Warning: Permanently added '10.128.0.115' (ED25519) to the list of known hosts. 2024/04/01 22:26:46 fuzzer started 2024/04/01 22:26:46 dialing manager at 10.128.0.169:30012 [ 161.317686][ T5013] cgroup: Unknown subsys name 'net' [ 161.482700][ T5013] cgroup: Unknown subsys name 'rlimit' 2024/04/01 22:27:34 syscalls: 3852 2024/04/01 22:27:34 code coverage: enabled 2024/04/01 22:27:34 comparison tracing: enabled 2024/04/01 22:27:34 extra coverage: enabled 2024/04/01 22:27:34 delay kcov mmap: enabled 2024/04/01 22:27:34 setuid sandbox: enabled 2024/04/01 22:27:34 namespace sandbox: enabled 2024/04/01 22:27:34 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/01 22:27:34 fault injection: enabled 2024/04/01 22:27:34 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/01 22:27:34 net packet injection: enabled 2024/04/01 22:27:34 net device setup: enabled 2024/04/01 22:27:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/01 22:27:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/01 22:27:34 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/01 22:27:34 USB emulation: enabled 2024/04/01 22:27:34 hci packet injection: enabled 2024/04/01 22:27:34 wifi device emulation: enabled 2024/04/01 22:27:34 802.15.4 emulation: enabled 2024/04/01 22:27:34 swap file: enabled [ 208.260057][ T5013] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/01 22:27:35 starting 5 executor processes [ 209.971774][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 209.981707][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 209.992341][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 210.006175][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 210.018491][ T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 210.028003][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 210.221790][ T4400] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 210.233866][ T4400] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 210.244542][ T4400] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 210.259712][ T4400] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 210.271699][ T4400] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 210.281857][ T4400] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 210.461253][ T5043] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 210.480888][ T5043] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 210.501462][ T5043] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 210.521914][ T5043] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 210.535133][ T5043] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 210.538467][ T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 210.553190][ T5043] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 210.558113][ T50] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 210.572307][ T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 210.647155][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 210.662300][ T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 210.673663][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 210.940137][ T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 210.978355][ T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 210.988883][ T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 211.002496][ T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 211.014158][ T50] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 211.024067][ T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 211.200988][ T5035] chnl_net:caif_netlink_parms(): no params data found [ 211.853572][ T5031] chnl_net:caif_netlink_parms(): no params data found [ 211.875834][ T5037] chnl_net:caif_netlink_parms(): no params data found [ 212.076837][ T50] Bluetooth: hci0: command tx timeout [ 212.481987][ T50] Bluetooth: hci1: command tx timeout [ 212.563882][ T5041] chnl_net:caif_netlink_parms(): no params data found [ 212.582327][ T5035] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.591395][ T5035] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.599460][ T5035] bridge_slave_0: entered allmulticast mode [ 212.608680][ T5035] bridge_slave_0: entered promiscuous mode [ 212.629602][ T50] Bluetooth: hci2: command tx timeout [ 212.640026][ T5035] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.648204][ T5035] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.657309][ T5035] bridge_slave_1: entered allmulticast mode [ 212.666279][ T5035] bridge_slave_1: entered promiscuous mode [ 212.806780][ T50] Bluetooth: hci3: command tx timeout [ 212.858580][ T5035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 212.885753][ T5035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.092074][ T5035] team0: Port device team_slave_0 added [ 213.151304][ T5047] chnl_net:caif_netlink_parms(): no params data found [ 213.193550][ T50] Bluetooth: hci4: command tx timeout [ 213.212021][ T5035] team0: Port device team_slave_1 added [ 213.341470][ T5037] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.351577][ T5037] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.359673][ T5037] bridge_slave_0: entered allmulticast mode [ 213.369167][ T5037] bridge_slave_0: entered promiscuous mode [ 213.439127][ T5031] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.447276][ T5031] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.455840][ T5031] bridge_slave_0: entered allmulticast mode [ 213.464847][ T5031] bridge_slave_0: entered promiscuous mode [ 213.511254][ T5037] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.519230][ T5037] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.527211][ T5037] bridge_slave_1: entered allmulticast mode [ 213.536289][ T5037] bridge_slave_1: entered promiscuous mode [ 213.589381][ T5031] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.597457][ T5031] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.605263][ T5031] bridge_slave_1: entered allmulticast mode [ 213.620458][ T5031] bridge_slave_1: entered promiscuous mode [ 213.644034][ T5035] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.652779][ T5035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.682533][ T5035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 213.772582][ T5035] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 213.780532][ T5035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.810222][ T5035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.845517][ T5037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 213.958775][ T5037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.982209][ T5031] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 214.090105][ T5031] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 214.142182][ T5041] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.152907][ T5041] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.157131][ T50] Bluetooth: hci0: command tx timeout [ 214.160793][ T5041] bridge_slave_0: entered allmulticast mode [ 214.175515][ T5041] bridge_slave_0: entered promiscuous mode [ 214.270595][ T5037] team0: Port device team_slave_0 added [ 214.310290][ T5041] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.320763][ T5041] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.328850][ T5041] bridge_slave_1: entered allmulticast mode [ 214.337500][ T5041] bridge_slave_1: entered promiscuous mode [ 214.357796][ T5035] hsr_slave_0: entered promiscuous mode [ 214.368808][ T5035] hsr_slave_1: entered promiscuous mode [ 214.413354][ T5037] team0: Port device team_slave_1 added [ 214.426282][ T5031] team0: Port device team_slave_0 added [ 214.548109][ T50] Bluetooth: hci1: command tx timeout [ 214.640813][ T5031] team0: Port device team_slave_1 added [ 214.686088][ T5047] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.693994][ T5047] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.703449][ T5047] bridge_slave_0: entered allmulticast mode [ 214.710285][ T50] Bluetooth: hci2: command tx timeout [ 214.712818][ T5047] bridge_slave_0: entered promiscuous mode [ 214.737734][ T5041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 214.748164][ T5047] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.755925][ T5047] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.764128][ T5047] bridge_slave_1: entered allmulticast mode [ 214.773334][ T5047] bridge_slave_1: entered promiscuous mode [ 214.856879][ T5037] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 214.864439][ T5037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.891675][ T5037] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.896228][ T50] Bluetooth: hci3: command tx timeout [ 214.943629][ T5041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.027891][ T5031] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.035096][ T5031] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.061887][ T5031] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 215.083173][ T5047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.094897][ T5031] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 215.102706][ T5031] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.129687][ T5031] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 215.144006][ T5037] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 215.153854][ T5037] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.182429][ T5037] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 215.256173][ T5047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.276644][ T50] Bluetooth: hci4: command tx timeout [ 215.439115][ T5047] team0: Port device team_slave_0 added [ 215.461069][ T5041] team0: Port device team_slave_0 added [ 215.494049][ T5047] team0: Port device team_slave_1 added [ 215.524645][ T5041] team0: Port device team_slave_1 added [ 215.823730][ T5037] hsr_slave_0: entered promiscuous mode [ 215.834467][ T5037] hsr_slave_1: entered promiscuous mode [ 215.843549][ T5037] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 215.852963][ T5037] Cannot create hsr debugfs directory [ 215.888913][ T5047] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.896199][ T5047] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.923888][ T5047] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 215.938753][ T5041] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.946024][ T5041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.973395][ T5041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 215.990681][ T5047] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 215.998631][ T5047] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.025847][ T5047] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.052409][ T5031] hsr_slave_0: entered promiscuous mode [ 216.061929][ T5031] hsr_slave_1: entered promiscuous mode [ 216.072890][ T5031] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 216.081453][ T5031] Cannot create hsr debugfs directory [ 216.146067][ T5041] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 216.154076][ T5041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.180842][ T5041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.236671][ T50] Bluetooth: hci0: command tx timeout [ 216.484103][ T5047] hsr_slave_0: entered promiscuous mode [ 216.493758][ T5047] hsr_slave_1: entered promiscuous mode [ 216.503194][ T5047] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 216.511462][ T5047] Cannot create hsr debugfs directory [ 216.626641][ T50] Bluetooth: hci1: command tx timeout [ 216.674928][ T5041] hsr_slave_0: entered promiscuous mode [ 216.684577][ T5041] hsr_slave_1: entered promiscuous mode [ 216.693283][ T5041] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 216.702074][ T5041] Cannot create hsr debugfs directory [ 216.808403][ T50] Bluetooth: hci2: command tx timeout [ 216.953222][ T50] Bluetooth: hci3: command tx timeout [ 217.104986][ T5035] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 217.145098][ T5035] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 217.220286][ T5035] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 217.239066][ T5035] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 217.354202][ T50] Bluetooth: hci4: command tx timeout [ 217.794132][ T5037] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 217.815567][ T5037] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 217.838280][ T5037] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 217.879696][ T5037] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 217.992953][ T5031] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 218.030066][ T5031] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 218.092837][ T5031] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 218.118295][ T5031] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 218.271342][ T5047] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 