last executing test programs: 2m13.103500502s ago: executing program 0 (id=223): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095", @ANYRES64], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='kfree\x00', r0}, 0x18) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000bbdffc)=0x0) timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0) prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000) write$cgroup_int(r1, &(0x7f0000000040)=0xfe8e, 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r4, 0x400, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x1, 0x0) r6 = syz_io_uring_setup(0x5ce, &(0x7f0000000480)={0x0, 0x9cd6, 0x1, 0x2, 0x34f}, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x82e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0xb2752a96f73d6e14, 0x0, 0x0, 0x0, 0x23456}) io_uring_enter(r6, 0x47bc, 0x0, 0x0, 0x0, 0x0) munlockall() r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xa, &(0x7f0000000440)=ANY=[@ANYRES32=r9, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) 2m10.252747984s ago: executing program 0 (id=231): socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, 0x0) sched_setaffinity(0x0, 0x25, &(0x7f0000000340)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8) bind$unix(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(0x0, r2) sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0xa000000) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r3, r1, &(0x7f0000002080)=0x64, 0x21c) 2m9.310797314s ago: executing program 0 (id=234): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000dd0000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="0b00000008000000020000000900000001"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x48, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb600000000000000008d0000007500000095"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) syz_clone(0x1804000, 0x0, 0x0, 0x0, 0x0, 0x0) 2m9.001264032s ago: executing program 0 (id=235): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d70300000000000000d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df6c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8a9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2a9e99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8be1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaa072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a3ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a98838156ff00000000000000cdbf91f7582ab314be3e67b8c9459564c856339a80919ecf839560c62e69df8667b274cc53f83f2086cfd2664252471fad9081824d60741d663ee258705c364e162b84a09870acd0a19399103474444f4fa12dcbd10b40195b6088513029b60a34e4161fe48c092693eb07dc8ddcba2eac2efe30b285a877c862c73ff8a60cf73f1b17da0000000000005664181c1f28cd2880e6872bae932eaf4b0000000000007b662c0fe22cfd6d4bd7b851ae928cebeec6375b16af342e93c39d97e5d74d5a8e96c15fdcde7526b0af54b145e61b042c1e600390590a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42) bpf$BPF_LINK_CREATE(0xa, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x10, 0x0, @val=@iter={0x0}}, 0x20) 2m8.829161341s ago: executing program 0 (id=236): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000040000000000000000850000002300000095", @ANYRES64], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='kfree\x00', r0}, 0x18) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000bbdffc)=0x0) timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc), 0x80, 0x0, 0x0, 0x0, 0x0) prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000) write$cgroup_int(r1, &(0x7f0000000040)=0xfe8e, 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r4, 0x400, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x1, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0xb2752a96f73d6e14, 0x0, 0x0, 0x0, 0x23456}) io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0) munlockall() r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xa, &(0x7f0000000440)=ANY=[@ANYRES32=r6, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) 2m6.544037138s ago: executing program 0 (id=245): bpf$TOKEN_CREATE(0x24, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x1, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054) 1m49.988640638s ago: executing program 32 (id=245): bpf$TOKEN_CREATE(0x24, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x1, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054) 1m2.37282359s ago: executing program 2 (id=345): r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x9, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff}) ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x0) 1m0.912593991s ago: executing program 2 (id=349): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f0000000440), &(0x7f0000000040)=@udp=r0}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0xd, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41000, 0x4e}, 0x94) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21) syz_emit_ethernet(0x2a, &(0x7f00000004c0)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0x8}}}}}, 0x0) 1m0.688085298s ago: executing program 2 (id=352): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@noload}]}, 0xea, 0x472, &(0x7f0000000f40)="$eJzs3E1sVEUcAPD/e/3kSyriBwhaRSPxo4XyIQcvGk08aGKiB4yn2haCFGpoTYQQrR7waEi8G48m3k086cWoB2PiVe+GhBguoKc1s/te2S67S0s/tri/X/K2M+9NM/PfebM7O7NtAF1rOD1kEVsj4o+I2F7LLi4wXPtx49rFiX+uXZzIolJ58++sWu76tYsTZdHy97bUMpVKxEBKDjSp99I7EePT01Pnivzo3Jn3R2fPX3ju1Jnxk1Mnp86OHTt2+NDe/qNjR1YUX178THFd3/3RzJ5dr759+fWJ45ff/fmbdH5rcb0+jjuSom0wXHt2Gz2aHp5cUWUbyq/pYVvdiay3deGRdWgQS9cTEam7+qrjf3v0xKaFa9vjlU872jhgTVUqlUqz9+fCfAX4H8ui0y0AOqN8o0+ff8tjnaYeG8LVF2sfgFLcN4qjdqV3Ye2gr+Hz7Woajojj8/9+mY5YjXUIAIDb+D7Nf55tNv/L44G6cvcUeyhDEXFvROyIiPsiYmdE3B9RLftgRDy0zPobd0hunf/kV+4osCVK878Xir2txfO/cvYXQz1Fbls1/r7sxKnpqQPFc7I/+gZS/mCbOn54+ffPy/Rgw7X6+V86Uv3lXLBox5XehgW6yfG58ZXGXbr6ScTu3mbxZ1Fu42QRsSsidt9hHaee/npPq2tN4h9cHH8bbfaZlqryVcRTtf6fj0Xx3+yqrOX+5MHnj44dGR2M6akDo+Vdcatffrv0Rqv6b9//ayv1/+am9//CLvBQNhgxe/7C6ep+7ezy67j052d1Y3rR7nKKP/82Ytn3f3/2VjXdX5z7cHxu7tzBiP7stVvPj9383TJflk/x79/XfPzvqGvxwxGRbuK9EfFIsYmb+u6xiHg8Iva1if+nl554r9W11v3fZlV+FaX4J2/X/1Hf/8tP9Jz+8bvlx19K/X+4mtpfNGopr39LbeAKnz4AAAC4K+TV78Bn+chCOs9HRmrf4d8Zm/Ppmdm5Z07MfHB2svZd+aHoy8uVrmI9OCvXP4fq1kfHGvKHinXjL3o2VfMjEzPTk50OHrrclhbjP/mrp9OtA9bcKuyjAXcp4x+6VGb8Qzcz/qF7Gf/QvZqN/4870A5g/Xn/h+5l/EP3Mv6hexn/0JVa/m18vqI/+e9wovzfCRulPR1KbFrLKiLvfIBdkehd69t4oOmlti8b8+vy4gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAK/gsAAP//gF3i6g==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0xb4, 0x30, 0xffff, 0x70bd25, 0x0, {}, [{0xa0, 0x1, [@m_police={0x6c, 0x19, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x10000, 0x0, 0x0, 0x0, 0x0, {0x0, 0x2, 0x9, 0x0, 0xfffe}, {0x0, 0x0, 0x0, 0x0, 0xfffd, 0xb}}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x3}, {0xc}}}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x1}, 0x0) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0) get_robust_list(r0, &(0x7f0000000500)=&(0x7f00000004c0)={&(0x7f00000001c0)}, &(0x7f0000000540)=0x18) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) pread64(r5, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000) mknod$loop(&(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1) 59.356411806s ago: executing program 2 (id=355): bpf$TOKEN_CREATE(0x24, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008400"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r6, 0x9c3fa077fa966179, 0x0, 0x1, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054) 55.981709122s ago: executing program 2 (id=357): ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000030000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f01000000010000006e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b98d2de10c21d3ea02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d000000200008000000000000001abc11c800000000000000000000000928ee53595a779d243a48cea769470424d20a04c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e495f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e4a48dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde05c10809c9edfa6d77c652fd742e6dad13d2a397bebe3ea8bc087d3720e2202f36c7719ae34f042e19dc08a3323a3d94098a7ec171469352bab1662c3e4d4803c565cfcce32dad628fade43a4844abb230ce608726fd87e93c405a96cf638c41510f26e9da5f316"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c00)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_bpf={{0x8}, {0x14, 0x2, [@TCA_BPF_FD={0x8, 0x6, r1}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x0) 55.474424215s ago: executing program 2 (id=358): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x18}, 0xfc00) socket$xdp(0x2c, 0x3, 0x0) socket$key(0xf, 0x3, 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r1, 0x0, 0x4804}, 0x18) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a000004"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/notes', 0x2, 0x1a2) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x2, 0x9}}, 0x20) pipe2$9p(0x0, 0x80800) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, 0x0, 0x4800) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) 40.245434903s ago: executing program 33 (id=358): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x18}, 0xfc00) socket$xdp(0x2c, 0x3, 0x0) socket$key(0xf, 0x3, 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r1, 0x0, 0x4804}, 0x18) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a000004"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/notes', 0x2, 0x1a2) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x2, 0x9}}, 0x20) pipe2$9p(0x0, 0x80800) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, 0x0, 0x4800) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) 11.481365244s ago: executing program 5 (id=450): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0) ioctl$IMADDTIMER(r3, 0x80044940, 0x0) ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000080)=0x14) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESOCT=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000001f40)=@raw={'raw\x00', 0x8, 0x3, 0x2f0, 0x148, 0x11, 0x148, 0x0, 0x0, 0x258, 0x2a8, 0x2a8, 0x258, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x148, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@statistic={{0x38}, {0x0, 0x0, 0x8, 0x3, 0xac9b, {0x170f}}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x350) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) socket$nl_route(0x10, 0x3, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_setup(0x9e, &(0x7f0000000000)={0x0, 0x88ad, 0x0, 0x2, 0x40001333}, &(0x7f0000000240)=0x0, &(0x7f00000000c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x104, &(0x7f0000000300)=0xfffffff8, 0x0, 0x4) 10.357073722s ago: executing program 3 (id=451): socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000000206030004000000000000000000000005000100070000000900020073797a30000000001400078005001500040000000800124000000000050005000a000000050004000000000015000300686173683a69702c706f7274"], 0x64}}, 0x10000) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x4, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) 10.352749123s ago: executing program 4 (id=452): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1b, &(0x7f0000000880)=ANY=[@ANYBLOB="85100000fdffffff182a0000", @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7"], &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, &(0x7f0000000500), 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xa, 0x1, 0x7c5e}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000600)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3}, 0x94) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0) mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0) write(0xffffffffffffffff, &(0x7f00000000c0)=')', 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010000104000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010076000014000280180001004241544d414e5f56"], 0xfd12}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000680)={0x0, 0x1000}, &(0x7f00000006c0)=0x8) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) r3 = accept4(r2, 0x0, 0x0, 0x80800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e", 0xc2}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 9.234626308s ago: executing program 3 (id=453): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) ioctl$sock_bt_hci(0xffffffffffffffff, 0x800448d2, 0x0) add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x18}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x1a}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xa, 0x9}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 8.070987179s ago: executing program 3 (id=454): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@noload}]}, 0xea, 