYBLOB='\a\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB], 0x50) 2m31.584391001s ago: executing program 2 (id=234): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) r3 = socket$inet(0x2, 0x2, 0x1) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r5, &(0x7f00000003c0)=[{&(0x7f0000001800)='\x00', 0x1}], 0x1, 0x2) splice(r4, 0x0, r3, 0x0, 0x25a5, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$nl_xfrm(0x10, 0x3, 0x6) unshare(0x22020400) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000840), 0x1, 0x782, &(0x7f0000000880)="$eJzs3FGIVNUfB/Dfvbvrf//u5LgZCGEkaCVE4+omGURsEMj6FAgRKOSWs7rt6NrORu3mgxZIvUQIZiCJvkTQi/QSvUkPoSSED/USGUVFBVZYD9HLxszsrMs6Y4O769X184G7c86Zvfd7zszlcA/MvQHctlZX/iQRuYjYGRH5qfY0IpZUS50RB2v/d6T39J7KlsTk5Lbfk8pucaD39J76sZKp166o7hKbI+LTviTWLLk6tzw+MTxQKhVHp+rrx/buX18en3hoaO/A7uLu4r5HHt60qbe3p2fz/I31nZU7Vnz5eP+moys/X7X6n2+OJ9FXHXfMGsd8Spo09i9EWIZmjjNpz7AjtGxZ53MLcs4DADe3ynV+W0S0V6/389EWtYu3j1/bcTkfjzW9TL3zyRO/3Mh+AgAAANdvsm0SAAAAWPSSyLoHAAAAwMKq/w7gQO/pPfXtRv324J7tEZeeiIjltfz6/cW1d9ur9xBHdEZHRCz9M4mZt5Umtd3mlv/sHA8wR+Wt2eZfeDrb/O4Ps80/+XXEwUMRcaavwfmfTJ1/169nVn32veD3rZhjwBz98H22+WvvzTb/6EjEmcr809do/kun559oMP+015+dMAevdl+Z/45cNf9dyW9rMv/1tZjz1vvn3mvUfvaLiEuHIu5ub5SfTOcnTfKfajG/u23tukbtz3wQMXkq4v5onD8zq/nzIdYPDpWKPbW/jfM/++7NYqP2/o7a+Jc2y0/imp//zhbH3/XThfP7G7RP9tfy16259vff6PNvm3rGRitOjX872qi98EItf1eT8f/X9/92i/lfbX/0bKP2Yx+1eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuO2lE5CJJC9PlNC0UIroi4q5YmpZGymMPDo68tG9X5b2I5dGRDg6Vij0Rka/Vk0p9Q7V8pb5xVr03Iroj4o38/6v1wvMjpV1ZDx4AAAAWuVzExe2vf7Iy634AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBr6IqIXCRpISLSiPg5n6aFQta9AgAAAOZDLuLiqpMnjlfKf+Wz7g0AAACwECrr/8uHfzsX1v8AAACwaFn/AwAAwOI3c/0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwM8hVtyQtRERaLadpoRBxR0Qsj45kcKhU7ImIZRFxPt/xv0p9Q9adBgAAAFqSi7i4pXPLj1n3AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAW0N5fGJ4oFQqjiooKChMF7KemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyEJ5fGJ4oFQqjpaz7gkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZSn9NIqKyPZBfm3vx0uGtM99dkvydr75GxMvHtx17ZWBsbHRDpf2P6faxd6faN2Y1BgAAAGCm+jq9vo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoVXl8YnigVCqOLmAh6zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw/f4NAAD//100t4w=") bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000000c0)={[{@noinit_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@grpquota}, {@init_itable}, {@auto_da_alloc}, {@nolazytime, 0x2e}, {@nouid32}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@quota}, {@grpid}], [], 0x2c}, 0x1, 0x4bf, &(0x7f0000000c00)="$eJzs3E1oHGUfAPD/TD763aR9+76v/dCuVjFYTZq0ag8eVBR6EQQ9VPAS01hq01aaCLYUG0XqUTx5VI+C4MmLJwUR9aR41bsIRXpp9SArszuT7Ca7280m29ju7we7+zzzsc/8Z54n88w8mQ2gZ5WytyRia0T8EhFD1Wz9AqXqx41rl6b+vHZpKoly+YU/kspy169dmioWLdbbkmdG0oj03ST2Nih39sLF05MzM9Pn8/zY3JnXx2YvXHzk1JnJk9Mnp89OHD165PD4449NPLomcWZxXd/z1rl9u4+99MFzU+V45fvPsu3dms+vjaNqeNVllqIU5dzi1MHK+wOr/vZ/l2016aR/HTeEFemLiOxwDVTa/1D0xeLBG4pn31nIfLNOGwh0TXZu2rFsal/+mS6cv4A7UaKNQ48qzvjZ9W/xupX9j/V29ansfboS/438VZ3TH2l2LTtcvWLva7L+/9osp7wkP5h/bo2I4/N/fZS9ouF9CACAtfVV1v95uFH/L63r22zPx1CGI+JgROyMiP9ExK6I+G/eD/p/RNy1wvJLS/LL+z8/beoosDZl/b8n8rGt+v5fmi+RLOS2VeIfSF49NTN9KN8nIzGwIcuPtyjj62d+fr/ZvFJN/y97ZeUXfcF8O37v31C/zonJuclVhFzn6tsRe/obxZ8sjARke2B3ROzp4PuzfXbqoU/3ZentW5bPv0n8rY/9GowzlT+JeLB6/OdjSfyFpFpSs/HJsY0xM31orKgVy/3w45Xna/MDNem6+De2F9PGToNtIDv+mxvW/zz+ohkU47WzKy/jyq/vNb2mWX78kzg+X7tEXv9rakJW/weTFyvp4jrqzcm5ufPjEYP5hLrpE4vrFvli+Sz+kQON2//OiL8/ztfbGxFZJb47Iu6JiP35tt8bEfdFxIEW8X/39P2vtd5Drdp/d2Xxn2h1/COGk9rx+g4Sfae//bJZ+e39/TtSSY3kU9r5+5cXXpyOmm5gp/sNAAAAbidpZQw6SUeLdM3NqV2xOZ05Nzt3sBRvnD1RHasejoG0uNM1VHM/dDy/N1zkJ5bkD0fEjsp/Gm2q5Eenzs1sW8/AgcqzOnXtP9J0dLQ677dm//QC3DlWNI5W+3Tg51+s/cYAt5TnNaF3af/Qu7R/6F3aP/SuRu3/csSNddgU4BZz/ofepf1D79L+oXdp/9CTlj8SX/zQQidP+i8mdh5b1epdT5SHuvLN8ytfq69LkUbtj3Y0TSStfhyhZSLS1ssMtlF6k8TLH1arYPcqQHrTZZ7sYul5Yn+e2BAR7a51ufO92kH9AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuP39EwAA///xS9f+") openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) r6 = socket$vsock_stream(0x28, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0xfca804a0, 0x7, 0x0, &(0x7f00000002c0)="b8000005000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) listen(r6, 0xfffffffe) unshare(0x2c020400) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) fsetxattr(r8, &(0x7f0000000080)=@known='trusted.overlay.upper\x00', 0x0, 0x0, 0x0) fgetxattr(r8, &(0x7f0000000000)=@known='trusted.overlay.upper\x00', 0x0, 0xffde) 2m24.54073069s ago: executing program 32 (id=222): r0 = socket$igmp(0x2, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) rt_tgsigqueueinfo(r1, r1, 0x2a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pipe2$9p(&(0x7f0000002740), 0x80080) r4 = fsopen(&(0x7f0000000040)='ceph\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='test_dummy_encryption', 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002280)='/proc/cpuinfo\x00', 0x0, 0x0) read$FUSE(r5, &(0x7f0000000200)={0x2020}, 0x2020) mount(0x0, 0x0, 0x0, 0x2204c96, 0x0) r6 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f00000001c0)='\x00', 0x0, r6) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') lseek(r7, 0xfffd, 0x0) socket$inet6(0xa, 0x2, 0x0) r8 = socket(0x10, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000022c0)=ANY=[@ANYBLOB="9feb01001800000000000000400000004000000002000000000000000000000300000000020000000200000003000000000000000000000105000000080000000000000001000005000000000000000001000000000000000000a122d481344281c0bb15a77142f5c1de50b2f0400350b2d8548651b10d6af451b983e9cc134849cab4c6f15d498ee0804617d6d5975d6e49fedca8af49f989048cfc5304b1bba50752a9811f359c8e9e101de17491f5ceea003b0373"], 0x0, 0x5a}, 0x20) write(r8, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x200000001300, 0x200000001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00"/108]}, 0xe4) r9 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x89ff, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0xd1, 0x0, 0x0, @loopback, @multicast1}}}}) 2m14.753634658s ago: executing program 33 (id=234): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) r3 = socket$inet(0x2, 0x2, 0x1) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r5, &(0x7f00000003c0)=[{&(0x7f0000001800)='\x00', 0x1}], 0x1, 0x2) splice(r4, 0x0, r3, 0x0, 0x25a5, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$nl_xfrm(0x10, 0x3, 0x6) unshare(0x22020400) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000840), 0x1, 0x782, &(0x7f0000000880)="$eJzs3FGIVNUfB/Dfvbvrf//u5LgZCGEkaCVE4+omGURsEMj6FAgRKOSWs7rt6NrORu3mgxZIvUQIZiCJvkTQi/QSvUkPoSSED/USGUVFBVZYD9HLxszsrMs6Y4O769X184G7c86Zvfd7zszlcA/MvQHctlZX/iQRuYjYGRH5qfY0IpZUS50RB2v/d6T39J7KlsTk5Lbfk8pucaD39J76sZKp166o7hKbI+LTviTWLLk6tzw+MTxQKhVHp+rrx/buX18en3hoaO/A7uLu4r5HHt60qbe3p2fz/I31nZU7Vnz5eP+moys/X7X6n2+OJ9FXHXfMGsd8Spo09i9EWIZmjjNpz7AjtGxZ53MLcs4DADe3ynV+W0S0V6/389EWtYu3j1/bcTkfjzW9TL3zyRO/3Mh+AgAAANdvsm0SAAAAWPSSyLoHAAAAwMKq/w7gQO/pPfXtRv324J7tEZeeiIjltfz6/cW1d9ur9xBHdEZHRCz9M4mZt5Umtd3mlv/sHA8wR+Wt2eZfeDrb/O4Ps80/+XXEwUMRcaavwfmfTJ1/169nVn32veD3rZhjwBz98H22+WvvzTb/6EjEmcr809do/kun559oMP+015+dMAevdl+Z/45cNf9dyW9rMv/1tZjz1vvn3mvUfvaLiEuHIu5ub5SfTOcnTfKfajG/u23tukbtz3wQMXkq4v5onD8zq/nzIdYPDpWKPbW/jfM/++7NYqP2/o7a+Jc2y0/imp//zhbH3/XThfP7G7RP9tfy16259vff6PNvm3rGRitOjX872qi98EItf1eT8f/X9/92i/lfbX/0bKP2Yx+1eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuO2lE5CJJC9PlNC0UIroi4q5YmpZGymMPDo68tG9X5b2I5dGRDg6Vij0Rka/Vk0p9Q7V8pb5xVr03Iroj4o38/6v1wvMjpV1ZDx4AAAAWuVzExe2vf7Iy634AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBr6IqIXCRpISLSiPg5n6aFQta9AgAAAOZDLuLiqpMnjlfKf+Wz7g0AAACwECrr/8uHfzsX1v8AAACwaFn/AwAAwOI3c/0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwM8hVtyQtRERaLadpoRBxR0Qsj45kcKhU7ImIZRFxPt/xv0p9Q9adBgAAAFqSi7i4pXPLj1n3AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAW0N5fGJ4oFQqjiooKChMF7KemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyEJ5fGJ4oFQqjpaz7gkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZSn9NIqKyPZBfm3vx0uGtM99dkvydr75GxMvHtx17ZWBsbHRDpf2P6faxd6faN2Y1BgAAAGCm+jq9vo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoVXl8YnigVCqOLmAh6zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw/f4NAAD//100t4w=") bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000000c0)={[{@noinit_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@grpquota}, {@init_itable}, {@auto_da_alloc}, {@nolazytime, 0x2e}, {@nouid32}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@quota}, {@grpid}], [], 0x2c}, 0x1, 0x4bf, &(0x7f0000000c00)="$eJzs3E1oHGUfAPD/TD763aR9+76v/dCuVjFYTZq0ag8eVBR6EQQ9VPAS01hq01aaCLYUG0XqUTx5VI+C4MmLJwUR9aR41bsIRXpp9SArszuT7Ca7280m29ju7we7+zzzsc/8Z54n88w8mQ2gZ5WytyRia0T8EhFD1Wz9AqXqx41rl6b+vHZpKoly+YU/kspy169dmioWLdbbkmdG0oj03ST2Nih39sLF05MzM9Pn8/zY3JnXx2YvXHzk1JnJk9Mnp89OHD165PD4449NPLomcWZxXd/z1rl9u4+99MFzU+V45fvPsu3dms+vjaNqeNVllqIU5dzi1MHK+wOr/vZ/l2016aR/HTeEFemLiOxwDVTa/1D0xeLBG4pn31nIfLNOGwh0TXZu2rFsal/+mS6cv4A7UaKNQ48qzvjZ9W/xupX9j/V29ansfboS/438VZ3TH2l2LTtcvWLva7L+/9osp7wkP5h/bo2I4/N/fZS9ouF9CACAtfVV1v95uFH/L63r22zPx1CGI+JgROyMiP9ExK6I+G/eD/p/RNy1wvJLS/LL+z8/beoosDZl/b8n8rGt+v5fmi+RLOS2VeIfSF49NTN9KN8nIzGwIcuPtyjj62d+fr/ZvFJN/y97ZeUXfcF8O37v31C/zonJuclVhFzn6tsRe/obxZ8sjARke2B3ROzp4PuzfXbqoU/3ZentW5bPv0n8rY/9GowzlT+JeLB6/OdjSfyFpFpSs/HJsY0xM31orKgVy/3w45Xna/MDNem6+De2F9PGToNtIDv+mxvW/zz+ohkU47WzKy/jyq/vNb2mWX78kzg+X7tEXv9rakJW/weTFyvp4jrqzcm5ufPjEYP5hLrpE4vrFvli+Sz+kQON2//OiL8/ztfbGxFZJb47Iu6JiP35tt8bEfdFxIEW8X/39P2vtd5Drdp/d2Xxn2h1/COGk9rx+g4Sfae//bJZ+e39/TtSSY3kU9r5+5cXXpyOmm5gp/sNAAAAbidpZQw6SUeLdM3NqV2xOZ05Nzt3sBRvnD1RHasejoG0uNM1VHM/dDy/N1zkJ5bkD0fEjsp/Gm2q5Eenzs1sW8/AgcqzOnXtP9J0dLQ677dm//QC3DlWNI5W+3Tg51+s/cYAt5TnNaF3af/Qu7R/6F3aP/SuRu3/csSNddgU4BZz/ofepf1D79L+oXdp/9CTlj8SX/zQQidP+i8mdh5b1epdT5SHuvLN8ytfq69LkUbtj3Y0TSStfhyhZSLS1ssMtlF6k8TLH1arYPcqQHrTZZ7sYul5Yn+e2BAR7a51ufO92kH9AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuP39EwAA///xS9f+") openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) r6 = socket$vsock_stream(0x28, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0xfca804a0, 0x7, 0x0, &(0x7f00000002c0)="b8000005000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) listen(r6, 0xfffffffe) unshare(0x2c020400) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) fsetxattr(r8, &(0x7f0000000080)=@known='trusted.overlay.upper\x00', 0x0, 0x0, 0x0) fgetxattr(r8, &(0x7f0000000000)=@known='trusted.overlay.upper\x00', 0x0, 0xffde) 56.048247695s ago: executing program 1 (id=318): r0 = socket$alg(0x26, 0x5, 0x0) accept$alg(r0, 0x0, 0x0) r1 = socket(0x400000000010, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0) recvfrom$inet_nvme(r1, &(0x7f0000000500)=""/200, 0xc8, 0x12103, &(0x7f0000000700)=@l2={0x1f, 0xfffe, @none, 0x8}, 0x80) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==") r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$NILFS_IOCTL_GET_VINFO(r2, 0xc0186e86, &(0x7f0000000080)={&(0x7f00000006c0)=[{0x8, 0x5, 0x1, 0x3}], 0x1, 0x20, 0x0, 0x6}) syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file7\x00', 0x2000002, &(0x7f00000003c0)=ANY=[@ANYBLOB='volume=00000000000000001062,gid=', @ANYRESDEC=0x0, @ANYBLOB=',noadinicb,rootdir=00000000000000000004,gid=forget,unhide,noadinicb,iocharset=cp861,longad,\x00'], 0x1, 0xc32, &(0x7f0000000e00)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=") openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='devices.list\x00', 0x275a, 0x0) syz_mount_image$ext4(&(0x7f0000000900)='ext3\x00', &(0x7f0000000180)='./file0\x00', 0x2008002, &(0x7f0000000800)={[{@data_err_ignore}, {@nodiscard}, {@quota}]}, 0x1, 0x580, &(0x7f0000001f80)="$eJzs3c+PG1cdAPDvzP7sJu0m0ANUQAIUQhXFzjptVHppufBDVaVCxYlDuuw6qyV2HGJv6S4rsf0bQAKJE4i/gAMSB6SeOHDjiMQBEOWAVCACJSAORjOe3bi7XuKsvXay/nykyfx4M/6+N96Z9/zszAtgYp2PiJ2ImI2INyNisdieFFO80pmy/e7e2V65d2d7JYl2+42/J3l6ti26jsmcKl5zPiK+9qWIbyYH4zY3t24s12rV28V6uVW/VW5ubl1ary+vVdeqNyuVq0tXL7945YXK0Mp6rv7z97+4/urXf/XLj7/3253nvptl63SR1l2OYeoUfWYvTmY6Il49jmBjMFXMZ49y8H9+9tXnhpsdHlIaER+KiE/l1/9iTOV/nQDASdZuL0Z7sXsdADjp0rwPLElLEZGmRSOg1OnDezoW0lqj2bp4vbFxc7XTV3YmZtLr67Xq5bNzv/92vvNMkq0v5Wl5er5e2bd+JSLORsQP5p7I10srjdrqeJo8ADDxTnXX/xHxr7k0LZX6OrTHt3oAwGNjftwZAABGTv0PAJNH/Q8Ak6eP+r/4sn/n2PMCAIyGz/8AMHnU/wAwedT/ADBRXn/ttWxq3yuef7361ubGjcZbl1arzRul+sZKaaVx+1ZprdFYy5/ZU3/Q69UajVtLz8fG2+VWtdkqNze3rtUbGzdb1/Lnel+rzoykVADA/3P23Lu/SyJi56Un8im6xnJQV8PJlg5xL+DxMjXIwRoI8Fgz2hdMrr6q8LyR8JtjzwswHj0f5j3fc/GDfvQQQfzOCB4pFz7af///kcZ4Bh5ZevZhch2t///loecDGL0j9///cbj5AEav3U72j/k/u5fU7fVRjkoMABynAX7C1/7esBohwFg9aDDvzlf3nz+Y8DDf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAJczoivhVJWsrHAk+zf9NSKeLJiDgTM8n19Vr1ckQ8FeciYmYuW18ad6YBgAGlf02K8b8uLD57en/qbPLvuXweEd/58Rs/fHu51bq9lG3/x972ud3hwyr3jxtgXEEAoH9/7menvP6uFPOuD/J372yv7E7HmMcD3v/C3uCjK/fubOdTJ2U62u12O2I+b0ss/DOJ6eKY+Yh4JiKmhhB/552I+Eiv8id538iZYuTT7vhRxH5ypPHTD8RP87TOPDt9Hx5CXmDSvJvdf17pdf2lcT6f977+5/M71ODy+998xO69715X/Oki0lSP+Nk1f77fGM//+isHNrYXO2nvRDwz3St+shc/OST+s33G/8PHPvH9lw9Ja/8k4kL0jt8dq9yq3yo3N7curdeX16pr1ZuVytWlq5dfvPJCpZz3UZd3e6oP+ttLF586LG9Z+RcOid9550/tK//s3rGf6bP8P/3vm9/45P3Vuf3xP/fp3u//0/m89/nP6sTP9hl/eeEX84elZfFXDyn/g97/i33Gf+8vW6t97goAjEBzc+vGcq1WvT3QQvYpdBivc2Ahy2J/O+82FwcL+qfIF+6fliSSGHa5ssZYPzvPDP+sfnm7c5Ye/vDd89vXztN7bcVhZH6qs7BQvOSw/8YesJAOoRSD5znOFAt3R1X2Ed+IgJG7f9GPOycAAAAAAAAAAAAAAMBhRvE/qMZdRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6u/wUAAP//dQy6iw==") sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000}, 0x0) msync(&(0x7f0000d5c000/0x2000)=nil, 0xfffffffffffffef1, 0x0) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r4, 0x0) r5 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r5, &(0x7f0000000280)=[{&(0x7f0000000440)}], 0x1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r5) ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, 0x0) 52.135730299s ago: executing program 4 (id=327): write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xffffffc1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22052, 0xffffffffffffffff, 0x0) r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB], 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r2, 0x0, 0x0, 0x8e90385f0ccb53ea}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r1, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x15, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x0, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x8004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x4}, 0x50) r5 = socket$nl_rdma(0x10, 0x3, 0x14) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000005580)=""/102392, 0x18ff8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x100) r7 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41) ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r7, 0x40146f2c, &(0x7f00000000c0)={0x1, 0x0, 0x3, 0x13, 0x4}) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000000314010026bd700006dbdf250900020073797a300000000008004100736977001400330077673100"/56], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0xedbde134798091f0) 52.0085476s ago: executing program 1 (id=328): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) shutdown(r3, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r3, 0xc058671e, 0x0) connect$bt_rfcomm(r3, &(0x7f0000005dc0)={0x1f, @none, 0x15}, 0xa) mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x40) syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000005c0)=ANY=[@ANYBLOB="73657373696f6e3d3078303030303030303030303030303030342c636865636b3d7374726963742c636865636b3d7374726963742c73657373696f6e1549935ad795b21e50d93886c01fd6b73d30fe78303030303030303030303030303034382c646d6f64d0d69574653d3078303030303030303030303030303030342c6d61703d61636f726e2c757466382c696f636861727365743d69736f383835392d372c6d61703d6f66662c6e6f636f6d70726573732c6d6f64653d3078303030303030303030303030303030302c686964652c6e6f6a6f6c6962fced236c17923b"], 0x0, 0x3f1, &(0x7f0000000840)="$eJzs3M9OG0ccwPFZYlJKJVQpaiCEw6RpJXqIs7sUIyun7XpsJlnvrmbWEZyqqECECqQqqVS4VFzSVmofIte+QS99o6h9A6rdNZQ/BlP+GUXfj4Rm7P3NzG9W1oxsNCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBwwobreo6IdNxZkCcLGyZp97rw+UZR7PX36aHilHGFcPI/MTIiJsq3Ju78d/mTspPx8tW4GMmLEbH90d2Pn9ypDO21PyXha7G5tf3qzzLHM8VX/tktXHli16SlYm0T3Q5aSmqbyHqt5j6eb1rZ1JGyizZTbRkaFWSJkdPhF9Kr12ekqi4mnbjVCCK19+bcI991a/JpNVWBsUn8+GnVhvM6inTcKmLyy3nMXP5BfKYzmamgLeXK6tryTL8k8yDvLEF+vyDf9X3P832vNlufnXPdiu/68tAb7hHiWJPBf2gxWJe5fAMXstvd/wEAAAAAwPvLKX5jz7//Dxe/wzuiqSPlDjotAAAAAABwiYr//I/nxXBemxAO3/8BAAAAAHjf/HLwjN2Hvc7Y2fQD56+/hTHDzk668JmzHuThwbqoFO1uHe0xa046Y91OiqJW6b4K1ZRzrwy6txf9rlus9Dvr5xxLoDvy0QTKE3a7P/VIQPwmJsugyaWyXNq7Uo4y2tSRqoZJ9MQTQTA2lKmF7IeN1R9FMf1f4/aYI1ZW15ar37xaWypy2cl72VnvHqA4do7i5JshXu+fe+w94+Hih5juuKPluO7B+Q+VzYf+x5hvxP0y5v5oWY4env9IPqZXPWn23Sy8C878jZgqY6amH+bFw+keWfj9svAPZnGue3GGLGb6ZTFzwSwAYFBW+uxCzvGN/xyr3OXt7qev6A/KmAeTxcJameyxorv9VnT3grvbH8eegXDSHpuP+3vcrt4WYn9XfZs3eHviuDbynfwW3nq9/p24u7m1/Wh1/cXL5ZfLG74/U3O/dN1ZXwwX0+gW7D0AgB6UeeeMZj87xuj0a69e94JsXkmThM+k0Y2WkjrOlAnng7ilZGqSLAmTKK881w1lpe2kaWIy2UyMTBOrF4onv8juo1+sagdxpkObRiqwSoZJnAVhJhvahjLtfBVpO69M0dimKtRNHQaZTmJpk44JVVVKq9SBQN1QcaabOq/GMjW6HZhF+TyJOm0lG8qGRqdZkk/L7I+l42Zi2kW31UHfbAAAbojNre1vX6ytLX9/hZVBzxEAABzGLg0AAAAAAAAAAAAAAAAAAAAAwM13Hef/LrfiCCFuQBpUqFx25fZ5P9i7V5DPoFcmAFft3wAAAP//0uSrPQ==") mount$bind(0x0, 0x0, 0x0, 0x185093, 0x0) mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0) open_tree(0xffffffffffffff9c, 0x0, 0x89901) mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x20000, 0x0) 49.456467729s ago: executing program 4 (id=331): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000002c0)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000780)=ANY=[@ANYBLOB="7a0af8ff75257000bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b25952850a84a70002b2ab3d6ffaa6ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5986fc44bc25fb591cf77b9dfb379a3f611dbc2a364916f098dab10b1a297cf528666d1ddd73f30f2382f6cda4bfdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e384c3cb07b74a72291a1a2b523dd81b6651b1ee48e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e9e54687d3c56d7bedb6b2f25ddb8c640bb321a402058c9221b6870814cf4ee23ddb79fff5eb156e0a000000000000f2bd1d4a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8f9f3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0b6dd7356aa79d5fabb5c0d0da6d719d7e0efb2bb713d18242cd5df6ca53307a4cdd91be4587f90e317c8de5e5c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1786eda2b20"], &(0x7f0000000100)='GPL\x00'}, 0x48) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001680)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000200), &(0x7f0000000240)=r3}, 0x20) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000280)={'bridge0\x00', &(0x7f0000000300)=@ethtool_link_settings={0x4c, 0x4, 0x3, 0x8, 0x9, 0x3, 0x4f, 0x1, 0x5, 0x3, [0x401, 0xb0, 0x0, 0x7, 0x2, 0x8, 0x2, 0xfffffff8], [0x0, 0xbae27f9]}}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10000, &(0x7f0000000080)={[{@quota}, {@delalloc}, {@acl}, {@journal_dev={'journal_dev', 0x3d, 0x11}}, {@usrjquota}, {@bsdgroups}]}, 0x1, 