218.308050][ T50] Bluetooth: hci0: command tx timeout [ 218.322547][ T5047] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 218.409391][ T5047] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 218.450646][ T5047] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 218.473696][ T5041] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 218.548319][ T5041] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 218.605001][ T5041] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 218.677745][ T5041] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 218.715669][ T50] Bluetooth: hci1: command tx timeout [ 218.867965][ T50] Bluetooth: hci2: command tx timeout [ 219.028224][ T50] Bluetooth: hci3: command tx timeout [ 219.157354][ T5035] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.288744][ T1218] ieee802154 phy0 wpan0: encryption failed: -22 [ 219.295574][ T1218] ieee802154 phy1 wpan1: encryption failed: -22 [ 219.427492][ T50] Bluetooth: hci4: command tx timeout [ 219.494651][ T5031] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.520240][ T5035] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.611841][ T5037] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.689798][ T5088] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.697918][ T5088] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.736834][ T5047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.804620][ T5088] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.812516][ T5088] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.840687][ T5031] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.863126][ T5037] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.959468][ T5047] 8021q: adding VLAN 0 to HW filter on device team0 [ 220.023350][ T5088] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.031370][ T5088] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.054024][ T5088] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.062045][ T5088] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.084428][ T5088] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.092525][ T5088] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.230641][ T5080] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.238495][ T5080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.401641][ T5041] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.463485][ T5080] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.471622][ T5080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.577903][ T5080] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.585620][ T5080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.781478][ T5041] 8021q: adding VLAN 0 to HW filter on device team0 [ 220.971657][ T5082] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.979762][ T5082] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.061338][ T5047] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 221.123992][ T5082] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.132021][ T5082] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.460644][ T5037] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 222.907545][ T5035] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.034340][ T5037] veth0_vlan: entered promiscuous mode [ 223.158474][ T5047] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.212761][ T5031] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.273972][ T5037] veth1_vlan: entered promiscuous mode [ 223.574296][ T5035] veth0_vlan: entered promiscuous mode [ 223.617393][ T5041] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.721660][ T5037] veth0_macvtap: entered promiscuous mode [ 223.769285][ T5047] veth0_vlan: entered promiscuous mode [ 223.812284][ T5035] veth1_vlan: entered promiscuous mode [ 223.859033][ T5037] veth1_macvtap: entered promiscuous mode [ 223.892891][ T5047] veth1_vlan: entered promiscuous mode [ 223.995349][ T5031] veth0_vlan: entered promiscuous mode [ 224.127715][ T5031] veth1_vlan: entered promiscuous mode [ 224.145272][ T5037] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.267876][ T5035] veth0_macvtap: entered promiscuous mode [ 224.291323][ T5037] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 224.387987][ T5047] veth0_macvtap: entered promiscuous mode [ 224.429236][ T5035] veth1_macvtap: entered promiscuous mode [ 224.458109][ T5037] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.467812][ T5037] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.477412][ T5037] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.487183][ T5037] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.561182][ T5047] veth1_macvtap: entered promiscuous mode [ 224.693610][ T5035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.704876][ T5035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.720716][ T5035] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.742164][ T5031] veth0_macvtap: entered promiscuous mode [ 224.807429][ T5047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.818447][ T5047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.828884][ T5047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.840041][ T5047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.855639][ T5047] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.898134][ T5031] veth1_macvtap: entered promiscuous mode [ 224.923371][ T5035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.934502][ T5035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.952192][ T5035] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 225.033628][ T5031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.046968][ T5031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.057274][ T5031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.068090][ T5031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.078313][ T5031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.089234][ T5031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.106142][ T5031] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 225.145389][ T5035] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.154819][ T5035] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.167876][ T5035] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.177160][ T5035] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.217268][ T5047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.228536][ T5047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.238909][ T5047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.249928][ T5047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.266266][ T5047] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 225.327067][ T5031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.338285][ T5031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.350522][ T5031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.365166][ T5031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.375710][ T5031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 225.386757][ T5031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.402518][ T5031] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 225.497765][ T5031] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.508580][ T5031] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.517983][ T5031] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.527461][ T5031] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.579785][ T5047] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.590836][ T5047] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.601234][ T5047] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.611448][ T5047] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.481238][ T5041] veth0_vlan: entered promiscuous mode [ 226.619593][ T5041] veth1_vlan: entered promiscuous mode [ 226.934651][ T5041] veth0_macvtap: entered promiscuous mode [ 226.980423][ T5041] veth1_macvtap: entered promiscuous mode [ 227.195195][ T5041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.206435][ T5041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.216841][ T5041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.227917][ T5041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.238397][ T5041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.249590][ T5041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.260242][ T5041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 227.274227][ T5041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.291634][ T5041] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 227.401802][ T5041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 227.412889][ T5041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.423285][ T5041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 227.434575][ T5041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.444713][ T5041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 227.455525][ T5041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.466117][ T5041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 227.477481][ T5041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 227.493553][ T5041] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 227.759426][ T5041] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.770686][ T5041] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.780770][ T5041] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.790188][ T5041] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.390793][ T2854] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.400401][ T2854] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.630230][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.639063][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:27:58 executing program 2: r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000000), 0x0, 0x4) close(r1) [ 232.127696][ T5082] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.136138][ T5082] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.428029][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.436223][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:27:59 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r1, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) readv(r0, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) [ 232.700544][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.712783][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.765673][ T1086] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.774557][ T1086] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:27:59 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0x4008af00, 0x0) [ 232.955031][ T744] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.964546][ T744] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.019026][ T24] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.027525][ T24] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:27:59 executing program 2: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = fcntl$dupfd(r0, 0x0, r0) shutdown(r0, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000740)={0x0}}, 0x0) 22:27:59 executing program 1: write(0xffffffffffffffff, 0x0, 0x0) socket$can_raw(0x1d, 0x3, 0x1) r0 = socket$inet_tcp(0x2, 0x1, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='lp\x00', 0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x3, 0x0, 0x2, 0x5}, 0x10}, 0x90) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1, 0x0, 0x68b70100}, 0x700) 22:27:59 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, 0x4, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c000}, 0x40440c4) 22:28:00 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) socket(0x1d, 0x2, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000740)) socket$pppoe(0x18, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet(0x2, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) 22:28:00 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x6, 0xfc, 0x1f}) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000001c0)={0x1, 0x3, 0x6}) dup2(r1, r0) [ 233.765233][ T5230] Bluetooth: MGMT ver 1.22 [ 233.771458][ T5230] Bluetooth: hci3: invalid length 0, exp 2 for type 16 22:28:00 executing program 3: r0 = socket$inet(0x2, 0x3, 0x5) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, 0x0, 0x0) [ 234.121965][ T5225] can: request_module (can-proto-0) failed. 