0x472, &(0x7f0000000f40)="$eJzs3E1sVEUcAPD/e/3kSyriBwhaRSPxo4XyIQcvGk08aGKiB4yn2haCFGpoTYQQrR7waEi8G48m3k086cWoB2PiVe+GhBguoKc1s/te2S67S0s/tri/X/K2M+9NM/PfebM7O7NtAF1rOD1kEVsj4o+I2F7LLi4wXPtx49rFiX+uXZzIolJ58++sWu76tYsTZdHy97bUMpVKxEBKDjSp99I7EePT01Pnivzo3Jn3R2fPX3ju1Jnxk1Mnp86OHTt2+NDe/qNjR1YUX178THFd3/3RzJ5dr759+fWJ45ff/fmbdH5rcb0+jjuSom0wXHt2Gz2aHp5cUWUbyq/pYVvdiay3deGRdWgQS9cTEam7+qrjf3v0xKaFa9vjlU872jhgTVUqlUqz9+fCfAX4H8ui0y0AOqN8o0+ff8tjnaYeG8LVF2sfgFLcN4qjdqV3Ye2gr+Hz7Woajojj8/9+mY5YjXUIAIDb+D7Nf55tNv/L44G6cvcUeyhDEXFvROyIiPsiYmdE3B9RLftgRDy0zPobd0hunf/kV+4osCVK878Xir2txfO/cvYXQz1Fbls1/r7sxKnpqQPFc7I/+gZS/mCbOn54+ffPy/Rgw7X6+V86Uv3lXLBox5XehgW6yfG58ZXGXbr6ScTu3mbxZ1Fu42QRsSsidt9hHaee/npPq2tN4h9cHH8bbfaZlqryVcRTtf6fj0Xx3+yqrOX+5MHnj44dGR2M6akDo+Vdcatffrv0Rqv6b9//ayv1/+am9//CLvBQNhgxe/7C6ep+7ezy67j052d1Y3rR7nKKP/82Ytn3f3/2VjXdX5z7cHxu7tzBiP7stVvPj9383TJflk/x79/XfPzvqGvxwxGRbuK9EfFIsYmb+u6xiHg8Iva1if+nl554r9W11v3fZlV+FaX4J2/X/1Hf/8tP9Jz+8bvlx19K/X+4mtpfNGopr39LbeAKnz4AAAC4K+TV78Bn+chCOs9HRmrf4d8Zm/Ppmdm5Z07MfHB2svZd+aHoy8uVrmI9OCvXP4fq1kfHGvKHinXjL3o2VfMjEzPTk50OHrrclhbjP/mrp9OtA9bcKuyjAXcp4x+6VGb8Qzcz/qF7Gf/QvZqN/4870A5g/Xn/h+5l/EP3Mv6hexn/0JVa/m18vqI/+e9wovzfCRulPR1KbFrLKiLvfIBdkehd69t4oOmlti8b8+vy4gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAK/gsAAP//gF3i6g==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000003"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0xb4, 0x30, 0xffff, 0x70bd25, 0x0, {}, [{0xa0, 0x1, [@m_police={0x6c, 0x19, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x10000, 0x0, 0x0, 0x0, 0x0, {0x0, 0x2, 0x9, 0x0, 0xfffe}, {0x0, 0x0, 0x0, 0x0, 0xfffd, 0xb}}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x3}, {0xc}}}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x1}, 0x0) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0) get_robust_list(r0, &(0x7f0000000500)=&(0x7f00000004c0)={&(0x7f00000001c0)}, &(0x7f0000000540)=0x18) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) pread64(r5, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000) mknod$loop(&(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1) 7.873212991s ago: executing program 1 (id=455): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0xf, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYRES8=r0], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)=@o_path={&(0x7f0000000100)='./file0\x00', r2, 0x4000, r0}, 0x18) r3 = semget(0x1, 0x4, 0x39c) semop(r3, &(0x7f0000000180)=[{0x2, 0x6, 0x800}, {0x3, 0xfb97}, {0x2, 0x4}], 0x3) semop(r3, &(0x7f0000000bc0)=[{0x0, 0x4, 0x800}, {0x4, 0x9, 0x800}, {0x4, 0xf001, 0x1000}], 0x3) semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000400), &(0x7f00000003c0)=r1}, 0x20) semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f00000004c0)=""/232) pipe(&(0x7f00000045c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000100)=[{&(0x7f0000000140)="3b256c7a40ff8cf30d776a89d5cfc3ce7467bd24", 0x14}], 0x1, 0xc) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="30000000110001002dbd700000000000080000000900000008000000ffffffff080013"], 0x30}], 0x1}, 0x400c014) r7 = socket$inet(0x2, 0x3, 0x7f) bind$inet(r7, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) setsockopt$inet_int(r7, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4) splice(r4, 0x0, r7, 0x0, 0x8000, 0x0) 7.730629892s ago: executing program 5 (id=456): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000dd0000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="0b00000008000000020000000900000001"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x48, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb600000000000000008d0000007500000095"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) syz_clone(0x1804000, 0x0, 0x0, 0x0, 0x0, 0x0) 7.727351404s ago: executing program 4 (id=457): socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) socket$xdp(0x2c, 0x3, 0x0) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'macvlan1\x00'}) socket$inet6_sctp(0xa, 0x5, 0x84) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x8c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x60, 0x3, 0x0, 0x1, [{0x5c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x50, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x110}}, 0x0) 7.155848818s ago: executing program 5 (id=458): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xffffffff}, 0x10}, 0x94) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0) mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0) write(0xffffffffffffffff, &(0x7f00000000c0)=')', 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010076000014000280180001004241544d414e5f"], 0xfd12}}, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000034000000040000000000000014000000000000002900000034000000fdffffff00000000b80000000000000029000000040000000413000000000000fe39f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36800a09e12e5f0b6bdcf72f2e0738000000010c7a0180050000000000000009000000000000000400000000000000040000000000000000040000000000000b0000000000000000010005020bf4c910fc020000000000000000000000000000000000000000140000000000000029000000340000000000000000000000180000000000000029000000360000005e000000000000002000000000000000290000003712d9c3ba0000000000000000010000000000001400000000000000290000000b0000000000000200000000380000000000000029000000390000003a04027000000000ff010000000000000000000000000001ff02"], 0x188}}], 0x1, 0x810) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) r3 = accept4(r2, 0x0, 0x0, 0x80800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be5216344841", 0xe}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 6.805506564s ago: executing program 1 (id=459): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x208a80) syz_usb_disconnect(r0) sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x4c810}, 0x20000000) ioctl$EVIOCRMFF(r0, 0x40085507, &(0x7f00000000c0)) 6.46956665s ago: executing program 5 (id=460): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)=0xb) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xff) ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000040)={0xfffffff8, 0x401, 0xfffffffd, 0xc4cf, 0x7, "0441920887e87fcb367800000000080100", 0x4, 0x200}) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x8) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13) sendmsg$nl_generic(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003680)=ANY=[@ANYBLOB="180000041600010a000000"], 0x18}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r3}, 0x10) setgroups(0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r5, 0x5607, 0x2c) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) ioctl$TIOCL_SETVESABLANK(r7, 0x560e, &(0x7f0000000140)) r8 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$VT_ACTIVATE(r8, 0x5606, 0x4) ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f0000000040)) write$UHID_CREATE(r0, &(0x7f0000000780)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x800}}, 0x120) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) 5.862544395s ago: executing program 1 (id=461): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) lseek(r0, 0xfffffffffffffffc, 0x2) getdents(r0, 0x0, 0x54) 5.486506371s ago: executing program 1 (id=462): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='configfs\x00', 0x16, 0x0) mq_notify(0xffffffffffffffff, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20400, 0x38) getdents64(r3, 0x0, 0x0) 5.463757133s ago: executing program 4 (id=463): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000500), 0x1, 0x523, &(0x7f0000000c00)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AgiNfbGsrzrtbzrUptIuGeuSFTiBEf+AM49ceeC4MalHJD4YYFqJA5TzezY2di79qaJvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiIdyNipjyelFu81d3y8z7ZfbC4t/tgMYkse+dfSVGeH4uen8ldK19zKiJ+8J2InyRH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5427r9ceozVTx5a+1JwoU1/++I873/hZXq3p8khvO56mbtMrB3FylyPie6cRbAQule2ZGHVF+EzSiHg+Il4urv+ZuFT8NgGAiyzLZiKb6c0DABddWsyBJWm1nAuYjjStVrtzeC/E1bTRandu3W9tri1158quRyW9v9Ko3ynnCq9HJcnzc0X6Yb52KH83Ip6LiF9OXiny1cVWY2mUNz4AMMauHRr//zvZHf8BgAvu+I/NAAAXkfEfAMaP8R8Axo/xHwDGT3f8v/K4P5Zl2c9PozoAwBnw/A8A48f4DwBj5ftvv51v2V75/ddL721trrbeu71Ub69Wm5uL1cXWxnp1udVaLr6zp3nS6zVarfW512Lz/evfXG93Zttb2/earc21zr3ie73v1SvFWTtn0DIAYJDnXvroL0k+Ir95pdiiZy2HykhrBpy2dNQVAEbm0qgrAIyM1b5gfD18xn/sDwGYHoALos8SvY+Y6vcHQlmWZadXJeCU3fyC+X8YVz3z/z4FDGPmpPn/Ym1gbxLChWT+H8ZXliXDrvkfw54IAJxvx8zxXz/L+xBgdAa8//98uf9d+ebAj5YOn/HhadYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzrf99X+r5TK/05Gm1WrEM8UCQJXk/kqjficino2IP09WJvP83IjrDAA8qfTvSbn+182ZV6cfKXrx2kFyIiJ++ut3fvX+Qqez8aeIieTfk/vHOx+Wx2snBps6jRYAAMfbH6eLfc+D/Ce7Dxb3t7Oszz++3b0ryOPu7U7E3kH8y3G52E9FJSKu/icp811Jz9zFk9j5ICI+36/9SUwXcyDdW5bD8fPYz5xp/PSR+Gm5QHNa/lt87inUBcbNR3n/81a/6y+NG8W+//U/VfRQT67s//KXWtwr+sCH8ff7v0sD+r8bw8Z47Q/f7aauHC37IOKLlyP2Y+/19D/78ZMB8V8dMv5fv/Tiy4PKst9E3Iz+8XtjzXaa67Ptre3bK82F5fpyfa1Wm5+bv/PG3ddrs8Uc9ezg0eCfb956dlBZ3v6rA+JPndD+rw7Z/t/+/90ffuWY+F9/pV/8NF44Jn4+Jn5tyPgLV38/8Lk7j790tP3JML//W0PG//hv20eWDQcARqe9tb260GjUNyTGNPHjOBfVGC6R/5c9B9Xom/jWWcWaiP5Fv3ile00fKsqyzxRrUI/xNGbdgPPg4KKPiP+NujIAAAAAAAAAAAAAAEBfZ/EXS6NuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfXpwEAAP//+E3TQw==") r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148) r2 = creat(&(0x7f0000000000)='./file1\x00', 0x16c) write$binfmt_elf32(r0, &(0x7f0000000900)=ANY=[], 0x58) fallocate(r2, 0x0, 0x9, 0x2000403) r3 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15) pwrite64(r3, 0x0, 0x0, 0xe7c) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x7ff, 0xfffefffffe000003}) 5.316920712s ago: executing program 5 (id=464): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x27) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a1c000000120a0003000000000000000007000006080003400000000a60000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000308000640ffffff0008000340000000"], 0x210}}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0x2, 0x0, 0x78d, 0x1, r6}, 0x10) 3.73814936s ago: executing program 4 (id=465): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000500), 0x1, 0x523, &(0x7f0000000c00)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AgiNfbGsrzrtbzrUptIuGeuSFTiBEf+AM49ceeC4MalHJD4YYFqJA5TzezY2di79qaJvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiIdyNipjyelFu81d3y8z7ZfbC4t/tgMYkse+dfSVGeH4uen8ldK19zKiJ+8J2InyRH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5427r9ceozVTx5a+1JwoU1/++I873/hZXq3p8khvO56mbtMrB3FylyPie6cRbAQule2ZGHVF+EzSiHg+Il4urv+ZuFT8NgGAiyzLZiKb6c0DABddWsyBJWm1nAuYjjStVrtzeC/E1bTRandu3W9tri1158quRyW9v9Ko3ynnCq9HJcnzc0X6Yb52KH83Ip6LiF9OXiny1cVWY2mUNz4AMMauHRr//zvZHf8BgAvu+I/NAAAXkfEfAMaP8R8Axo/xHwDGT3f8v/K4P5Zl2c9PozoAwBnw/A8A48f4DwBj5ftvv51v2V75/ddL721trrbeu71Ub69Wm5uL1cXWxnp1udVaLr6zp3nS6zVarfW512Lz/evfXG93Zttb2/earc21zr3ie73v1SvFWTtn0DIAYJDnXvroL0k+Ir95pdiiZy2HykhrBpy2dNQVAEbm0qgrAIyM1b5gfD18xn/sDwGYHoALos8SvY+Y6vcHQlmWZadXJeCU3fyC+X8YVz3z/z4FDGPmpPn/Ym1gbxLChWT+H8ZXliXDrvkfw54IAJxvx8zxXz/L+xBgdAa8//98uf9d+ebAj5YOn/HhadYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzrf99X+r5TK/05Gm1WrEM8UCQJXk/kqjficino2IP09WJvP83IjrDAA8qfTvSbn+182ZV6cfKXrx2kFyIiJ++ut3fvX+Qqez8aeIieTfk/vHOx+Wx2snBps6jRYAAMfbH6eLfc+D/Ce7Dxb3t7Oszz++3b0ryOPu7U7E3kH8y3G52E9FJSKu/icp811Jz9zFk9j5ICI+36/9SUwXcyDdW5bD8fPYz5xp/PSR+Gm5QHNa/lt87inUBcbNR3n/81a/6y+NG8W+//U/VfRQT67s//KXWtwr+sCH8ff7v0sD+r8bw8Z47Q/f7aauHC37IOKLlyP2Y+/19D/78ZMB8V8dMv5fv/Tiy4PKst9E3Iz+8XtjzXaa67Ptre3bK82F5fpyfa1Wm5+bv/PG3ddrs8Uc9ezg0eCfb956dlBZ3v6rA+JPndD+rw7Z/t/+/90ffuWY+F9/pV/8NF44Jn4+Jn5tyPgLV38/8Lk7j790tP3JML//W0PG//hv20eWDQcARqe9tb260GjUNyTGNPHjOBfVGC6R/5c9B9Xom/jWWcWaiP5Fv3ile00fKsqyzxRrUI/xNGbdgPPg4KKPiP+NujIAAAAAAAAAAAAAAEBfZ/EXS6NuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfXpwEAAP//+E3TQw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148) r1 = creat(&(0x7f0000000000)='./file1\x00', 0x16c) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000900)=ANY=[], 0x58) fallocate(r1, 0x0, 0x9, 0x2000403) openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0xc, 0xffffffffffffffff, 0x0, 0x0, 0x7ff, 0xfffefffffe000003}) 3.385626142s ago: executing program 3 (id=466): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x18, 0x14, 0x1, 0x3, 0x0, {0x2, 0x20, 0xa, 0xff, r2}}, 0x18}}, 0x480d0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x9}}}, 0x24}}, 0x0) 2.899089105s ago: executing program 1 (id=467): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0) ioctl$IMADDTIMER(r3, 0x80044940, 0x0) ioctl$IMADDTIMER(r3, 0x80044940, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESOCT=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000001f40)=@raw={'raw\x00', 0x8, 0x3, 0x2f0, 0x148, 0x11, 0x148, 0x0, 0x0, 0x258, 0x2a8, 0x2a8, 0x258, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x148, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@statistic={{0x38}, {0x0, 0x0, 0x8, 0x3, 0xac9b, {0x170f}}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x350) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) socket$nl_route(0x10, 0x3, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_setup(0x9e, &(0x7f0000000000)={0x0, 0x88ad, 0x0, 0x2, 0x40001333}, &(0x7f0000000240)=0x0, &(0x7f00000000c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x104, &(0x7f0000000300)=0xfffffff8, 0x0, 0x4) 1.303695267s ago: executing program 4 (id=468): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130720000000fcdbdf25e00000010000e2ff0000000000000000ff020000000000000000000000000001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e000000200000000000000000000000000000000000000000000000000000000020000000000000009000000000000000d00000000000000000000000000000001000080000000004305000000000000040000000000000000000000000000800000000000000000fdffffffffffffff0000000000000000000000002cbd70000035100002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c", @ANYRES32=r2], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x10) 1.279590011s ago: executing program 3 (id=469): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x48) 725.361225ms