0x4f6, &(0x7f0000001000)="$eJzs3M9vVNUeAPDvnXZogcejj8cjoQ+1gMbGxBYKCgs3mJi40MSIC1k2bSGVAQztQkgjQ2JwTeLeuDTuNHGrS+PKPwAXLkwMCVE2gKsxd+bedjpzpzMttbXt55MMnHN/nB/3njNz7j29N4AdayT9J4n4V0Tci4j9jejyDUYa/z1+uDD15OHCVFRrtfO/J/XtHqXxTL7f3iwyWooofZK0JNgwd+Pm5clKZeZ6VOvx8fkrH47P3bj58uyVyUszl2auTpw9e/rUyTOvTryyLO2IGOxaqYL80no9Gv742pHDb164+/ZUf2tizfXoKN/rj2rXTSM/th280JzeNrCvKZy01+vWhhaGng1mzbCc9v+FyrELm10gYMPUarXaQOfV1Vqr221LgC0ric0uAbA58h/69Po3/zSWlDdi+LHpHpxrXAA9erhQuxUx9Xix/v1RyrYpt1zfplYYM63KSES8X/3z8/QTK92H+GWdMgQAdrzvz2XDwCRaxn+lONS03b+zOZShiPhPRByIiP9GxMGI+F/Esm2XSSJqK+R/sHXBYv7fZLMIpftrrVsv0vHfa9ncVv7J8s03GerLYvsi8gHzzInsmIxGeeDibGXmZIf0d3XJv3n8l37S/POxYFaO+/0tg83pyfnJtdW23YPbEcP9rfVP+tMTl0/jJBFxOCKGV5HuUFN49qUvjyxGWi4rute/rlYwpbcu82e1LyJebJz/aiw7/0s5Js3zk6W2+cnxwajMnBhPW8GJwkL++NOddzrl37X+3/7aussbZ747//QVz6Tnf09T+498/nap/kNJRLI4XzsXUetbXR53fv60nu7I8fZ1a23/u5L36uG8f300OT9//WTEruSt9uUTS/vm8Xz7tP6jx4v7/4Fsn/RI/D8i0kb8TEQ8G9GXl/1oRByLiIKqLfrh9ec/6LSux/b/t0nrP134/Zdk7aB+/pfm63sM5OmnS/ouH733ZLh44j6r//6Vz//pemg0W1L8/Zcs+4rotaTrcAgBAADgH68U9b/9L40thkulsbHGPaCDsadUuTY3/1xEXJ1uPCMwFOXSxdnKTH5DbijKSX7/c6gpPtESP5XdN/6sb3c9PjZ1rTK92ZWHHW5vvc8nbf0/9dsq7/MCW9A2eg4NWKVu/f/Q3Q0qCLDh/P7DztXU/zu92aLqL2Vge/L7DztXUf+/FV+t+OyC7wzY+mr6MuxoK/f/7u/bBLau/nh3MVx/7LnwaVtgOzL+hx2p+0PyA6t+9n8pUBsoXjUYBW8MGFxTFl0Duwvy2pRAOrJaxwTLEdHbxrvXkkU+BOz8hofS6hIciPZVfbHSXknxexwiotpxr/SodC3PpUO9Nv6eA/k7Uda72Xy91E/LPZ7upw243gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALaVvwIAAP//CB3NTQ==") r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x30, r8, 0x1, 0x70bd25, 0x25dfdbff, {{}, {0x0, 0x400b}, {0x14, 0x18, {0x0, @bearer=@udp='udp:syz2\x00'}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4880}, 0x40090) write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0) fdatasync(r6) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) 49.455535399s ago: executing program 1 (id=340): socket$nl_generic(0x10, 0x3, 0x10) r0 = fanotify_init(0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) brk(0x689d80000000) syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x103000) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x2241, 0x0) r1 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc0b02) ioctl$CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000d40)={0x0, 0x1, 0x4, 0x4, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059", 0x0, 0xfc, 0x0, 0x10}) ioctl$CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000140)={0x100000000, 0x800, 0xf, 0x80000001, 0xfe1c, 0x6, "72aba977db089b65fdfdc5bd97abc350", 0x74, 0x3, 0xa7, 0x7, 0x8, 0x7, 0x29}) syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) syz_open_dev$dri(0x0, 0x2, 0xc8d03) r2 = socket(0x1d, 0x2, 0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000140)={'vxcan1\x00', 0x0}) bind$can_j1939(r2, &(0x7f0000000000)={0x1d, r4, 0x3, {0x0, 0x1}}, 0x18) sendmmsg$inet(r2, &(0x7f0000002e00)=[{{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000080)="d171e4c4c55f7973", 0x8}], 0x1}}], 0x1, 0x0) syz_usb_connect(0x4, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r2) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r5, 0x2) setsockopt$sock_int(r5, 0x1, 0x2f, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd604600f500140601fe8000000000000000000000000000bb2001000000000000000000000000000000004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="ad0503db215058c4501ff75002000090780002"], 0x0) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x5a) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendto$inet_nvme_of_msg(r2, &(0x7f0000000680)={@cmd={{0x4, 0xd, 0x48, 0xa}, {@auth_common={0x7f, 0x80, 0xbe0, 0x6, "e9cf4b6db6f5510d94b6f59c0a4bd46abd4dc0", @anon_struct={0x3, 0x7e}, 0x7, 0xe, 0x2, 0x9, 0xb, "9ef322afa195add877c93c24d19dcae4"}}}, @val=0x0}, 0x88, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 47.217788174s ago: executing program 4 (id=334): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) shutdown(r3, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r3, 0xc058671e, 0x0) shutdown(r3, 0x1) connect$bt_rfcomm(r3, &(0x7f0000005dc0)={0x1f, @none, 0x15}, 0xa) mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x40) syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000005c0)=ANY=[@ANYBLOB="73657373696f6e3d3078303030303030303030303030303030342c636865636b3d7374726963742c636865636b3d7374726963742c73657373696f6e1549935ad795b21e50d93886c01fd6b73d30fe78303030303030303030303030303034382c646d6f64d0d69574653d3078303030303030303030303030303030342c6d61703d61636f726e2c757466382c696f636861727365743d69736f383835392d372c6d61703d6f66662c6e6f636f6d70726573732c6d6f64653d3078303030303030303030303030303030302c686964652c6e6f6a6f6c6962fced236c17923b"], 0x0, 0x3f1, &(0x7f0000000840)="$eJzs3M9OG0ccwPFZYlJKJVQpaiCEw6RpJXqIs7sUIyun7XpsJlnvrmbWEZyqqECECqQqqVS4VFzSVmofIte+QS99o6h9A6rdNZQ/BlP+GUXfj4Rm7P3NzG9W1oxsNCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBwwobreo6IdNxZkCcLGyZp97rw+UZR7PX36aHilHGFcPI/MTIiJsq3Ju78d/mTspPx8tW4GMmLEbH90d2Pn9ypDO21PyXha7G5tf3qzzLHM8VX/tktXHli16SlYm0T3Q5aSmqbyHqt5j6eb1rZ1JGyizZTbRkaFWSJkdPhF9Kr12ekqi4mnbjVCCK19+bcI991a/JpNVWBsUn8+GnVhvM6inTcKmLyy3nMXP5BfKYzmamgLeXK6tryTL8k8yDvLEF+vyDf9X3P832vNlufnXPdiu/68tAb7hHiWJPBf2gxWJe5fAMXstvd/wEAAAAAwPvLKX5jz7//Dxe/wzuiqSPlDjotAAAAAABwiYr//I/nxXBemxAO3/8BAAAAAHjf/HLwjN2Hvc7Y2fQD56+/hTHDzk668JmzHuThwbqoFO1uHe0xa046Y91OiqJW6b4K1ZRzrwy6txf9rlus9Dvr5xxLoDvy0QTKE3a7P/VIQPwmJsugyaWyXNq7Uo4y2tSRqoZJ9MQTQTA2lKmF7IeN1R9FMf1f4/aYI1ZW15ar37xaWypy2cl72VnvHqA4do7i5JshXu+fe+w94+Hih5juuKPluO7B+Q+VzYf+x5hvxP0y5v5oWY4env9IPqZXPWn23Sy8C878jZgqY6amH+bFw+keWfj9svAPZnGue3GGLGb6ZTFzwSwAYFBW+uxCzvGN/xyr3OXt7qev6A/KmAeTxcJameyxorv9VnT3grvbH8eegXDSHpuP+3vcrt4WYn9XfZs3eHviuDbynfwW3nq9/p24u7m1/Wh1/cXL5ZfLG74/U3O/dN1ZXwwX0+gW7D0AgB6UeeeMZj87xuj0a69e94JsXkmThM+k0Y2WkjrOlAnng7ilZGqSLAmTKK881w1lpe2kaWIy2UyMTBOrF4onv8juo1+sagdxpkObRiqwSoZJnAVhJhvahjLtfBVpO69M0dimKtRNHQaZTmJpk44JVVVKq9SBQN1QcaabOq/GMjW6HZhF+TyJOm0lG8qGRqdZkk/L7I+l42Zi2kW31UHfbAAAbojNre1vX6ytLX9/hZVBzxEAABzGLg0AAAAAAAAAAAAAAAAAAAAAwM13Hef/LrfiCCFuQBpUqFx25fZ5P9i7V5DPoFcmAFft3wAAAP//0uSrPQ==") mount$bind(&(0x7f0000000300)='.\x00', 0x0, 0x0, 0x185093, 0x0) mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x20000, 0x0) 45.875700009s ago: executing program 1 (id=338): syz_usb_connect(0x3, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xc6, 0x95, 0x37, 0x20, 0x93a, 0x50f, 0xbad2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5, 0x8, 0x80, 0x2, "", [{{0x9, 0x4, 0xf5, 0x5, 0x0, 0x41, 0x55, 0x2a, 0x9}}]}}]}}, 0x0) 39.136456404s ago: executing program 1 (id=351): bind$inet(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000519000/0x1000)=nil, 0x1000, 0x2) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') pread64(r3, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000b00)={{{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x5, 0x0}, 0x0, 0x5, 0x0, 0x0, 0x2, 0x0, 0x10, 0x1}, {0x7fe000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, {0x0, 0x0, 0x3}, 0x0, 0x0, 0x1, 0x1}, {{@in=@rand_addr=0xffffffff, 0x4d5, 0x32}, 0x2, @in6=@remote, 0x0, 0x2, 0x0, 0xb7, 0xb, 0x81}}, 0xe8) connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0) r5 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r5, &(0x7f00000000c0)={0x1d, r6}, 0x10) sendmsg$can_bcm(r5, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000015c0)={0x1, 0x6, 0x8000, {}, {}, {0x1, 0x0, 0x1}, 0x1, @can={{0x1, 0x0, 0x1, 0x1}, 0x6, 0x2, 0x0, 0x0, "4a4faa7920a000ad"}}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20008000) 39.124393854s ago: executing program 4 (id=354): syz_usb_connect(0x3, 0x4f, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb9050000000109023d0c020000000009049c00030103510009200a00000000000009050313000000000003270103"], 0x0) 34.793893763s ago: executing program 4 (id=346): socket$netlink(0x10, 0x3, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = fcntl$dupfd(r0, 0x406, r0) sched_setaffinity(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) landlock_restrict_self(0xffffffffffffffff, 0x0) socket$unix(0x1, 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = landlock_create_ruleset(&(0x7f0000000080)={0xc0d8, 0x1, 0x3}, 0x18, 0x0) landlock_restrict_self(r3, 0x0) bind$unix(r2, &(0x7f0000003000)=@file={0x1}, 0x6e) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x5, r4, 0x1, 0x0) r5 = socket(0xa, 0x3, 0xff) syz_emit_ethernet(0x3e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c4000000000000000010000000000000000000000000000fe8000000000000000000000000000aaff"], 0x0) setsockopt$inet6_int(r5, 0x29, 0x35, &(0x7f0000000080)=0x408002, 0x4) setsockopt$inet6_int(r5, 0x29, 0xb, &(0x7f0000000000)=0x5, 0x4) recvmmsg(r5, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/127, 0x7f}, 0xfffffff2}], 0x1, 0x4160, 0x0) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"}) ioctl$USBDEVFS_ALLOC_STREAMS(r7, 0x8008551c, 0x0) 33.701954254s ago: executing program 4 (id=347): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) r3 = socket(0xa, 0x3, 0x3a) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"}) ioctl$USBDEVFS_ALLOC_STREAMS(r4, 0x8008551c, &(0x7f0000000400)=ANY=[@ANYBLOB="4a9800000a00000081ec00000486060b830eeaa1144eb44e4c8ac08e6a6eac4a860fdc1851ddab64fe213700008c63f0c84444fdb3d33f1cee37d289ff436030da41bf010000005b3b3b"]) r5 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x0, 0x6, 0x0, 0xff, "db8f2d2b3b7596160c6981acf8805944823a7f"}) getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0) sendmsg$nl_xfrm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYRES32, @ANYRESHEX, @ANYRESHEX=r3], 0x2e0}, 0x1, 0x0, 0x0, 0x4040}, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c56096c590001040d007000fadb107c0844b9c9", @ANYRES32=0x0, @ANYBLOB="900100008ba5072f1c00128009000100626f6e64000000000c00028005001600000000"], 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x240080c1) memfd_secret(0x0) ppoll(0x0, 0x0, &(0x7f0000000280)={0x77359400}, 0x0, 0x0) unshare(0x40020000) socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xd, 0xffff}, {0x0, 0xffe0}}}, 0x24}}, 0x0) 29.388639043s ago: executing program 1 (id=357): r0 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) dup(r0) r1 = socket(0x18, 0x3, 0x3a) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000500)={0x9, 0x1, 0x2, "3bd9d3fe337649c318d3b5710fe89a0d9ec9b50e98bc2e00", 0x32315241}) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8101, 0x0, 0x7, 0x0, 0x3ff, 0xfa11, 0xffffffff}, 0x0) fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) r5 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7}) ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000000)=0x1) r6 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={0xffffffffffffffff}, 0x111}}, 0x20) r8 = socket(0x40000000015, 0x5, 0x0) connect$inet(r8, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r8, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r8, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_xfrm(r8, 0x0, 0x0) getsockopt(r8, 0x200000000114, 0x271b, &(0x7f0000032580)=""/102390, &(0x7f0000000040)=0x18ff6) write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r7, 0x4734}}, 0x10) getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x32, 0x0, &(0x7f0000002140)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000180)=@ethtool_rxfh={0x46, 0x2, 0x10, 0x6, 0x2, "3a1783", 0x2}}) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000560013f16ff28e036afc004a07"], 0xfe33) 17.226192558s ago: executing program 34 (id=347): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) r3 = socket(0xa, 0x3, 0x3a) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"}) ioctl$USBDEVFS_ALLOC_STREAMS(r4, 0x8008551c, &(0x7f0000000400)=ANY=[@ANYBLOB="4a9800000a00000081ec00000486060b830eeaa1144eb44e4c8ac08e6a6eac4a860fdc1851ddab64fe213700008c63f0c84444fdb3d33f1cee37d289ff436030da41bf010000005b3b3b"]) r5 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x0, 0x6, 0x0, 0xff, "db8f2d2b3b7596160c6981acf8805944823a7f"}) getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0) sendmsg$nl_xfrm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYRES32, @ANYRESHEX, @ANYRESHEX=r3], 0x2e0}, 0x1, 0x0, 0x0, 0x4040}, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c56096c590001040d007000fadb107c0844b9c9", @ANYRES32=0x0, @ANYBLOB="900100008ba5072f1c00128009000100626f6e64000000000c00028005001600000000"], 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x240080c1) memfd_secret(0x0) ppoll(0x0, 0x0, &(0x7f0000000280)={0x77359400}, 0x0, 0x0) unshare(0x40020000) socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xd, 0xffff}, {0x0, 0xffe0}}}, 0x24}}, 0x0) 13.192597863s ago: executing program 35 (id=357): r0 = socket$kcm(0x10, 0x2, 0x0) recvmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) dup(r0) r1 = socket(0x18, 0x3, 0x3a) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000500)={0x9, 0x1, 0x2, "3bd9d3fe337649c318d3b5710fe89a0d9ec9b50e98bc2e00", 0x32315241}) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8101, 0x0, 0x7, 0x0, 0x3ff, 0xfa11, 0xffffffff}, 0x0) fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) r5 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7}) ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000000)=0x1) r6 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={0xffffffffffffffff}, 0x111}}, 0x20) r8 = socket(0x40000000015, 0x5, 0x0) connect$inet(r8, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) bind$inet(r8, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r8, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_xfrm(r8, 0x0, 0x0) getsockopt(r8, 0x200000000114, 0x271b, &(0x7f0000032580)=""/102390, &(0x7f0000000040)=0x18ff6) write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r7, 0x4734}}, 0x10) getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x32, 0x0, &(0x7f0000002140)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000180)=@ethtool_rxfh={0x46, 0x2, 0x10, 0x6, 0x2, "3a1783", 0x2}}) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000560013f16ff28e036afc004a07"], 0xfe33) 3.519685841s ago: executing program 6 (id=417): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x182, &(0x7f00000003c0)="$eJzsmLFOOkEQxr/dI5D/PyZaGWOjiSSiicfdocbGgsLeRNHYSeQk6AEGrhASCytfwcbCJ/AFLCx8BB8ArWywsz6zdwuMRMVCDcb5FbPfLMMyOyTfJQeGYf4sD/fPrZZ/9WQAGEESCb3/aPRqJKkfv60UEmdrE9d3J/MXufNs/3kCQBB8/vdjAG6yBnydB8Hrbyf1ugnZ1TlIzGm9DQFT611IbGntQmBH6wOiq6reNPdLnmvuVb2CEpYKtgqOCpn+/tqnAgXSnyCf1xvNw7znubVvFIPm185KrJL+6P/VmY1F5mdDwtY6A4ENrVeQ6MwmGgm5/2Ssd77xw/dn8RuEco4haIPFkIiePwWXArPEn2LEP9J++ShdbzQXSuV80S26FcfJLFuLlrXkpEMjiuIH/vcv9Kf/5PzRd2rjIo7jvO/X7Ch2cyeKbzluPPQ/idRMlAu9RwmfB2NiWi0pQ+cMwzAMwzAMwzAMwzAMwzBfzhRE+BZ0AM56WP0SAAD//wc6dXc=") 3.139567715s ago: executing program 5 (id=419): r0 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, 0x0, 0x0) add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080), 0x0, r0) socket$nl_netfilter(0x10, 0x3, 0xc) semctl$SETVAL(0x0, 0x3, 0x10, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r3, 0x0, 0x94, 0x0, 0x0, 0x0, 0x11, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000) gettid() setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, 0x0, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f00000001c0), &(0x7f0000000200)=0x4) syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), r2) sendmsg$ETHTOOL_MSG_COALESCE_GET(r5, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x48051}, 0x40000) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfffffe0b) ioprio_set$pid(0x1, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0) unshare(0x2a020400) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000080000000000"], &(0x7f0000000300)='GPL\x00'}, 0x94) 2.900269308s ago: executing program 5 (id=420): syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c92012000e00050019100a"], 0x17) 2.596147921s ago: executing program 5 (id=421): openat$snapshot(0xffffff9c, &(0x7f0000000000), 0x80, 0x0) 2.052162467s ago: executing program 6 (id=422): syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000640)='./file2\x00', 0x2010410, &(0x7f0000000040)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRESHEX], 0x11, 0x220, &(0x7f00000002c0)="$eJzs3D9rW1cYB+AjWa6tlhZPhXbpoV3aRW29dOnQUlwIESQkUcif6RrLiZAiga8GyWTQnCmfIwSyBLKFfAF/hizZTMB48pQbbMlWJJzYjiOZOM+z6OX93XN1Dhcu4lxJm38/vFdfTUurSTsU5nMh/0/ohZ1cYSHkw75e+O3Jje0HV2/euvhvubx0ZXbQj/G7n57fvv/45xftb64/3e3kQghbi682vt/4YfPNtbu1NNbS2Gy1YxKXW612styoxpVaWi/FeLlRTdJqrDXT6tpIvtpoDd86VNM0Js1urFe7sd2K7bVuTO4ktWYslUpxPnAqlUc7WRa2sizL5nohy7KTniA3mXkxLae8/nzmDm7qcfdu+rrXqXQq/dd+/v+F8tIfcc/CcNR2p1OZOcj/7OdxNJ8NXw/yxUPzr8Kvv/Tz3ey/S+WxvBhWJr98AAAAAAA4l0qDvfk48uxnuL9fOjhgfP+/X73zfGBs/74QfiwMOzMTXwkAAADwPml3vZ40VmbX+kWjembFXBjt/PVsMMWjhv/+8uhjJlR8OyjCR56nGEIYdgpjx+TDmV+U6RT73yMfdPZ/X3C84YVPNY3ihFe6t8ITjJoPh0XFsF6fm85FAQAAzpfhh/5jD8lPdEIAAAAAAAAAAAAAAAAAAADwBZrGf7yd9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7kbQAAAP//exJWdA==") 1.614694592s ago: executing program 6 (id=423): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x442, &(0x7f0000000140), 0x3f, 0x557, &(0x7f0000001440)="$eJzs3d9rZFcdAPDvvZvJZndTJ1WRWrAWW9ktuplNY9sgovVFnwpqxdc1JrMh7ExmyUzqJhSb0v9ABAVB8EF8EfwDBOmDDz5KoaAv4oOoKKJbRYRqb7l37rDbmTtJ6E4ybfL5wN0559y593vOveTMuT/23gDOrEcj4tmI+HVEPBER9bI8LafreWa//7037ry4lk9JZNnz/0giKcsG68rzMxFxqb9IzEXE174c8a1kNG53d+/maqvV3C7zjV77VqO7u3d1s7260dxobi0vLz298szKUyvXstJ9tXNhkPjplz7/y09/+4/X/3blO3m1PveRqMVQOyap3/RasS0G8m20fRzBpuBc2Z7atCsCAMCR5GP8D0bEJ4rxfz3OFaO5IeemUTMAAABgUrIvzMf/kogMAAAAOLXSiJiPJF0s7wWYjzSdLc8NfDgupq1Ot/epG52drfV8XsRC1NIbm63mtfJe4YWoJXl+qbzHdpB/cii/HBEPRsT36heK/OJap7U+5XMfAAAAcFZcGjr+/3c9LdKHK/6fQHrc9QMAAAAmZGFsBgAAADgtHPIDAADA6Td8/O95/wAAAHCqfOW55/IpG7z/ev2F3Z2bnReurje7NxfbO2uLa53tW4sbnc5G8cy+9mHra3U6tz4TWzu3G71mt9fo7u5db3d2tnrXN9/xCmwAAADgBD348Vd/l0TE/mcvFFN4qB9Q5c/TrgAwSfd5q5+hAryPzUy7AsDU1KZdAWDqkkPmu3kHAADe/y5/dPT6/+D9/84NwOnmAh4AnD2u/8PZVRu+A/A/nv8HZ8VMeQ7gA/3s+XHfG3v9/zdHjZRlEa/V7y1xfhEAAE7WfDEl6WJ5HDAfabq4GPFARLoQteTGZqt5rTw++G29dj7PLxVLJofeMwwAAAAAAAAAAAAAAAAAAAAAAAAA9GVZEhkAAABwqkWkf03ejOJZ/pfrj88Pnx+YTf5bj7+UmR8+//3bq73e9lJe/s/iXV6zEdH7QVn+5NjXhwEAAACTluyPndU/Ti8/l060VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcAW/ceXFtMBUFl04m7t+/GBELFfFjJuaKz7moRcTFfyUxc89ySUScm0D8/Zcj4qGq+Em8lWUvRVmLqvgXJhD/Rz8ZH3+h2DTV8dOT20Vwar2a9z/PVv39pfFo8Vn99zdTTverov+bG8TvJx6K+pj+54GRtbUrYzz8+s8b/VRtNP7LEQ/PVPc/g/43GRP/sZG1vZll2Wj8b359b2+47Bud/mf244jLVb8/RYS7qUavfavR3d27utle3WhuNLeWl5eeXnlm5amVa40bm61m+W9l+7/7sV+8VTmjbP/Fivh/+H2//z2o/Y9XrnH0V+n/r9++86F+cmQH5PGvPFbV/nLzj4mfR/lk+TuQz788SO/30/d65GevPXJQ+9fHbP/D9v+VcSsd8sRXX/nTEb8KAJyA7u7ezdVWq7l9QGLuCN85IJGPI+5j8eNJ1KK5/au5qVfjXSSyl/p77r1Sn3ebyEerd0sGrXoPVOyeRHYisc4X4/mjLjU72ehDPcArZb+w2jpK7zF7XN0SAABwDO6O/qddEwAAAAAAAAAAAAAAAAAAADi7juGpZrWIdz7MbDjm/nSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwoLcDAAD//8b42Ds=") 1.185358497s ago: executing program 3 (id=426): syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e0b040510"], 0xe) 1.097525748s ago: executing program 3 (id=427): syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_EXIT_PERIODIC_INQ={{0xb0}}}}, 0x7) 1.030479619s ago: executing program 6 (id=428): r0 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, 0x0, 0x0) add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080), 0x0, r0) socket$nl_netfilter(0x10, 0x3, 0xc) semctl$SETVAL(0x0, 0x3, 0x10, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r3, 0x0, 0x94, 0x0, 0x0, 0x0, 0x11, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000) gettid() setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, 0x0, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f00000001c0), &(0x7f0000000200)=0x4) syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), r2) sendmsg$ETHTOOL_MSG_COALESCE_GET(r5, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x48051}, 