22:28:00 executing program 2: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)=0x40000) 22:28:01 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="4108010000000000000000000000955e590200000000000000def74d7beb768400edc188144582da49fee13f83ce57321283078a3d525e608ea54f320010000000e4f30000403bd9f710002b0000000000fa5a56b1badfe65a870000000000000000021795b550ef8df98001a7da9f90fb74bd2393b300000066d8e86ff1050000004cb8b802e850de29254e769bc88640213ba993b81ffacea54a"], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x10e000}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000800)=[{{0x0, 0x28, &(0x7f0000000600)=[{&(0x7f0000000080)="5113e66f71e12e335cd42db1b212760cfc1524ee673683133b0f", 0x1a}], 0x1}}], 0x1, 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 22:28:01 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r1, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) readv(r0, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) [ 234.822030][ T5239] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 234.890324][ T1086] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.898786][ T1086] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:28:01 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r4, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={r5}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 235.172436][ T779] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.183855][ T779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:28:02 executing program 0: r0 = syz_open_procfs(0x0, 0x0) preadv(r0, &(0x7f00000016c0)=[{&(0x7f0000001240)=""/231, 0xe7}], 0x1, 0x0, 0x0) 22:28:02 executing program 2: mknod(&(0x7f0000000000)='./bus\x00', 0x1000, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r2 = open(&(0x7f00000002c0)='./bus\x00', 0x60102, 0x0) splice(r1, 0x0, r2, 0x0, 0x1f0, 0x0) write$FUSE_DIRENTPLUS(r0, 0x0, 0x1f0) [ 235.530122][ T5245] kvm: emulating exchange as write 22:28:02 executing program 4: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010000a000090400000103010100092100080001220100090581", @ANYRES64], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000000c0)={0xffffffffffffff81, &(0x7f0000000040)={0x0, 0x0, 0x4, "cd569c74"}, 0x0, 0x0, 0x0, 0x0}) 22:28:02 executing program 1: bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x1c, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000dc0)=[{}, {}, {0x0, 0x0, 0x4}]}, 0x90) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x1b18) 22:28:02 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000600)={0x123e3}) renameat2(r0, &(0x7f0000000380)='./bus\x00', r0, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./f']) 22:28:02 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f00000000c0)={0x0, 0x6, 0x305, 0x0, 0x5d, 0x0, 0x0}) 22:28:02 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r1, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) readv(r0, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) [ 236.400592][ T5082] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 236.677327][ T5259] overlayfs: failed to resolve './f': -2 [ 236.736666][ T5082] usb 5-1: Using ep0 maxpacket: 32 22:28:03 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)=0x80) [ 236.868020][ T5082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 236.879858][ T5082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 236.892471][ T5082] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 236.902133][ T5082] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 22:28:03 executing program 0: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000040)=0x40000) 22:28:03 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r4, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={r5}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) [ 237.039752][ T5082] usb 5-1: config 0 descriptor?? [ 237.058833][ T5255] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 237.150858][ T5082] hub 5-1:0.0: USB hub found 22:28:03 executing program 1: syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_mr_cache\x00') preadv(0xffffffffffffffff, &(0x7f00000016c0)=[{&(0x7f0000001240)=""/231, 0xe7}], 0x1, 0x0, 0x0) [ 237.456830][ T5082] hub 5-1:0.0: 2 ports detected [ 237.619138][ T5082] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 237.626165][ T5082] hub 5-1:0.0: config failed, can't get hub status (err -71) 22:28:04 executing program 1: write(0xffffffffffffffff, 0x0, 0x0) socket$can_raw(0x1d, 0x3, 0x1) r0 = socket$inet_tcp(0x2, 0x1, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='lp\x00', 0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x3, 0x0, 0x2, 0x5}, 0x10}, 0x90) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1, 0x0, 0x68b70100}, 0x700) 22:28:04 executing program 3: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) socket(0x1d, 0x2, 0x6) socket$inet_sctp(0x2, 0x0, 0x84) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000740)) socket$pppoe(0x18, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet(0x2, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) [ 237.787496][ T5082] usbhid 5-1:0.0: can't add hid device: -71 [ 237.794305][ T5082] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 22:28:04 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000cc0)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f00000003c0)={0x4c, r1, 0xd15, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x6, 'ipvlan0\x00'}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'batadv_slave_1\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x4c}}, 0x0) [ 237.911211][ T5082] usb 5-1: USB disconnect, device number 2 22:28:04 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000600)={0x123e3}) renameat2(r0, &(0x7f0000000380)='./bus\x00', r0, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=']) 22:28:05 executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) [ 238.563388][ T5283] Bluetooth: hci3: invalid length 0, exp 2 for type 16 22:28:05 executing program 2: openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f7ffff00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, "e85e52f25c40d7cb"}) r2 = dup3(r1, r0, 0x0) read$watch_queue(r2, &(0x7f0000000e00)=""/4096, 0x1000) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000140)) [ 238.760592][ T5286] overlay: Bad value for 'upperdir' 22:28:05 executing program 0: syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_mr_cache\x00') preadv(0xffffffffffffffff, &(0x7f00000016c0)=[{&(0x7f0000001240)=""/231, 0xe7}], 0x1, 0x0, 0x0) 22:28:05 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)=0x80) 22:28:05 executing program 3: r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r4, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={r5}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 22:28:05 executing program 2: r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f00000000c0)={0x0, 0x6, 0x305, 0x0, 0x5d, 0x0, 0x0}) 22:28:06 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f00000027c0)={0x2020}, 0x2020) lseek(r0, 0xfffffffffffffff5, 0x1) read$FUSE(r0, &(0x7f0000004800)={0x2020}, 0x2020) 22:28:06 executing program 0: syz_emit_ethernet(0x92, &(0x7f0000000140)={@local, @local, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x84, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@cipso={0x86, 0xa, 0x2, [{0x0, 0x2}, {0x0, 0x2}]}]}}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "fdcd070000f8000000005290e48e30acf8afc7e67d70a62c979c00000a0028bd", "ae0000000000000000e400", {"35f3c07eeca4a20a9858ac1500", "63081fe8fe001a08ed082ad7121d696f"}}}}}}}, 0x0) 22:28:06 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000600)={0x123e3}) renameat2(r0, &(0x7f0000000380)='./bus\x00', r0, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=']) 22:28:06 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 22:28:06 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) socket(0x1d, 0x2, 0x6) socket$inet_sctp(0x2, 0x0, 0x84) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000740)) socket$pppoe(0x18, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet(0x2, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) 22:28:06 executing program 3: select(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000180)={0x8d}, 0x0) select(0x40, &(0x7f00000002c0), 0x0, &(0x7f0000000340)={0x101}, 0x0) 22:28:07 executing program 0: syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_mr_cache\x00') preadv(0xffffffffffffffff, &(0x7f00000016c0)=[{&(0x7f0000001240)=""/231, 0xe7}], 0x1, 0x0, 0x0) [ 240.560289][ T5310] overlay: Bad value for 'upperdir' 22:28:07 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r4, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={r5}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000)) close_range(r0, 0xffffffffffffffff, 0x0) 22:28:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="4108010000000000000000000000955e590200000000000000def74d7beb768400edc188144582da49fee13f83ce57321283078a3d525e608ea54f320010000000e4f30000403bd9f710002b0000000000fa5a56b1badfe65a870000000000000000021795b550ef8df98001a7da9f90fb74bd2393b300000066d8e86ff1050000004cb8b802e850de29254e769bc88640213ba993b81ffacea54a"], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x10e000}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000440)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000800)=[{{0x0, 0x28, &(0x7f0000000600)=[{&(0x7f0000000080)="5113e66f71e12e335cd42db1b212760cfc1524ee673683133b0f", 0x1a}], 0x1}}], 0x1, 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 240.842958][ T5317] Bluetooth: hci3: invalid length 0, exp 2 for type 16 22:28:07 executing program 3: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r1, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) readv(r0, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) 22:28:07 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, 0x0, 0x0) getsockopt$netlink(r0, 0x10e, 0xa, &(0x7f0000000140)=""/4096, &(0x7f0000000040)=0xfffffffffffffd60) 22:28:08 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_SYS_OFFSET_PRECISE(r0, 0xc0403d08, 0x0) 22:28:08 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000300)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001a0001000000006100000000020000000000000000000000080001006401010008000300", @ANYRES32=r2], 0x34}}, 0x0) 22:28:08 executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000600)={0x123e3}) renameat2(r0, &(0x7f0000000380)='./bus\x00', r0, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=']) 22:28:08 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000150000001c0000007700efff0000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) [ 242.009283][ T5337] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 22:28:08 executing program 2: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x2400a800, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff06006000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) sendmmsg$inet6(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}], 0x1, 0x0) [ 242.070234][ T5337] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 242.234621][ T5339] overlay: Bad value for 'upperdir' 22:28:08 executing program 0: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x2400a800, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff06006000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) sendmmsg$inet6(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}], 0x1, 0x0) 22:28:08 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000006780)={0x57}) 22:28:09 executing program 3: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) socket(0x1d, 0x2, 0x6) socket$inet_sctp(0x2, 0x1, 0x84) socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000740)) socket$pppoe(0x18, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet(0x2, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) [ 242.530533][ T5342] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 242.695170][ T5345] netlink: 'syz-executor.0': attribute type 4 has an invalid length. 