ago: executing program 4 (id=470): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x208a80) syz_usb_connect(0x0, 0x24, &(0x7f0000002480)={{0x12, 0x1, 0x110, 0xaf, 0x48, 0x9d, 0x10, 0x5e0, 0x2008, 0x27b7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x1, 0xa0, 0x7, [{{0x9, 0x4, 0x4d, 0x0, 0x0, 0xda, 0xa5, 0xd9, 0x7}}]}}]}}, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x4c810}, 0x20000000) ioctl$EVIOCRMFF(r0, 0x40085507, &(0x7f00000000c0)) 463.403531ms ago: executing program 1 (id=471): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000080)={'ip_vti0\x00', 0x0}) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0), 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) fsopen(&(0x7f00000000c0)='jffs2\x00', 0x1) ioctl$USBDEVFS_ALLOC_STREAMS(r4, 0x8008551c, &(0x7f0000000000)=ANY=[@ANYBLOB="4a1800000b00000081020a850496860b8c83"]) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x44000, 0x0) ioctl$TCSETS(r5, 0x5402, 0x0) msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000a40)=""/4096) unshare(0x40020000) socket$nl_route(0x10, 0x3, 0x0) io_uring_setup(0x20, &(0x7f0000000000)={0x0, 0x0, 0x3000, 0x80000002, 0xfefffffd}) 86.618444ms ago: executing program 3 (id=472): r0 = syz_open_dev$vim2m(&(0x7f0000000300), 0xd, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x4}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc044565d, &(0x7f0000000280)=@multiplanar_overlay={0x4, 0x1, 0x4, 0x400, 0xf, {0x77359400}, {0x2, 0x1, 0x1, 0xb, 0x77, 0x7, "0478b2ee"}, 0xfffffff7, 0x3, {0x0}, 0x7f}) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_io_uring_setup(0x88f, 0x0, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$alg(0x26, 0x5, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r3 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r3, 0x810c5701, &(0x7f0000000500)) bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10) accept4(r2, 0x0, 0x0, 0x80000) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, 0x0, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0) fcntl$lock(0xffffffffffffffff, 0x25, 0x0) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r6, 0x5437, 0x2) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) 0s ago: executing program 5 (id=473): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x106}}, 0x20) ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f00000001c0)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x8}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x115080, 0x6) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)={0x1c, r6, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2001}, 0x10) kernel console output (not intermixed with test programs): v packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.270383][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.309096][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.316152][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.342873][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.367570][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.374911][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.401154][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.433229][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.440216][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.466581][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.478642][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.486587][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.512900][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.544437][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.551602][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.577840][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.596770][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.604296][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.630532][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.669070][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.676109][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.702444][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.819598][ T5830] hsr_slave_0: entered promiscuous mode [ 90.826961][ T5830] hsr_slave_1: entered promiscuous mode [ 90.833454][ T5830] debugfs: 'hsr0' already exists in 'hsr' [ 90.839372][ T5830] Cannot create hsr debugfs directory [ 90.880259][ T5831] hsr_slave_0: entered promiscuous mode [ 90.886986][ T5831] hsr_slave_1: entered promiscuous mode [ 90.893796][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 90.899566][ T5831] Cannot create hsr debugfs directory [ 90.957400][ T5827] hsr_slave_0: entered promiscuous mode [ 90.964661][ T5827] hsr_slave_1: entered promiscuous mode [ 90.970857][ T5827] debugfs: 'hsr0' already exists in 'hsr' [ 90.977688][ T5827] Cannot create hsr debugfs directory [ 90.995380][ T5829] hsr_slave_0: entered promiscuous mode [ 91.002181][ T5829] hsr_slave_1: entered promiscuous mode [ 91.008647][ T5829] debugfs: 'hsr0' already exists in 'hsr' [ 91.014527][ T5829] Cannot create hsr debugfs directory [ 91.581962][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 91.595811][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 91.614428][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 91.635634][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 91.700678][ T5830] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 91.728662][ T5830] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 91.745229][ T5830] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 91.778298][ T5830] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 91.873801][ T5827] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 91.887949][ T5827] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 91.900217][ T5827] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 91.934042][ T5827] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.962061][ T5841] Bluetooth: hci4: command tx timeout [ 92.042664][ T52] Bluetooth: hci0: command tx timeout [ 92.047095][ T5828] Bluetooth: hci2: command tx timeout [ 92.048589][ T52] Bluetooth: hci3: command tx timeout [ 92.062129][ T5841] Bluetooth: hci1: command tx timeout [ 92.073174][ T9] cfg80211: failed to load regulatory.db [ 92.084967][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.098391][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 92.109694][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 92.120898][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 92.169969][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.260610][ T5829] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 92.276696][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.295100][ T1336] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.302483][ T1336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.314158][ T5829] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 92.326563][ T5829] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 92.337287][ T5829] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 92.398823][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.406092][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.439378][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.508068][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.569822][ T1316] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.577203][ T1316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.598545][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.638480][ T1316] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.645794][ T1316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.690415][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.744849][ T1316] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.752177][ T1316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.797514][ T1316] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.804751][ T1316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.838989][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.864024][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.933273][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.975799][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.988416][ T1316] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.995728][ T1316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.044305][ T1316] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.051615][ T1316] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.067405][ T1316] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.074677][ T1316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.116140][ T1316] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.123475][ T1316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.159388][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.299520][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.507531][ T5824] veth0_vlan: entered promiscuous mode [ 93.564461][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.587853][ T5824] veth1_vlan: entered promiscuous mode [ 93.747759][ T5824] veth0_macvtap: entered promiscuous mode [ 93.800977][ T5827] veth0_vlan: entered promiscuous mode [ 93.820414][ T5824] veth1_macvtap: entered promiscuous mode [ 93.912967][ T5827] veth1_vlan: entered promiscuous mode [ 93.937463][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.969386][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.988271][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.020330][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.044340][ T5841] Bluetooth: hci4: command tx timeout [ 94.094980][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.105142][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.123753][ T5830] veth0_vlan: entered promiscuous mode [ 94.124542][ T52] Bluetooth: hci0: command tx timeout [ 94.129369][ T5836] Bluetooth: hci3: command tx timeout [ 94.134784][ T5841] Bluetooth: hci2: command tx timeout [ 94.141579][ T5828] Bluetooth: hci1: command tx timeout [ 94.149082][ T5827] veth0_macvtap: entered promiscuous mode [ 94.159223][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.168429][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.201622][ T5827] veth1_macvtap: entered promiscuous mode [ 94.255149][ T5829] veth0_vlan: entered promiscuous mode [ 94.261841][ T5831] veth0_vlan: entered promiscuous mode [ 94.271966][ T5830] veth1_vlan: entered promiscuous mode [ 94.289339][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.332652][ T5829] veth1_vlan: entered promiscuous mode [ 94.356771][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.368629][ T5831] veth1_vlan: entered promiscuous mode [ 94.400209][ T1143] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.437148][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.440509][ T5830] veth0_macvtap: entered promiscuous mode [ 94.457166][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.460023][ T1143] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.476959][ T1143] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.515757][ T1143] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.544511][ T5830] veth1_macvtap: entered promiscuous mode [ 94.580154][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.584522][ T5831] veth0_macvtap: entered promiscuous mode [ 94.592610][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.637809][ T5831] veth1_macvtap: entered promiscuous mode [ 94.666216][ T5829] veth0_macvtap: entered promiscuous mode [ 94.701634][ T5829] veth1_macvtap: entered promiscuous mode [ 94.714226][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.714375][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 94.735578][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.753043][ T1316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.772227][ T1316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.813093][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.827959][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.884527][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.943967][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.973376][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.036289][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.070651][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.096201][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.106425][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.132787][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.147305][ T50] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.163136][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.181049][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.240590][ T50] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.292200][ T50] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.303495][ T50] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.350177][ T50] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.362011][ T1316] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.383050][ T1316] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.394683][ T1316] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.404728][ T50] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.447265][ T50] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.491650][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.500109][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.611099][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.618979][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.797797][ T1316] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.830304][ T1316] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.901452][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.918231][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.941438][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.122410][ T5828] Bluetooth: hci4: command tx timeout [ 96.201701][ T5828] Bluetooth: hci3: command tx timeout [ 96.201744][ T5836] Bluetooth: hci1: command tx timeout [ 96.207268][ T52] Bluetooth: hci0: command tx timeout [ 96.219020][ T5841] Bluetooth: hci2: command tx timeout [ 96.771303][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.780692][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 96.811297][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.821310][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.829931][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.838445][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.944466][ T5978] loop1: detected capacity change from 0 to 1024 [ 96.988670][ T5978] EXT4-fs: Ignoring removed orlov option [ 97.265804][ T5983] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11'. [ 97.494003][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 97.596509][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 97.987936][ T5978] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.076619][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 98.253952][ T5963] syz.0.1 (5963): drop_caches: 2 [ 98.279163][ T30] audit: type=1804 audit(1763066039.354:2): pid=5978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2" name="/newroot/0/bus/bus" dev="loop1" ino=18 res=1 errno=0 [ 98.356342][ T30] audit: type=1800 audit(1763066039.364:3): pid=5978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 98.383574][ T5994] process 'syz.3.12' launched './file2' with NULL argv: empty string added [ 98.410820][ T5995] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.453183][ T30] audit: type=1326 audit(1763066039.444:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5988 comm="syz.3.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 98.479637][ T5995] mmap: syz.1.2 (5995) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 98.534362][ T30] audit: type=1326 audit(1763066039.444:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5988 comm="syz.3.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 98.634695][ T30] audit: type=1326 audit(1763066039.444:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5988 comm="syz.3.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 98.760500][ T30] audit: type=1326 audit(1763066039.454:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5988 comm="syz.3.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 98.783869][ T30] audit: type=1326 audit(1763066039.454:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5988 comm="syz.3.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 98.807447][ T30] audit: type=1326 audit(1763066039.454:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5988 comm="syz.3.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 98.831914][ T30] audit: type=1326 audit(1763066039.464:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5988 comm="syz.3.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 98.978699][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.111045][ T30] audit: type=1326 audit(1763066039.464:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5988 comm="syz.3.12" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 100.502279][ T6008] loop0: detected capacity change from 0 to 512 [ 100.555315][ T6008] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 100.600106][ T6008] EXT4-fs (loop0): invalid journal inode [ 100.630107][ T6008] EXT4-fs (loop0): can't get journal size [ 100.663329][ T6008] EXT4-fs (loop0): 1 truncate cleaned up [ 100.663352][ T6010] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 100.743910][ T6008] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.103908][ T6016] loop2: detected capacity change from 0 to 512 [ 101.117324][ T6016] EXT4-fs: Ignoring removed i_version option [ 101.123535][ T6016] EXT4-fs: Ignoring removed bh option [ 101.748189][ T6016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.765847][ T6016] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 101.863357][ T5831] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.146816][ T6007] syz.1.17 (6007): drop_caches: 2 [ 102.160853][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.913231][ T6030] loop4: detected capacity change from 0 to 512 [ 103.920548][ T6030] EXT4-fs: Ignoring removed i_version option [ 103.926730][ T6030] EXT4-fs: Ignoring removed bh option [ 104.516439][ T6031] syz.0.20 (6031) used greatest stack depth: 16904 bytes left [ 106.264474][ T6030] EXT4-fs: error -4 creating inode table initialization thread [ 106.272777][ T6030] EXT4-fs (loop4): mount failed [ 107.199909][ T6078] syz.0.35 uses obsolete (PF_INET,SOCK_PACKET) [ 110.443359][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 110.443380][ T30] audit: type=1326 audit(1763066051.504:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 111.172331][ T30] audit: type=1326 audit(1763066051.514:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 111.194599][ T30] audit: type=1326 audit(1763066051.514:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 111.219590][ T30] audit: type=1326 audit(1763066051.514:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 111.245058][ T30] audit: type=1326 audit(1763066051.514:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.2.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 111.505320][ T6081] syz.1.34 (6081): drop_caches: 2 [ 112.528253][ T6128] loop1: detected capacity change from 0 to 1024 [ 112.568401][ T6128] EXT4-fs: Ignoring removed orlov option [ 112.692162][ T6128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.744454][ T30] audit: type=1800 audit(1763066053.824:25): pid=6128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.47" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 112.765567][ T30] audit: type=1804 audit(1763066053.824:26): pid=6128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.47" name="/newroot/5/bus/bus" dev="loop1" ino=18 res=1 errno=0 [ 113.280243][ T6142] loop4: detected capacity change from 0 to 512 [ 113.295062][ T6142] EXT4-fs: Ignoring removed i_version option [ 113.301400][ T6142] EXT4-fs: Ignoring removed bh option [ 113.467645][ T6142] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.507055][ T6142] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 113.929276][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.122249][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.535422][ T6193] loop0: detected capacity change from 0 to 1024 [ 118.732566][ T6193] EXT4-fs: Ignoring removed bh option [ 118.981441][ T6193] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 119.273585][ T6193] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 119.355996][ T6193] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100] [ 119.482040][ T6193] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 2: comm syz.0.62: lblock 2 mapped to illegal pblock 2 (length 1) [ 119.512006][ T6193] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 119.791361][ T6193] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 48: comm syz.0.62: lblock 0 mapped to illegal pblock 48 (length 1) [ 120.837458][ T6193] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 121.018766][ T6212] loop4: detected capacity change from 0 to 512 [ 121.030976][ T6212] EXT4-fs: Ignoring removed i_version option [ 121.037129][ T6212] EXT4-fs: Ignoring removed bh option [ 121.303280][ T6212] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.319628][ T6212] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 121.425843][ T6193] EXT4-fs error (device loop0): ext4_acquire_dquot:6946: comm syz.0.62: Failed to acquire dquot type 0 [ 121.479170][ T6193] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 121.710852][ T6157] syz.1.52 (6157): drop_caches: 2 [ 121.716687][ T6193] EXT4-fs error (device loop0): ext4_evict_inode:253: inode #11: comm syz.0.62: mark_inode_dirty error [ 121.742511][ T6193] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 121.755307][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.785974][ T6193] EXT4-fs (loop0): 1 orphan inode deleted [ 121.812266][ T3515] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 121.829363][ T6193] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.867933][ T3515] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 122.098943][ T3515] EXT4-fs error (device loop0): ext4_release_dquot:6982: comm kworker/u8:8: Failed to release dquot type 0 [ 122.682602][ T6219] syz.2.67 (6219): drop_caches: 2 [ 123.217375][ T5831] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.278170][ T5831] EXT4-fs error (device loop0): __ext4_get_inode_loc:4836: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 123.347010][ T5831] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 123.388342][ T5831] EXT4-fs error (device loop0): ext4_quota_off:7230: inode #3: comm syz-executor: mark_inode_dirty error [ 124.177439][ T6235] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 124.191274][ T6235] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 124.203939][ T6246] syz.0.72 (6246): drop_caches: 2 [ 124.360684][ T6235] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 124.424232][ T6246] syz.0.72 (6246): drop_caches: 2 [ 124.440114][ T6235] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 124.497869][ T6261] loop1: detected capacity change from 0 to 512 [ 124.524670][ T6235] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 124.537088][ T6261] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 124.550026][ T6235] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 124.589455][ T6261] EXT4-fs (loop1): invalid journal inode [ 124.678850][ T6261] EXT4-fs (loop1): can't get journal size [ 124.782189][ T6261] EXT4-fs (loop1): 1 truncate cleaned up [ 124.812473][ T6235] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 124.823683][ T6261] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.850126][ T6235] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 124.922821][ T6235] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 124.931102][ T6235] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 124.955311][ T6261] EXT4-fs warning (device loop1): verify_group_input:137: Cannot add at group 4294967295 (only 1 groups) [ 125.125955][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.522765][ T5889] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 128.090492][ T6300] loop1: detected capacity change from 0 to 512 [ 128.100259][ T6300] EXT4-fs: Ignoring removed i_version option [ 128.106526][ T6300] EXT4-fs: Ignoring removed bh option [ 128.276696][ T6300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.742965][ T6300] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 128.811076][ T5889] usb 3-1: Using ep0 maxpacket: 32 [ 128.826010][ T5889] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 128.836230][ T5889] usb 3-1: config 0 has no interface number 0 [ 128.850072][ T5889] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 128.862813][ T5889] usb 3-1: config 0 interface 85 has no altsetting 0 [ 128.876265][ T5889] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 128.887175][ T5889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.898185][ T5889] usb 3-1: Product: syz [ 128.903025][ T5889] usb 3-1: Manufacturer: syz [ 128.908239][ T5889] usb 3-1: SerialNumber: syz [ 129.014408][ T5889] usb 3-1: config 0 descriptor?? [ 129.036329][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.281938][ T5889] appletouch 3-1:0.85: Failed to read mode from device. [ 129.300300][ T6289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 129.311551][ T6289] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 129.327052][ T5889] appletouch 3-1:0.85: probe with driver appletouch failed with error -5 [ 129.622234][ T5889] usb 3-1: USB disconnect, device number 2 [ 130.590180][ T6322] loop4: detected capacity change from 0 to 512 [ 130.631837][ T6322] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 130.691385][ T6322] EXT4-fs (loop4): invalid journal inode [ 130.715331][ T6322] EXT4-fs (loop4): can't get journal size [ 130.764492][ T6322] EXT4-fs (loop4): 1 truncate cleaned up [ 130.811750][ T6322] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.992720][ T6322] EXT4-fs warning (device loop4): ext4_group_add:1736: No reserved GDT blocks, can't resize [ 131.004505][ T6336] loop1: detected capacity change from 0 to 512 [ 131.012358][ T6336] ======================================================= [ 131.012358][ T6336] WARNING: The mand mount option has been deprecated and [ 131.012358][ T6336] and is ignored by this kernel. Remove the mand [ 131.012358][ T6336] option from the mount to silence this warning. [ 131.012358][ T6336] ======================================================= [ 