0x40000) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xfffffe0b) ioprio_set$pid(0x1, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0) unshare(0x2a020400) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000080000000000"], &(0x7f0000000300)='GPL\x00'}, 0x94) 844.111271ms ago: executing program 3 (id=429): syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x101441) 749.736822ms ago: executing program 5 (id=430): syz_emit_vhci(&(0x7f0000000e40)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x0, 0xc9, "f44c9ea16c4b113c"}}}, 0xe) 728.581382ms ago: executing program 6 (id=431): syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02"], 0x200) 555.947664ms ago: executing program 5 (id=432): syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0xcd, 0x0, 0x2019}}}, 0x7) 555.788874ms ago: executing program 3 (id=433): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x300058e, &(0x7f00000001c0)={[{@nombcache}, {@resgid}, {@block_validity}, {@grpquota}, {@nojournal_checksum}, {@data_err_abort}, {@jqfmt_vfsv0}]}, 0x3, 0x46c, &(0x7f00000009c0)="$eJzs281vVFUbAPDnzrRA+WpfXvwAUatobPxoaUFl4UajiQtNTNzgsraFIIUaWhMhRsAFLg2Je+PSxL+AxEQ3Rl2ZuNW9ISHGjYTVmDtzLzOdzrSdYToXmd8vXHrOvef2nKfnnplz75kJYGCNp/8lEbsj4veIGK1lVxcYr/67vre2Zy6JSuXdv5JquX/+/mQuL5qftyvLTJSG29a7fOHimdnFxYXzWX5q5eyHU8sXLr5w+uzsqYVTC+dmjh8/dnT65ZdmXlx78u3O4/xf2taDny4dOvDme9fenjtx7f2fvy3n8TfF0SPj6x18ulLpcXXF2tOQToYKbAgdScdA2l3D1fE/GuWod95ovPFZoY0DtlQl0+bw5QpwH0ui6BYAxcjf6NP733zr3+yjeDdfrd0ApXHfyrbakaEoZWWGm+5ve2k8Ik5cvv1VusXWPIcAAFjl+3T+83yr+V8pHmwotzdbGxrL1lL2RcT/I2J/RDwQUS37UEQ83GH9zYskWf1JfQ2qdKP76DaWzv9eiYhba+Z/+ewvxspZbk81/uHk5OnFhSPZ32Qihren+el16vjh9d++aHescf6Xbmn9+Vwwa8eNoe2rz5mfXZm9m5gb3bwScXCoVfzJnZWAtC8ORMTBzf7S8urs6We/OdSu6Mbxr6MH60yVryOeqfX/5WiKP5esvz45tSMWF45M5VfFWr/8evWddvXfVfw9kPb/zpbX/534x5LG9drlzuu4+sfnbe9pJru6/us7tmU/P55dWTk/HbEteavW6Mb9M/Vz83xePo1/4nDr8b8v6n+JRyIivYgfjYjHIuLxrO+eiIgnI+JwU1yN99c/vfbUB+3ivxf6f76p/8dWF2nq/3piWzTvaZmI8pkfr6/+jfVkpVK5tHH/H6uO9Ylsz2Ze/zbRri6vZgAAAPjvKUXE7khKk3fSI6XJydpn+PfHztLi0vLKcyeXPjo3X/uOwFgMl/InXaMNz0Ons9v6sSu1/Eyez44fzZ4bf1keqeYn55YW54sOHgbcrjXjv1Qd/6k/y0W3DthaO4puAFCkhnX0pMh2AP3n+9owuDoY/5XRrWwI0Hctxv9IEe0A+q/V+/+lAtoB9F/T+LfsBwOki+d/321FO4D+8/wfBlfj+PcBABgYyyOx8ZfkWyV2RDdnSdw3iSjdE83oTSLpchRsNrG76AA7TxT9ygQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAb/wYAAP//U+3w7w==") 483.413035ms ago: executing program 6 (id=434): bind$inet(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000519000/0x1000)=nil, 0x1000, 0x2) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') pread64(r3, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000b00)={{{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x5, 0x0}, 0x0, 0x5, 0x0, 0x0, 0x2, 0x0, 0x10, 0x1}, {0x7fe000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, {0x0, 0x0, 0x3}, 0x0, 0x0, 0x1, 0x1}, {{@in=@rand_addr=0xffffffff, 0x4d5, 0x32}, 0x2, @in6=@remote, 0x0, 0x2, 0x0, 0xb7, 0xb, 0x81}}, 0xe8) connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0) r5 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r5, &(0x7f00000000c0)={0x1d, r6}, 0x10) sendmsg$can_bcm(r5, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000015c0)={0x1, 0x6, 0x8000, {}, {}, {0x1, 0x0, 0x1}, 0x1, @can={{0x1, 0x0, 0x1, 0x1}, 0x6, 0x2, 0x0, 0x0, "4a4faa7920a000ad"}}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20008000) 445.297115ms ago: executing program 3 (id=435): syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_SSP_MODE={{0xb}, 0x6f}}}, 0x7) 365.441226ms ago: executing program 5 (id=436): syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0x21f, &(0x7f0000000300)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiMwyo5k9m3M+kyAhSd+bv1eAHjHYM3bEMjAxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkf2CDhwDCXv/Xy33fvY2qLE9SYHot3FbLxJ7hp1XxydnKzfDw3vbp9S7Higqw0l4nHpl78m3B8LQPD5AtPbPVrzhyKV4zhlHKrnBtz1y1ekGuZ+vm6NwwMB6M+T2RgXM4CNX0Psr/KG6CRwcDMwMCuwsDAwMTAwpCWmZNq4MHAyMAM5RjCNINVc0A5mTmpesn5OSntDIzgJABSCZODaHvMwAo30AiZY2zRAFPYDqVVoLQHlF4OpR9DaXm0ZMMCNqEfytNoYGBgY6hILCkpMgSFI4QFFzOCixkJwG1mgto6lwnJcwwMDMeZGEbBKBgFo2AUjIJRMApGwSgYBaNgJANAAAAA///f1rLh") 0s ago: executing program 3 (id=437): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)={[{}, {@creator={'creator', 0x3d, "c71ca657"}}]}, 0x1, 0x613, &(0x7f0000000640)="$eJzs3c1rHOcdB/DvrFcv64CjJHbilkJEDGmpqC1pUVr1UqeUokMoIT30LGw5Fl4rQVKKEkpx34/tIX9AetCtp0LvhvTc3nLVMVDIJSf1pDKzs9LqBVmyZe26/nzMs8/zzDPzzG9+uzO7s8JsgOfWwlSaD1NkYeqdjbK/tdnubG227/faScaSNJJmt0qxkhSfJzfTLflGubCerjg4/1hdf7o8/94XX2992e01U1TzVes3jtrudB7UJZNJLtT1Wc1364nnK3aPsEzYtV7iYNB2Dnlwms2f8LwFhkHRfd88ZKJbxntv5fXVoXG+0Z29U13lAAAA4Bn14na2s5FLg44DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngXt+lf/69//L+rS6LUnU1xM9/f/R+tlqdulK4OK+0k9HHQAAAAAAAAAAHAGXt/OdjZyqdffKaq/+b9RdS5Xjy/ko6xlKau5no0sZj3rWc1Mkom+iUY3FtfXV2dOsOXskVvOPjLUkbM6ZgAAAAAAAAD4P/TbLOz9/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIZBkVzoVlW53GtPpNFMMp5ktFzvQfLvXvtZ9nDQAQAAAMBjeP2U67+4ne1s5FKvv1NU9/yvVvf94/koK1nPctbTyVJuV98FdO/6G1ub7c7WZvt+WQ7P+3bzVGFUM6b73cPRe75ardHKnSxXS67nVj5IJ7fTqLYsXe3Fc3Rcv/mqnPtHtRNGdruuyyP/S12fm7H93f/u601UGRnZzch0HVuZjZeOz8TbX50qjIN7mklj95ufy08h5xfrujyeP553zo91MBOzfa++V4/PRPLtf/ztF3c7K/fu3lmbGp5DekwHM9Huy8Rrz1UmpqtMXNntL+Sn+XmmMpl3s5rl/DKLWc9SJvOTqrVYv57Lx4njM3VzX+/dR0UyWj8v3avo8TGNHojpjWrbS1nOz/JBbmcpb1X/ZjOT72cuc5nve4avnOCsb5zurL/2nbrRSvKnuh4OZV5f6str/zV3ohrrX7KXpZfP/trY/GbdKPfxu7oeDgczMdOXiVeOz8Rfd8rHtc7KvdW7ix+ecH9v1nV5Hv1hqN4lytfLy+WTVfX2vzrKsVeOHJupxi7vjjUOjV3ZHXvUmTpaf4Y7PNNsNfbakWPtauxq39hRn7cAGHoXv3txtPWf1r9an7V+37rbemf8x2M/GPvWaEb+OfLD5vSFN3cuFH/PZ/n13v0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw+NY+/uTeYqeztKoxyMYLwxHG+TZGkgxBGM9R48/7luz0DzWS7Ft50Fcm4Gm7sX7/wxtrH3/yveX7i+8vvb+0Mj83Nz89P/dW+8ad5c7SdPdx0FECT8Pe54FBRwIAAAAAAAAAAACc1Hn834NBHyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwbFuYSvNhisxMX59OMp7Ndmdrs90px3p1VzNJI0nxq6T4PLmZbslE33TFgekv9BqfLs+/98XXW1/uzVWWtHqTPtlRPKhLJut9TlYzn818t+r68RW7R1gm7FovcTBo/wsAAP//FCwM/A==") kernel console output (not intermixed with test programs): ded mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.072660][ T4273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.082740][ T4273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.093541][ T4273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.103497][ T4273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.114414][ T4273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.134918][ T4273] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.146849][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.159476][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.159509][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.178633][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.189628][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.202426][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.212488][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.223503][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.233493][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 84.243960][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 84.266977][ T4274] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.289189][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 84.309778][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 84.319180][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 84.327004][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 84.335910][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 84.347193][ T4273] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.359100][ T4273] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.368159][ T4273] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.376877][ T4273] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.399978][ T4274] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.410722][ T4274] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.421015][ T4274] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.432325][ T4274] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.508266][ T4285] Bluetooth: hci3: command 0x0419 tx timeout [ 84.514370][ T4285] Bluetooth: hci4: command 0x0419 tx timeout [ 84.520920][ T4291] Bluetooth: hci2: command 0x0419 tx timeout [ 84.638137][ T4285] Bluetooth: hci1: command 0x0419 tx timeout [ 84.644416][ T4285] Bluetooth: hci0: command 0x0419 tx timeout [ 84.814882][ T4367] loop2: detected capacity change from 0 to 512 [ 84.871011][ T4367] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 84.937076][ T4368] loop1: detected capacity change from 0 to 512 [ 84.953428][ T4368] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 85.161741][ T4367] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 85.418991][ T26] audit: type=1800 audit(1778544735.110:2): pid=4368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2" name="file1" dev="loop1" ino=1048589 res=0 errno=0 [ 85.488258][ T4337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.496350][ T4337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.522981][ T4367] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2800: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 85.636376][ T4367] EXT4-fs (loop2): 1 truncate cleaned up [ 85.653512][ T4367] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 85.780845][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 87.120285][ T27] cfg80211: failed to load regulatory.db [ 87.215673][ T4337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.250190][ T4337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.518210][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 87.536934][ T4272] EXT4-fs (loop2): unmounting filesystem. [ 87.608747][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.616655][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.684427][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.694982][ T4384] loop1: detected capacity change from 0 to 2048 [ 87.721963][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.735717][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.794820][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.826952][ T4384] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 89.645528][ T4405] netlink: 'syz.4.5': attribute type 2 has an invalid length. [ 89.653474][ T4405] netlink: 'syz.4.5': attribute type 1 has an invalid length. [ 89.730299][ T4406] loop4: detected capacity change from 0 to 128 [ 91.125695][ T4404] block device autoloading is deprecated and will be removed. [ 92.502046][ T4418] loop1: detected capacity change from 0 to 512 [ 92.530495][ T4418] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 93.210704][ T4420] netlink: 40 bytes leftover after parsing attributes in process `syz.3.11'. [ 93.391041][ T4420] loop3: detected capacity change from 0 to 1024 [ 93.557796][ C0] sched: RT throttling activated [ 93.632723][ T4418] EXT4-fs error (device loop1): ext4_orphan_get:1405: inode #15: comm syz.1.10: iget: bad i_size value: 38620345925642 [ 94.075721][ T4418] EXT4-fs error (device loop1): ext4_orphan_get:1410: comm syz.1.10: couldn't read orphan inode 15 (err -117) [ 94.092300][ T4418] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 94.280993][ T4416] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.10: bg 0: block 5: invalid block bitmap [ 94.296934][ T4416] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1080 with error 28 [ 94.309785][ T4416] EXT4-fs (loop1): This should not happen!! Data will be lost [ 94.309785][ T4416] [ 94.321181][ T4416] EXT4-fs (loop1): Total free blocks count 0 [ 94.327215][ T4416] EXT4-fs (loop1): Free/Dirty block details [ 94.333288][ T4416] EXT4-fs (loop1): free_blocks=0 [ 94.338505][ T4416] EXT4-fs (loop1): dirty_blocks=1084 [ 94.343819][ T4416] EXT4-fs (loop1): Block reservation details [ 94.349939][ T4416] EXT4-fs (loop1): i_reserved_data_blocks=1084 [ 94.605108][ T4281] EXT4-fs (loop1): unmounting filesystem. [ 96.128717][ T4430] loop0: detected capacity change from 0 to 4096 [ 96.201740][ T26] audit: type=1326 audit(1778544746.250:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4443 comm="syz.2.16" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1e5db9cdd9 code=0x0 [ 96.359438][ T4447] loop1: detected capacity change from 0 to 256 [ 97.707815][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 98.436082][ T4430] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 100.357819][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 100.367838][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 100.377833][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 100.387814][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 101.782053][ T4543] xt_TPROXY: Can be used only with -p tcp or -p udp [ 102.195986][ T4550] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 102.485796][ T4555] loop3: detected capacity change from 0 to 16 [ 103.341069][ T4555] erofs: (device loop3): mounted with root inode @ nid 36. [ 103.370104][ T4553] syz.3.22: attempt to access beyond end of device [ 103.370104][ T4553] loop3: rw=524288, sector=1056, nr_sectors = 16 limit=16 [ 103.697273][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 104.210019][ T4553] syz.3.22: attempt to access beyond end of device [ 104.210019][ T4553] loop3: rw=524288, sector=16, nr_sectors = 40 limit=16 [ 104.225585][ T4553] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 104.237419][ T26] audit: type=1800 audit(1778544754.097:4): pid=4553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.22" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 104.850637][ T4553] syz.3.22 (4553) used greatest stack depth: 19952 bytes left [ 105.030316][ T4559] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 105.109742][ T22] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 105.214060][ T4569] loop4: detected capacity change from 0 to 136 [ 105.383491][ T22] usb 1-1: Using ep0 maxpacket: 16 [ 105.794784][ T4559] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 105.813976][ T4559] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 106.240565][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 106.261922][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 106.283298][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 106.336730][ T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!! [ 106.410680][ T22] usb 1-1: device descriptor read/all, error -71 [ 107.374426][ T4285] Bluetooth: hci4: command 0x0405 tx timeout [ 108.153824][ T4319] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 108.598345][ T4596] loop0: detected capacity change from 0 to 136 [ 108.720929][ T4319] usb 3-1: Using ep0 maxpacket: 8 [ 108.755895][ T4319] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 108.757817][ T4373] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 108.788118][ T4319] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 108.885307][ T4319] usb 3-1: config 1 interface 0 has no altsetting 0 [ 108.934754][ T4319] usb 3-1: New USB device found, idVendor=0644, idProduct=800e, bcdDevice= 0.40 [ 108.989745][ T4319] usb 3-1: New USB device strings: Mfr=1, Product=3, SerialNumber=3 [ 109.190041][ T4319] usb 3-1: Product: syz [ 109.216420][ T4319] usb 3-1: Manufacturer: syz [ 109.254214][ T4319] usb 3-1: SerialNumber: syz [ 110.412801][ T4609] genirq: Flags mismatch irq 4. 00000000 (pcl812) vs. 00000000 (ttyS0) [ 110.441972][ T4609] overlayfs: unrecognized mount option "verity=off" or missing value [ 111.642252][ T4616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.36'. [ 114.623159][ T4319] usb 3-1: 0:2 : does not exist [ 114.686312][ T4633] loop1: detected capacity change from 0 to 128 [ 114.783285][ T4319] usb 3-1: selecting invalid altsetting 1 [ 114.797780][ T4633] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 115.117901][ T4636] Zero length message leads to an empty skb [ 115.404352][ T4319] usb_set_interface error [ 115.441928][ T4633] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 115.471463][ T4319] snd-usb-us122l: probe of 3-1:1.1 failed with error -22 [ 115.545168][ T4319] usb 3-1: USB disconnect, device number 2 [ 115.947234][ T4644] tipc: Can't bind to reserved service type 1 [ 115.966820][ T4644] netlink: 48 bytes leftover after parsing attributes in process `syz.0.41'. [ 116.333844][ T4382] udevd[4382]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 116.914521][ T4655] loop0: detected capacity change from 0 to 4096 [ 116.962159][ T4656] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 117.149135][ T4648] loop4: detected capacity change from 0 to 4096 [ 117.221466][ T4648] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 117.314347][ T4648] ntfs3: loop4: volume is dirty and "force" flag is not set! [ 119.028618][ T4675] NILFS (nullb0): couldn't find nilfs on the device [ 123.158713][ T4701] loop3: detected capacity change from 0 to 4096 [ 123.189827][ T4711] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 124.275210][ T4751] netlink: 8 bytes leftover after parsing attributes in process `syz.4.52'. [ 124.740624][ T4745] loop0: detected capacity change from 0 to 256 [ 125.828442][ T4762] loop4: detected capacity change from 0 to 4096 [ 126.097195][ T4382] I/O error, dev loop4, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 127.834462][ T4783] loop3: detected capacity change from 0 to 16 [ 127.871260][ T4783] erofs: (device loop3): mounted with root inode @ nid 36. [ 127.903385][ T4783] syz.3.61: attempt to access beyond end of device [ 127.903385][ T4783] loop3: rw=524288, sector=1056, nr_sectors = 16 limit=16 [ 127.960749][ T4783] syz.3.61: attempt to access beyond end of device [ 127.960749][ T4783] loop3: rw=524288, sector=16, nr_sectors = 40 limit=16 [ 127.977020][ T4783] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 127.988312][ T26] audit: type=1800 audit(1778544776.331:5): pid=4783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.61" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 130.677772][ T4801] overlayfs: failed to set xattr on upper [ 130.684667][ T4801] overlayfs: ...falling back to index=off,metacopy=off. [ 132.162397][ T4808] loop3: detected capacity change from 0 to 1024 [ 132.172348][ T4808] ======================================================= [ 132.172348][ T4808] WARNING: The mand mount option has been deprecated and [ 132.172348][ T4808] and is ignored by this kernel. Remove the mand [ 132.172348][ T4808] option from the mount to silence this warning. [ 132.172348][ T4808] ======================================================= [ 132.208022][ T4808] ext4: Unknown parameter 'noacl' [ 132.365559][ T4373] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 133.444652][ T4817] loop1: detected capacity change from 0 to 4096 [ 133.463388][ T4818] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 133.650404][ T4359] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 134.346802][ T4822] loop3: detected capacity change from 0 to 4096 [ 134.418092][ T4823] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 134.458342][ T4825] loop2: detected capacity change from 0 to 512 [ 134.466366][ T4825] EXT4-fs: Invalid want_extra_isize 5 [ 134.473743][ T4359] usb 1-1: Using ep0 maxpacket: 8 [ 134.484352][ T4359] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 134.503094][ T4359] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 134.514870][ T4359] usb 1-1: config 1 interface 0 has no altsetting 0 [ 134.634121][ T4359] usb 1-1: New USB device found, idVendor=0644, idProduct=800e, bcdDevice= 0.40 [ 134.677110][ T4359] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=3 [ 134.695110][ T4359] usb 1-1: Product: syz [ 134.700261][ T4359] usb 1-1: Manufacturer: syz [ 134.705340][ T4359] usb 1-1: SerialNumber: syz [ 136.742553][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 136.749402][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 136.797618][ T4830] loop2: detected capacity change from 0 to 512 [ 137.581267][ T4843] loop4: detected capacity change from 0 to 16 [ 138.598426][ T4830] EXT4-fs: error -4 creating inode table initialization thread [ 138.606756][ T4830] EXT4-fs (loop2): mount failed [ 138.651154][ T4843] erofs: (device loop4): mounted with root inode @ nid 36. [ 138.671452][ T4837] syz.4.74: attempt to access beyond end of device [ 138.671452][ T4837] loop4: rw=524288, sector=1056, nr_sectors = 16 limit=16 [ 138.897627][ T4837] syz.4.74: attempt to access beyond end of device [ 138.897627][ T4837] loop4: rw=524288, sector=16, nr_sectors = 40 limit=16 [ 138.972216][ T4359] usb 1-1: 0:2 : does not exist [ 139.055912][ T4837] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 139.652649][ T26] audit: type=1800 audit(1778544787.243:6): pid=4837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.74" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 139.986354][ T4359] usb 1-1: selecting invalid altsetting 1 [ 139.992454][ T4359] usb_set_interface error [ 139.997106][ T4359] snd-usb-us122l: probe of 1-1:1.1 failed with error -22 [ 140.009132][ T4359] usb 1-1: USB disconnect, device number 4 [ 140.287564][ T4856] udevd[4856]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 144.243724][ T4906] loop1: detected capacity change from 0 to 1024 [ 144.733606][ T4918] futex_wake_op: syz.4.79 tries to shift op by 144; fix this program [ 145.827449][ T4923] overlayfs: failed to set xattr on upper [ 145.833458][ T4923] overlayfs: ...falling back to index=off,metacopy=off. [ 146.628701][ T4926] loop3: detected capacity change from 0 to 1024 [ 146.721556][ T4928] loop4: detected capacity change from 0 to 4096 [ 146.841351][ T4930] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 148.366607][ T4936] hfsplus: xattr searching failed [ 153.870006][ T5014] loop3: detected capacity change from 0 to 64 [ 155.131935][ T26] audit: type=1326 audit(1778544801.729:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 155.372848][ T5012] loop1: detected capacity change from 0 to 4096 [ 155.528885][ T26] audit: type=1326 audit(1778544801.766:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 155.644720][ T5012] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 155.676356][ T26] audit: type=1326 audit(1778544802.244:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 156.092772][ T5012] ntfs3: loop1: volume is dirty and "force" flag is not set! [ 156.199222][ T26] audit: type=1326 audit(1778544802.272:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 157.086787][ T26] audit: type=1326 audit(1778544802.272:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 157.126832][ T5016] loop2: detected capacity change from 0 to 512 [ 157.219025][ T26] audit: type=1326 audit(1778544802.272:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 157.321413][ T26] audit: type=1326 audit(1778544802.272:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 157.832905][ T26] audit: type=1326 audit(1778544802.272:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 158.003826][ T26] audit: type=1326 audit(1778544802.281:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 158.079800][ T5016] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 158.124810][ T5016] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 158.196200][ T26] audit: type=1326 audit(1778544802.281:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.2.90" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5db9cdd9 code=0x7ffc0000 [ 158.238756][ T5039] loop0: detected capacity change from 0 to 256 [ 158.422306][ T5039] netlink: 12 bytes leftover after parsing attributes in process `syz.0.96'. [ 158.600976][ T5045] Malformed UNC in devname [ 158.600976][ T5045] [ 158.608019][ T5045] CIFS: VFS: Malformed UNC in devname [ 158.632296][ T5045] process 'syz.3.94' launched './file1' with NULL argv: empty string added [ 158.647646][ T5045] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 158.659671][ T5045] Cannot find add_set index 0 as target [ 159.356326][ T5046] Cannot find del_set index 1 as target [ 159.389439][ T5046] overlayfs: missing 'lowerdir' [ 159.510929][ T4322] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 159.803887][ T4322] usb 1-1: Using ep0 maxpacket: 16 [ 159.864516][ T4322] usb 1-1: config 4 has an invalid interface number: 9 but max is 0 [ 160.074134][ T4322] usb 1-1: config 4 has no interface number 0 [ 160.178183][ T4322] usb 1-1: config 4 interface 9 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 160.322053][ T4322] usb 1-1: config 4 interface 9 altsetting 2 bulk endpoint 0x84 has invalid maxpacket 64 [ 160.464253][ T4322] usb 1-1: config 4 interface 9 has no altsetting 0 [ 160.579813][ T4322] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe [ 160.693011][ T4322] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.794301][ T4322] usb 1-1: Product: syz [ 160.827075][ T5048] loop3: detected capacity change from 0 to 4096 [ 160.914803][ T5049] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 160.982253][ T4322] usb 1-1: Manufacturer: syz [ 162.302147][ T4322] usb 1-1: SerialNumber: syz [ 162.360090][ T4272] EXT4-fs (loop2): unmounting filesystem. [ 162.493868][ T4322] usb 1-1: can't set config #4, error -71 [ 162.534297][ T4322] usb 1-1: USB disconnect, device number 5 [ 163.960931][ T5070] loop4: detected capacity change from 0 to 128 [ 164.021505][ T5070] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 164.102386][ T5075] futex_wake_op: syz.1.103 tries to shift op by 144; fix this program [ 164.225123][ T5077] overlayfs: failed to set xattr on upper [ 164.231175][ T5077] overlayfs: ...falling back to index=off,metacopy=off. [ 164.687708][ T5070] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 166.887600][ T5088] loop4: detected capacity change from 0 to 1024 [ 168.619634][ T5099] netlink: 'syz.3.109': attribute type 4 has an invalid length. [ 169.531647][ T5101] netlink: 40 bytes leftover after parsing attributes in process `syz.2.108'. [ 170.518064][ T5101] loop2: detected capacity change from 0 to 1024 [ 173.224736][ T5113] loop0: detected capacity change from 0 to 128 [ 173.227990][ T5113] hpfs: bad mount options. [ 173.234516][ T26] kauditd_printk_skb: 77 callbacks suppressed [ 173.234532][ T26] audit: type=1326 audit(1778544818.667:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.3.112" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 173.239680][ T26] audit: type=1326 audit(1778544818.667:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.3.112" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 173.255943][ T26] audit: type=1326 audit(1778544818.686:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.3.112" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 174.711334][ T26] audit: type=1326 audit(1778544820.052:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.3.112" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 174.737658][ T26] audit: type=1326 audit(1778544820.071:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.3.112" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 178.704164][ T5146] futex_wake_op: syz.0.117 tries to shift op by 144; fix this program [ 181.135945][ T5154] loop0: detected capacity change from 0 to 128 [ 181.172405][ T5154] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 181.295056][ T5154] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 182.285751][ T26] audit: type=1326 audit(1778544827.136:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5159 comm="syz.3.122" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2c1b99cdd9 code=0x0 [ 184.519961][ T5173] xt_hashlimit: size too large, truncated to 1048576 [ 184.527074][ T5173] xt_hashlimit: invalid rate [ 186.517768][ T5199] IPVS: sync thread started: state = BACKUP, mcast_ifn = vlan1, syncid = 4, id = 0 [ 186.528113][ T5196] IPVS: stopping backup sync thread 5199 ... [ 186.627957][ T5185] netlink: 408 bytes leftover after parsing attributes in process `syz.3.128'. [ 189.646495][ T5215] netlink: 20 bytes leftover after parsing attributes in process `syz.3.131'. [ 190.855042][ T5217] loop3: detected capacity change from 0 to 32768 [ 190.890017][ T5221] 9p: Unknown Cache mode readahead [ 191.974941][ T5228] syz.4.134 uses obsolete (PF_INET,SOCK_PACKET) [ 195.061102][ T4438] Bluetooth: hci5: Frame reassembly failed (-84) [ 195.073862][ T4479] Bluetooth: hci5: Frame reassembly failed (-84) [ 195.080313][ T4506] Bluetooth: hci5: Frame reassembly failed (-84) [ 195.238328][ T5226] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 195.874058][ T5240] No such timeout policy "syz1" [ 197.145943][ T5257] netlink: 8 bytes leftover after parsing attributes in process `syz.4.141'. [ 197.273591][ T5257] bridge0: port 3(geneve1) entered blocking state [ 197.280746][ T5257] bridge0: port 3(geneve1) entered disabled state [ 197.298177][ T5257] device geneve1 entered promiscuous mode [ 197.306146][ T5257] bridge0: port 3(geneve1) entered blocking state [ 197.313043][ T5257] bridge0: port 3(geneve1) entered forwarding state [ 197.354444][ T4275] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 198.210725][ T5262] futex_wake_op: syz.1.142 tries to shift op by 144; fix this program [ 200.893229][ T5271] Bluetooth: MGMT ver 1.22 [ 201.627629][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 201.634040][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 202.006960][ T5272] netlink: 'syz.1.144': attribute type 4 has an invalid length. [ 202.014985][ T5272] netlink: 17 bytes leftover after parsing attributes in process `syz.1.144'. [ 202.405336][ T5282] netlink: 28 bytes leftover after parsing attributes in process `syz.1.144'. [ 202.901571][ T5278] tipc: Started in network mode [ 202.908433][ T5278] tipc: Node identity 4004, cluster identity 4711 [ 202.914896][ T5278] tipc: Node number set to 16388 [ 202.989433][ T5284] loop2: detected capacity change from 0 to 1024 [ 203.029882][ T5284] EXT4-fs: Ignoring removed oldalloc option [ 204.392936][ T5284] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 204.401596][ T5284] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.489773][ T4272] EXT4-fs (loop2): unmounting filesystem. [ 206.531078][ T5309] blktrace: Concurrent blktraces are not allowed on loop5 [ 208.689122][ T4291] Bluetooth: hci0: command 0x0406 tx timeout [ 208.695289][ T4291] Bluetooth: hci1: command 0x0406 tx timeout [ 208.702096][ T4275] Bluetooth: hci3: command 0x0406 tx timeout [ 209.232958][ T4285] Bluetooth: hci2: command 0x0406 tx timeout [ 209.239238][ T4285] Bluetooth: hci4: command 0x0406 tx timeout [ 212.903203][ T5349] xt_hashlimit: size too large, truncated to 1048576 [ 212.910152][ T5349] xt_hashlimit: invalid rate [ 213.444830][ T5353] loop1: detected capacity change from 0 to 128 [ 213.459859][ T5353] hpfs: bad mount options. [ 216.256126][ T5360] overlayfs: failed to set xattr on upper [ 216.262243][ T5360] overlayfs: ...falling back to index=off,metacopy=off. [ 216.341601][ T5364] loop0: detected capacity change from 0 to 1024 [ 216.352362][ T5364] ext4: Unknown parameter 'noacl' [ 220.082193][ T5369] xt_CT: No such helper "pptp" [ 220.284793][ T5373] 9pnet_fd: Insufficient options for proto=fd [ 220.470805][ T5387] loop3: detected capacity change from 0 to 512 [ 220.512572][ T5385] loop2: detected capacity change from 0 to 2048 [ 220.556197][ T5387] EXT4-fs error (device loop3): ext4_iget_extra_inode:4763: inode #15: comm syz.3.170: corrupted in-inode xattr [ 220.669485][ T26] audit: type=1326 audit(1778544863.061:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5383 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 220.695595][ T26] audit: type=1326 audit(1778544863.089:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5383 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 220.742773][ T26] audit: type=1326 audit(1778544863.108:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5383 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 220.769894][ T5387] EXT4-fs error (device loop3): ext4_orphan_get:1410: comm syz.3.170: couldn't read orphan inode 15 (err -117) [ 220.808470][ T26] audit: type=1326 audit(1778544863.192:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5383 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 221.277255][ T26] audit: type=1326 audit(1778544863.539:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5394 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd42595d60e code=0x7ffc0000 [ 221.315451][ T5387] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 221.664672][ T5385] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 222.026449][ T26] audit: type=1326 audit(1778544863.220:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5383 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 223.386947][ T4273] EXT4-fs (loop3): unmounting filesystem. [ 223.569479][ T26] audit: type=1326 audit(1778544863.782:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5394 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 224.411989][ T5410] binder: 5407:5410 ioctl 541b 0 returned -22 [ 224.922416][ T26] audit: type=1326 audit(1778544865.438:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5383 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 224.974236][ T5413] loop0: detected capacity change from 0 to 512 [ 224.975751][ T26] audit: type=1326 audit(1778544865.438:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5383 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 225.319448][ T26] audit: type=1326 audit(1778544865.438:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5383 comm="syz.0.164" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42599cdd9 code=0x7ffc0000 [ 225.690544][ T5413] EXT4-fs warning (device loop0): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop0. [ 226.669555][ T5417] loop3: detected capacity change from 0 to 4096 [ 226.773949][ T5417] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 226.786489][ T5417] ntfs3: loop3: Failed to load $Extend. [ 228.677308][ T5435] loop0: detected capacity change from 0 to 256 [ 228.717349][ T5437] loop4: detected capacity change from 0 to 1024 [ 228.808782][ T4285] Bluetooth: hci0: ISO packet for unknown connection handle 1861 [ 228.823318][ T5440] netlink: 'syz.2.177': attribute type 1 has an invalid length. [ 229.058242][ T5440] 8021q: adding VLAN 0 to HW filter on device bond1 [ 230.763033][ T5445] loop1: detected capacity change from 0 to 4096 [ 231.286597][ T5435] FAT-fs (loop0): Directory bread(block 64) failed [ 231.535112][ T5435] FAT-fs (loop0): Directory bread(block 65) failed [ 231.583542][ T5435] FAT-fs (loop0): Directory bread(block 66) failed [ 232.582098][ T5450] lo speed is unknown, defaulting to 1000 [ 232.588385][ T5450] lo speed is unknown, defaulting to 1000 [ 232.596042][ T5450] lo speed is unknown, defaulting to 1000 [ 232.606105][ T5450] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 232.617748][ T5450] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 232.639711][ T5450] lo speed is unknown, defaulting to 1000 [ 232.646634][ T5450] lo speed is unknown, defaulting to 1000 [ 232.653120][ T5450] lo speed is unknown, defaulting to 1000 [ 232.659680][ T5450] lo speed is unknown, defaulting to 1000 [ 232.667662][ T5450] lo speed is unknown, defaulting to 1000 [ 232.694832][ T5435] FAT-fs (loop0): Directory bread(block 67) failed [ 232.702578][ T5435] FAT-fs (loop0): Directory bread(block 68) failed [ 232.709247][ T5435] FAT-fs (loop0): Directory bread(block 69) failed [ 232.719431][ T5435] FAT-fs (loop0): Directory bread(block 70) failed [ 232.726202][ T5435] FAT-fs (loop0): Directory bread(block 71) failed [ 232.732976][ T5435] FAT-fs (loop0): Directory bread(block 72) failed [ 232.739843][ T5435] FAT-fs (loop0): Directory bread(block 73) failed [ 232.914231][ T5462] loop1: detected capacity change from 0 to 1024 [ 233.154754][ T5462] EXT4-fs: Ignoring removed mblk_io_submit option [ 233.899847][ T5462] EXT4-fs (loop1): bad geometry: bigalloc file system with non-zero first_data_block [ 233.899847][ T5462] [ 233.925562][ T5438] delete_channel: no stack [ 234.006412][ T5462] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 234.048434][ T4477] Bluetooth: hci5: Frame reassembly failed (-84) [ 234.070331][ T5466] loop3: detected capacity change from 0 to 256 [ 234.474477][ T4382] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 236.616949][ T4291] Bluetooth: hci5: command 0x1003 tx timeout [ 236.625480][ T4285] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 236.935705][ T5472] netlink: 8 bytes leftover after parsing attributes in process `syz.4.184'. [ 236.981503][ T5472] netlink: 12 bytes leftover after parsing attributes in process `syz.4.184'. [ 238.513614][ T5485] overlayfs: unrecognized mount option "context=sysadm_u" or missing value [ 240.587723][ T26] kauditd_printk_skb: 30 callbacks suppressed [ 240.587746][ T26] audit: type=1400 audit(1778544880.796:140): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=5478 comm="syz.1.188" [ 240.625455][ T5472] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 240.634805][ T5472] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 240.643776][ T5472] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 240.653464][ T5472] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 242.431349][ T5468] netlink: 8 bytes leftover after parsing attributes in process `syz.4.184'. [ 242.488369][ T5468] netlink: 12 bytes leftover after parsing attributes in process `syz.4.184'. [ 243.038600][ T5500] loop3: detected capacity change from 0 to 2048 [ 243.269540][ T5500] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 244.018269][ T5500] NILFS (loop3): mounting unchecked fs [ 244.332883][ T5500] NILFS (loop3): recovery complete [ 244.360928][ T5519] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 245.060156][ T5521] loop4: detected capacity change from 0 to 8 [ 248.503938][ T5521] SQUASHFS error: Unable to read inode 0x11f [ 249.957334][ T5535] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check. [ 252.020999][ T5539] netlink: 136 bytes leftover after parsing attributes in process `syz.4.196'. [ 252.048911][ T5546] loop1: detected capacity change from 0 to 512 [ 253.090571][ T5537] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 253.191952][ T5546] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 253.338944][ T5546] EXT4-fs error (device loop1): ext4_orphan_get:1431: comm syz.1.199: bad orphan inode 13 [ 253.451955][ T5546] ext4_test_bit(bit=12, block=18) = 1 [ 253.457872][ T5546] is_bad_inode(inode)=0 [ 253.491993][ T5546] NEXT_ORPHAN(inode)=0 [ 253.502742][ T5546] max_ino=32 [ 253.516254][ T5546] i_nlink=1 [ 253.519530][ T5546] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 253.855156][ T5563] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set [ 254.027286][ T5573] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 254.934317][ T5564] loop0: detected capacity change from 0 to 4096 [ 254.955119][ T5575] Quota error (device loop1): write_blk: dquota write failed [ 254.959120][ T5564] EXT4-fs: inline encryption not supported [ 255.196480][ T5575] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 255.297012][ T52] block nbd2: Attempted send on invalid socket [ 255.304707][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 255.316761][ T5578] hpfs: hpfs_map_sector(): read error [ 256.439110][ T5575] EXT4-fs error (device loop1): ext4_acquire_dquot:6841: comm syz.1.199: Failed to acquire dquot type 1 [ 256.541825][ T4281] EXT4-fs (loop1): unmounting filesystem. [ 256.583570][ T5564] fscrypt: Error allocating hmac(sha512): -2 [ 256.963396][ T5596] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 258.038052][ T26] audit: type=1326 audit(1778544898.033:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 258.123109][ T26] audit: type=1326 audit(1778544898.052:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 258.179808][ T26] audit: type=1326 audit(1778544898.061:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 258.266541][ T5604] loop1: detected capacity change from 0 to 512 [ 258.281917][ T26] audit: type=1326 audit(1778544898.136:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 258.433665][ T5611] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 258.442429][ T5611] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 258.451066][ T5611] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 258.534886][ T26] audit: type=1326 audit(1778544898.136:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 260.630689][ T26] audit: type=1326 audit(1778544898.136:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f62e195d60e code=0x7ffc0000 [ 261.103303][ T5604] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 261.196570][ T26] audit: type=1326 audit(1778544898.183:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 261.236118][ T26] audit: type=1326 audit(1778544898.183:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 261.260631][ T5604] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 261.284216][ T26] audit: type=1326 audit(1778544898.183:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 261.320927][ T26] audit: type=1326 audit(1778544898.192:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 261.431898][ T26] audit: type=1326 audit(1778544898.192:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 261.487621][ T26] audit: type=1326 audit(1778544898.192:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 261.494195][ T4281] EXT4-fs (loop1): unmounting filesystem. [ 262.914293][ T26] audit: type=1326 audit(1778544898.192:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 264.052085][ T26] audit: type=1326 audit(1778544898.192:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 264.153266][ T26] audit: type=1326 audit(1778544898.192:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5603 comm="syz.1.208" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e199cdd9 code=0x7ffc0000 [ 264.487508][ T5631] Unsupported ieee802154 address type: 0 [ 264.832406][ T5104] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 266.641040][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.647440][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.884619][ T26] kauditd_printk_skb: 44 callbacks suppressed [ 266.884671][ T26] audit: type=1326 audit(1778544906.296:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5632 comm="syz.4.214" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb69af9cdd9 code=0x0 [ 272.551644][ T5672] loop2: detected capacity change from 0 to 512 [ 273.048596][ T5664] lo speed is unknown, defaulting to 1000 [ 274.508165][ T5673] siw: device registration error -23 [ 274.522185][ T5672] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 274.712016][ T5672] EXT4-fs: failed to create workqueue [ 274.721692][ T5677] blktrace: Concurrent blktraces are not allowed on loop5 [ 276.102559][ T5672] EXT4-fs (loop2): mount failed [ 276.810671][ T5688] IPv6: syztnl0: Disabled Multicast RS [ 277.093283][ T5693] blktrace: Concurrent blktraces are not allowed on loop5 [ 278.459889][ T5702] syz.3.228 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 278.477719][ T5702] ptrace attach of "ci2-linux-6-1-kasan/syz-executor exec"[4273] was attempted by " [ 278.900333][ T5704] loop4: detected capacity change from 0 to 128 [ 280.250409][ T5710] loop3: detected capacity change from 0 to 256 [ 280.421771][ T5710] FAT-fs (loop3): Directory bread(block 64) failed [ 280.449641][ T5710] FAT-fs (loop3): Directory bread(block 65) failed [ 280.478283][ T5710] FAT-fs (loop3): Directory bread(block 66) failed [ 280.570577][ T5710] FAT-fs (loop3): Directory bread(block 67) failed [ 280.584158][ T5710] FAT-fs (loop3): Directory bread(block 68) failed [ 280.616935][ T5710] FAT-fs (loop3): Directory bread(block 69) failed [ 280.659728][ T5710] FAT-fs (loop3): Directory bread(block 70) failed [ 280.679761][ T5710] FAT-fs (loop3): Directory bread(block 71) failed [ 280.687594][ T5710] FAT-fs (loop3): Directory bread(block 72) failed [ 280.722441][ T5710] FAT-fs (loop3): Directory bread(block 73) failed [ 281.257289][ T4319] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 281.491913][ T4319] usb 5-1: Using ep0 maxpacket: 8 [ 281.499847][ T4319] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 281.683272][ T4319] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 281.835733][ T4319] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 281.961021][ T4319] usb 5-1: Product: syz [ 282.027373][ T4319] usb 5-1: Manufacturer: syz [ 282.032615][ T4319] usb 5-1: SerialNumber: syz [ 283.268574][ T4319] usb 5-1: palm_os_3_probe - error -110 getting connection information [ 283.315757][ T4319] visor: probe of 5-1:1.0 failed with error -110 [ 284.407695][ T4323] usb 5-1: USB disconnect, device number 2 [ 284.857625][ T5737] netlink: 436 bytes leftover after parsing attributes in process `syz.4.233'. [ 284.867859][ T5737] netlink: 16 bytes leftover after parsing attributes in process `syz.4.233'. [ 285.887662][ T5733] loop1: detected capacity change from 0 to 2048 [ 286.280272][ T5733] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 286.392946][ T5746] loop2: detected capacity change from 0 to 2048 [ 286.437592][ T5746] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 286.446196][ T5746] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.023156][ T5746] EXT4-fs (loop2): unmounting filesystem. [ 289.697324][ T5759] loop4: detected capacity change from 0 to 512 [ 289.704806][ T5759] EXT4-fs: Ignoring removed orlov option [ 290.522501][ T5759] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 291.762494][ T4274] EXT4-fs (loop4): unmounting filesystem. [ 292.082736][ T5768] loop4: detected capacity change from 0 to 2048 [ 292.125193][ T5768] EXT4-fs: Ignoring removed i_version option [ 292.180573][ T5768] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 292.633689][ T5775] block device autoloading is deprecated and will be removed. [ 293.245491][ T4285] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 293.261808][ T4285] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 293.272426][ T4285] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 293.281840][ T4285] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 293.291549][ T4285] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 293.299086][ T4285] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 293.547179][ T4274] EXT4-fs (loop4): unmounting filesystem. [ 293.573514][ T5777] lo speed is unknown, defaulting to 1000 [ 294.075571][ T5787] loop3: detected capacity change from 0 to 2048 [ 295.533603][ T4291] Bluetooth: hci5: command 0x0409 tx timeout [ 295.618114][ T5787] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 297.895200][ T4291] Bluetooth: hci5: command 0x041b tx timeout [ 297.950310][ T5797] genirq: Flags mismatch irq 8. 00000000 (pcmmio) vs. 00000000 (rtc0) [ 300.064314][ T4291] Bluetooth: hci5: command 0x040f tx timeout [ 301.215529][ T5809] loop4: detected capacity change from 0 to 1024 [ 302.260525][ T5777] chnl_net:caif_netlink_parms(): no params data found [ 302.287147][ T4291] Bluetooth: hci5: command 0x0419 tx timeout [ 302.516029][ T5777] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.523661][ T5777] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.532302][ T5777] device bridge_slave_0 entered promiscuous mode [ 302.542956][ T5777] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.552297][ T5777] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.561396][ T5777] device bridge_slave_1 entered promiscuous mode [ 302.604884][ T5777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 302.617707][ T5777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 302.668249][ T5777] team0: Port device team_slave_0 added [ 302.687622][ T5777] team0: Port device team_slave_1 added [ 302.745221][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 302.753978][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 302.794971][ T5777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 302.823454][ T4291] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 302.834280][ T4291] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 302.843083][ T4291] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 302.851216][ T4291] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 302.861657][ T4291] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 302.869175][ T4291] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 302.887546][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 302.897406][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 303.035036][ T5777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 303.132201][ T5818] lo speed is unknown, defaulting to 1000 [ 303.149163][ T5821] blktrace: Concurrent blktraces are not allowed on loop5 [ 304.518406][ T5777] device hsr_slave_0 entered promiscuous mode [ 304.617688][ T5833] Unsupported ieee802154 address type: 0 [ 304.915985][ T4320] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 305.022776][ T4291] Bluetooth: hci6: command 0x0409 tx timeout [ 306.424741][ T5777] device hsr_slave_1 entered promiscuous mode [ 306.572644][ T4320] usb 2-1: Using ep0 maxpacket: 8 [ 306.604221][ T5777] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 306.612053][ T5777] Cannot create hsr debugfs directory [ 306.743537][ T4320] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 306.761622][ T4320] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xE2, skipping [ 306.804237][ T4320] usb 2-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1 [ 306.843300][ T4320] usb 2-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3 [ 306.876306][ T4320] usb 2-1: Product: syz [ 306.880563][ T4320] usb 2-1: Manufacturer: syz [ 306.903397][ T4320] usb 2-1: SerialNumber: syz [ 307.037588][ T4320] usb 2-1: config 0 descriptor?? [ 307.077462][ T4320] imon_raw 2-1:0.0: IR endpoint missing [ 307.462696][ T5840] ptrace attach of "ci2-linux-6-1-kasan/syz-executor exec"[4274] was attempted by " [ 307.766814][ T4291] Bluetooth: hci6: command 0x041b tx timeout [ 308.934454][ T5842] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 309.036804][ C1] vkms_vblank_simulate: vblank timer overrun [ 309.602372][ T5848] loop3: detected capacity change from 0 to 4096 [ 310.410160][ T5854] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 310.548173][ T4320] usb 2-1: USB disconnect, device number 2 [ 311.263471][ T4291] Bluetooth: hci6: command 0x040f tx timeout [ 312.805995][ T5818] chnl_net:caif_netlink_parms(): no params data found [ 312.977675][ T5861] xt_hashlimit: size too large, truncated to 1048576 [ 312.985236][ T5861] xt_hashlimit: invalid rate [ 313.164464][ T5777] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 313.402792][ T5777] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 313.486115][ T4291] Bluetooth: hci6: command 0x0419 tx timeout [ 313.656535][ T5864] overlayfs: failed to set xattr on upper [ 313.662723][ T5864] overlayfs: ...falling back to index=off,metacopy=off. [ 313.983719][ T5777] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 314.102000][ T5777] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 315.357411][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state [ 315.364601][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state [ 315.421834][ T5818] device bridge_slave_0 entered promiscuous mode [ 315.465011][ T5879] loop4: detected capacity change from 0 to 512 [ 315.476646][ T5879] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 315.614900][ T26] audit: type=1800 audit(1778544951.898:201): pid=5879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.262" name="file1" dev="loop4" ino=1048610 res=0 errno=0 [ 316.649047][ T4291] Bluetooth: hci6: command 0x0405 tx timeout [ 319.480344][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state [ 319.491563][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state [ 319.556242][ T5818] device bridge_slave_1 entered promiscuous mode [ 320.085895][ T5914] netlink: 28 bytes leftover after parsing attributes in process `syz.4.265'. [ 320.506180][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 320.544643][ T5910] loop3: detected capacity change from 0 to 4096 [ 320.584430][ T5918] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 320.603307][ T5908] netlink: 'syz.4.265': attribute type 4 has an invalid length. [ 320.657077][ T5908] netlink: 17 bytes leftover after parsing attributes in process `syz.4.265'. [ 320.848614][ T4753] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.923510][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 321.221782][ T5927] loop3: detected capacity change from 0 to 1024 [ 323.539642][ T4753] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.608151][ T5777] 8021q: adding VLAN 0 to HW filter on device bond0 [ 323.643069][ T5818] team0: Port device team_slave_0 added [ 324.179396][ T4753] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.242187][ T5818] team0: Port device team_slave_1 added [ 324.552221][ T5942] 9pnet_virtio: no channels available for device syz [ 325.415199][ T5777] 8021q: adding VLAN 0 to HW filter on device team0 [ 325.468721][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 325.815577][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 325.937199][ T4753] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.974801][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 325.990367][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.038245][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 326.070133][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 326.092065][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.161667][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 327.075975][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 327.107386][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 327.132912][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.140256][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 327.321062][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 327.356211][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 327.365810][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.373120][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 327.392468][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 327.402108][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 327.421859][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 327.433980][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 327.443837][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 327.453409][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 328.361383][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 328.384330][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 328.634460][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 328.714555][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 329.061572][ T5973] loop4: detected capacity change from 0 to 4096 [ 329.095915][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 329.110027][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 329.128409][ T5975] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 329.716022][ T5818] device hsr_slave_0 entered promiscuous mode [ 329.775815][ T5818] device hsr_slave_1 entered promiscuous mode [ 330.143258][ T5985] input: syz1 as /devices/virtual/input/input5 [ 331.431250][ T5818] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 331.473992][ T5818] Cannot create hsr debugfs directory [ 331.497927][ T5983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.282'. [ 331.577330][ T5983] netlink: 12 bytes leftover after parsing attributes in process `syz.3.282'. [ 331.638687][ T5983] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 331.647717][ T5983] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 331.656599][ T5983] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 331.665481][ T5983] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 331.795721][ T5984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.282'. [ 331.816868][ T5984] netlink: 12 bytes leftover after parsing attributes in process `syz.3.282'. [ 332.961723][ T5994] loop4: detected capacity change from 0 to 256 [ 333.364702][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 333.371096][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 335.901594][ T6003] loop4: detected capacity change from 0 to 4096 [ 335.920828][ T6007] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 336.048375][ T6008] loop3: detected capacity change from 0 to 136 [ 336.794095][ T4382] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 337.786643][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 337.794361][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 337.914430][ T7] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 337.922756][ T5777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 338.032176][ T5818] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 338.056678][ T5818] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 338.067755][ T5818] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 338.117297][ T7] usb 2-1: Using ep0 maxpacket: 8 [ 338.128849][ T7] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 338.145769][ T5818] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 338.173418][ T7] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 338.183378][ T7] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 338.217266][ T7] usb 2-1: Product: syz [ 338.224542][ T7] usb 2-1: Manufacturer: syz [ 338.229205][ T7] usb 2-1: SerialNumber: syz [ 338.468291][ T7] usb 2-1: palm_os_3_probe - error -71 getting connection information [ 338.468768][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 338.479559][ T7] visor: probe of 2-1:1.0 failed with error -71 [ 338.575222][ T7] usb 2-1: USB disconnect, device number 3 [ 