22:28:09 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)=0x80) 22:28:09 executing program 2: r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f00000000c0)={0x80, 0x0, 0x305, 0x0, 0x5d, 0x0, 0x0}) [ 243.177595][ T5352] Bluetooth: hci3: invalid length 0, exp 2 for type 15 22:28:09 executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_SYS_OFFSET_PRECISE(r0, 0xc0403d08, 0x0) 22:28:10 executing program 1: syz_emit_ethernet(0x92, &(0x7f0000000140)={@local, @local, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x84, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@cipso={0x86, 0xa, 0x2, [{0x0, 0x2}, {0x0, 0x2}]}]}}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "fdcd070000f8000000005290e48e30acf8afc7e67d70a62c979c00000a0028bd", "ae0000000000000000e400", {"35f3c07eeca4a20a9858ac1500", "63081fe8fe001a08ed082ad7121d696f"}}}}}}}, 0x0) 22:28:10 executing program 3: r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) r1 = gettid() process_vm_readv(r1, &(0x7f0000002380)=[{&(0x7f0000000f00)=""/191, 0xbf}, {&(0x7f0000000fc0)=""/186, 0xba}, {&(0x7f0000001080)=""/142, 0x8e}, {&(0x7f0000001140)=""/177, 0xb1}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000002200)=""/187, 0xbb}, {&(0x7f00000022c0)=""/136, 0x88}], 0x7, &(0x7f0000003880)=[{&(0x7f0000002400)=""/187, 0xbb}, {&(0x7f00000024c0)=""/139, 0x8b}, {&(0x7f0000002580)=""/4096, 0x1000}, {&(0x7f0000003580)=""/116, 0x74}, {&(0x7f0000003600)=""/119, 0x77}, {&(0x7f0000003680)=""/1, 0x1}, {0x0}, {&(0x7f0000003700)=""/71, 0x47}, {&(0x7f0000003780)=""/137, 0x89}, {&(0x7f0000003840)=""/22, 0x16}], 0xa, 0x0) 22:28:11 executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x5, 0x0, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 22:28:11 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_mr_cache\x00') preadv(r0, &(0x7f00000016c0), 0x0, 0x0, 0x0) 22:28:11 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000006140)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x20010080, &(0x7f0000000500)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646d61736b3d30303030303030303030303030303030312c696f636861727365743d6d616b726f6d616e19616c6c6f775f7574696d653d3030303030303038ba22fa55303030303030303030303030303030322c7569643d", @ANYRES64=r3, @ANYRESOCT=r1, @ANYBLOB="2a3a6dc4d70cd8504afe4f20df34adb6a4710fefa5f5413c5f370399b030f0ba82b1a3a020498c189e3ba7beaa3aaf1a71d11a61714034f7c0faacf09777dded4ba53f501164802338ac5d94a190b433f302d0ef3b4cb83e4d2e21baba997c7a0c67069bdaa4e355957b7c15ebd50d030dd8e7b793272af632b1d50818571de224bfc615f4911c5f477dde7c4e2fff75d35c38bedd59929accfa6a3a88ef8080f04bdff3da2a67d5cb", @ANYBLOB="00001b0087e1e85631dc26e7a9ce3c4396436bc6736574e997938c382c009cd0aeba477396b2cb852b9c7a6a4bf39e0368bfe3e9c44e297aeade00000000ffa3da2229249f9eae67b594fb6fa71518c4638f5e66923f2ba986156feb62be500e4840d9758d3d1f11577798871b0a2d0009ae68165160d76495fc48f43da2e2147ad0809022a1a0c2d459be0f94effcaf59410499c34ae6c623f1cf7d34ed38d634661013fc", @ANYRESHEX=r2], 0x1, 0x14ee, &(0x7f0000004000)="$eJzs3Au0jtX2MPA511qPW9Kb5L7mmg9v2lgkSS5JckmSJElyS0iSJAmJTW5JSELuSe4hucVO7vdb7klyJEkSEpKsb+ic89ep842+b5y+z/8/9vyNscZecz97rneud77jfZ/n2WPvbzsOrlq/WqW6zAz/Efz7l1QAyAQA/QDgGgCIAKBU9lLZLx3PrDH1P3sQ8dd6aNqVrkBcSdL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2dnudaGel3yP3/9Ew+/9M36X/6Jv1P36T/6Zv0P32T/qdv0v/0Tfqfvkn/hUjPrvT95/85I+M/nrErXcdfO67wy08IIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghRDpxLlxmAOCf8ytdlxBCCCGEEEIIIf46IeOVrkAIIYQQQgghhBD/7yEo0GAgggyQETJBZsgCV0FWuBqywTWQgGshO1wHOeB6yAm5IDfkgbyQD/KDBQIHDDEUgIKQhBugENwIKVAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6Ai3AmV4C6oDFWgKlSDu6E63AM14F6oCfdBLbgfzpX5e5V14SGoBw9DfXgEGsCj0BAaQWNoAk1/n48I8Jv82vAA1IEHf5f/InSFl6AbdIdU6AE94WXoBb2hD/SFfvAK9IdXYQC8BgNhEAyG12EIvAFD4U0YBsNhBLwFI2EUjIYxMBbGwXh4GybAOzAR3oVJMBmmwFSYBtNhBrwHM2EWzIb3YQ58AHNhHsyHBbAQPoRFsBjS4CNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW+AS2wXbYATthF+yGPfAp7IXPYB98Dvvhi//L/LO/y++EgIAKFRo0mAEzYCbMhFkwC2bFrJgNs2ECE5gds//XiyU35sa8mBfzY34kJGRkLIAFMIlJLISFMAVTsAgWQY8ei2NxLIE3Y0ksiaWwFJbG0lgGy2JZLI/lsQJWwIpYESthJayMlbEqVsW78W68B2tgDayJNbEW1sLaWBvrYB2si3WxHtbD+lgfG2ADbIgNsTE2xqbYFJthM2yOzbEltsRW2ApbY2tsg22wLbbFdtgO22N77IAdsCN2xE7YGTvji/givoQvYXesrHpgT+yJvbAX9sG+2Bdfwf74Kr6Kr+FAHISD8XV8Hd/AoXgGh+FwHIEjsIIahaNxDLIah+NxPE7ACTgRJ+IknIyTcSpOw+k4A2fgTJyFs/B9nIMf4Ac4D+fhAlyIC3ERLsY0TMMleBaX4jJcjitwJa7ClbgG1+IaXI8bcD1uwk24BbfgJ/gJbsftuBN34m7cjZ/ip/gZfoYDcT/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Ds/jebyAz+f9ut7uwusGgrrEKKMyqAwqk8qksqgsKqvKqrKpbCqhEiq7yq5yqBwqp8qpcqvcKq/Kq/Kr/IoUKVaxKqAKqKRKqkKqkEpRKaqIKqK88qq4Kq5KqBKqpCqpSqlbVWl1myqjyqoWvrwqryqolr6iulNVUpVUZVVFVVXVVDVVXVVXNVQNVVPVVLVULVVbPaDqqB7YBx9SlzpTXw3CBmowNlSNVGPVRL2Bj6lmaig2Vy1US/WEGo7DsLVq5tuop1VbNRrbqWfVGHxOdVDjsKN6QXVSnVUX9aLqqpr7bqq7moQ9VE81FXup3qqP6qtmYhV1qWNV1WtqoBqkBqvX1QJ8Qw1Vb6phargaod5SI9UoNVqNUWPVODVeva0mqHfURPWumqQmqylqqpqmpqsZ6j01U81Ss9X7ao76QM1V89R8tUAtVB+qRWqxSlMfqSXqY7VULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VX2itqntaofaqXap3WqP+lTtVZ+pfepztV99oQ4oTAX4Uh1SX6nD6mt1RH2jjqpv1TH1nTquvlcn1El1Sv2gTqsf1Zlf3xsBQP2sLqhf1EUVFGjUSmttdKQz6Iw6k86ss+irdFZ9tc6mr9EJfa3Orq/TOfT1OqfOpXPrPDqvzqfza6tJO8061gV0QZ3UN+hC+kadogvrIrqo9rqYLq5v0iX0zbqkvkWX0rfq0vo2XUaX1eV0eX27rqDv0BX1nbqSvktX1lV0VV1N362r63t0DX2vrqnv07X0/bq2fkDX0Q/quvohXU8/rOvrR3QD/ahuqBvpxrqJbqof083047q5bqFb6id0K/2kbq2f0m3007qtfka308/q9vo53UE/rzvqF3Qn3Vl30b/oizrobrq7TtU9dE/9su6le+s+uq/up1/R/fWreoB+TQ/Ug/Rg/boeot/QQ/Wbepgerkfot/RIPUqP1mP0WD1Oj9dv6wn6HT1Rv6sn6cl6ip6qp+npus8/Vpr9f5D/zr/JH/Dro2/RW/UnepvernfonXqX3q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6JP6J/2DPq1/1Gf0WX1W/6TP6/P6wj+eAzBolNHGmMhkMBlNJpPZZDFXmazmapPNXGMS5lqT3VxncpjrTU6Ty+Q2eUxek8/kN9aQcYZNbAqYgiZpbjCFzI0mxRQ2RUxR400xU9zc9B/n/1l9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL532RSpSkYlMlCHKEGWKMkVZoixR1ihrlC3KFiWiRJQ9yh7liK6Pcka5otxRnihvlC/KH9mIIhdxFEcFooJRMrohKhTdGKVEhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv6l64dwJtfjvpvtblNtD9vTvmx72d62j+1r+9lXbH/7qh1gX7MD7SA72L5uh9g37FD7ph1mh9sR9i070o6yo+0YO9aOs+Pt23aCfcdOtO/aSXaynWKn2ml2up1h37Mz7Sw7275v59gP7Fw7z863C+xC+6FdZBfbNPuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Sd2m91ud9iddpfdbffYT+1e+5ndZz+3++0X9oD9m1XwpT1kv7KH7df2iP3GHrXf2mP2O3vcfm9P2JP2lP3BnrY/2jP2rD1nf7Ln7c/2gv3FXrTh0sn9pY93MmQoA2WgTJSJslAWykpZKRtlowQlKDtlpxyUg3JSTspNuSkv5aX8lJ8uYWIqQAUoSUkqRIUohVKoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qA76U66i+6iKlSFqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVAml9llcVe5rO5ql81d434f53Z5XF6Xz+V31uV0uf4lJudciivsiriizrtirri76Q9xGVfWlXPl3e2ugrvDVfxDXN3d42q4e11Nd5+r5u7+l7iWu9/Vdo+4Ou5RV9c1cvVcE1ffPeIauEddQ9fINXZNXCv3pGvtnnJt3NOurXvmD/Eit9itdevcerfB7XWfuXPuJ3fUfevOu59dN9fd9XOvuP7uVTfAveYGukF/iEe4t9xIN8qNdmPcWDfuD/EUN9VNc9PdDPeem+lm/SFe6D50c1yam+vmufluwa/xpZrS3EduifvYLXXL3HK3wq10q9xqt+a/al3hNrnNbovb4z5129x2t8PtdLvc7l/jS/vY5z53+90X7oj7xh10X7pD7pg77L7+Nb60v2PuO3fcfe9OuJPulPvBnXY/ujPu7K/7v7T3H9wv7qILDhhZsWbDEWfgjJyJM3MWvoqz8tWcja/hBF/L2fk6zsHXc07Oxbk5D+flfJyfLRM7Zo65ABfkJN/AhfhGTuHCXISLsudiXJxv4hJ8M5fkW7gU38ql+TYuw2W5HJfn27kC38EV+U6uxHdxZa7CVbka383V+R6uwfdyTb6Pa/H9XJsf4Dr8INflh7geP8z1+RFuwI9yQ27EjbkJN+XHuBk/zs25BbfkJ7gVP8mt+Sluw09zW36G2/Gz3J6f4w78PHfkF7gTd+Yu/CJ35Ze4G3fnVO7BPfll7sW9uQ/35X78CvfnV3kAv8YDeRAP5td5CL/BQ/lNHsbDeQS/xSN5FI/mMTyWx/F4fpsn8Ds8kd/lSTyZp/BUnsbTeQa/xzN5Fs/m93kOf8BzeR7P5wW8kD/kRbyY0/gjXsIf81Jexst5Ba/kVbya1/BaXsfreQNv5E28mbfwVv6Et/F23sE7eRfv5j38Ke/lz3gff877+Qs+wH/jg/wlH+Kv+DB/zUf4Gz7K3/Ix/o6P8/d8gk/yKf6BT/OPfIbP8jn+ic/zz3yBf+GLHBhijFWsYxNHcYY4Y5wpzhxnia+Ks8ZXx9nia+JEfG2cPb4uzhFfH+eMc8W54zxx3jhfnD+2McUu5jiOC8QF42R8Q1wovjFOiQvHReKisY+LxcXjm+IS8c1xyfiWuFR8a1w6vi0uE5eNH7mvfHx7XCG+I64Y3xlXiu+KK8dV4qpxtfjuuHp8T1wjvjeuGd8Xl4zvj2vHD8R14gfjuvFDcb344bh+/EjcIH40bhg3ihvHTeKm8WNxs/jxuHncIm4ZPxG3ip+MW8dPxW3ip+O28TN/ejw17hH3jF+OX45DuFfPTy5ILkx+mFyUXJxMS36UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGUK1jODRK6+98ZHP4DP6TD6zz+Kv8ln91T6bv8Yn/LU+u7/O5/DX+5w+l8/t8/i8Pp/P760n7zz72BfwBX3S3+AL+Rt9ii/si/ii3vtivrhv4pv6pr6Zf9w39y18S/+Ef8I/6Z/0T/mn/NO+rX/Gt/PP+vb+Od/BP++f9y/4Tr6z7+Jf9F39S76b7+5Tfarv6Xv6Xr6X7xOB7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5KXP8XD/Xz/fz/UK/0C/yi3yaT/NL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/lD/uv/RH/jT/qv/XH/Hf+uP/en/An/Sn/gz/tf/Rn/Fl/zv/kz/uf/QX/i7/ogx+feDsxIfFOYmLi3cSkzJMTUxJTE9MS0xMzEu8lZiZmJWYn3k/MSXyQmJuYl5ifWJBYmPgwsSixOJGW+CixJPFxYmliWWJ5YkViZWJVIoR82+JQIBQMyXBDKBRuDCmhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwsHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3Dx179Z636lbqILIYQQQvyPkfonx3v8m++pf4xLegLA1dvzHP7tcQ0AG3P+fd5b5W2VAICnu3d86J+jcuXU1H8+7lINUcF5AJC4nJ8BLsfLoCU8CW2gBZSAf/766rd6q87n+U/WT94KkOU3OZngcnx5/Zv/7f57q1Fz/nT9eQApBS/nZIbL8eX1S/5v1s/V7E/Wz/zleIDmv8nJCpfjy+sXh8fhGWjzLz8phBBCCCGEEEL8XW9Vrv2fXd9euj7Pay7nZITL8W+vz4UQQgghhBBCCPHf03Oduzz1WJs2LdrL5L/jZLe0SSZXZnKF35iEEEIIIYQQf7nLJ/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+v/x78Su9B6FEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIK+1/BQAA///apiom") 22:28:11 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r4, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={r5, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r6}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 22:28:11 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = fsopen(&(0x7f0000000000)='proc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001340), 0x0, 0x0) dup3(r3, r2, 0x0) 22:28:11 executing program 3: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) dup(r0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) 22:28:11 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018020000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10) poll(&(0x7f0000000040)=[{}], 0x1, 0x0) 22:28:12 executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002220702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0) [ 245.576081][ T5372] loop2: detected capacity change from 0 to 256 22:28:12 executing program 0: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)='Y', 0x1}], 0x1, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x147042, 0x0) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x4003fe) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000140)={0x0, r0}) 22:28:12 executing program 4: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x8411}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x9) ioctl$TUNSETOFFLOAD(r0, 0x400454cb, 0x0) 22:28:12 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4008ae8a, &(0x7f0000000080)) [ 245.864371][ T5372] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 245.991970][ T28] audit: type=1800 audit(1712010492.565:2): pid=5380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1962 res=0 errno=0 22:28:12 executing program 0: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000040)=0x80) [ 246.247161][ T5384] tun0: tun_chr_ioctl cmd 1074025675 [ 246.253365][ T5384] tun0: persist disabled 22:28:12 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f00000000c0)={0x80, 0x6, 0x0, 0x0, 0x5d, 0x0, 0x0}) [ 246.367614][ T5372] exFAT-fs (loop2): IO charset makromanallow_utime=00000008º"úU0000000000000002 not found 22:28:13 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) dup(r0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) 22:28:13 executing program 4: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r1, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) readv(r0, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) 22:28:13 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 22:28:13 executing program 3: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x2400a800, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff06006000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) sendmmsg$inet6(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}], 0x1, 0x0) 22:28:13 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000006780)={0x57}) 22:28:13 executing program 2: openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x1010, 0xffffffffffffffff, 0x0) 22:28:13 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) dup2(r0, 0xffffffffffffffff) [ 247.307154][ T5400] netlink: 'syz-executor.3': attribute type 4 has an invalid length. 22:28:13 executing program 0: open$dir(&(0x7f0000000380)='.\x00', 0x0, 0x0) 22:28:14 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000006140)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x20010080, &(0x7f0000000500)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646d61736b3d30303030303030303030303030303030312c696f636861727365743d6d616b726f6d616e19616c6c6f775f7574696d653d3030303030303038ba22fa55303030303030303030303030303030322c7569643d", @ANYRES64=r3, @ANYRESOCT=r1, @ANYBLOB="2a3a6dc4d70cd8504afe4f20df34adb6a4710fefa5f5413c5f370399b030f0ba82b1a3a020498c189e3ba7beaa3aaf1a71d11a61714034f7c0faacf09777dded4ba53f501164802338ac5d94a190b433f302d0ef3b4cb83e4d2e21baba997c7a0c67069bdaa4e355957b7c15ebd50d030dd8e7b793272af632b1d50818571de224bfc615f4911c5f477dde7c4e2fff75d35c38bedd59929accfa6a3a88ef8080f04bdff3da2a67d5cb", @ANYBLOB="00001b0087e1e85631dc26e7a9ce3c4396436bc6736574e997938c382c009cd0aeba477396b2cb852b9c7a6a4bf39e0368bfe3e9c44e297aeade00000000ffa3da2229249f9eae67b594fb6fa71518c4638f5e66923f2ba986156feb62be500e4840d9758d3d1f11577798871b0a2d0009ae68165160d76495fc48f43da2e2147ad0809022a1a0c2d459be0f94effcaf59410499c34ae6c623f1cf7d34ed38d634661013fc", @ANYRESHEX=r2], 0x1, 