131.207873][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.711699][ T6336] EXT4-fs warning (device loop1): ext4_xattr_inode_get:560: inode #11: comm syz.1.93: EA inode hash validation failed [ 132.251647][ T6336] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 132.394867][ T6336] EXT4-fs error (device loop1): ext4_do_update_inode:5636: inode #15: comm syz.1.93: corrupted inode contents [ 132.527626][ T6336] EXT4-fs error (device loop1): ext4_dirty_inode:6521: inode #15: comm syz.1.93: mark_inode_dirty error [ 132.541255][ T6351] netlink: 8 bytes leftover after parsing attributes in process `syz.4.94'. [ 133.104604][ T6336] EXT4-fs error (device loop1): ext4_do_update_inode:5636: inode #15: comm syz.1.93: corrupted inode contents [ 133.322851][ T6336] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2996: inode #15: comm syz.1.93: mark_inode_dirty error [ 133.375415][ T6336] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2999: inode #15: comm syz.1.93: mark inode dirty (error -117) [ 133.491197][ T6359] loop2: detected capacity change from 0 to 512 [ 133.505219][ T6359] EXT4-fs: Ignoring removed i_version option [ 133.511395][ T6359] EXT4-fs: Ignoring removed bh option [ 134.013009][ T6359] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.025888][ T6359] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 134.072408][ T6336] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -117) [ 134.131728][ T6336] EXT4-fs (loop1): 1 orphan inode deleted [ 134.177986][ T6336] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.372834][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.385049][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.081118][ T5946] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 135.274860][ T6390] syz.4.103 (6390): drop_caches: 2 [ 135.291076][ T5946] usb 1-1: Using ep0 maxpacket: 32 [ 135.325352][ T6390] syz.4.103 (6390): drop_caches: 2 [ 135.357052][ T5946] usb 1-1: config 0 has an invalid interface number: 85 but max is 0 [ 135.445770][ T5946] usb 1-1: config 0 has no interface number 0 [ 135.495982][ T5946] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 135.538862][ T5946] usb 1-1: config 0 interface 85 has no altsetting 0 [ 135.584787][ T5946] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 135.618108][ T5946] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.641612][ T5946] usb 1-1: Product: syz [ 135.656338][ T5946] usb 1-1: Manufacturer: syz [ 135.681045][ T5946] usb 1-1: SerialNumber: syz [ 135.720055][ T5946] usb 1-1: config 0 descriptor?? [ 135.982278][ T6383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.996927][ T5946] appletouch 1-1:0.85: Failed to read mode from device. [ 136.032528][ T5946] appletouch 1-1:0.85: probe with driver appletouch failed with error -5 [ 136.041662][ T6383] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.346854][ T5946] usb 1-1: USB disconnect, device number 2 [ 136.424668][ T6417] loop1: detected capacity change from 0 to 1024 [ 136.456629][ T6417] EXT4-fs: Ignoring removed orlov option [ 136.603092][ T6417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.673855][ T30] audit: type=1800 audit(1763066077.744:27): pid=6417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.110" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 136.766865][ T30] audit: type=1804 audit(1763066077.774:28): pid=6417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.110" name="/newroot/21/bus/bus" dev="loop1" ino=18 res=1 errno=0 [ 137.059028][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.380518][ T6436] loop0: detected capacity change from 0 to 2048 [ 137.484733][ T6436] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.516751][ T30] audit: type=1800 audit(1763066078.594:29): pid=6436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.114" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 137.870706][ T6449] loop3: detected capacity change from 0 to 512 [ 138.088224][ T6449] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.116: EA inode hash validation failed [ 138.131028][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.143888][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.160719][ T6449] EXT4-fs error (device loop3): ext4_do_update_inode:5636: inode #15: comm syz.3.116: corrupted inode contents [ 138.211609][ T6449] EXT4-fs error (device loop3): ext4_dirty_inode:6521: inode #15: comm syz.3.116: mark_inode_dirty error [ 138.278723][ T6449] EXT4-fs error (device loop3): ext4_do_update_inode:5636: inode #15: comm syz.3.116: corrupted inode contents [ 138.367014][ T6449] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.116: mark_inode_dirty error [ 138.416894][ T6449] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.116: mark inode dirty (error -117) [ 138.436638][ T6449] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -117) [ 138.454014][ T6449] EXT4-fs (loop3): 1 orphan inode deleted [ 138.463135][ T6449] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 138.645712][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.773914][ T5831] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.013137][ T6502] syz.0.129 (6502): drop_caches: 2 [ 140.108304][ T6502] syz.0.129 (6502): drop_caches: 2 [ 140.220189][ T6516] loop3: detected capacity change from 0 to 2048 [ 140.358078][ T6516] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.458790][ T6518] syz.1.133 (6518): drop_caches: 2 [ 140.471819][ T30] audit: type=1800 audit(1763066081.554:30): pid=6516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.132" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 140.697032][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.736928][ T6518] syz.1.133 (6518): drop_caches: 2 [ 143.606860][ T6562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.143'. [ 145.358142][ T794] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 146.029763][ T794] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 146.066423][ T794] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.091683][ T794] usb 2-1: Product: syz [ 146.327543][ T794] usb 2-1: Manufacturer: syz [ 146.341102][ T794] usb 2-1: SerialNumber: syz [ 147.492098][ T794] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE [ 147.587534][ T794] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 147.633510][ T794] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 147.667014][ T794] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -32 [ 147.914491][ T6625] loop3: detected capacity change from 0 to 512 [ 147.978924][ T6625] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.162: EA inode hash validation failed [ 148.032453][ T6625] EXT4-fs error (device loop3): ext4_do_update_inode:5636: inode #15: comm syz.3.162: corrupted inode contents [ 148.056530][ T6625] EXT4-fs error (device loop3): ext4_dirty_inode:6521: inode #15: comm syz.3.162: mark_inode_dirty error [ 148.111473][ T6625] EXT4-fs error (device loop3): ext4_do_update_inode:5636: inode #15: comm syz.3.162: corrupted inode contents [ 148.144187][ T6625] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.162: mark_inode_dirty error [ 148.203391][ T6625] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.162: mark inode dirty (error -117) [ 148.254631][ T6625] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -117) [ 148.291145][ T6625] EXT4-fs (loop3): 1 orphan inode deleted [ 148.309007][ T6625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.565408][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.581708][ T793] usb 2-1: USB disconnect, device number 2 [ 150.425401][ T794] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 150.771173][ T794] usb 5-1: Using ep0 maxpacket: 32 [ 150.845883][ T794] usb 5-1: config 0 has an invalid interface number: 85 but max is 0 [ 151.120172][ T794] usb 5-1: config 0 has no interface number 0 [ 151.130659][ T794] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 151.200535][ T794] usb 5-1: config 0 interface 85 has no altsetting 0 [ 151.303676][ T794] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 151.331029][ T794] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.365727][ T794] usb 5-1: Product: syz [ 151.390318][ T794] usb 5-1: Manufacturer: syz [ 151.395189][ T794] usb 5-1: SerialNumber: syz [ 151.412715][ T794] usb 5-1: config 0 descriptor?? [ 151.657253][ T6648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 151.665973][ T794] appletouch 5-1:0.85: Failed to read mode from device. [ 151.691101][ T794] appletouch 5-1:0.85: probe with driver appletouch failed with error -5 [ 151.700689][ T6648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 154.527228][ T794] usb 5-1: USB disconnect, device number 2 [ 154.819021][ T30] audit: type=1326 audit(1763066095.824:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.086729][ T30] audit: type=1326 audit(1763066095.824:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.120109][ T6683] syz.3.177 (6683): drop_caches: 2 [ 155.129521][ T30] audit: type=1326 audit(1763066095.824:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.197939][ T30] audit: type=1326 audit(1763066095.824:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.285670][ T6683] syz.3.177 (6683): drop_caches: 2 [ 155.332487][ T30] audit: type=1326 audit(1763066095.824:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.397240][ T30] audit: type=1326 audit(1763066095.824:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.454133][ T6693] loop2: detected capacity change from 0 to 512 [ 155.491438][ T6694] loop1: detected capacity change from 0 to 2048 [ 155.550062][ T30] audit: type=1326 audit(1763066095.824:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.639326][ T6693] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.182: EA inode hash validation failed [ 155.821305][ T6693] EXT4-fs error (device loop2): ext4_do_update_inode:5636: inode #15: comm syz.2.182: corrupted inode contents [ 155.841000][ T30] audit: type=1326 audit(1763066095.824:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.902245][ T6693] EXT4-fs error (device loop2): ext4_dirty_inode:6521: inode #15: comm syz.2.182: mark_inode_dirty error [ 155.917594][ T30] audit: type=1326 audit(1763066095.824:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 155.954736][ T6698] loop0: detected capacity change from 0 to 2048 [ 155.983029][ T6693] EXT4-fs error (device loop2): ext4_do_update_inode:5636: inode #15: comm syz.2.182: corrupted inode contents [ 155.997437][ T6698] udf: Bad value for 'umask' [ 156.013846][ T30] audit: type=1326 audit(1763066095.824:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6680 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 156.051709][ T6693] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.182: mark_inode_dirty error [ 156.169638][ T6693] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.182: mark inode dirty (error -117) [ 156.551199][ T43] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 156.602950][ T6693] EXT4-fs warning (device loop2): ext4_evict_inode:273: xattr delete (err -117) [ 156.641313][ T6693] EXT4-fs (loop2): 1 orphan inode deleted [ 156.707480][ T6693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.761000][ T43] usb 1-1: device descriptor read/64, error -71 [ 157.015356][ T6709] netlink: 12 bytes leftover after parsing attributes in process `syz.1.186'. [ 157.604451][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.698089][ T43] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 157.871488][ T43] usb 1-1: device descriptor read/64, error -71 [ 157.989419][ T43] usb usb1-port1: attempt power cycle [ 158.323872][ T6724] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 158.361051][ T43] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 158.399408][ T43] usb 1-1: device descriptor read/8, error -71 [ 158.457196][ T6729] loop3: detected capacity change from 0 to 1024 [ 158.464809][ T6729] EXT4-fs: Ignoring removed bh option [ 158.476497][ T6729] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 158.496400][ T6729] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 158.732811][ T6729] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100] [ 158.756956][ T6729] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 2: comm syz.3.194: lblock 2 mapped to illegal pblock 2 (length 1) [ 158.799755][ T6729] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 48: comm syz.3.194: lblock 0 mapped to illegal pblock 48 (length 1) [ 158.844760][ T6729] EXT4-fs error (device loop3): ext4_acquire_dquot:6946: comm syz.3.194: Failed to acquire dquot type 0 [ 158.870777][ T6729] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 158.980432][ T6729] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.194: mark_inode_dirty error [ 159.008539][ T6729] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 159.042601][ T6729] EXT4-fs (loop3): 1 orphan inode deleted [ 159.050177][ T6729] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.088067][ T13] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 159.114178][ T13] EXT4-fs error (device loop3): ext4_release_dquot:6982: comm kworker/u8:1: Failed to release dquot type 0 [ 159.335177][ T6740] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 159.406530][ T6748] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 160.078054][ T6754] netlink: 12 bytes leftover