338.579055][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 338.592571][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 338.623697][ T5818] 8021q: adding VLAN 0 to HW filter on device team0 [ 338.705350][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 338.745110][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 338.766102][ T4498] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.773326][ T4498] bridge0: port 1(bridge_slave_0) entered forwarding state [ 338.965498][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 338.974590][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 338.984983][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 339.003215][ T4498] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.010609][ T4498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 339.022279][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 339.071431][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 339.102037][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 339.118402][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 339.128063][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 339.241628][ T4504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 339.274968][ T4504] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 339.292247][ T4504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 339.319605][ T4504] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 339.385369][ T4502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 339.424103][ T4502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 339.444661][ T4502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 339.461822][ T4502] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 340.372644][ T6047] loop4: detected capacity change from 0 to 2048 [ 340.406828][ T6047] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 340.692703][ T4753] device hsr_slave_0 left promiscuous mode [ 340.742913][ T4753] device hsr_slave_1 left promiscuous mode [ 340.763941][ T4753] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 340.804379][ T4753] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 340.886873][ T4753] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 340.907750][ T4753] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 341.517503][ T4753] device bridge_slave_1 left promiscuous mode [ 341.524710][ T4753] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.229624][ T4753] device bridge_slave_0 left promiscuous mode [ 342.250508][ T4753] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.396970][ T4753] device veth1_macvtap left promiscuous mode [ 342.404124][ T4753] device veth0_macvtap left promiscuous mode [ 342.410464][ T4753] device veth1_vlan left promiscuous mode [ 342.417430][ T4753] device veth0_vlan left promiscuous mode [ 345.247825][ T6063] futex_wake_op: syz.4.290 tries to shift op by 144; fix this program [ 345.455009][ T6062] netlink: 436 bytes leftover after parsing attributes in process `syz.3.289'. [ 345.464246][ T6062] netlink: 16 bytes leftover after parsing attributes in process `syz.3.289'. [ 346.341579][ T6072] loop4: detected capacity change from 0 to 4096 [ 346.376580][ T6073] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 347.227249][ T4753] bond1 (unregistering): Released all slaves [ 349.730645][ T4753] team0 (unregistering): Port device team_slave_1 removed [ 349.790730][ T4753] team0 (unregistering): Port device team_slave_0 removed [ 349.849636][ T4753] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 349.906765][ T4753] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 350.318707][ T4753] bond0 (unregistering): Released all slaves [ 350.434031][ T5818] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 350.489779][ T5777] device veth0_vlan entered promiscuous mode [ 350.504183][ T5777] device veth1_vlan entered promiscuous mode [ 350.581422][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 350.640585][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 350.803410][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 350.932048][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 351.205961][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 351.334115][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 351.633800][ T6090] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 351.650656][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 351.703273][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 351.720106][ T5777] device veth0_macvtap entered promiscuous mode [ 352.006256][ T6105] wg1 speed is unknown, defaulting to 1000 [ 352.006996][ T5777] device veth1_macvtap entered promiscuous mode [ 352.398507][ T6102] loop3: detected capacity change from 0 to 2048 [ 352.511009][ T6105] wg1 speed is unknown, defaulting to 1000 [ 352.517726][ T6105] wg1 speed is unknown, defaulting to 1000 [ 352.563635][ T6105] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 352.601429][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.629274][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.632557][ T6102] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 352.659163][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.680716][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.701714][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.737454][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.770566][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.799891][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.818440][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 352.978069][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 352.998079][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 353.012690][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 353.022057][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 355.103551][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.214732][ T6105] wg1 speed is unknown, defaulting to 1000 [ 355.231415][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.290100][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.311202][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.326454][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.337694][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.348260][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.359545][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.372165][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 355.440880][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 355.456086][ T4531] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 355.515113][ T6105] wg1 speed is unknown, defaulting to 1000 [ 355.525390][ T5777] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.538957][ T5777] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.549867][ T5777] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.563360][ T5777] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.579438][ T6105] wg1 speed is unknown, defaulting to 1000 [ 355.594400][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 355.610972][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 355.631295][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 355.653218][ T6105] wg1 speed is unknown, defaulting to 1000 [ 355.784259][ T6105] wg1 speed is unknown, defaulting to 1000 [ 355.790709][ T6105] wg1 speed is unknown, defaulting to 1000 [ 355.860075][ T4489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 355.882134][ T4489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 355.901758][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 355.990980][ T4498] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 356.043642][ T4498] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 356.118923][ T4753] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.154719][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 356.344583][ T4753] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.716137][ T6138] loop3: detected capacity change from 0 to 512 [ 356.727818][ T6138] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 357.275493][ T26] audit: type=1800 audit(1778544990.893:202): pid=6137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.299" name="file1" dev="loop3" ino=1048611 res=0 errno=0 [ 357.351146][ T6134] xt_hashlimit: size too large, truncated to 1048576 [ 357.358208][ T6134] xt_hashlimit: invalid rate [ 357.735476][ T4753] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.015746][ T4753] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.446837][ T6150] xt_TPROXY: Can be used only with -p tcp or -p udp [ 360.209375][ T6163] futex_wake_op: syz.3.302 tries to shift op by 144; fix this program [ 360.344487][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 360.376158][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 360.448491][ T6169] loop4: detected capacity change from 0 to 4096 [ 360.519352][ T6171] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 361.341895][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 361.371704][ T4285] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 361.393886][ T4275] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 361.413140][ T4275] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 361.428422][ T4285] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 361.434170][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 361.443949][ T4285] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 361.453181][ T4285] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 361.596040][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 361.634344][ T4498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 361.666973][ T5818] device veth0_vlan entered promiscuous mode [ 361.678089][ T6170] wg1 speed is unknown, defaulting to 1000 [ 361.723458][ T5818] device veth1_vlan entered promiscuous mode [ 361.832682][ T4753] tipc: Left network mode [ 361.902679][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 361.929731][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 362.083933][ T5818] device veth0_macvtap entered promiscuous mode [ 362.593802][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 362.717858][ T5818] device veth1_macvtap entered promiscuous mode [ 362.739284][ T6186] xt_CT: No such helper "pptp" [ 362.895714][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 362.934728][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.948043][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 362.970131][ T6196] netlink: 436 bytes leftover after parsing attributes in process `syz.1.306'. [ 362.979476][ T6196] netlink: 16 bytes leftover after parsing attributes in process `syz.1.306'. [ 362.979577][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.011739][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.033967][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.054155][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.116840][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.173631][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.206362][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.257553][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 363.332570][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 363.353409][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 363.640158][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.660636][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.671573][ T4291] Bluetooth: hci0: command 0x0409 tx timeout [ 363.693171][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.704513][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.714996][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.725894][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.737068][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.749180][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.783558][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.818913][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.835267][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 363.922028][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 363.947257][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 364.014692][ T5818] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.038977][ T5818] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.054637][ T5818] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.095245][ T5818] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.242144][ T6170] chnl_net:caif_netlink_parms(): no params data found [ 364.692247][ T4337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 364.725267][ T4337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 364.750392][ T6170] bridge0: port 1(bridge_slave_0) entered blocking state [ 364.765405][ T6170] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.776009][ T6170] device bridge_slave_0 entered promiscuous mode [ 364.817166][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 364.825769][ T6170] bridge0: port 2(bridge_slave_1) entered blocking state [ 364.833768][ T6170] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.842099][ T6170] device bridge_slave_1 entered promiscuous mode [ 364.902375][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 364.921948][ T6170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 364.924378][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 365.090464][ T6170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 365.118204][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 365.216417][ T6170] team0: Port device team_slave_0 added [ 365.382938][ T6170] team0: Port device team_slave_1 added [ 365.531977][ T4753] device hsr_slave_0 left promiscuous mode [ 365.557941][ T4753] device hsr_slave_1 left promiscuous mode [ 365.576639][ T6225] loop6: detected capacity change from 0 to 1024 [ 365.586584][ T4753] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 365.601791][ T4753] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 365.714532][ T6228] loop4: detected capacity change from 0 to 128 [ 365.728228][ T6228] hpfs: bad mount options. [ 365.954565][ T4291] Bluetooth: hci0: command 0x041b tx timeout [ 366.498953][ T4753] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 366.533484][ T6075] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 366.841489][ T4753] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 366.884867][ T4753] device bridge_slave_1 left promiscuous mode [ 366.891222][ T4753] bridge0: port 2(bridge_slave_1) entered disabled state [ 366.924800][ T6230] overlayfs: unrecognized mount option "subj_type=$" or missing value [ 367.035198][ T4753] device bridge_slave_0 left promiscuous mode [ 367.081667][ T4753] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.201845][ T4753] device veth1_macvtap left promiscuous mode [ 367.240285][ T4753] device veth0_macvtap left promiscuous mode [ 367.265319][ T4753] device veth1_vlan left promiscuous mode [ 367.331023][ T4753] device veth0_vlan left promiscuous mode [ 368.660695][ T4275] Bluetooth: hci0: command 0x040f tx timeout [ 370.069229][ T52] block nbd4: Attempted send on invalid socket [ 370.075608][ T52] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 370.085429][ T6253] hpfs: hpfs_map_sector(): read error [ 370.859851][ T4275] Bluetooth: hci0: command 0x0419 tx timeout [ 371.592857][ T6255] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13) [ 371.600070][ T6255] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 371.609260][ T6255] vhci_hcd vhci_hcd.0: Device attached [ 371.768423][ T6256] vhci_hcd: connection closed [ 371.794437][ T4504] vhci_hcd: stop threads [ 372.269354][ T6252] netlink: 408 bytes leftover after parsing attributes in process `syz.1.319'. [ 372.668582][ T4318] vhci_hcd: vhci_device speed not set [ 372.710225][ T4504] vhci_hcd: release socket [ 372.744876][ T4504] vhci_hcd: disconnect device [ 372.750953][ T4318] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 372.760874][ T4318] usb 41-1: enqueue for inactive port 0 [ 372.849370][ T4318] vhci_hcd: vhci_device speed not set [ 372.946836][ T6262] siw: device registration error -23 [ 375.925245][ T6276] loop6: detected capacity change from 0 to 512 [ 376.091920][ T6276] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 376.623518][ T6278] xt_TPROXY: Can be used only with -p tcp or -p udp [ 377.229507][ T6276] EXT4-fs error (device loop6): ext4_orphan_get:1405: inode #15: comm syz.6.314: iget: bad i_size value: 38620345925642 [ 377.377996][ T6276] EXT4-fs error (device loop6): ext4_orphan_get:1410: comm syz.6.314: couldn't read orphan inode 15 (err -117) [ 377.469745][ T6276] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 377.658858][ T6273] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.314: bg 0: block 5: invalid block bitmap [ 378.436029][ T6273] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 276 with error 28 [ 378.451059][ T6273] EXT4-fs (loop6): This should not happen!! Data will be lost [ 378.451059][ T6273] [ 378.460999][ T6273] EXT4-fs (loop6): Total free blocks count 0 [ 378.467058][ T6273] EXT4-fs (loop6): Free/Dirty block details [ 378.473093][ T6273] EXT4-fs (loop6): free_blocks=0 [ 378.478127][ T6273] EXT4-fs (loop6): dirty_blocks=280 [ 378.483508][ T6273] EXT4-fs (loop6): Block reservation details [ 378.489850][ T6273] EXT4-fs (loop6): i_reserved_data_blocks=280 [ 378.796978][ T4753] team0 (unregistering): Port device team_slave_1 removed [ 378.867853][ T4753] team0 (unregistering): Port device team_slave_0 removed [ 378.927897][ T4753] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 378.990551][ T4753] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 379.463189][ T4753] bond0 (unregistering): Released all slaves [ 380.275446][ T6170] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 380.282972][ T6170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 380.355126][ T5818] EXT4-fs (loop6): unmounting filesystem. [ 380.424723][ T6170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 380.460675][ T6170] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 380.486066][ T6292] loop3: detected capacity change from 0 to 1024 [ 380.509576][ T6288] loop1: detected capacity change from 0 to 4096 [ 380.526150][ T6290] loop4: detected capacity change from 0 to 1024 [ 380.532095][ T6170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 380.552335][ T6293] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 380.616016][ T6170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 382.073440][ T6303] loop6: detected capacity change from 0 to 128 [ 382.088235][ T6303] hpfs: bad mount options. [ 382.606031][ T6170] device hsr_slave_0 entered promiscuous mode [ 382.666981][ T6170] device hsr_slave_1 entered promiscuous mode [ 382.701880][ T6170] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 382.720554][ T6170] Cannot create hsr debugfs directory [ 382.948754][ T6310] loop4: detected capacity change from 0 to 256 [ 383.169812][ T6310] exFAT-fs (loop4): bogus sector size bits : 0 [ 383.177401][ T6310] exFAT-fs (loop4): failed to read boot sector [ 383.460132][ T6310] exFAT-fs (loop4): failed to recognize exfat type [ 383.970703][ T6314] netlink: 408 bytes leftover after parsing attributes in process `syz.6.325'. [ 384.367636][ T3042] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 384.439485][ T6324] siw: device registration error -23 [ 385.075947][ T3042] usb 4-1: New USB device found, idVendor=0644, idProduct=800f, bcdDevice=c5.77 [ 385.102285][ T3042] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 385.130631][ T3042] usb 4-1: Product: syz [ 385.143635][ T3042] usb 4-1: Manufacturer: syz [ 385.178724][ T3042] usb 4-1: SerialNumber: syz [ 385.255092][ T3042] usb 4-1: config 0 descriptor?? [ 385.298500][ T6170] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.935830][ T6335] loop1: detected capacity change from 0 to 136 [ 386.309314][ T4357] usb 4-1: USB disconnect, device number 3 [ 386.347924][ T6070] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 386.432525][ T6170] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 386.704025][ T6170] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.074877][ T6353] loop4: detected capacity change from 0 to 512 [ 387.083346][ T6353] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 387.253659][ T6170] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 387.853366][ T6353] EXT4-fs error (device loop4): ext4_orphan_get:1405: inode #15: comm syz.4.331: iget: bad i_size value: 38620345925642 [ 387.867938][ T6353] EXT4-fs error (device loop4): ext4_orphan_get:1410: comm syz.4.331: couldn't read orphan inode 15 (err -117) [ 387.884569][ T6353] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 388.048292][ T6350] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.331: bg 0: block 5: invalid block bitmap [ 388.072612][ T6350] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 388.085334][ T6350] EXT4-fs (loop4): This should not happen!! Data will be lost [ 388.085334][ T6350] [ 388.095036][ T6350] EXT4-fs (loop4): Total free blocks count 0 [ 388.101124][ T6350] EXT4-fs (loop4): Free/Dirty block details [ 388.107106][ T6350] EXT4-fs (loop4): free_blocks=0 [ 388.112086][ T6350] EXT4-fs (loop4): dirty_blocks=2252 [ 388.117583][ T6350] EXT4-fs (loop4): Block reservation details [ 388.123684][ T6350] EXT4-fs (loop4): i_reserved_data_blocks=2252 [ 388.200837][ T4516] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 196 with error 28 [ 388.216202][ T4275] Bluetooth: hci0: command 0x0405 tx timeout [ 389.149686][ T6360] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 390.402203][ T6170] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 390.498351][ T6385] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 390.506105][ T6385] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 390.547591][ T26] audit: type=1326 audit(1778545022.017:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.6.337" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44f9cdd9 code=0x7ffc0000 [ 390.765255][ T26] audit: type=1326 audit(1778545022.017:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.6.337" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f7d44f9cdd9 code=0x7ffc0000 [ 390.818222][ T26] audit: type=1326 audit(1778545022.017:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.6.337" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44f9cdd9 code=0x7ffc0000 [ 391.141975][ T6170] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 391.156537][ T6170] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 391.269824][ T26] audit: type=1326 audit(1778545022.017:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.6.337" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f7d44f9cdd9 code=0x7ffc0000 [ 391.357300][ T6170] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 391.364599][ T26] audit: type=1326 audit(1778545022.017:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.6.337" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44f9cdd9 code=0x7ffc0000 [ 391.396470][ T26] audit: type=1326 audit(1778545022.027:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.6.337" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d44f9cdd9 code=0x7ffc0000 [ 391.772287][ T5880] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 392.044918][ T5880] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 392.167363][ T5880] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 392.202323][ T6373] loop4: detected capacity change from 0 to 136 [ 392.218210][ T5880] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 392.303701][ T5880] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 392.338758][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 392.359813][ T5880] usb 4-1: Product: syz [ 392.388652][ T5880] usb 4-1: Manufacturer: syz [ 392.399060][ T5880] usb 4-1: SerialNumber: syz [ 392.423862][ T4319] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 392.493467][ T5880] cdc_mbim 4-1:1.0: skipping garbage [ 392.530727][ T5880] usb 4-1: selecting invalid altsetting 1 [ 392.626873][ T4319] usb 2-1: Using ep0 maxpacket: 32 [ 392.646351][ T4319] usb 2-1: config 5 has an invalid interface number: 245 but max is 0 [ 392.675425][ T4319] usb 2-1: config 5 has no interface number 0 [ 392.687271][ T4319] usb 2-1: config 5 interface 245 has no altsetting 0 [ 392.702535][ T5880] cdc_mbim 4-1:1.0: bind() failure [ 392.751175][ T5880] usb 4-1: USB disconnect, device number 4 [ 392.762859][ T6170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 392.789316][ T4319] usb 2-1: New USB device found, idVendor=093a, idProduct=050f, bcdDevice=ba.d2 [ 392.808171][ T4319] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 392.843297][ T6170] 8021q: adding VLAN 0 to HW filter on device team0 [ 392.858871][ T4319] usb 2-1: Product: syz [ 392.863650][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 392.871528][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 392.881319][ T4319] usb 2-1: Manufacturer: syz [ 392.886458][ T4319] usb 2-1: SerialNumber: syz [ 393.009320][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 393.037424][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 393.050817][ T4337] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.058088][ T4337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 393.074249][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 393.131916][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 393.152245][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 393.154246][ T4319] gspca_main: mars-2.14.0 probing 093a:050f [ 393.161031][ T4500] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.173502][ T4500] bridge0: port 2(bridge_slave_1) entered forwarding state [ 393.194357][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 393.237184][ T4753] device hsr_slave_0 left promiscuous mode [ 393.239504][ T4319] usb 2-1: USB disconnect, device number 4 [ 393.250396][ T4753] device hsr_slave_1 left promiscuous mode [ 393.262900][ T4753] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 393.278931][ T4753] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 393.309579][ T4753] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 393.324052][ T4753] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 393.361372][ T4753] device bridge_slave_1 left promiscuous mode [ 393.383880][ T4753] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.406685][ T4753] device bridge_slave_0 left promiscuous mode [ 393.428689][ T4753] bridge0: port 1(bridge_slave_0) entered disabled state [ 393.469452][ T4753] device veth1_macvtap left promiscuous mode [ 393.475780][ T4753] device veth0_macvtap left promiscuous mode [ 393.482468][ T4753] device veth1_vlan left promiscuous mode [ 393.488704][ T4753] device veth0_vlan left promiscuous mode [ 394.257283][ T4753] team0 (unregistering): Port device team_slave_1 removed [ 394.320158][ T4753] team0 (unregistering): Port device team_slave_0 removed [ 394.378366][ T4753] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 394.437985][ T4753] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 394.894859][ T4753] bond0 (unregistering): Released all slaves [ 395.020131][ T6170] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 395.031726][ T6170] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 395.054370][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 395.064336][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 395.079798][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 395.093278][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 395.104589][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 395.113860][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 395.122658][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 395.135091][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 395.144205][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 395.153303][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 395.161644][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 395.671648][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 395.680075][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 395.698921][ T6170] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 396.175409][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 396.191332][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 396.223906][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 396.240575][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 396.261198][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 396.269311][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 396.288212][ T6170] device veth0_vlan entered promiscuous mode [ 396.311145][ T6170] device veth1_vlan entered promiscuous mode [ 396.354193][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 396.372331][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 396.385099][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 396.396836][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 396.414482][ T6170] device veth0_macvtap entered promiscuous mode [ 396.435507][ T6170] device veth1_macvtap entered promiscuous mode [ 396.476651][ T6170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 396.491770][ T6170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.504554][ T6170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 396.519295][ T6170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.533339][ T6170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 396.551323][ T6170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.564659][ T6170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 396.583267][ T6170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.603059][ T6170] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 396.611881][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 396.635142][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 396.643781][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 396.661556][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 396.678063][ T6170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 396.699774][ T6170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.711037][ T6170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 396.721886][ T6170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.732859][ T6170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 396.744486][ T6170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.762443][ T6170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 396.781706][ T6170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 396.794686][ T6170] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 396.805474][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 396.814412][ T4438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 396.828935][ T6170] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 396.840509][ T6170] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 396.850391][ T6170] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 396.859670][ T6170] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 396.985602][ T4753] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 397.006160][ T4753] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 397.017428][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 397.041273][ T4500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 397.049202][ T4500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 397.068118][ T4506] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 397.227941][ T4275] Bluetooth: hci1: hcon ffff88807c9ac000 sent 1 < count 10 [ 397.235393][ T4275] Bluetooth: hci1: hcon ffff88807c9a8000 sent 1 < count 16 [ 397.520993][ T4357] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 397.521699][ T4319] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 397.724021][ T4357] usb 7-1: Using ep0 maxpacket: 8 [ 397.733880][ T4357] usb 7-1: New USB device found, idVendor=0471, idProduct=0313, bcdDevice=81.d5 [ 397.736404][ T4319] usb 5-1: config index 0 descriptor too short (expected 3133, got 61) [ 397.749711][ T4357] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 397.757469][ T4319] usb 5-1: config 0 has an invalid interface number: 156 but max is 1 [ 397.770903][ T4357] usb 7-1: Product: syz [ 397.771580][ T4319] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 397.791586][ T4319] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 397.797601][ T4357] usb 7-1: Manufacturer: syz [ 397.804379][ T4319] usb 5-1: config 0 has no interface number 0 [ 397.811971][ T4357] usb 7-1: SerialNumber: syz [ 397.814222][ T4319] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 397.829213][ T4357] usb 7-1: config 0 descriptor?? [ 397.835758][ T4319] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 397.849688][ T4319] usb 5-1: config 0 interface 156 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 397.850239][ T4357] pwc: Philips PCVC720K/40 (ToUCam XS) USB webcam detected. [ 397.880895][ T4319] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 397.907853][ T4319] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.933728][ T4319] usb 5-1: config 0 descriptor?? [ 397.946399][ T4319] gspca_main: spca561-2.14.0 probing abcd:cdee [ 397.964609][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 397.973127][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 398.076176][ T4357] pwc: send_video_command error -71 [ 398.084506][ T4357] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 398.106965][ T4357] Philips webcam: probe of 7-1:0.0 failed with error -71 [ 398.129337][ T4357] usb 7-1: USB disconnect, device number 2 [ 398.169064][ T4319] spca561: probe of 5-1:0.156 failed with error -22 [ 398.216066][ T4319] usb 5-1: MIDIStreaming interface descriptor not found [ 398.353373][ T4319] usb 5-1: USB disconnect, device number 3 [ 398.529939][ T6486] Can't find a SQUASHFS superblock on nullb0 [ 400.347150][ T6487] siw: device registration error -23 [ 400.570059][ T6180] udevd[6180]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 401.582822][ T6512] loop6: detected capacity change from 0 to 1024 [ 402.893206][ T6520] loop3: detected capacity change from 0 to 136 [ 405.003479][ T6533] loop6: detected capacity change from 0 to 1024 [ 405.076165][ T6533] EXT4-fs (loop6): INFO: recovery required on readonly filesystem [ 405.092368][ T6533] EXT4-fs (loop6): write access will be enabled during recovery [ 405.129665][ T6533] EXT4-fs (loop6): barriers disabled [ 405.152965][ T6533] JBD2: no valid journal superblock found [ 406.744902][ T6533] EXT4-fs (loop6): error loading journal [ 407.075463][ T6549] loop6: detected capacity change from 0 to 4096 [ 407.105217][ T6551] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 408.142959][ T4357] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 409.158130][ T4291] Bluetooth: hci6: command 0x0406 tx timeout [ 409.909437][ T6564] netlink: 8 bytes leftover after parsing attributes in process `syz.6.362'. [ 409.918734][ T6564] netlink: 12 bytes leftover after parsing attributes in process `syz.6.362'. [ 409.942747][ T4357] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 1023 [ 409.962176][ T6564] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 409.971130][ T6564] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 409.979865][ T6564] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 409.988984][ T6564] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 410.033052][ T6565] netlink: 8 bytes leftover after parsing attributes in process `syz.6.362'. [ 410.042463][ T6565] netlink: 12 bytes leftover after parsing attributes in process `syz.6.362'. [ 410.081735][ T6565] input: syz1 as /devices/virtual/input/input6 [ 412.761418][ T4357] usb 4-1: string descriptor 0 read error: -71 [ 412.769610][ T4357] usb 4-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice= 0.40 [ 412.780231][ T4357] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 412.791979][ T4357] usb 4-1: can't set config #1, error -71 [ 412.799231][ T4357] usb 4-1: USB disconnect, device number 5 [ 412.914115][ T6561] loop5: detected capacity change from 0 to 4096 [ 413.347115][ T4357] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 414.112331][ T4291] Bluetooth: hci6: Malformed Event: 0x2f [ 414.266037][ T4357] usb 4-1: Using ep0 maxpacket: 32 [ 414.273573][ T4357] usb 4-1: config 212 has an invalid descriptor of length 0, skipping remainder of the config [ 414.469443][ T4357] usb 4-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08 [ 414.478762][ T4357] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.487323][ T4357] usb 4-1: Product: syz [ 414.491913][ T4357] usb 4-1: Manufacturer: syz [ 414.496657][ T4357] usb 4-1: SerialNumber: syz [ 414.786825][ T4357] go7007: probe of 4-1:212.0 failed with error -12 [ 414.817259][ T4357] usb 4-1: USB disconnect, device number 6 [ 414.828303][ T6318] udevd[6318]: setting mode of /dev/bus/usb/004/006 to 020664 failed: No such file or directory [ 415.030382][ T6318] udevd[6318]: setting owner of /dev/bus/usb/004/006 to uid=0, gid=0 failed: No such file or directory [ 416.778535][ T6599] wg1 speed is unknown, defaulting to 1000 [ 419.673264][ T4319] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 421.402049][ T4319] usb 7-1: unable to get BOS descriptor or descriptor too short [ 421.462889][ T4319] usb 7-1: not running at top speed; connect to a high speed hub [ 421.562220][ T4319] usb 7-1: config 17 has an invalid interface number: 8 but max is 1 [ 421.658694][ T4319] usb 7-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 421.781513][ T4319] usb 7-1: config 17 has no interface number 0 [ 421.854114][ T4319] usb 7-1: config 17 interface 8 altsetting 6 endpoint 0x3 has an invalid bInterval 86, changing to 4 [ 421.978919][ T4319] usb 7-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 62603, setting to 1023 [ 422.095985][ T4319] usb 7-1: config 17 interface 8 has no altsetting 0 [ 422.170959][ T4319] usb 7-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 422.213462][ T6615] loop5: detected capacity change from 0 to 64 [ 422.255654][ T4319] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.277733][ T6615] MINIX-fs: file system does not have enough zmap blocks allocated. Refusing to mount. [ 422.344754][ T4319] usb 7-1: Product: syz [ 422.359684][ T4319] usb 7-1: Manufacturer: syz [ 422.390403][ T4319] usb 7-1: SerialNumber: syz [ 422.475172][ T4319] usb 7-1: can't set config #17, error -71 [ 422.547793][ T4319] usb 7-1: USB disconnect, device