0x14ee, &(0x7f0000004000)="$eJzs3Au0jtX2MPA511qPW9Kb5L7mmg9v2lgkSS5JckmSJElyS0iSJAmJTW5JSELuSe4hucVO7vdb7klyJEkSEpKsb+ic89ep842+b5y+z/8/9vyNscZecz97rneud77jfZ/n2WPvbzsOrlq/WqW6zAz/Efz7l1QAyAQA/QDgGgCIAKBU9lLZLx3PrDH1P3sQ8dd6aNqVrkBcSdL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2dnudaGel3yP3/9Ew+/9M36X/6Jv1P36T/6Zv0P32T/qdv0v/0Tfqfvkn/hUjPrvT95/85I+M/nrErXcdfO67wy08IIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghRDpxLlxmAOCf8ytdlxBCCCGEEEIIIf46IeOVrkAIIYQQQgghhBD/7yEo0GAgggyQETJBZsgCV0FWuBqywTWQgGshO1wHOeB6yAm5IDfkgbyQD/KDBQIHDDEUgIKQhBugENwIKVAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6Ai3AmV4C6oDFWgKlSDu6E63AM14F6oCfdBLbgfzpX5e5V14SGoBw9DfXgEGsCj0BAaQWNoAk1/n48I8Jv82vAA1IEHf5f/InSFl6AbdIdU6AE94WXoBb2hD/SFfvAK9IdXYQC8BgNhEAyG12EIvAFD4U0YBsNhBLwFI2EUjIYxMBbGwXh4GybAOzAR3oVJMBmmwFSYBtNhBrwHM2EWzIb3YQ58AHNhHsyHBbAQPoRFsBjS4CNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW+AS2wXbYATthF+yGPfAp7IXPYB98Dvvhi//L/LO/y++EgIAKFRo0mAEzYCbMhFkwC2bFrJgNs2ECE5gds//XiyU35sa8mBfzY34kJGRkLIAFMIlJLISFMAVTsAgWQY8ei2NxLIE3Y0ksiaWwFJbG0lgGy2JZLI/lsQJWwIpYESthJayMlbEqVsW78W68B2tgDayJNbEW1sLaWBvrYB2si3WxHtbD+lgfG2ADbIgNsTE2xqbYFJthM2yOzbEltsRW2ApbY2tsg22wLbbFdtgO22N77IAdsCN2xE7YGTvji/givoQvYXesrHpgT+yJvbAX9sG+2Bdfwf74Kr6Kr+FAHISD8XV8Hd/AoXgGh+FwHIEjsIIahaNxDLIah+NxPE7ACTgRJ+IknIyTcSpOw+k4A2fgTJyFs/B9nIMf4Ac4D+fhAlyIC3ERLsY0TMMleBaX4jJcjitwJa7ClbgG1+IaXI8bcD1uwk24BbfgJ/gJbsftuBN34m7cjZ/ip/gZfoYDcT/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Ds/jebyAz+f9ut7uwusGgrrEKKMyqAwqk8qksqgsKqvKqrKpbCqhEiq7yq5yqBwqp8qpcqvcKq/Kq/Kr/IoUKVaxKqAKqKRKqkKqkEpRKaqIKqK88qq4Kq5KqBKqpCqpSqlbVWl1myqjyqoWvrwqryqolr6iulNVUpVUZVVFVVXVVDVVXVVXNVQNVVPVVLVULVVbPaDqqB7YBx9SlzpTXw3CBmowNlSNVGPVRL2Bj6lmaig2Vy1US/WEGo7DsLVq5tuop1VbNRrbqWfVGHxOdVDjsKN6QXVSnVUX9aLqqpr7bqq7moQ9VE81FXup3qqP6qtmYhV1qWNV1WtqoBqkBqvX1QJ8Qw1Vb6phargaod5SI9UoNVqNUWPVODVeva0mqHfURPWumqQmqylqqpqmpqsZ6j01U81Ss9X7ao76QM1V89R8tUAtVB+qRWqxSlMfqSXqY7VULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VX2itqntaofaqXap3WqP+lTtVZ+pfepztV99oQ4oTAX4Uh1SX6nD6mt1RH2jjqpv1TH1nTquvlcn1El1Sv2gTqsf1Zlf3xsBQP2sLqhf1EUVFGjUSmttdKQz6Iw6k86ss+irdFZ9tc6mr9EJfa3Orq/TOfT1OqfOpXPrPDqvzqfza6tJO8061gV0QZ3UN+hC+kadogvrIrqo9rqYLq5v0iX0zbqkvkWX0rfq0vo2XUaX1eV0eX27rqDv0BX1nbqSvktX1lV0VV1N362r63t0DX2vrqnv07X0/bq2fkDX0Q/quvohXU8/rOvrR3QD/ahuqBvpxrqJbqof083047q5bqFb6id0K/2kbq2f0m3007qtfka308/q9vo53UE/rzvqF3Qn3Vl30b/oizrobrq7TtU9dE/9su6le+s+uq/up1/R/fWreoB+TQ/Ug/Rg/boeot/QQ/Wbepgerkfot/RIPUqP1mP0WD1Oj9dv6wn6HT1Rv6sn6cl6ip6qp+npus8/Vpr9f5D/zr/JH/Dro2/RW/UnepvernfonXqX3q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6JP6J/2DPq1/1Gf0WX1W/6TP6/P6wj+eAzBolNHGmMhkMBlNJpPZZDFXmazmapPNXGMS5lqT3VxncpjrTU6Ty+Q2eUxek8/kN9aQcYZNbAqYgiZpbjCFzI0mxRQ2RUxR400xU9zc9B/n/1l9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL532RSpSkYlMlCHKEGWKMkVZoixR1ihrlC3KFiWiRJQ9yh7liK6Pcka5otxRnihvlC/KH9mIIhdxFEcFooJRMrohKhTdGKVEhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv6l64dwJtfjvpvtblNtD9vTvmx72d62j+1r+9lXbH/7qh1gX7MD7SA72L5uh9g37FD7ph1mh9sR9i070o6yo+0YO9aOs+Pt23aCfcdOtO/aSXaynWKn2ml2up1h37Mz7Sw7275v59gP7Fw7z863C+xC+6FdZBfbNPuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Sd2m91ud9iddpfdbffYT+1e+5ndZz+3++0X9oD9m1XwpT1kv7KH7df2iP3GHrXf2mP2O3vcfm9P2JP2lP3BnrY/2jP2rD1nf7Ln7c/2gv3FXrTh0sn9pY93MmQoA2WgTJSJslAWykpZKRtlowQlKDtlpxyUg3JSTspNuSkv5aX8lJ8uYWIqQAUoSUkqRIUohVKoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qA76U66i+6iKlSFqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVAml9llcVe5rO5ql81d434f53Z5XF6Xz+V31uV0uf4lJudciivsiriizrtirri76Q9xGVfWlXPl3e2ugrvDVfxDXN3d42q4e11Nd5+r5u7+l7iWu9/Vdo+4Ou5RV9c1cvVcE1ffPeIauEddQ9fINXZNXCv3pGvtnnJt3NOurXvmD/Eit9itdevcerfB7XWfuXPuJ3fUfevOu59dN9fd9XOvuP7uVTfAveYGukF/iEe4t9xIN8qNdmPcWDfuD/EUN9VNc9PdDPeem+lm/SFe6D50c1yam+vmufluwa/xpZrS3EduifvYLXXL3HK3wq10q9xqt+a/al3hNrnNbovb4z5129x2t8PtdLvc7l/jS/vY5z53+90X7oj7xh10X7pD7pg77L7+Nb60v2PuO3fcfe9OuJPulPvBnXY/ujPu7K/7v7T3H9wv7qILDhhZsWbDEWfgjJyJM3MWvoqz8tWcja/hBF/L2fk6zsHXc07Oxbk5D+flfJyfLRM7Zo65ABfkJN/AhfhGTuHCXISLsudiXJxv4hJ8M5fkW7gU38ql+TYuw2W5HJfn27kC38EV+U6uxHdxZa7CVbka383V+R6uwfdyTb6Pa/H9XJsf4Dr8INflh7geP8z1+RFuwI9yQ27EjbkJN+XHuBk/zs25BbfkJ7gVP8mt+Sluw09zW36G2/Gz3J6f4w78PHfkF7gTd+Yu/CJ35Ze4G3fnVO7BPfll7sW9uQ/35X78CvfnV3kAv8YDeRAP5td5CL/BQ/lNHsbDeQS/xSN5FI/mMTyWx/F4fpsn8Ds8kd/lSTyZp/BUnsbTeQa/xzN5Fs/m93kOf8BzeR7P5wW8kD/kRbyY0/gjXsIf81Jexst5Ba/kVbya1/BaXsfreQNv5E28mbfwVv6Et/F23sE7eRfv5j38Ke/lz3gff877+Qs+wH/jg/wlH+Kv+DB/zUf4Gz7K3/Ix/o6P8/d8gk/yKf6BT/OPfIbP8jn+ic/zz3yBf+GLHBhijFWsYxNHcYY4Y5wpzhxnia+Ks8ZXx9nia+JEfG2cPb4uzhFfH+eMc8W54zxx3jhfnD+2McUu5jiOC8QF42R8Q1wovjFOiQvHReKisY+LxcXjm+IS8c1xyfiWuFR8a1w6vi0uE5eNH7mvfHx7XCG+I64Y3xlXiu+KK8dV4qpxtfjuuHp8T1wjvjeuGd8Xl4zvj2vHD8R14gfjuvFDcb344bh+/EjcIH40bhg3ihvHTeKm8WNxs/jxuHncIm4ZPxG3ip+MW8dPxW3ip+O28TN/ejw17hH3jF+OX45DuFfPTy5ILkx+mFyUXJxMS36UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGUK1jODRK6+98ZHP4DP6TD6zz+Kv8ln91T6bv8Yn/LU+u7/O5/DX+5w+l8/t8/i8Pp/P760n7zz72BfwBX3S3+AL+Rt9ii/si/ii3vtivrhv4pv6pr6Zf9w39y18S/+Ef8I/6Z/0T/mn/NO+rX/Gt/PP+vb+Od/BP++f9y/4Tr6z7+Jf9F39S76b7+5Tfarv6Xv6Xr6X7xOB7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5KXP8XD/Xz/fz/UK/0C/yi3yaT/NL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/lD/uv/RH/jT/qv/XH/Hf+uP/en/An/Sn/gz/tf/Rn/Fl/zv/kz/uf/QX/i7/ogx+feDsxIfFOYmLi3cSkzJMTUxJTE9MS0xMzEu8lZiZmJWYn3k/MSXyQmJuYl5ifWJBYmPgwsSixOJGW+CixJPFxYmliWWJ5YkViZWJVIoR82+JQIBQMyXBDKBRuDCmhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwsHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3Dx179Z636lbqILIYQQQvyPkfonx3v8m++pf4xLegLA1dvzHP7tcQ0AG3P+fd5b5W2VAICnu3d86J+jcuXU1H8+7lINUcF5AJC4nJ8BLsfLoCU8CW2gBZSAf/766rd6q87n+U/WT94KkOU3OZngcnx5/Zv/7f57q1Fz/nT9eQApBS/nZIbL8eX1S/5v1s/V7E/Wz/zleIDmv8nJCpfjy+sXh8fhGWjzLz8phBBCCCGEEEL8XW9Vrv2fXd9euj7Pay7nZITL8W+vz4UQQgghhBBCCPHf03Oduzz1WJs2LdrL5L/jZLe0SSZXZnKF35iEEEIIIYQQf7nLJ/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+v/x78Su9B6FEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIK+1/BQAA///apiom") 22:28:14 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f00000000c0)={0x80, 0x6, 0x0, 0x0, 0x5d, 0x0, 0x0}) 22:28:14 executing program 4: openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, 0xffffffffffffffff, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) 22:28:14 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000600)={0x123e3}) renameat2(r0, &(0x7f0000000380)='./bus\x00', r0, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=./bus,index']) 22:28:14 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) dup(r0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) readv(r0, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) [ 248.199029][ T5413] loop2: detected capacity change from 0 to 256 22:28:14 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000040)=0x80) [ 248.430321][ T5418] overlay: Bad value for 'index' [ 248.476959][ T5413] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) 22:28:15 executing program 4: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x2400a800, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff06006000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) sendmmsg$inet6(r0, &(0x7f0000000240)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}], 0x1, 0x0) 22:28:15 executing program 0: r0 = socket(0x10, 0x803, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x5c) recvmmsg(r0, &(0x7f0000003540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)=""/110, 0x6e}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000740)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000480)=""/168, 0xa8}, {&(0x7f0000000100)=""/16, 0x10}], 0x8}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400}) [ 248.967212][ T5424] netlink: 'syz-executor.4': attribute type 4 has an invalid length. 22:28:15 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) socket(0x1d, 0x2, 0x6) socket$inet_sctp(0x2, 0x1, 0x84) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) socket$pppoe(0x18, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet(0x2, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) [ 249.195310][ T5413] exFAT-fs (loop2): IO charset makromanallow_utime=00000008º"úU0000000000000002 not found 22:28:15 executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=@framed={{}, [@printk={@li}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10) epoll_create1(0x0) 22:28:15 executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000011c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a000090400000103010100092100080001220300090581", @ANYRES64], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000001180)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001300)={0x2c, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000e80)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB="200004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_usb_control_io(r0, 0x0, &(0x7f0000000b40)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0x0, 0x20}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)={0x40, 0x1e, 0x1}, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000500)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) syz_usb_control_io(r0, 0x0, 0x0) [ 249.377636][ T5430] Bluetooth: hci3: invalid length 0, exp 2 for type 15 22:28:16 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002a00)=@setlink={0x34, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_IFNAME={0x14, 0x3, 'veth1_to_batadv\x00'}]}, 0x34}}, 0x0) 22:28:16 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_mr_cache\x00') preadv(r0, &(0x7f00000016c0)=[{0x0}], 0x1, 0x0, 0x0) 22:28:16 executing program 1: r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f00000000c0)={0x80, 0x6, 0x0, 0x0, 0x5d, 0x0, 0x0}) [ 250.216611][ T5138] usb 1-1: new high-speed USB device number 2 using dummy_hcd 22:28:16 executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000000000)=@framed={{}, [@jmp={0x5, 0x0, 0x1}, @alu={0x7}]}, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 22:28:16 executing program 3: openat(0xffffffffffffff9c, &(0x7f0000001440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) [ 250.487045][ T5138] usb 1-1: Using ep0 maxpacket: 32 [ 250.634988][ T5138] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 250.650303][ T5138] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 250.663132][ T5138] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 250.673040][ T5138] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.749498][ T5138] usb 1-1: config 0 descriptor?? [ 250.769164][ T5433] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 250.856303][ T5138] hub 1-1:0.0: USB hub found 22:28:17 executing program 2: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) splice(r1, 0x0, r0, 0x0, 0x1, 0x0) fcntl$setpipe(r0, 0x407, 0x5e04) close_range(r0, 0xffffffffffffffff, 0x0) 22:28:17 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000040)=0x80) 22:28:17 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) socket(0x1d, 0x2, 0x6) socket$inet_sctp(0x2, 0x1, 0x84) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) socket$pppoe(0x18, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet(0x2, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) 22:28:17 executing program 4: r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) lseek(r0, 0xfffffffffffffffb, 0x3) [ 251.100792][ T5138] hub 1-1:0.0: 2 ports detected [ 251.323355][ T5451] Bluetooth: hci3: invalid length 0, exp 2 for type 15 22:28:17 executing program 4: socketpair(0x1, 0x2, 0x1, &(0x7f0000000080)) 22:28:18 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000006140)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x20010080, &(0x7f0000000500)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646d61736b3d30303030303030303030303030303030312c696f636861727365743d6d616b726f6d616e19616c6c6f775f7574696d653d3030303030303038ba22fa55303030303030303030303030303030322c7569643d", @ANYRES64=r3, @ANYRESOCT=r1, @ANYBLOB="2a3a6dc4d70cd8504afe4f20df34adb6a4710fefa5f5413c5f370399b030f0ba82b1a3a020498c189e3ba7beaa3aaf1a71d11a61714034f7c0faacf09777dded4ba53f501164802338ac5d94a190b433f302d0ef3b4cb83e4d2e21baba997c7a0c67069bdaa4e355957b7c15ebd50d030dd8e7b793272af632b1d50818571de224bfc615f4911c5f477dde7c4e2fff75d35c38bedd59929accfa6a3a88ef8080f04bdff3da2a67d5cb", @ANYBLOB="00001b0087e1e85631dc26e7a9ce3c4396436bc6736574e997938c382c009cd0aeba477396b2cb852b9c7a6a4bf39e0368bfe3e9c44e297aeade00000000ffa3da2229249f9eae67b594fb6fa71518c4638f5e66923f2ba986156feb62be500e4840d9758d3d1f11577798871b0a2d0009ae68165160d76495fc48f43da2e2147ad0809022a1a0c2d459be0f94effcaf59410499c34ae6c623f1cf7d34ed38d634661013fc", @ANYRESHEX=r2], 0x1, 