after parsing attributes in process `syz.2.199'. [ 161.031869][ T6765] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 162.344372][ T6778] netlink: 108 bytes leftover after parsing attributes in process `syz.4.204'. [ 162.511323][ T30] kauditd_printk_skb: 25 callbacks suppressed [ 162.511341][ T30] audit: type=1326 audit(1763066103.594:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 162.629013][ T30] audit: type=1326 audit(1763066103.624:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 162.705769][ T30] audit: type=1326 audit(1763066103.624:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 162.910810][ T30] audit: type=1326 audit(1763066103.624:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 162.968771][ T6785] loop0: detected capacity change from 0 to 2048 [ 162.992094][ T6785] udf: Bad value for 'umask' [ 163.009533][ T30] audit: type=1326 audit(1763066103.624:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 163.639656][ T30] audit: type=1326 audit(1763066103.624:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 163.869711][ T30] audit: type=1326 audit(1763066103.624:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 163.975315][ T30] audit: type=1326 audit(1763066103.624:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 164.064184][ T5927] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 164.074011][ T30] audit: type=1326 audit(1763066103.654:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 164.154233][ T30] audit: type=1326 audit(1763066103.654:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6775 comm="syz.1.203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 164.291012][ T5927] usb 1-1: Using ep0 maxpacket: 8 [ 164.302552][ T5927] usb 1-1: no configurations [ 164.314019][ T5927] usb 1-1: can't read configurations, error -22 [ 164.483026][ T5927] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 164.771933][ T5927] usb 1-1: Using ep0 maxpacket: 8 [ 164.788277][ T5927] usb 1-1: no configurations [ 164.809614][ T5927] usb 1-1: can't read configurations, error -22 [ 164.822610][ T5927] usb usb1-port1: attempt power cycle [ 165.193073][ T5927] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 165.235478][ T5927] usb 1-1: Using ep0 maxpacket: 8 [ 165.261601][ T5927] usb 1-1: no configurations [ 165.266267][ T5927] usb 1-1: can't read configurations, error -22 [ 165.431641][ T5927] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 165.491890][ T5927] usb 1-1: Using ep0 maxpacket: 8 [ 165.511182][ T5927] usb 1-1: no configurations [ 165.522749][ T5927] usb 1-1: can't read configurations, error -22 [ 165.540442][ T5927] usb usb1-port1: unable to enumerate USB device [ 165.668827][ T6812] loop1: detected capacity change from 0 to 1024 [ 165.821235][ T6816] netlink: 12 bytes leftover after parsing attributes in process `syz.2.211'. [ 165.857481][ T6812] EXT4-fs: Ignoring removed bh option [ 166.534501][ T6812] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 166.612668][ T6812] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 166.660011][ T6812] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100] [ 166.765040][ T6812] EXT4-fs error (device loop1): ext4_map_blocks:783: inode #3: block 2: comm syz.1.210: lblock 2 mapped to illegal pblock 2 (length 1) [ 166.779752][ T6812] EXT4-fs error (device loop1): ext4_map_blocks:783: inode #3: block 48: comm syz.1.210: lblock 0 mapped to illegal pblock 48 (length 1) [ 166.803085][ T6812] EXT4-fs error (device loop1): ext4_acquire_dquot:6946: comm syz.1.210: Failed to acquire dquot type 0 [ 166.863577][ T6812] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 166.882690][ T6826] netlink: 108 bytes leftover after parsing attributes in process `syz.4.215'. [ 166.893792][ T6812] EXT4-fs error (device loop1): ext4_evict_inode:253: inode #11: comm syz.1.210: mark_inode_dirty error [ 166.943540][ T6812] EXT4-fs warning (device loop1): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 166.977939][ T6812] EXT4-fs (loop1): 1 orphan inode deleted [ 166.994072][ T1316] EXT4-fs error (device loop1): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1) [ 166.995587][ T6812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.037477][ T1316] EXT4-fs error (device loop1): ext4_release_dquot:6982: comm kworker/u8:6: Failed to release dquot type 0 [ 167.758163][ T6838] loop4: detected capacity change from 0 to 512 [ 167.771304][ T6838] EXT4-fs: Ignoring removed i_version option [ 167.777436][ T6838] EXT4-fs: Ignoring removed bh option [ 168.262620][ T6842] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 168.292341][ T6838] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.306171][ T6838] ext4 filesystem being mounted at /42/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 168.696505][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.216264][ T6855] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 169.704124][ T6860] netlink: 12 bytes leftover after parsing attributes in process `syz.4.224'. [ 170.151072][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.302490][ T5829] EXT4-fs error (device loop1): __ext4_get_inode_loc:4836: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 170.361178][ T5829] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 170.403891][ T5829] EXT4-fs error (device loop1): ext4_quota_off:7230: inode #3: comm syz-executor: mark_inode_dirty error [ 170.468468][ T6729] Set syz1 is full, maxelem 65536 reached [ 170.545710][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.573336][ T6866] loop1: detected capacity change from 0 to 2048 [ 170.580715][ T5824] EXT4-fs error (device loop3): __ext4_get_inode_loc:4836: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 170.595859][ T6866] udf: Bad value for 'umask' [ 170.612085][ T6868] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 170.641588][ T5824] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 170.656288][ T5824] EXT4-fs error (device loop3): ext4_quota_off:7230: inode #3: comm syz-executor: mark_inode_dirty error [ 171.300480][ T6870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.227'. [ 171.631058][ T793] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 171.650596][ T6876] Zero length message leads to an empty skb [ 171.791007][ T793] usb 2-1: Using ep0 maxpacket: 8 [ 171.805305][ T793] usb 2-1: no configurations [ 171.814172][ T793] usb 2-1: can't read configurations, error -22 [ 171.954924][ T793] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 171.971504][ T5889] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 172.141706][ T5889] usb 3-1: Using ep0 maxpacket: 32 [ 172.149200][ T5889] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 172.158926][ T793] usb 2-1: Using ep0 maxpacket: 8 [ 172.165691][ T5889] usb 3-1: config 0 has no interface number 0 [ 172.172927][ T793] usb 2-1: no configurations [ 172.178149][ T793] usb 2-1: can't read configurations, error -22 [ 172.185207][ T5889] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 172.204587][ T793] usb usb2-port1: attempt power cycle [ 172.211257][ T5889] usb 3-1: config 0 interface 85 has no altsetting 0 [ 172.219561][ T6886] syz.0.231 (6886): drop_caches: 2 [ 172.224525][ T5889] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 172.226246][ T6886] syz.0.231 (6886): drop_caches: 2 [ 172.280593][ T5889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.291207][ T5889] usb 3-1: Product: syz [ 172.295504][ T5889] usb 3-1: Manufacturer: syz [ 172.300280][ T5889] usb 3-1: SerialNumber: syz [ 172.319974][ T5889] usb 3-1: config 0 descriptor?? [ 172.551219][ T793] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 172.611839][ T5889] appletouch 3-1:0.85: Failed to read mode from device. [ 172.619628][ T5889] appletouch 3-1:0.85: probe with driver appletouch failed with error -5 [ 172.631974][ T793] usb 2-1: Using ep0 maxpacket: 8 [ 172.651160][ T793] usb 2-1: no configurations [ 172.663531][ T793] usb 2-1: can't read configurations, error -22 [ 172.842489][ T6881] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 172.864516][ T6881] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 173.071042][ T793] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 173.093922][ T793] usb 2-1: Using ep0 maxpacket: 8 [ 173.109673][ T5889] usb 3-1: USB disconnect, device number 3 [ 173.119786][ T793] usb 2-1: no configurations [ 173.129340][ T793] usb 2-1: can't read configurations, error -22 [ 173.168382][ T793] usb usb2-port1: unable to enumerate USB device [ 173.244010][ T6897] loop3: detected capacity change from 0 to 512 [ 173.267769][ T6897] EXT4-fs: Ignoring removed i_version option [ 173.303289][ T6897] EXT4-fs: Ignoring removed bh option [ 173.402048][ T6897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.415151][ T6897] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 174.238517][ T6909] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 174.694247][ T6922] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 174.769415][ T6924] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 175.073945][ T30] kauditd_printk_skb: 195 callbacks suppressed [ 175.073964][ T30] audit: type=1326 audit(1763066116.154:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.124913][ T30] audit: type=1326 audit(1763066116.184:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.169152][ T30] audit: type=1326 audit(1763066116.194:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.225495][ T30] audit: type=1326 audit(1763066116.194:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.278488][ T30] audit: type=1326 audit(1763066116.194:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.315614][ T30] audit: type=1326 audit(1763066116.194:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.361631][ T30] audit: type=1326 audit(1763066116.194:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.440075][ T30] audit: type=1326 audit(1763066116.194:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.520592][ T30] audit: type=1326 audit(1763066116.194:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.588330][ T30] audit: type=1326 audit(1763066116.194:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 175.895920][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.120225][ T6940] loop2: detected capacity change from 0 to 1024 [ 176.156286][ T6940] EXT4-fs: Ignoring removed bh option [ 176.177990][ T6940] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 176.212783][ T6940] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 176.331648][ T6940] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100] [ 176.436402][ T6940] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 2: comm syz.2.247: lblock 2 mapped to illegal pblock 2 (length 1) [ 176.563827][ T6940] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 48: comm syz.2.247: lblock 0 mapped to illegal pblock 48 (length 1) [ 176.619112][ T6940] EXT4-fs error (device loop2): ext4_acquire_dquot:6946: comm syz.2.247: Failed to acquire dquot type 0 [ 176.681489][ T6940] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 176.698454][ T6940] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.247: mark_inode_dirty error [ 176.773121][ T6940] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 176.851210][ T6940] EXT4-fs (loop2): 1 orphan inode deleted [ 176.858833][ T6940] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.880814][ T1316] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1) [ 177.111111][ T1316] EXT4-fs error (device loop2): ext4_release_dquot:6982: comm kworker/u8:6: Failed to release dquot type 0 [ 177.164203][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.174756][ T5827] EXT4-fs error (device loop2): __ext4_get_inode_loc:4836: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 177.358960][ T5827] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 177.491650][ T5827] EXT4-fs error (device loop2): ext4_quota_off:7230: inode #3: comm syz-executor: mark_inode_dirty error [ 178.122228][ T6968] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 180.336736][ T30] kauditd_printk_skb: 12 callbacks suppressed [ 180.336754][ T30] audit: type=1326 audit(1763066121.414:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 180.434867][ T30] audit: type=1326 audit(1763066121.454:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 181.425497][ T30] audit: type=1326 audit(1763066121.474:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 181.723234][ T30] audit: type=1326 audit(1763066121.474:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 182.252171][ T6986] netlink: 108 bytes leftover after parsing attributes in process `syz.1.259'. [ 182.272756][ T30] audit: type=1326 audit(1763066121.474:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 182.347749][ T30] audit: type=1326 audit(1763066121.474:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 182.422273][ T30] audit: type=1326 audit(1763066121.474:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 182.502671][ T30] audit: type=1326 audit(1763066121.474:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 182.586522][ T6993] netlink: 44 bytes leftover after parsing attributes in process `syz.2.263'. [ 182.617677][ T6993] netlink: 8 bytes leftover after parsing attributes in process `syz.2.263'. [ 182.629483][ T30] audit: type=1326 