number 3 [ 422.620714][ T6623] loop3: detected capacity change from 0 to 8 [ 422.726598][ T6623] Filesystem uses "lzma" compression. This is not supported [ 422.737081][ T6620] loop5: detected capacity change from 0 to 2048 [ 422.798499][ T6620] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 422.834679][ T6622] loop6: detected capacity change from 0 to 4096 [ 422.889451][ T4275] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 423.013719][ T4275] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 423.026097][ T4275] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 423.063670][ T4285] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 423.092045][ T4285] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 423.101466][ T6622] ntfs3: loop6: ino=3, Correct links count -> 2. [ 424.897367][ T4285] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 425.170422][ T6624] wg1 speed is unknown, defaulting to 1000 [ 425.422997][ T4285] Bluetooth: hci1: unexpected subevent 0x1a length: 10 > 6 [ 427.043576][ T6660] loop3: detected capacity change from 0 to 512 [ 427.047269][ T6659] loop6: detected capacity change from 0 to 8 [ 427.100532][ T4285] Bluetooth: hci2: command 0x0409 tx timeout [ 427.134011][ T6659] SQUASHFS error: zlib decompression failed, data probably corrupt [ 427.178954][ T6624] chnl_net:caif_netlink_parms(): no params data found [ 427.205193][ T6659] SQUASHFS error: Failed to read block 0x9b: -5 [ 427.282897][ T6659] SQUASHFS error: Unable to read metadata cache entry [99] [ 427.290290][ T6659] SQUASHFS error: Unable to read inode 0x127 [ 427.305178][ T4291] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 427.324769][ T4291] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 427.335601][ T4291] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 427.345389][ T4291] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 427.359303][ T4275] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 427.367425][ T4291] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 427.618475][ T41] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 427.666430][ T41] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 427.767715][ T6675] loop5: detected capacity change from 0 to 512 [ 427.803023][ T6675] EXT4-fs: Ignoring removed nobh option [ 427.856312][ T6675] EXT4-fs (loop5): Invalid log block size: 256 [ 428.187783][ T6689] loop3: detected capacity change from 0 to 128 [ 428.195487][ T6689] hpfs: [ 428.195487][ T6689] HPFS filesystem options: [ 428.195487][ T6689] help do not mount and display this text [ 428.195487][ T6689] uid=xxx set uid of files that don't have uid specified in eas [ 428.195487][ T6689] gid=xxx set gid of files that don't have gid specified in eas [ 428.195487][ T6689] umask=xxx set mode of files that don't have mode specified in eas [ 428.195487][ T6689] case=lower lowercase all files [ 428.195487][ T6689] case=asis do not lowercase files (default) [ 428.195487][ T6689] check=none no fs checks - kernel may crash on corrupted filesystem [ 428.195487][ T6689] check=normal do some checks - it should not crash (default) [ 428.195487][ T6689] check=strict do extra time-consuming checks, used for debugging [ 428.195487][ T6689] errors=continue continue on errors [ 428.210870][ T4291] Bluetooth: hci0: unexpected cc 0x0c05 length: 4 > 1 [ 428.307314][ T41] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 428.320396][ T41] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.340756][ T6318] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 428.462819][ T6695] loop3: detected capacity change from 0 to 4096 [ 428.462900][ T6664] wg1 speed is unknown, defaulting to 1000 [ 428.518652][ T6695] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 428.542376][ T6695] EXT4-fs (loop3): group descriptors corrupted! [ 428.599879][ T6699] loop5: detected capacity change from 0 to 256 [ 428.670458][ T6699] FAT-fs (loop5): bogus sectors per cluster 0 [ 428.692069][ T6699] FAT-fs (loop5): Can't find a valid FAT filesystem [ 428.802759][ T6702] loop3: detected capacity change from 0 to 4096 [ 428.853223][ T6704] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 429.333395][ T4291] Bluetooth: hci2: command 0x041b tx timeout [ 429.581077][ T4291] Bluetooth: hci4: command 0x0409 tx timeout [ 429.794494][ T41] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 429.821736][ T41] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.898406][ T6624] bridge0: port 1(bridge_slave_0) entered blocking state [ 429.935739][ T6624] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.967012][ T6624] device bridge_slave_0 entered promiscuous mode [ 430.008376][ T6624] bridge0: port 2(bridge_slave_1) entered blocking state [ 430.037621][ T6624] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.056347][ T6715] loop5: detected capacity change from 0 to 1024 [ 430.064495][ T6624] device bridge_slave_1 entered promiscuous mode [ 430.119943][ T6715] hfsplus: failed to load catalog file [ 430.469881][ T6722] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 430.477579][ T6722] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 430.510529][ T26] audit: type=1326 audit(1778545059.421:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6716 comm="syz.3.407" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 431.142771][ T26] audit: type=1326 audit(1778545059.421:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6716 comm="syz.3.407" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 431.301745][ T6724] loop5: detected capacity change from 0 to 8 [ 431.321872][ T41] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 431.348201][ T6724] SQUASHFS error: lzo decompression failed, data probably corrupt [ 431.369450][ T41] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.388939][ T6724] SQUASHFS error: Failed to read block 0x91: -5 [ 431.395432][ T26] audit: type=1326 audit(1778545059.421:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6716 comm="syz.3.407" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 431.430579][ T6724] SQUASHFS error: Unable to read metadata cache entry [8f] [ 431.449190][ T6724] SQUASHFS error: Unable to read inode 0x11f [ 431.480929][ T6624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 431.543488][ T26] audit: type=1326 audit(1778545059.421:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6716 comm="syz.3.407" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 431.568065][ T4291] Bluetooth: hci2: command 0x040f tx timeout [ 431.578036][ T6624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 431.619076][ T6703] loop6: detected capacity change from 0 to 32768 [ 431.652414][ T26] audit: type=1326 audit(1778545059.421:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6716 comm="syz.3.407" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 431.678753][ T26] audit: type=1326 audit(1778545059.430:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6716 comm="syz.3.407" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c1b99cdd9 code=0x7ffc0000 [ 431.739368][ T6726] loop3: detected capacity change from 0 to 4096 [ 431.758886][ T6726] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 431.790026][ T6703] XFS (loop6): Mounting V5 Filesystem [ 431.808172][ T4291] Bluetooth: hci4: command 0x041b tx timeout [ 431.854352][ T6726] ntfs3: loop3: volume is dirty and "force" flag is not set! [ 431.872565][ T6735] loop5: detected capacity change from 0 to 8 [ 432.065459][ T6624] team0: Port device team_slave_0 added [ 432.097360][ T6703] XFS (loop6): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 432.169437][ T6703] XFS (loop6): Starting recovery (logdev: internal) [ 432.276679][ T6624] team0: Port device team_slave_1 added [ 432.304700][ T6743] hfs: type requires a 4 character value [ 432.311171][ T6743] hfs: unable to parse mount options [ 432.343855][ T6703] XFS (loop6): Ending recovery (logdev: internal) [ 432.387002][ T6703] XFS (loop6): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 432.403051][ T4291] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 432.412255][ T4291] Bluetooth: hci1: Injecting HCI hardware error event [ 432.422314][ T4285] Bluetooth: hci1: hardware error 0x00 [ 432.517573][ T6624] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 432.573377][ T6703] XFS (loop6): Failed to initialize disk quotas. [ 432.621011][ T6624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 432.740329][ T6624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 432.763456][ T5818] XFS (loop6): Unmounting Filesystem [ 432.773756][ T6624] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 432.804199][ T6624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 432.902208][ T6624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 433.079559][ T6664] chnl_net:caif_netlink_parms(): no params data found [ 433.360243][ T6624] device hsr_slave_0 entered promiscuous mode [ 433.413316][ T6624] device hsr_slave_1 entered promiscuous mode [ 433.425376][ T6751] set_capacity_and_notify: 1 callbacks suppressed [ 433.425395][ T6751] loop3: detected capacity change from 0 to 32768 [ 433.476943][ T6624] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 433.493592][ T6751] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.416 (6751) [ 433.509264][ T6624] Cannot create hsr debugfs directory [ 433.522755][ T4291] Bluetooth: Wrong link type (-22) [ 433.659654][ T6751] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 433.723326][ T6751] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 433.768252][ T4291] Bluetooth: hci2: command 0x0419 tx timeout [ 433.805276][ T6751] BTRFS info (device loop3): enabling disk space caching [ 433.843044][ T6751] BTRFS info (device loop3): enabling auto defrag [ 433.863507][ T6751] BTRFS info (device loop3): enabling ssd optimizations [ 433.948076][ T6751] BTRFS info (device loop3): using spread ssd allocation scheme [ 433.956058][ T6751] BTRFS info (device loop3): use no compression [ 433.963028][ T6751] BTRFS info (device loop3): force clearing of disk cache [ 433.970372][ T6751] BTRFS info (device loop3): disabling disk space caching [ 433.992612][ T6773] loop6: detected capacity change from 0 to 16 [ 434.024715][ T4291] Bluetooth: hci4: command 0x040f tx timeout [ 434.033944][ T6773] erofs: (device loop6): erofs_superblock_csum_verify: invalid checksum 0x3b994e0d, 0xeeaf74e0 expected [ 434.059659][ T6318] udevd[6318]: incorrect erofs checksum on /dev/loop6 [ 434.150357][ T6664] bridge0: port 1(bridge_slave_0) entered blocking state [ 434.168533][ T6664] bridge0: port 1(bridge_slave_0) entered disabled state [ 434.177953][ T6751] BTRFS info (device loop3): rebuilding free space tree [ 434.228830][ T6664] device bridge_slave_0 entered promiscuous mode [ 434.241270][ T6751] BTRFS info (device loop3): disabling free space tree [ 434.264877][ T6751] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 434.298080][ T6793] loop6: detected capacity change from 0 to 128 [ 434.309081][ T6751] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 434.371606][ T6793] FAT-fs (loop6): count of clusters too big (524798) [ 434.372664][ T6664] bridge0: port 2(bridge_slave_1) entered blocking state [ 434.398978][ T6664] bridge0: port 2(bridge_slave_1) entered disabled state [ 434.399690][ T6793] FAT-fs (loop6): Can't find a valid FAT filesystem [ 434.407150][ T6664] device bridge_slave_1 entered promiscuous mode [ 434.614406][ T6664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 434.624196][ T4285] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 434.664622][ T4273] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 434.745049][ T6800] loop6: detected capacity change from 0 to 512 [ 434.750218][ T6769] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 434.759299][ T6769] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 434.761179][ T6664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 434.935847][ T6800] EXT4-fs error (device loop6): ext4_quota_enable:7049: inode #4: comm syz.6.423: iget: immutable or append flags not allowed on symlinks [ 434.951321][ T6800] EXT4-fs error (device loop6): ext4_quota_enable:7052: comm syz.6.423: Bad quota inode: 4, type: 1 [ 434.997350][ T6800] EXT4-fs warning (device loop6): ext4_enable_quotas:7093: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 435.057912][ T6769] Bluetooth: hci6: Suspend notifier action (1) failed: -4 [ 435.072264][ T6800] EXT4-fs (loop6): mount failed [ 435.105724][ T6769] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 435.111932][ T6769] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 435.155015][ T6769] Bluetooth: hci0: Suspend notifier action (1) failed: -4 [ 435.194478][ T6769] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 435.216151][ T6769] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 435.224018][ T6769] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 435.254884][ T6769] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 435.264815][ T6769] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 435.281917][ T6769] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 435.299220][ T6664] team0: Port device team_slave_0 added [ 435.346669][ T6070] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop3 scanned by udevd (6070) [ 435.650210][ T4285] Bluetooth: hci6: unexpected event 0x2f length: 509 > 260 [ 435.692865][ T6664] team0: Port device team_slave_1 added [ 435.732552][ T4285] Bluetooth: hci0: unexpected event for opcode 0x2019 [ 435.834188][ T6624] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 435.871193][ T6624] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 436.071906][ T41] device hsr_slave_0 left promiscuous mode [ 436.115101][ T6838] loop5: detected capacity change from 0 to 8 [ 436.122580][ T41] device hsr_slave_1 left promiscuous mode [ 436.176859][ T6838] SQUASHFS error: xz decompression failed, data probably corrupt [ 436.203842][ T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 436.221125][ T6838] SQUASHFS error: Failed to read block 0x108: -5 [ 436.247465][ T41] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 436.253272][ T6838] SQUASHFS error: Unable to read metadata cache entry [106] [ 436.258909][ T4285] ------------[ cut here ]------------ [ 436.268410][ T4285] WARNING: CPU: 1 PID: 4285 at net/bluetooth/hci_conn.c:668 hci_conn_timeout+0x24f/0x450 [ 436.278451][ T4285] Modules linked in: [ 436.282425][ T4285] CPU: 1 PID: 4285 Comm: kworker/u5:5 Not tainted syzkaller #0 [ 436.285145][ T6838] SQUASHFS error: Unable to read inode 0x11f [ 436.290232][ T4285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 436.290251][ T4285] Workqueue: hci6 hci_conn_timeout [ 436.290288][ T4285] RIP: 0010:hci_conn_timeout+0x24f/0x450 [ 436.317626][ T4285] Code: 1f 8e e8 04 6d 9e f8 48 8b 35 85 df ea 04 bf 08 00 00 00 48 89 da 5b 41 5c 41 5d 41 5e 41 5f 5d e9 f6 38 1f f8 e8 a1 60 4d f8 <0f> 0b e9 35 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c dd fd [ 436.337439][ T4285] RSP: 0018:ffffc90003e47c08 EFLAGS: 00010293 [ 436.343592][ T4285] RAX: ffffffff893514af RBX: ffff888077ea0330 RCX: ffff888018ad9dc0 [ 436.351609][ T4285] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000 [ 436.359682][ T4285] RBP: 00000000ffffffff R08: ffff888077ea0013 R09: 1ffff1100efd4002 [ 436.367726][ T4285] R10: dffffc0000000000 R11: ffffed100efd4003 R12: dffffc0000000000 [ 436.375887][ T4285] R13: dffffc0000000000 R14: ffff888077ea0000 R15: ffff888077ea0010 [ 436.383895][ T4285] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 436.392927][ T4285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 436.399675][ T4285] CR2: 00007f2c1c7456b8 CR3: 000000005cda2000 CR4: 00000000003506e0 [ 436.407746][ T4285] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 436.415857][ T4285] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 436.423929][ T4285] Call Trace: [ 436.427241][ T4285] [ 436.430256][ T4285] ? process_one_work+0x7b0/0x1160 [ 436.435410][ T4285] process_one_work+0x8a2/0x1160 [ 436.440459][ T4285] ? worker_detach_from_pool+0x240/0x240 [ 436.446232][ T4285] ? _raw_spin_lock_irq+0xb7/0xf0 [ 436.451369][ T4285] ? _raw_spin_lock_irqsave+0x100/0x100 [ 436.456963][ T4285] ? kthread_data+0x4b/0xc0 [ 436.461661][ T4285] worker_thread+0xaa2/0x1270 [ 436.466409][ T4285] kthread+0x29d/0x330 [ 436.470514][ T4285] ? worker_clr_flags+0x1a0/0x1a0 [ 436.475636][ T4285] ? kthread_blkcg+0xd0/0xd0 [ 436.480269][ T4285] ret_from_fork+0x1f/0x30 [ 436.484796][ T4285] [ 436.487856][ T4285] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 436.495166][ T4285] CPU: 1 PID: 4285 Comm: kworker/u5:5 Not tainted syzkaller #0 [ 436.502755][ T4285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 436.512853][ T4285] Workqueue: hci6 hci_conn_timeout [ 436.518025][ T4285] Call Trace: [ 436.521332][ T4285] [ 436.521457][ T6844] loop3: detected capacity change from 0 to 1024 [ 436.530630][ T4285] dump_stack_lvl+0x188/0x24e [ 436.535448][ T4285] ? memcpy+0x3c/0x60 [ 436.539468][ T4285] ? show_regs_print_info+0x12/0x12 [ 436.544725][ T4285] ? load_image+0x400/0x400 [ 436.549277][ T6844] hfsplus: invalid extent max_key_len 0 [ 436.549281][ T4285] panic+0x2e5/0x730 [ 436.558776][ T4285] ? bpf_jit_dump+0xd0/0xd0 [ 436.563434][ T4285] ? ret_from_fork+0x1f/0x30 [ 436.563795][ T6844] hfsplus: failed to load extents file [ 436.573542][ T4285] __warn+0x2f8/0x4f0 [ 436.577743][ T4285] ? hci_conn_timeout+0x24f/0x450 [ 436.582833][ T4285] ? hci_conn_timeout+0x24f/0x450 [ 436.587899][ T4285] report_bug+0x2ba/0x4f0 [ 436.592277][ T4285] ? hci_conn_timeout+0x24f/0x450 [ 436.597349][ T4285] handle_bug+0x3a/0x70 [ 436.601732][ T4285] exc_invalid_op+0x16/0x40 [ 436.606297][ T4285] asm_exc_invalid_op+0x16/0x20 [ 436.611277][ T4285] RIP: 0010:hci_conn_timeout+0x24f/0x450 [ 436.616977][ T4285] Code: 1f 8e e8 04 6d 9e f8 48 8b 35 85 df ea 04 bf 08 00 00 00 48 89 da 5b 41 5c 41 5d 41 5e 41 5f 5d e9 f6 38 1f f8 e8 a1 60 4d f8 <0f> 0b e9 35 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c dd fd [ 436.636718][ T4285] RSP: 0018:ffffc90003e47c08 EFLAGS: 00010293 [ 436.642852][ T4285] RAX: ffffffff893514af RBX: ffff888077ea0330 RCX: ffff888018ad9dc0 [ 436.650958][ T4285] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000 [ 436.659059][ T4285] RBP: 00000000ffffffff R08: ffff888077ea0013 R09: 1ffff1100efd4002 [ 436.667075][ T4285] R10: dffffc0000000000 R11: ffffed100efd4003 R12: dffffc0000000000 [ 436.675091][ T4285] R13: dffffc0000000000 R14: ffff888077ea0000 R15: ffff888077ea0010 [ 436.683132][ T4285] ? hci_conn_timeout+0x24f/0x450 [ 436.688215][ T4285] ? hci_conn_timeout+0x24f/0x450 [ 436.693290][ T4285] ? process_one_work+0x7b0/0x1160 [ 436.698442][ T4285] process_one_work+0x8a2/0x1160 [ 436.703445][ T4285] ? worker_detach_from_pool+0x240/0x240 [ 436.709134][ T4285] ? _raw_spin_lock_irq+0xb7/0xf0 [ 436.714196][ T4285] ? _raw_spin_lock_irqsave+0x100/0x100 [ 436.719780][ T4285] ? kthread_data+0x4b/0xc0 [ 436.724340][ T4285] worker_thread+0xaa2/0x1270 [ 436.729090][ T4285] kthread+0x29d/0x330 [ 436.733186][ T4285] ? worker_clr_flags+0x1a0/0x1a0 [ 436.738248][ T4285] ? kthread_blkcg+0xd0/0xd0 [ 436.742896][ T4285] ret_from_fork+0x1f/0x30 [ 436.747367][ T4285] [ 436.750890][ T4285] Kernel Offset: disabled [ 436.755319][ T4285] Rebooting in 86400 seconds..