0x14ee, &(0x7f0000004000)="$eJzs3Au0jtX2MPA511qPW9Kb5L7mmg9v2lgkSS5JckmSJElyS0iSJAmJTW5JSELuSe4hucVO7vdb7klyJEkSEpKsb+ic89ep842+b5y+z/8/9vyNscZecz97rneud77jfZ/n2WPvbzsOrlq/WqW6zAz/Efz7l1QAyAQA/QDgGgCIAKBU9lLZLx3PrDH1P3sQ8dd6aNqVrkBcSdL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2dnudaGel3yP3/9Ew+/9M36X/6Jv1P36T/6Zv0P32T/qdv0v/0Tfqfvkn/hUjPrvT95/85I+M/nrErXcdfO67wy08IIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghRDpxLlxmAOCf8ytdlxBCCCGEEEIIIf46IeOVrkAIIYQQQgghhBD/7yEo0GAgggyQETJBZsgCV0FWuBqywTWQgGshO1wHOeB6yAm5IDfkgbyQD/KDBQIHDDEUgIKQhBugENwIKVAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6Ai3AmV4C6oDFWgKlSDu6E63AM14F6oCfdBLbgfzpX5e5V14SGoBw9DfXgEGsCj0BAaQWNoAk1/n48I8Jv82vAA1IEHf5f/InSFl6AbdIdU6AE94WXoBb2hD/SFfvAK9IdXYQC8BgNhEAyG12EIvAFD4U0YBsNhBLwFI2EUjIYxMBbGwXh4GybAOzAR3oVJMBmmwFSYBtNhBrwHM2EWzIb3YQ58AHNhHsyHBbAQPoRFsBjS4CNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW+AS2wXbYATthF+yGPfAp7IXPYB98Dvvhi//L/LO/y++EgIAKFRo0mAEzYCbMhFkwC2bFrJgNs2ECE5gds//XiyU35sa8mBfzY34kJGRkLIAFMIlJLISFMAVTsAgWQY8ei2NxLIE3Y0ksiaWwFJbG0lgGy2JZLI/lsQJWwIpYESthJayMlbEqVsW78W68B2tgDayJNbEW1sLaWBvrYB2si3WxHtbD+lgfG2ADbIgNsTE2xqbYFJthM2yOzbEltsRW2ApbY2tsg22wLbbFdtgO22N77IAdsCN2xE7YGTvji/givoQvYXesrHpgT+yJvbAX9sG+2Bdfwf74Kr6Kr+FAHISD8XV8Hd/AoXgGh+FwHIEjsIIahaNxDLIah+NxPE7ACTgRJ+IknIyTcSpOw+k4A2fgTJyFs/B9nIMf4Ac4D+fhAlyIC3ERLsY0TMMleBaX4jJcjitwJa7ClbgG1+IaXI8bcD1uwk24BbfgJ/gJbsftuBN34m7cjZ/ip/gZfoYDcT/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Ds/jebyAz+f9ut7uwusGgrrEKKMyqAwqk8qksqgsKqvKqrKpbCqhEiq7yq5yqBwqp8qpcqvcKq/Kq/Kr/IoUKVaxKqAKqKRKqkKqkEpRKaqIKqK88qq4Kq5KqBKqpCqpSqlbVWl1myqjyqoWvrwqryqolr6iulNVUpVUZVVFVVXVVDVVXVVXNVQNVVPVVLVULVVbPaDqqB7YBx9SlzpTXw3CBmowNlSNVGPVRL2Bj6lmaig2Vy1US/WEGo7DsLVq5tuop1VbNRrbqWfVGHxOdVDjsKN6QXVSnVUX9aLqqpr7bqq7moQ9VE81FXup3qqP6qtmYhV1qWNV1WtqoBqkBqvX1QJ8Qw1Vb6phargaod5SI9UoNVqNUWPVODVeva0mqHfURPWumqQmqylqqpqmpqsZ6j01U81Ss9X7ao76QM1V89R8tUAtVB+qRWqxSlMfqSXqY7VULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VX2itqntaofaqXap3WqP+lTtVZ+pfepztV99oQ4oTAX4Uh1SX6nD6mt1RH2jjqpv1TH1nTquvlcn1El1Sv2gTqsf1Zlf3xsBQP2sLqhf1EUVFGjUSmttdKQz6Iw6k86ss+irdFZ9tc6mr9EJfa3Orq/TOfT1OqfOpXPrPDqvzqfza6tJO8061gV0QZ3UN+hC+kadogvrIrqo9rqYLq5v0iX0zbqkvkWX0rfq0vo2XUaX1eV0eX27rqDv0BX1nbqSvktX1lV0VV1N362r63t0DX2vrqnv07X0/bq2fkDX0Q/quvohXU8/rOvrR3QD/ahuqBvpxrqJbqof083047q5bqFb6id0K/2kbq2f0m3007qtfka308/q9vo53UE/rzvqF3Qn3Vl30b/oizrobrq7TtU9dE/9su6le+s+uq/up1/R/fWreoB+TQ/Ug/Rg/boeot/QQ/Wbepgerkfot/RIPUqP1mP0WD1Oj9dv6wn6HT1Rv6sn6cl6ip6qp+npus8/Vpr9f5D/zr/JH/Dro2/RW/UnepvernfonXqX3q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6JP6J/2DPq1/1Gf0WX1W/6TP6/P6wj+eAzBolNHGmMhkMBlNJpPZZDFXmazmapPNXGMS5lqT3VxncpjrTU6Ty+Q2eUxek8/kN9aQcYZNbAqYgiZpbjCFzI0mxRQ2RUxR400xU9zc9B/n/1l9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL532RSpSkYlMlCHKEGWKMkVZoixR1ihrlC3KFiWiRJQ9yh7liK6Pcka5otxRnihvlC/KH9mIIhdxFEcFooJRMrohKhTdGKVEhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv6l64dwJtfjvpvtblNtD9vTvmx72d62j+1r+9lXbH/7qh1gX7MD7SA72L5uh9g37FD7ph1mh9sR9i070o6yo+0YO9aOs+Pt23aCfcdOtO/aSXaynWKn2ml2up1h37Mz7Sw7275v59gP7Fw7z863C+xC+6FdZBfbNPuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Sd2m91ud9iddpfdbffYT+1e+5ndZz+3++0X9oD9m1XwpT1kv7KH7df2iP3GHrXf2mP2O3vcfm9P2JP2lP3BnrY/2jP2rD1nf7Ln7c/2gv3FXrTh0sn9pY93MmQoA2WgTJSJslAWykpZKRtlowQlKDtlpxyUg3JSTspNuSkv5aX8lJ8uYWIqQAUoSUkqRIUohVKoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qA76U66i+6iKlSFqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVAml9llcVe5rO5ql81d434f53Z5XF6Xz+V31uV0uf4lJudciivsiriizrtirri76Q9xGVfWlXPl3e2ugrvDVfxDXN3d42q4e11Nd5+r5u7+l7iWu9/Vdo+4Ou5RV9c1cvVcE1ffPeIauEddQ9fINXZNXCv3pGvtnnJt3NOurXvmD/Eit9itdevcerfB7XWfuXPuJ3fUfevOu59dN9fd9XOvuP7uVTfAveYGukF/iEe4t9xIN8qNdmPcWDfuD/EUN9VNc9PdDPeem+lm/SFe6D50c1yam+vmufluwa/xpZrS3EduifvYLXXL3HK3wq10q9xqt+a/al3hNrnNbovb4z5129x2t8PtdLvc7l/jS/vY5z53+90X7oj7xh10X7pD7pg77L7+Nb60v2PuO3fcfe9OuJPulPvBnXY/ujPu7K/7v7T3H9wv7qILDhhZsWbDEWfgjJyJM3MWvoqz8tWcja/hBF/L2fk6zsHXc07Oxbk5D+flfJyfLRM7Zo65ABfkJN/AhfhGTuHCXISLsudiXJxv4hJ8M5fkW7gU38ql+TYuw2W5HJfn27kC38EV+U6uxHdxZa7CVbka383V+R6uwfdyTb6Pa/H9XJsf4Dr8INflh7geP8z1+RFuwI9yQ27EjbkJN+XHuBk/zs25BbfkJ7gVP8mt+Sluw09zW36G2/Gz3J6f4w78PHfkF7gTd+Yu/CJ35Ze4G3fnVO7BPfll7sW9uQ/35X78CvfnV3kAv8YDeRAP5td5CL/BQ/lNHsbDeQS/xSN5FI/mMTyWx/F4fpsn8Ds8kd/lSTyZp/BUnsbTeQa/xzN5Fs/m93kOf8BzeR7P5wW8kD/kRbyY0/gjXsIf81Jexst5Ba/kVbya1/BaXsfreQNv5E28mbfwVv6Et/F23sE7eRfv5j38Ke/lz3gff877+Qs+wH/jg/wlH+Kv+DB/zUf4Gz7K3/Ix/o6P8/d8gk/yKf6BT/OPfIbP8jn+ic/zz3yBf+GLHBhijFWsYxNHcYY4Y5wpzhxnia+Ks8ZXx9nia+JEfG2cPb4uzhFfH+eMc8W54zxx3jhfnD+2McUu5jiOC8QF42R8Q1wovjFOiQvHReKisY+LxcXjm+IS8c1xyfiWuFR8a1w6vi0uE5eNH7mvfHx7XCG+I64Y3xlXiu+KK8dV4qpxtfjuuHp8T1wjvjeuGd8Xl4zvj2vHD8R14gfjuvFDcb344bh+/EjcIH40bhg3ihvHTeKm8WNxs/jxuHncIm4ZPxG3ip+MW8dPxW3ip+O28TN/ejw17hH3jF+OX45DuFfPTy5ILkx+mFyUXJxMS36UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGUK1jODRK6+98ZHP4DP6TD6zz+Kv8ln91T6bv8Yn/LU+u7/O5/DX+5w+l8/t8/i8Pp/P760n7zz72BfwBX3S3+AL+Rt9ii/si/ii3vtivrhv4pv6pr6Zf9w39y18S/+Ef8I/6Z/0T/mn/NO+rX/Gt/PP+vb+Od/BP++f9y/4Tr6z7+Jf9F39S76b7+5Tfarv6Xv6Xr6X7xOB7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5KXP8XD/Xz/fz/UK/0C/yi3yaT/NL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/lD/uv/RH/jT/qv/XH/Hf+uP/en/An/Sn/gz/tf/Rn/Fl/zv/kz/uf/QX/i7/ogx+feDsxIfFOYmLi3cSkzJMTUxJTE9MS0xMzEu8lZiZmJWYn3k/MSXyQmJuYl5ifWJBYmPgwsSixOJGW+CixJPFxYmliWWJ5YkViZWJVIoR82+JQIBQMyXBDKBRuDCmhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwsHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3Dx179Z636lbqILIYQQQvyPkfonx3v8m++pf4xLegLA1dvzHP7tcQ0AG3P+fd5b5W2VAICnu3d86J+jcuXU1H8+7lINUcF5AJC4nJ8BLsfLoCU8CW2gBZSAf/766rd6q87n+U/WT94KkOU3OZngcnx5/Zv/7f57q1Fz/nT9eQApBS/nZIbL8eX1S/5v1s/V7E/Wz/zleIDmv8nJCpfjy+sXh8fhGWjzLz8phBBCCCGEEEL8XW9Vrv2fXd9euj7Pay7nZITL8W+vz4UQQgghhBBCCPHf03Oduzz1WJs2LdrL5L/jZLe0SSZXZnKF35iEEEIIIYQQf7nLJ/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+v/x78Su9B6FEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIK+1/BQAA///apiom") 22:28:18 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x17ef, 0x60a3, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x86c}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000a80)={0x2c, &(0x7f0000000880)={0x0, 0x0, 0x24, {0x24, 0x0, "6acc114fab7a93b88018cd34ec5b58fb964d48ad597d9fcd31a25d6037ec8621a2c5"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) [ 251.830918][ T5462] loop2: detected capacity change from 0 to 256 22:28:18 executing program 3: r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) r2 = dup3(r1, r0, 0x0) recvmmsg(r2, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000005c0)=""/6, 0x6}], 0x1}}], 0x1, 0x0, 0x0) 22:28:18 executing program 4: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5543, 0x522, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x0, "cec131f9"}]}}, 0x0}, 0x0) [ 252.132209][ T5462] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 252.327352][ T5091] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 252.697141][ T5082] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 252.702409][ T5462] exFAT-fs (loop2): IO charset makromanallow_utime=00000008º"úU0000000000000002 not found [ 252.777480][ T5091] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 252.790698][ T5091] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 252.804862][ T5091] usb 2-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00 [ 252.815718][ T5091] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.900935][ T5091] usb 2-1: config 0 descriptor?? [ 252.967928][ T5082] usb 5-1: Using ep0 maxpacket: 16 [ 253.088227][ T5082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 253.105544][ T5082] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 253.117810][ T5082] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 253.127712][ T5082] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.165952][ T5082] usb 5-1: config 0 descriptor?? 22:28:19 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000600)={0x123e3}) renameat2(r0, &(0x7f0000000380)='./bus\x00', r0, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=./bus,index']) 22:28:20 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)) [ 253.539411][ T5091] hid (null): unknown global tag 0xc [ 253.804100][ T5082] uclogic 0003:5543:0522.0001: No inputs registered, leaving [ 253.854603][ T5091] lenovo 0003:17EF:60A3.0002: unknown main item tag 0x0 [ 253.864404][ T5091] lenovo 0003:17EF:60A3.0002: unknown global tag 0xc [ 253.871816][ T5091] lenovo 0003:17EF:60A3.0002: item 0 1 1 12 parsing failed [ 253.902174][ T5091] lenovo 0003:17EF:60A3.0002: hid_parse failed [ 253.909357][ T5091] lenovo 0003:17EF:60A3.0002: probe with driver lenovo failed with error -22 [ 253.955221][ T5082] uclogic 0003:5543:0522.0001: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.4-1/input0 [ 254.080075][ T5082] usb 5-1: USB disconnect, device number 3 [ 254.092874][ T5091] usb 2-1: USB disconnect, device number 2 22:28:20 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x5, &(0x7f0000000000)=@framed={{}, [@jmp={0x5, 0x0, 0x1}, @alu={0x7}]}, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 22:28:20 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) statx(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0) [ 254.374853][ T779] usb 1-1: USB disconnect, device number 2 22:28:21 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0) 22:28:21 executing program 3: r0 = socket(0x840000000002, 0x3, 0xfa) connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0) setsockopt$inet_int(r0, 0x0, 0x1a, &(0x7f0000000000)=0x7fffffff, 0x4) 22:28:21 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000006140)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x20010080, &(0x7f0000000500)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646d61736b3d30303030303030303030303030303030312c696f636861727365743d6d616b726f6d616e19616c6c6f775f7574696d653d3030303030303038ba22fa55303030303030303030303030303030322c7569643d", @ANYRES64=r3, @ANYRESOCT=r1, @ANYBLOB="2a3a6dc4d70cd8504afe4f20df34adb6a4710fefa5f5413c5f370399b030f0ba82b1a3a020498c189e3ba7beaa3aaf1a71d11a61714034f7c0faacf09777dded4ba53f501164802338ac5d94a190b433f302d0ef3b4cb83e4d2e21baba997c7a0c67069bdaa4e355957b7c15ebd50d030dd8e7b793272af632b1d50818571de224bfc615f4911c5f477dde7c4e2fff75d35c38bedd59929accfa6a3a88ef8080f04bdff3da2a67d5cb", @ANYBLOB="00001b0087e1e85631dc26e7a9ce3c4396436bc6736574e997938c382c009cd0aeba477396b2cb852b9c7a6a4bf39e0368bfe3e9c44e297aeade00000000ffa3da2229249f9eae67b594fb6fa71518c4638f5e66923f2ba986156feb62be500e4840d9758d3d1f11577798871b0a2d0009ae68165160d76495fc48f43da2e2147ad0809022a1a0c2d459be0f94effcaf59410499c34ae6c623f1cf7d34ed38d634661013fc", @ANYRESHEX=r2], 0x1, 0x14ee, &(0x7f0000004000)="$eJzs3Au0jtX2MPA511qPW9Kb5L7mmg9v2lgkSS5JckmSJElyS0iSJAmJTW5JSELuSe4hucVO7vdb7klyJEkSEpKsb+ic89ep842+b5y+z/8/9vyNscZecz97rneud77jfZ/n2WPvbzsOrlq/WqW6zAz/Efz7l1QAyAQA/QDgGgCIAKBU9lLZLx3PrDH1P3sQ8dd6aNqVrkBcSdL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2dnudaGel3yP3/9Ew+/9M36X/6Jv1P36T/6Zv0P32T/qdv0v/0Tfqfvkn/hUjPrvT95/85I+M/nrErXcdfO67wy08IIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghRDpxLlxmAOCf8ytdlxBCCCGEEEIIIf46IeOVrkAIIYQQQgghhBD/7yEo0GAgggyQETJBZsgCV0FWuBqywTWQgGshO1wHOeB6yAm5IDfkgbyQD/KDBQIHDDEUgIKQhBugENwIKVAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6Ai3AmV4C6oDFWgKlSDu6E63AM14F6oCfdBLbgfzpX5e5V14SGoBw9DfXgEGsCj0BAaQWNoAk1/n48I8Jv82vAA1IEHf5f/InSFl6AbdIdU6AE94WXoBb2hD/SFfvAK9IdXYQC8BgNhEAyG12EIvAFD4U0YBsNhBLwFI2EUjIYxMBbGwXh4GybAOzAR3oVJMBmmwFSYBtNhBrwHM2EWzIb3YQ58AHNhHsyHBbAQPoRFsBjS4CNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW+AS2wXbYATthF+yGPfAp7IXPYB98Dvvhi//L/LO/y++EgIAKFRo0mAEzYCbMhFkwC2bFrJgNs2ECE5gds//XiyU35sa8mBfzY34kJGRkLIAFMIlJLISFMAVTsAgWQY8ei2NxLIE3Y0ksiaWwFJbG0lgGy2JZLI/lsQJWwIpYESthJayMlbEqVsW78W68B2tgDayJNbEW1sLaWBvrYB2si3WxHtbD+lgfG2ADbIgNsTE2xqbYFJthM2yOzbEltsRW2ApbY2tsg22wLbbFdtgO22N77IAdsCN2xE7YGTvji/givoQvYXesrHpgT+yJvbAX9sG+2Bdfwf74Kr6Kr+FAHISD8XV8Hd/AoXgGh+FwHIEjsIIahaNxDLIah+NxPE7ACTgRJ+IknIyTcSpOw+k4A2fgTJyFs/B9nIMf4Ac4D+fhAlyIC3ERLsY0TMMleBaX4jJcjitwJa7ClbgG1+IaXI8bcD1uwk24BbfgJ/gJbsftuBN34m7cjZ/ip/gZfoYDcT/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Ds/jebyAz+f9ut7uwusGgrrEKKMyqAwqk8qksqgsKqvKqrKpbCqhEiq7yq5yqBwqp8qpcqvcKq/Kq/Kr/IoUKVaxKqAKqKRKqkKqkEpRKaqIKqK88qq4Kq5KqBKqpCqpSqlbVWl1myqjyqoWvrwqryqolr6iulNVUpVUZVVFVVXVVDVVXVVXNVQNVVPVVLVULVVbPaDqqB7YBx9SlzpTXw3CBmowNlSNVGPVRL2Bj6lmaig2Vy1US/WEGo7DsLVq5tuop1VbNRrbqWfVGHxOdVDjsKN6QXVSnVUX9aLqqpr7bqq7moQ9VE81FXup3qqP6qtmYhV1qWNV1WtqoBqkBqvX1QJ8Qw1Vb6phargaod5SI9UoNVqNUWPVODVeva0mqHfURPWumqQmqylqqpqmpqsZ6j01U81Ss9X7ao76QM1V89R8tUAtVB+qRWqxSlMfqSXqY7VULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VX2itqntaofaqXap3WqP+lTtVZ+pfepztV99oQ4oTAX4Uh1SX6nD6mt1RH2jjqpv1TH1nTquvlcn1El1Sv2gTqsf1Zlf3xsBQP2sLqhf1EUVFGjUSmttdKQz6Iw6k86ss+irdFZ9tc6mr9EJfa3Orq/TOfT1OqfOpXPrPDqvzqfza6tJO8061gV0QZ3UN+hC+kadogvrIrqo9rqYLq5v0iX0zbqkvkWX0rfq0vo2XUaX1eV0eX27rqDv0BX1nbqSvktX1lV0VV1N362r63t0DX2vrqnv07X0/bq2fkDX0Q/quvohXU8/rOvrR3QD/ahuqBvpxrqJbqof083047q5bqFb6id0K/2kbq2f0m3007qtfka308/q9vo53UE/rzvqF3Qn3Vl30b/oizrobrq7TtU9dE/9su6le+s+uq/up1/R/fWreoB+TQ/Ug/Rg/boeot/QQ/Wbepgerkfot/RIPUqP1mP0WD1Oj9dv6wn6HT1Rv6sn6cl6ip6qp+npus8/Vpr9f5D/zr/JH/Dro2/RW/UnepvernfonXqX3q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6JP6J/2DPq1/1Gf0WX1W/6TP6/P6wj+eAzBolNHGmMhkMBlNJpPZZDFXmazmapPNXGMS5lqT3VxncpjrTU6Ty+Q2eUxek8/kN9aQcYZNbAqYgiZpbjCFzI0mxRQ2RUxR400xU9zc9B/n/1l9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL532RSpSkYlMlCHKEGWKMkVZoixR1ihrlC3KFiWiRJQ9yh7liK6Pcka5otxRnihvlC/KH9mIIhdxFEcFooJRMrohKhTdGKVEhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv6l64dwJtfjvpvtblNtD9vTvmx72d62j+1r+9lXbH/7qh1gX7MD7SA72L5uh9g37FD7ph1mh9sR9i070o6yo+0YO9aOs+Pt23aCfcdOtO/aSXaynWKn2ml2up1h37Mz7Sw7275v59gP7Fw7z863C+xC+6FdZBfbNPuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Sd2m91ud9iddpfdbffYT+1e+5ndZz+3++0X9oD9m1XwpT1kv7KH7df2iP3GHrXf2mP2O3vcfm9P2JP2lP3BnrY/2jP2rD1nf7Ln7c/2gv3FXrTh0sn9pY93MmQoA2WgTJSJslAWykpZKRtlowQlKDtlpxyUg3JSTspNuSkv5aX8lJ8uYWIqQAUoSUkqRIUohVKoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qA76U66i+6iKlSFqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVAml9llcVe5rO5ql81d434f53Z5XF6Xz+V31uV0uf4lJudciivsiriizrtirri76Q9xGVfWlXPl3e2ugrvDVfxDXN3d42q4e11Nd5+r5u7+l7iWu9/Vdo+4Ou5RV9c1cvVcE1ffPeIauEddQ9fINXZNXCv3pGvtnnJt3NOurXvmD/Eit9itdevcerfB7XWfuXPuJ3fUfevOu59dN9fd9XOvuP7uVTfAveYGukF/iEe4t9xIN8qNdmPcWDfuD/EUN9VNc9PdDPeem+lm/SFe6D50c1yam+vmufluwa/xpZrS3EduifvYLXXL3HK3wq10q9xqt+a/al3hNrnNbovb4z5129x2t8PtdLvc7l/jS/vY5z53+90X7oj7xh10X7pD7pg77L7+Nb60v2PuO3fcfe9OuJPulPvBnXY/ujPu7K/7v7T3H9wv7qILDhhZsWbDEWfgjJyJM3MWvoqz8tWcja/hBF/L2fk6zsHXc07Oxbk5D+flfJyfLRM7Zo65ABfkJN/AhfhGTuHCXISLsudiXJxv4hJ8M5fkW7gU38ql+TYuw2W5HJfn27kC38EV+U6uxHdxZa7CVbka383V+R6uwfdyTb6Pa/H9XJsf4Dr8INflh7geP8z1+RFuwI9yQ27EjbkJN+XHuBk/zs25BbfkJ7gVP8mt+Sluw09zW36G2/Gz3J6f4w78PHfkF7gTd+Yu/CJ35Ze4G3fnVO7BPfll7sW9uQ/35X78CvfnV3kAv8YDeRAP5td5CL/BQ/lNHsbDeQS/xSN5FI/mMTyWx/F4fpsn8Ds8kd/lSTyZp/BUnsbTeQa/xzN5Fs/m93kOf8BzeR7P5wW8kD/kRbyY0/gjXsIf81Jexst5Ba/kVbya1/BaXsfreQNv5E28mbfwVv6Et/F23sE7eRfv5j38Ke/lz3gff877+Qs+wH/jg/wlH+Kv+DB/zUf4Gz7K3/Ix/o6P8/d8gk/yKf6BT/OPfIbP8jn+ic/zz3yBf+GLHBhijFWsYxNHcYY4Y5wpzhxnia+Ks8ZXx9nia+JEfG2cPb4uzhFfH+eMc8W54zxx3jhfnD+2McUu5jiOC8QF42R8Q1wovjFOiQvHReKisY+LxcXjm+IS8c1xyfiWuFR8a1w6vi0uE5eNH7mvfHx7XCG+I64Y3xlXiu+KK8dV4qpxtfjuuHp8T1wjvjeuGd8Xl4zvj2vHD8R14gfjuvFDcb344bh+/EjcIH40bhg3ihvHTeKm8WNxs/jxuHncIm4ZPxG3ip+MW8dPxW3ip+O28TN/ejw17hH3jF+OX45DuFfPTy5ILkx+mFyUXJxMS36UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGUK1jODRK6+98ZHP4DP6TD6zz+Kv8ln91T6bv8Yn/LU+u7/O5/DX+5w+l8/t8/i8Pp/P760n7zz72BfwBX3S3+AL+Rt9ii/si/ii3vtivrhv4pv6pr6Zf9w39y18S/+Ef8I/6Z/0T/mn/NO+rX/Gt/PP+vb+Od/BP++f9y/4Tr6z7+Jf9F39S76b7+5Tfarv6Xv6Xr6X7xOB7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5KXP8XD/Xz/fz/UK/0C/yi3yaT/NL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/lD/uv/RH/jT/qv/XH/Hf+uP/en/An/Sn/gz/tf/Rn/Fl/zv/kz/uf/QX/i7/ogx+feDsxIfFOYmLi3cSkzJMTUxJTE9MS0xMzEu8lZiZmJWYn3k/MSXyQmJuYl5ifWJBYmPgwsSixOJGW+CixJPFxYmliWWJ5YkViZWJVIoR82+JQIBQMyXBDKBRuDCmhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwsHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3Dx179Z636lbqILIYQQQvyPkfonx3v8m++pf4xLegLA1dvzHP7tcQ0AG3P+fd5b5W2VAICnu3d86J+jcuXU1H8+7lINUcF5AJC4nJ8BLsfLoCU8CW2gBZSAf/766rd6q87n+U/WT94KkOU3OZngcnx5/Zv/7f57q1Fz/nT9eQApBS/nZIbL8eX1S/5v1s/V7E/Wz/zleIDmv8nJCpfjy+sXh8fhGWjzLz8phBBCCCGEEEL8XW9Vrv2fXd9euj7Pay7nZITL8W+vz4UQQgghhBBCCPHf03Oduzz1WJs2LdrL5L/jZLe0SSZXZnKF35iEEEIIIYQQf7nLJ/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+v/x78Su9B6FEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIK+1/BQAA///apiom") 22:28:21 executing program 4: r0 = socket(0x2, 0x3, 0x0) sendmsg$unix(r0, &(0x7f0000000240)={&(0x7f0000000200)=@file={0x0, './file0\x00'}, 0xa, 0x0, 0x0, &(0x7f0000000300)=[@rights], 0x10}, 0x8) 22:28:21 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000600)={0x123e3}) renameat2(r0, &(0x7f0000000380)='./bus\x00', r0, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=./bus,index=o']) [ 255.336492][ C0] hrtimer: interrupt took 284323 ns [ 255.411201][ T5487] loop0: detected capacity change from 0 to 256 [ 255.590248][ T5495] overlay: Bad value for 'index' [ 255.676284][ T5487] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) 22:28:22 executing program 2: r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000180)="080027226da0d6c1", 0x8}], 0x1, &(0x7f0000000240)=[@ip_retopts={{0x10}}, @ip_retopts={{0x14, 0x0, 0x7, {[@ssrr={0x89, 0x3}]}}}], 0x28}, 0x0) 22:28:22 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f00000000c0)=0xbb1, 0x4) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007bd, &(0x7f0000000200)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000180), 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfffffffffffffee4, 0x11, 0x0, 0x27) shutdown(r0, 0x1) recvmsg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000003540)=""/4099, 0x1003}, {0x0}, {0x0}, {0x0}], 0x4, 0x0, 0x0, 0xf9ea}, 0x100) 22:28:22 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000500)={'wg2\x00'}) sendmsg$ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x20, r2, 0x301, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x20}}, 0x0) [ 256.215975][ T5487] exFAT-fs (loop0): IO charset makromanallow_utime=00000008º"úU0000000000000002 not found 22:28:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000200)={0x0, 0x0, 0x10008001}) 22:28:23 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 22:28:23 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000500)=ANY=[], 0x200600) readv(r0, 0x0, 0x0) write$binfmt_misc(r0, 0x0, 0x0) 22:28:24 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000200)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000600)={0x123e3}) renameat2(r0, &(0x7f0000000380)='./bus\x00', r0, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='workdir=./file1,lowerdir=./file0,upperdir=./bus,index=o']) 22:28:24 executing program 4: r0 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r0, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) 22:28:24 executing program 0: r0 = landlock_create_ruleset(&(0x7f0000000080)={0x810}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) [ 257.870790][ T5518] overlay: Bad value for 'index' 22:28:24 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) 22:28:25 executing program 1: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) socket(0x1d, 0x2, 0x6) socket$inet_sctp(0x2, 0x1, 0x84) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000740)) socket$pppoe(0x18, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) socket$inet(0x2, 0x2, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) 22:28:25 executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 22:28:25 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f00000000c0)=0xbb1, 0x4) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007bd, &(0x7f0000000200)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000180), 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfffffffffffffee4, 0x11, 0x0, 0x27) shutdown(r0, 0x1) recvmsg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000003540)=""/4099, 0x1003}, {0x0}, {0x0}, {0x0}], 0x4, 0x0, 0x0, 0xf9ea}, 0x100) 22:28:25 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x5}, 0x48) 22:28:25 executing program 3: eventfd2(0x1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000000)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000005a700)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000745c0)={0x5af, [{}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}], 0x81, "7464fbe08eb369"}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) socket$inet_udp(0x2, 0x2, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) syz_open_dev$vcsa(&(0x7f0000000000), 0x6, 0x10000) syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=") [ 259.178677][ T5536] Bluetooth: hci3: invalid length 0, exp 2 for type 16 22:28:25 executing program 4: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0) 22:28:26 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000140)=ANY=[], 0xfe29) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007bd, &(0x7f0000000200)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000180), 0x4) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfffffffffffffee4, 0x11, 0x0, 0x27) [ 259.739565][ T5538] loop3: detected capacity change from 0 to 2048 22:28:26 executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) [ 260.105214][ T5538] Alternate GPT is invalid, using primary GPT. [ 260.115809][ T5538] loop3: p2 p3 p7 22:28:26 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0xa, 0x0, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007bd, &(0x7f0000000200)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x2, 0x0, @broadcast}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfffffffffffffee4, 0x11, 0x0, 0x27) sendto$inet(r0, &(0x7f0000000000)="fe07554889bc024057599f13e2ba797f0c0fd3ffcececbe20962743c095735", 0x1f, 0x4060081, &(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10) recvmsg(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000003540)=""/4099, 0x1003}, {&(0x7f00000004c0)=""/233, 0xe9}, {0x0}], 0x3, 0x0, 0x0, 0xf9ea}, 0x100) 22:28:26 executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x3, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001580)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05ab"], 0x0) 22:28:27 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000500)=ANY=[], 0x200600) readv(r0, 0x0, 0x0) write$binfmt_misc(r0, 0x0, 0x0) 22:28:27 executing program 4: r0 = syz_open_dev$sndpcmc(&(0x7f00000011c0), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0x80184132, &(0x7f0000000000)) 22:28:27 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x5}, 0x48) 22:28:27 executing program 3: r0 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r0, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) readv(0xffffffffffffffff, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) [ 261.136920][ T5082] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 261.143966][ T5472] udevd[5472]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory 22:28:27 executing program 4: getrlimit(0xfb0d062578691a4d, 0x0) [ 261.182911][ T5197] udevd[5197]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 261.259115][ T5461] udevd[5461]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory 22:28:28 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') [ 261.576879][ T5082] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 261.589526][ T5082] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 22:28:28 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0) acct(&(0x7f0000000080)='./file1\x00') [ 261.718704][ T5082] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 261.728533][ T5082] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 261.737110][ T5082] usb 1-1: SerialNumber: syz 22:28:28 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 261.917314][ T28] audit: type=1326 audit(1712010508.425:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f887dda9 code=0x7ffc0000 [ 261.941812][ T28] audit: type=1326 audit(1712010508.425:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f887dda9 code=0x7ffc0000 [ 261.965963][ T28] audit: type=1326 audit(1712010508.435:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f28f887dda9 code=0x7ffc0000 [ 261.989437][ T28] audit: type=1326 audit(1712010508.445:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f887dda9 code=0x7ffc0000 [ 262.017728][ T28] audit: type=1326 audit(1712010508.475:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f28f887dda9 code=0x7ffc0000 [ 262.043428][ T28] audit: type=1326 audit(1712010508.485:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28f887dda9 code=0x7ffc0000 22:28:28 executing program 3: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x8000) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)) [ 262.202241][ T5082] usb 1-1: 0:2 : does not exist [ 262.312342][ T5082] usb 1-1: USB disconnect, device number 3 22:28:28 executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x5}, 0x48) 22:28:29 executing program 4: syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @random="05041c2b476a", @val, {@ipv4}}, 0x0) 22:28:29 executing program 1: r0 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r0, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) readv(0xffffffffffffffff, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) 22:28:29 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x138, 0x111, 0x4b4, 0x138, 0x700, 0x258, 0x278, 0x278, 0x258, 0x278, 0x3, 0x0, {[{{@ipv6={@mcast2, @local, [], [], 'vlan0\x00', 'team_slave_0\x00'}, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388) [ 262.903611][ T5472] udevd[5472]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory 22:28:29 executing program 3: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0xa08800, &(0x7f0000000140)=ANY=[], 0x1, 0x671, &(0x7f0000000a40)="$eJzs3c1rHOcdB/DvrFay5IKjJHbilkBFDGmpqS1ZKK16idtD0SGU4B5CoRdhy7HwWgmSUpRQivp+7SF/QHrQodBToXdDCj21veWqUwkUeslJN5eZnZVWllfZlSWt1Xw+ZnaemWeel/nNzDM7WswE+NJauJrmwxRZuPrmRrm8vTXb2t6aPVdnt5KU6UbSbM9SrCTFJ8nNtKd8tVxZb1/0auej5flbn36+/Vl7qVlP1faNw8r1Z7OeMpVkpJ4fNHqk+m73rO9wi7upYncPy4Bd6QQOhu3RAZuDFH/K6xZ4FhTt++YBk8n5JOP194DUo0PjdHt3/AYa5QAAAOCMem4nO9nIhWH3AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM6S+v3/RT01OumpFJ33/4/V61KnbzWG3Oen8XDYHQAAAAAAAACAY/D1nexkIxc6y4/av+y/Wn1erD6/kvezlqWs5lo2spj1rGc1M0kmuyoa21hcX1+d6aPkjSeWvHEaewsAAAAAAAAA/7d+lYW93/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBZUCQj7Vk1XeykJ9NoJhlPMlZut5n8q5M+I4onrXx4+v0AAACApzJ+hDLP7WQnG7nQWX5UVM/8L1XPy+N5PytZz3LW08pS7tTP0OVTf2N7a7a1vTX7YHtrtmr4p4/a2vV8/78DdaOqMe2/PTy55cvVFhO5m+VqzbXcrjpzJ42qZOly3Z/daX8jvyz7NPFGrc+e3annZWN/6PVXhOPQGLTAZFVodDci03XfyoqePzwSX3h0moe2NJPG7l9+Lh7SUmeXigFjfr5TLsnvHov5G//+00/6rOYE7EaikSoSN7rOvpcOj3nyjb/++e17rZX79+6uXT2x0+i0PH5OzHZF4uUzHYnmgNtPV5G4tLu8kB/mx7maqbyV1SznZ1nMepZSj4xZrM/n8nOyK0rJgUjd3Lf01hf1ZKw+Lu1RtJ8+TeVclVrMq1XZC1lOkXdzJ0t5vfp3IzP5TuYyl/muI3yp5xGu9q0aaRuDXfVXvpm9S/335UjdX7nk7/1uOLj2LbWM6/Ndce0ecyervO41e1F6oY/70YBjY/NrdaJs49dHuW2cmMcjMdMViRcPj8Qfq2tjrbVyf/Xe4ns96t98bPm10b30b0/yzjyw8nx5IeP1SLL/7CjzXtwdZfbHa6z+xaWd1ziQd6nKK4rOlfqjnlfqWP0d7mBNN6q8lw/mjXR6frkrb9/3rbz7j+HEE4ABnf/W+bGJ/0z8c+Ljid9M3Jt4c/wH57577pWxjP5t9HvN6ZHXGq8Uf8nH+cXe8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB0ax98eH+x1VpafXKi0TvreBNF/SKfXts0M5FT6MZpJopk89hrzvD3q49E5yWCT1vP2zefid0504mRJJ01I9nLqg/RUV4uCpwJ19cfvHd97YMPv738YPGdpXeWVkbn5uan5+den71+d7m1NN3+HHYvgZOw931g2D0BAAAAAAAAAAAA+nUa/9Ogq7mpIe4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEYtXE1zNEVmpq9Nl8vbW7Otcuqk97ZsJmk0kuLnSfFJcjPtKZNd1RW92vloef7Wp59vf7ZXV7OzfeOwcv3ZrKdMJRmp5weMHa2+273q61uxu4dlwK50AgfD9r8AAAD//4uaBUc=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchmod(r0, 0x0) 22:28:29 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r1, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) 22:28:29 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000003600)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x4000800) 22:28:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000140)={0x2, 0x0, [{0x80000008, 0x4f9, 0x0, 0xffff7fff}, {}]}) 22:28:30 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0x802c550a, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}) [ 263.669123][ T5591] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 22:28:30 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000cc0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f00000003c0)={0x44, r1, 0xd15, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x6, 'ipvlan0\x00'}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'batadv_slave_1\x00'}]}, 0x44}}, 0x0) [ 263.791016][ T5588] loop3: detected capacity change from 0 to 1024 22:28:30 executing program 4: socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) socket(0x1d, 0x2, 0x6) socket$inet_sctp(0x2, 0x1, 0x84) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000740)) socket$pppoe(0x18, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) socket$inet(0x2, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) 22:28:30 executing program 0: syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f00000004c0)=ANY=[], 0x1, 0x5ee, &(0x7f0000000c80)="$eJzs3cFvHFcdB/Dvru3NOkjpxk3agCphgVQhLJJdWyIpF6AUZKEKVeLA2SJOYmWTVvYWuT1AQBwqTv0TysH/AOJYpBxoj3Dq2ahHJO6+Gc3srL2Jt1vHdrOb5vORZt+befPe/t5vZicza0Ub4Lm1upTZh6lldenN7WJ9d2elu7uzcm9QT3IuST1pJqkVm/+e5PPkQfpLvjloGCqP+Ozj5u1PP/zkg/5as1rK/Wvj+h3PQSytfqxleVbjLZ96vEdnuJBk8XTxwdnYH/jPyOZTfi4BgGlWS2ZGbW8l56ub9eI5oH9X3L/HfqY9mHQAAAAA8BS8sJe9bOfCpOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ0n1+/+1aqkP6oupDX7/v1FtS1V/pj2cdAAAAAAAAAAAcAa+vZe9bOfCYH2/Vv7N/zvlyqXy9Rt5N1tZz2auZjtr6aWXzXSStIYGamyv9XqbnWP0XB7Zc/npzBcAAAAAAAAAvqb+lNXDv/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA0qCUz/aJcLg3qrdRnkzSTNIr9HiT/HtSfZQ8nHQAAAAA8BS/sZS/buTBY36+Vz/wvlc/9zbyb++llI710s56b5XcB/af++u7OSnd3Z+VesRwd96f/e6IwyhHT/+5h9DtfKfeYz61slFuu5rd5O93cTL3sWbgyiGd0XH8sYqr9uHLMyG5WZTHzX1bldGiVGZk7yEi7iq3IxsVxmZg97Tt1Uj/45ufSV5Dz81VZzOeNqc758tDZ99L4TCQLv/nL9Tvd+3fv3Npamp4pndDjmVgZysTLz1Um2mUmLh+sr+YX+XWWspi3spmN/C5r6WU9i3mjrK1V53Px2hqfqZ88svbWl0XSqI5L/yr6ZDENbORXeTs3yyPazvVcz3J+mNfSfuQIXx4Z9x/2q+byU19/sk/9d79XVeaS/Lwqp0OR14tDeR2+5rbKtuEth1laOINr42MX69lvVZXi7Hl96q6NFx/7V2KQiRfHZ+Kv5Ymz1b1/d/PO2jvHfL9Xq7LIwM+OZGJ/5tQTOrHifFk4OHaPnh1F24sj2zpl26WDtvqRtssHba1cGPtJbVT3cEdHWi7bXh7Z1u93Zaht1P0WAFPv/PfPN+b/O/+v+Y/m/zx/Z/7N5uvnbpx7pZG5f879aLY982r9ldrf8lF+f/j8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnNzWe+/fXet21zefrDJ3ol7PS2X2FN0bJz8oKqeuJFMRxjRUJn1lAr5q13r33rm29d77P9i4t3Z7/fb6/dfaN250Op3r7Wu3Nrrr1eukowQAztLhTf+kIwEAAAAAAAAAAAAAAL7I2f3H6b5R+0x2hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNfd6lJmH6aWTvtqu1jf3VnpFsugfrhnM0mtqPwjyefJg/SXtJKZwU61L3qfzz5u3v70w08+OByrOdi/Nq7f8QzHknpVfom54463fLzxxjic4WKShaqEift/AAAA//9Cmv2m") 22:28:30 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$LOOP_CTL_ADD(r0, 0x80086601, 0x0) [ 264.265517][ T5597] netlink: 'syz-executor.1': attribute type 11 has an invalid length. 22:28:31 executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x5}, 0x48) 22:28:31 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r1, 0x0) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) readv(r0, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/13, 0xd}], 0x1) [ 264.478500][ T5603] Bluetooth: hci3: invalid length 0, exp 2 for type 16 [ 264.738851][ T5602] loop0: detected capacity change from 0 to 1024 [ 264.806167][ T5602] ===================================================== [ 264.814099][ T5602] BUG: KMSAN: uninit-value in hfsplus_cat_case_cmp_key+0xf1/0x190 [ 264.822487][ T5602] hfsplus_cat_case_cmp_key+0xf1/0x190 [ 264.828726][ T5602] hfs_find_rec_by_key+0xb1/0x240 [ 264.834204][ T5602] __hfsplus_brec_find+0x26f/0x7b0 [ 264.839832][ T5602] hfsplus_brec_find+0x445/0x970 [ 264.845010][ T5602] hfsplus_brec_read+0x46/0x1a0 [ 264.850411][ T5602] hfsplus_find_cat+0xdb/0x460 [ 264.855486][ T5602] hfsplus_iget+0x740/0xaf0 [ 264.860546][ T5602] hfsplus_fill_super+0x151b/0x2700 [ 264.866069][ T5602] mount_bdev+0x397/0x520 [ 264.871235][ T5602] hfsplus_mount+0x4d/0x60 [ 264.882199][ T5602] legacy_get_tree+0x114/0x290 [ 264.889154][ T5602] vfs_get_tree+0xa7/0x570 [ 264.893808][ T5602] do_new_mount+0x71f/0x15e0 [ 264.898858][ T5602] path_mount+0x742/0x1f20 [ 264.903557][ T5602] __se_sys_mount+0x725/0x810 [ 264.908797][ T5602] __x64_sys_mount+0xe4/0x150 [ 264.913696][ T5602] do_syscall_64+0xd5/0x1f0 [ 264.918941][ T5602] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 264.925142][ T5602] [ 264.927759][ T5602] Uninit was created at: [ 264.932371][ T5602] __kmalloc+0x6e4/0x1000 [ 264.937173][ T5602] hfsplus_find_init+0x91/0x250 [ 264.942279][ T5602] hfsplus_iget+0x3e1/0xaf0 [ 264.949375][ T5602] hfsplus_fill_super+0x151b/0x2700 [ 264.954792][ T5602] mount_bdev+0x397/0x520 [ 264.960022][ T5602] hfsplus_mount+0x4d/0x60 [ 264.964832][ T5602] legacy_get_tree+0x114/0x290 [ 264.970615][ T5602] vfs_get_tree+0xa7/0x570 [ 264.975296][ T5602] do_new_mount+0x71f/0x15e0 [ 264.987253][ T5602] path_mount+0x742/0x1f20 [ 264.991990][ T5602] __se_sys_mount+0x725/0x810 [ 264.999097][ T5602] __x64_sys_mount+0xe4/0x150 [ 265.004091][ T5602] do_syscall_64+0xd5/0x1f0 [ 265.009080][ T5602] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 265.015197][ T5602] [ 265.017805][ T5602] CPU: 1 PID: 5602 Comm: syz-executor.0 Not tainted 6.9.0-rc2-syzkaller #0 [ 265.026869][ T5602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.037507][ T5602] ===================================================== [ 265.044821][ T5602] Disabling lock debugging due to kernel taint [ 265.051279][ T5602] Kernel panic - not syncing: kmsan.panic set ... [ 265.057913][ T5602] CPU: 1 PID: 5602 Comm: syz-executor.0 Tainted: G B 6.9.0-rc2-syzkaller #0 [ 265.068291][ T5602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.078791][ T5602] Call Trace: [ 265.082194][ T5602] [ 265.085237][ T5602] dump_stack_lvl+0x216/0x2d0 [ 265.090242][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.096612][ T5602] dump_stack+0x1e/0x30 [ 265.101248][ T5602] panic+0x4e2/0xcd0 [ 265.105441][ T5602] ? kmsan_get_metadata+0xf1/0x1d0 [ 265.110858][ T5602] kmsan_report+0x2d5/0x2e0 [ 265.115814][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.121512][ T5602] ? __msan_warning+0x95/0x120 [ 265.126640][ T5602] ? hfsplus_cat_case_cmp_key+0xf1/0x190 [ 265.132958][ T5602] ? hfs_find_rec_by_key+0xb1/0x240 [ 265.138417][ T5602] ? __hfsplus_brec_find+0x26f/0x7b0 [ 265.144380][ T5602] ? hfsplus_brec_find+0x445/0x970 [ 265.149816][ T5602] ? hfsplus_brec_read+0x46/0x1a0 [ 265.155314][ T5602] ? hfsplus_find_cat+0xdb/0x460 [ 265.160465][ T5602] ? hfsplus_iget+0x740/0xaf0 [ 265.165448][ T5602] ? hfsplus_fill_super+0x151b/0x2700 [ 265.171287][ T5602] ? mount_bdev+0x397/0x520 [ 265.176557][ T5602] ? hfsplus_mount+0x4d/0x60 [ 265.181363][ T5602] ? legacy_get_tree+0x114/0x290 [ 265.187782][ T5602] ? vfs_get_tree+0xa7/0x570 [ 265.192706][ T5602] ? do_new_mount+0x71f/0x15e0 [ 265.197900][ T5602] ? path_mount+0x742/0x1f20 [ 265.202692][ T5602] ? __se_sys_mount+0x725/0x810 [ 265.208088][ T5602] ? __x64_sys_mount+0xe4/0x150 [ 265.213324][ T5602] ? do_syscall_64+0xd5/0x1f0 [ 265.218299][ T5602] ? entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 265.224823][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.230221][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.236809][ T5602] ? hfsplus_bnode_read_u16+0x3e/0x2b0 [ 265.242687][ T5602] ? filter_irq_stacks+0x60/0x1a0 [ 265.248211][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.253587][ T5602] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 265.260083][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.265435][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.271141][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.277204][ T5602] __msan_warning+0x95/0x120 [ 265.282169][ T5602] hfsplus_cat_case_cmp_key+0xf1/0x190 [ 265.287918][ T5602] hfs_find_rec_by_key+0xb1/0x240 [ 265.293254][ T5602] ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10 [ 265.299697][ T5602] __hfsplus_brec_find+0x26f/0x7b0 [ 265.305817][ T5602] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 265.312111][ T5602] hfsplus_brec_find+0x445/0x970 [ 265.317254][ T5602] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 265.323206][ T5602] hfsplus_brec_read+0x46/0x1a0 [ 265.328284][ T5602] hfsplus_find_cat+0xdb/0x460 [ 265.333411][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.339652][ T5602] ? should_fail_ex+0x4a/0x800 [ 265.344705][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.350075][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.356046][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.361582][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.367612][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.373008][ T5602] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 265.379590][ T5602] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 265.385924][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.391529][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.397879][ T5602] hfsplus_iget+0x740/0xaf0 [ 265.402580][ T5602] hfsplus_fill_super+0x151b/0x2700 [ 265.408056][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.413428][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.419507][ T5602] ? vsnprintf+0x2994/0x2a00 [ 265.424387][ T5602] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 265.430976][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.436493][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.442859][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.449186][ T5602] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 265.455777][ T5602] ? sb_set_blocksize+0x132/0x170 [ 265.461125][ T5602] mount_bdev+0x397/0x520 [ 265.465925][ T5602] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 265.471836][ T5602] hfsplus_mount+0x4d/0x60 [ 265.476783][ T5602] legacy_get_tree+0x114/0x290 [ 265.481854][ T5602] ? __pfx_hfsplus_mount+0x10/0x10 [ 265.487409][ T5602] ? __pfx_legacy_get_tree+0x10/0x10 [ 265.493754][ T5602] vfs_get_tree+0xa7/0x570 [ 265.498383][ T5602] ? mount_capable+0x97/0x120 [ 265.503348][ T5602] do_new_mount+0x71f/0x15e0 [ 265.508139][ T5602] ? kmsan_get_metadata+0x146/0x1d0 [ 265.513520][ T5602] path_mount+0x742/0x1f20 [ 265.518205][ T5602] ? user_path_at_empty+0x325/0x3a0 [ 265.523725][ T5602] __se_sys_mount+0x725/0x810 [ 265.528681][ T5602] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 265.536188][ T5602] __x64_sys_mount+0xe4/0x150 [ 265.541752][ T5602] do_syscall_64+0xd5/0x1f0 [ 265.546582][ T5602] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 265.552841][ T5602] RIP: 0033:0x7f8fb647f4aa [ 265.557487][ T5602] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 265.577366][ T5602] RSP: 002b:00007f8fb723def8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 265.586137][ T5602] RAX: ffffffffffffffda RBX: 00007f8fb723df80 RCX: 00007f8fb647f4aa [ 265.594740][ T5602] RDX: 0000000020000600 RSI: 0000000020000640 RDI: 00007f8fb723df40 [ 265.603128][ T5602] RBP: 0000000020000600 R08: 00007f8fb723df80 R09: 0000000001008000 [ 265.611341][ T5602] R10: 0000000001008000 R11: 0000000000000202 R12: 0000000020000640 [ 265.619644][ T5602] R13: 00007f8fb723df40 R14: 00000000000005ee R15: 00000000200004c0 [ 265.627889][ T5602] [ 265.631128][ T5602] Kernel Offset: disabled [ 265.635621][ T5602] Rebooting in 86400 seconds..