audit(1763066121.474:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 182.639085][ T6998] netlink: 204 bytes leftover after parsing attributes in process `syz.2.263'. [ 182.674089][ T30] audit: type=1326 audit(1763066122.504:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 183.951963][ T7007] loop1: detected capacity change from 0 to 512 [ 183.965408][ T7007] EXT4-fs: Ignoring removed i_version option [ 183.971690][ T7007] EXT4-fs: Ignoring removed bh option [ 184.028336][ T7008] loop4: detected capacity change from 0 to 512 [ 184.072105][ T7008] EXT4-fs: Ignoring removed i_version option [ 184.078246][ T7008] EXT4-fs: Ignoring removed bh option [ 184.800363][ T7008] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.813949][ T7008] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 185.059843][ T7007] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.084995][ T7007] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 185.540193][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.675459][ T7020] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 186.260057][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.886542][ T7029] loop1: detected capacity change from 0 to 512 [ 186.898645][ T7029] EXT4-fs: Ignoring removed i_version option [ 186.904831][ T7029] EXT4-fs: Ignoring removed bh option [ 187.091815][ T7029] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.106713][ T7029] ext4 filesystem being mounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 187.274028][ T7032] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 187.652717][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.704472][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 187.704490][ T30] audit: type=1326 audit(1763066128.784:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 187.771043][ T30] audit: type=1326 audit(1763066128.784:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 187.800644][ T30] audit: type=1326 audit(1763066128.814:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 187.824444][ T30] audit: type=1326 audit(1763066128.814:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 188.008626][ T30] audit: type=1326 audit(1763066128.814:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 188.179361][ T30] audit: type=1326 audit(1763066128.814:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 188.527528][ T30] audit: type=1326 audit(1763066128.814:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 188.581516][ T30] audit: type=1326 audit(1763066128.814:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 188.733903][ T7042] loop1: detected capacity change from 0 to 512 [ 188.747972][ T7042] EXT4-fs: Ignoring removed i_version option [ 188.754146][ T7042] EXT4-fs: Ignoring removed bh option [ 189.242912][ T30] audit: type=1326 audit(1763066128.814:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 189.301647][ T30] audit: type=1326 audit(1763066128.814:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f7f1558f6c9 code=0x7ffc0000 [ 189.333957][ T7042] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 189.349696][ T7042] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 189.688647][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.877307][ T7053] netlink: 20 bytes leftover after parsing attributes in process `syz.2.278'. [ 190.409454][ T7064] loop3: detected capacity change from 0 to 512 [ 190.421379][ T7064] EXT4-fs: Ignoring removed i_version option [ 190.427501][ T7064] EXT4-fs: Ignoring removed bh option [ 190.968489][ T7064] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.985256][ T7064] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 191.353612][ T7072] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 192.176850][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.744479][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 192.744497][ T30] audit: type=1326 audit(1763066133.804:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 192.929247][ T5841] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 192.940089][ T5841] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 192.948950][ T5841] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 192.958711][ T30] audit: type=1326 audit(1763066133.824:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 192.959755][ T5841] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 192.990423][ T5841] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 193.024781][ T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 193.035707][ T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 193.043301][ T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 193.063352][ T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 193.076027][ T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 193.175711][ T7085] loop3: detected capacity change from 0 to 1024 [ 193.196168][ T30] audit: type=1326 audit(1763066133.824:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 193.292197][ T7085] EXT4-fs: Ignoring removed bh option [ 193.359998][ T30] audit: type=1326 audit(1763066133.824:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 193.675345][ T30] audit: type=1326 audit(1763066133.824:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 193.799751][ T7090] loop2: detected capacity change from 0 to 512 [ 193.813051][ T7090] EXT4-fs: Ignoring removed i_version option [ 193.819194][ T7090] EXT4-fs: Ignoring removed bh option [ 194.551001][ T30] audit: type=1326 audit(1763066133.854:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 194.648401][ T7090] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 194.671669][ T7090] ext4 filesystem being mounted at /68/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 194.721086][ T30] audit: type=1326 audit(1763066133.864:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 194.779548][ T7085] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 194.795602][ T7085] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 194.808561][ T30] audit: type=1326 audit(1763066133.864:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 194.870383][ T7085] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0100] [ 194.878718][ T30] audit: type=1326 audit(1763066133.864:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 194.972865][ T30] audit: type=1326 audit(1763066133.864:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 195.035928][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.171649][ T52] Bluetooth: hci5: command tx timeout [ 195.236332][ T7085] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 2: comm syz.3.283: lblock 2 mapped to illegal pblock 2 (length 1) [ 195.368276][ T7085] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 48: comm syz.3.283: lblock 0 mapped to illegal pblock 48 (length 1) [ 195.439312][ T7085] EXT4-fs error (device loop3): ext4_acquire_dquot:6946: comm syz.3.283: Failed to acquire dquot type 0 [ 195.491307][ T7103] tipc: Started in network mode [ 195.501552][ T7103] tipc: Node identity 565d73f6b38e, cluster identity 4711 [ 195.515286][ T7085] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 195.519365][ T7103] tipc: Enabled bearer , priority 0 [ 195.590019][ T7100] syzkaller0: entered promiscuous mode [ 195.606841][ T7085] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.283: mark_inode_dirty error [ 195.616092][ T7100] syzkaller0: entered allmulticast mode [ 195.711393][ T7085] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 195.776030][ T7085] EXT4-fs (loop3): 1 orphan inode deleted [ 195.810860][ T3515] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 195.816857][ T7085] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.853324][ T60] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.906678][ T3515] EXT4-fs error (device loop3): ext4_release_dquot:6982: comm kworker/u8:8: Failed to release dquot type 0 [ 195.909964][ T7100] tipc: Resetting bearer [ 195.964717][ T60] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.124763][ T7083] chnl_net:caif_netlink_parms(): no params data found [ 196.152818][ T7099] tipc: Resetting bearer [ 196.175870][ T7099] tipc: Disabling bearer [ 196.451257][ T7113] netlink: 20 bytes leftover after parsing attributes in process `syz.2.291'. [ 196.464667][ T60] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.514608][ T7115] loop1: detected capacity change from 0 to 512 [ 196.547904][ T7115] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 196.590860][ T7115] EXT4-fs (loop1): invalid journal inode [ 196.596739][ T7115] EXT4-fs (loop1): can't get journal size [ 196.660844][ T7115] EXT4-fs (loop1): 1 truncate cleaned up [ 196.702284][ T7115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.052940][ T7125] xt_hashlimit: max too large, truncated to 1048576 [ 197.062218][ T7125] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 197.810980][ T52] Bluetooth: hci5: command tx timeout [ 197.821943][ T60] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.375778][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.412696][ T5824] EXT4-fs error (device loop3): __ext4_get_inode_loc:4836: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 199.449319][ T7122] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 199.503209][ T7122] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 199.544766][ T30] kauditd_printk_skb: 12 callbacks suppressed [ 199.544785][ T30] audit: type=1326 audit(1763066140.614:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 199.577369][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.585926][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.609525][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.641498][ T5824] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6317: Corrupt filesystem [ 199.673981][ T5824] EXT4-fs error (device loop3): ext4_quota_off:7230: inode #3: comm syz-executor: mark_inode_dirty error [ 199.758114][ T30] audit: type=1326 audit(1763066140.614:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 199.825994][ T30] audit: type=1326 audit(1763066140.674:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 199.882708][ T30] audit: type=1326 audit(1763066140.674:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 199.937101][ T30] audit: type=1326 audit(1763066140.674:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 199.993399][ T7083] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.011771][ T7083] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.191286][ T7083] bridge_slave_0: entered allmulticast mode [ 200.200408][ T7083] bridge_slave_0: entered promiscuous mode [ 200.210313][ T30] audit: type=1326 audit(1763066140.674:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 200.892184][ T30] audit: type=1326 audit(1763066140.674:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 200.914965][ T30] audit: type=1326 audit(1763066140.674:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 201.038933][ T30] audit: type=1326 audit(1763066140.674:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 201.420416][ T30] audit: type=1326 audit(1763066140.674:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.4.296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ced8f6c9 code=0x7ffc0000 [ 201.520086][ T7153] xt_hashlimit: max too large, truncated to 1048576 [ 201.533542][ T7153] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 202.421724][ T7083] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.429839][ T7083] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.438692][ T7083] bridge_slave_1: entered allmulticast mode [ 202.448804][ T7083] bridge_slave_1: entered promiscuous mode [ 203.206826][ T7155] loop2: detected capacity change from 0 to 512 [ 203.254401][ T7155] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 203.281897][ T7083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.320818][ T7155] EXT4-fs (loop2): invalid journal inode [ 203.333754][ T7083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.348630][ T60] bridge_slave_1: left allmulticast mode [ 203.362022][ T7155] EXT4-fs (loop2): can't get journal size [ 203.389043][ T60] bridge_slave_1: left promiscuous mode [ 203.411762][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.433625][ T7155] EXT4-fs (loop2): 1 truncate cleaned up [ 203.440534][ T7155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.504709][ T60] bridge_slave_0: left allmulticast mode [ 203.517109][ T60] bridge_slave_0: left promiscuous mode [ 203.538321][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.384804][ T7201] loop4: detected capacity change from 0 to 512 [ 205.398079][ T7201] EXT4-fs: Ignoring removed i_version option [ 205.404295][ T7201] EXT4-fs: Ignoring removed bh option [ 205.489676][ T7201] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.504170][ T7201] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 206.084113][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.348204][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.363063][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.371541][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.379278][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.398542][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.408615][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.418678][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.427545][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.442689][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.451572][ T5889] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 206.525522][ T5889] hid-generic 0003:0004:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 206.706889][ T7209] fido_id[7209]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 206.833496][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 207.051428][ T7216] xt_hashlimit: max too large, truncated to 1048576 [ 207.060198][ T7216] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 207.812347][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 207.913343][ T60] bond0 (unregistering): Released all slaves [ 208.319252][ T7083] team0: Port device team_slave_0 added [ 208.329383][ T7083] team0: Port device team_slave_1 added [ 208.370728][ T7168] tipc: Enabled bearer , priority 0 [ 208.515316][ T7178] syzkaller0: entered promiscuous mode [ 208.520853][ T7178] syzkaller0: entered allmulticast mode [ 208.535273][ T7192] tipc: Resetting bearer [ 208.550440][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.636478][ T5947] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 209.061278][ T5947] usb 5-1: Using ep0 maxpacket: 32 [ 209.096638][ T5947] usb 5-1: config 0 has an invalid interface number: 85 but max is 0 [ 209.111012][ T5947] usb 5-1: config 0 has no interface number 0 [ 209.127738][ T5947] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 209.235405][ T7083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 209.249013][ T7083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 209.305319][ T7083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.330406][ T7162] tipc: Resetting bearer [ 209.361969][ T7162] tipc: Disabling bearer [ 209.509398][ T5947] usb 5-1: config 0 interface 85 has no altsetting 0 [ 209.510750][ T7083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.524012][ T5947] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 209.534213][ T5947] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.542612][ T5947] usb 5-1: Product: syz [ 209.546826][ T5947] usb 5-1: Manufacturer: syz [ 209.555577][ T5947] usb 5-1: SerialNumber: syz [ 209.562293][ T7083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 209.599756][ T5947] usb 5-1: config 0 descriptor?? [ 209.610367][ T7083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 210.107123][ T5947] appletouch 5-1:0.85: Failed to read mode from device. [ 210.131254][ T5947] appletouch 5-1:0.85: probe with driver appletouch failed with error -5 [ 210.317124][ T7219] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 210.358093][ T7219] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 210.638996][ T5947] usb 5-1: USB disconnect, device number 3 [ 210.814002][ T7083] hsr_slave_0: entered promiscuous mode [ 210.831050][ T7083] hsr_slave_1: entered promiscuous mode [ 210.838818][ T7083] debugfs: 'hsr0' already exists in 'hsr' [ 210.848401][ T7083] Cannot create hsr debugfs directory [ 211.023049][ T7249] xt_hashlimit: max too large, truncated to 1048576 [ 211.038611][ T7249] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 212.852552][ T60] hsr_slave_0: left promiscuous mode [ 213.395760][ T7256] xt_hashlimit: max too large, truncated to 1048576 [ 213.403069][ T7256] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 213.422460][ T60] hsr_slave_1: left promiscuous mode [ 213.792422][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 214.073222][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 215.162666][ T7259] xt_hashlimit: max too large, truncated to 1048576 [ 215.169871][ T7259] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 215.517824][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 215.549415][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 215.609335][ T60] veth1_macvtap: left promiscuous mode [ 216.447104][ T7263] syz.3.318 (7263): drop_caches: 2 [ 216.463231][ T7263] syz.3.318 (7263): drop_caches: 2 [ 216.480541][ T60] veth0_macvtap: left promiscuous mode [ 216.490099][ T60] veth1_vlan: left promiscuous mode [ 216.528251][ T60] veth0_vlan: left promiscuous mode [ 216.553130][ T7268] loop4: detected capacity change from 0 to 512 [ 216.614240][ T7268] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 216.643311][ T7268] EXT4-fs (loop4): invalid journal inode [ 216.649079][ T7268] EXT4-fs (loop4): can't get journal size [ 216.741243][ T7268] EXT4-fs (loop4): 1 truncate cleaned up [ 216.748121][ T7268] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 217.102279][ T7276] xt_hashlimit: max too large, truncated to 1048576 [ 217.113791][ T7276] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 219.694134][ T7272] loop3: detected capacity change from 0 to 8192 [ 220.895475][ T7272] loop3: p1 < > p2 < > p3 p4 < > [ 220.900769][ T7272] loop3: partition table partially beyond EOD, truncated [ 220.915155][ T7272] loop3: p1 start 67108864 is beyond EOD, truncated [ 220.922280][ T7272] loop3: p2 start 4278190080 is beyond EOD, truncated [ 220.929230][ T7272] loop3: p3 start 100859904 is beyond EOD, truncated [ 221.846050][ T6264] udevd[6264]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 227.707346][ T60] team0 (unregistering): Port device team_slave_1 removed [ 228.028496][ T60] team0 (unregistering): Port device team_slave_0 removed [ 228.410677][ T7307] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 228.420353][ T7307] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 228.430063][ T7307] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 228.472205][ T7309] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 228.481697][ T7309] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 228.491348][ T7309] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 228.583315][ T7310] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 228.592787][ T7310] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 228.602416][ T7310] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 228.821759][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.975316][ T7318] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 231.065390][ T7331] xt_hashlimit: max too large, truncated to 1048576 [ 231.072772][ T7331] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 234.527512][ T7336] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 234.537069][ T7336] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 234.546760][ T7336] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 234.928417][ T793] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 235.687597][ T7083] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 235.735598][ T793] usb 2-1: Using ep0 maxpacket: 32 [ 235.747678][ T7083] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 235.777699][ T793] usb 2-1: config 0 has an invalid interface number: 85 but max is 0 [ 235.796015][ T793] usb 2-1: config 0 has no interface number 0 [ 235.818248][ T7083] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 235.825889][ T793] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 235.852440][ T793] usb 2-1: config 0 interface 85 has no altsetting 0 [ 235.872498][ T793] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 235.886062][ T7083] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 235.893934][ T793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.919137][ T793] usb 2-1: Product: syz [ 235.934296][ T793] usb 2-1: Manufacturer: syz [ 235.946941][ T793] usb 2-1: SerialNumber: syz [ 235.966090][ T793] usb 2-1: config 0 descriptor?? [ 236.212761][ T7083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 236.295533][ T7083] 8021q: adding VLAN 0 to HW filter on device team0 [ 236.356488][ T3515] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.363843][ T3515] bridge0: port 1(bridge_slave_0) entered forwarding state [ 236.436306][ T3515] bridge0: port 2(bridge_slave_1) entered blocking state [ 236.443663][ T3515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 237.540612][ T793] appletouch 2-1:0.85: Geyser mode initialized. [ 237.608405][ T7387] xt_hashlimit: max too large, truncated to 1048576 [ 237.618240][ T7387] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 238.101343][ T793] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input10 [ 238.257272][ T7083] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 238.274385][ T793] usb 2-1: USB disconnect, device number 7 [ 238.280318][ C0] appletouch 2-1:0.85: atp_complete: usb_submit_urb failed with result -19 [ 239.763138][ T793] appletouch 2-1:0.85: input: appletouch disconnected [ 240.565467][ T7083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 241.306008][ T7419] syz.3.347 (7419): drop_caches: 2 [ 241.308506][ T7419] syz.3.347 (7419): drop_caches: 2 [ 241.561290][ T7432] netlink: 12 bytes leftover after parsing attributes in process `syz.1.351'. [ 241.587115][ T793] hid_parser_main: 8 callbacks suppressed [ 241.587135][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1 [ 241.587182][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 241.587210][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 241.589660][ T7435] loop2: detected capacity change from 0 to 512 [ 241.592692][ T7435] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 241.599560][ T7435] EXT4-fs (loop2): invalid journal inode [ 241.599656][ T7435] EXT4-fs (loop2): can't get journal size [ 241.601869][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 241.601912][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 241.601941][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 241.602017][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 241.602046][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 241.602074][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x2 [ 241.602102][ T793] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 241.617167][ T793] hid-generic 0000:0000:0000.0002: hidraw0: HID v8.00 Device [syz0] on syz0 [ 241.618997][ T7435] EXT4-fs (loop2): 1 truncate cleaned up [ 241.635991][ T7435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 241.904577][ T7083] veth0_vlan: entered promiscuous mode [ 241.920383][ T7446] tipc: Enabling of bearer rejected, failed to enable media [ 241.945427][ T7083] veth1_vlan: entered promiscuous mode [ 242.823963][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.873553][ T7083] veth0_macvtap: entered promiscuous mode [ 242.903735][ T7083] veth1_macvtap: entered promiscuous mode [ 242.989478][ T7083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 243.005916][ T7083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 243.334067][ T7462] xt_hashlimit: max too large, truncated to 1048576 [ 243.334612][ T7462] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 244.065854][ T3515] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.066106][ T3515] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.066289][ T3515] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.066449][ T3515] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.421646][ T5985] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.421669][ T5985] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.567870][ T5985] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.567895][ T5985] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.974892][ T7478] lo speed is unknown, defaulting to 1000 [ 247.017795][ T7478] lo speed is unknown, defaulting to 1000 [ 247.082072][ T7478] lo speed is unknown, defaulting to 1000 [ 247.161123][ T7483] syz.4.360 (7483): drop_caches: 2 [ 247.166649][ T7483] syz.4.360 (7483): drop_caches: 2 [ 247.615927][ T7493] xt_hashlimit: max too large, truncated to 1048576 [ 247.623273][ T7493] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 251.760270][ T7510] netlink: 8 bytes leftover after parsing attributes in process `syz.3.366'. [ 251.945684][ T7504] loop1: detected capacity change from 0 to 8192 [ 252.363968][ T7323] loop1: p1 < > p2 < > p3 p4 < > [ 252.490470][ T7323] loop1: partition table partially beyond EOD, truncated [ 252.941392][ T7323] loop1: p1 start 67108864 is beyond EOD, truncated [ 252.970764][ T7323] loop1: p2 start 4278190080 is beyond EOD, truncated [ 252.989583][ T5865] lo speed is unknown, defaulting to 1000 [ 252.996370][ T7323] loop1: p3 start 100859904 is beyond EOD, truncated [ 253.005554][ T7478] infiniband sz1: set active [ 253.014734][ T7478] infiniband sz1: added lo [ 253.322756][ T7524] syzkaller0: entered promiscuous mode [ 253.328288][ T7524] syzkaller0: entered allmulticast mode [ 253.336498][ T7478] RDS/IB: sz1: added [ 253.347174][ T7478] smc: adding ib device sz1 with port count 1 [ 253.363031][ T7478] smc: ib device sz1 port 1 has no pnetid [ 253.844964][ T7504] loop1: p1 < > p2 < > p3 p4 < > [ 253.850088][ T7504] loop1: partition table partially beyond EOD, truncated [ 253.859714][ T7526] loop5: detected capacity change from 0 to 512 [ 253.871540][ T7504] loop1: p1 start 67108864 is beyond EOD, truncated [ 253.878366][ T7504] loop1: p2 start 4278190080 is beyond EOD, truncated [ 253.888294][ T7526] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 253.900197][ T7504] loop1: p3 start 100859904 is beyond EOD, truncated [ 253.913518][ T7526] EXT4-fs (loop5): invalid journal inode [ 253.921512][ T5889] lo speed is unknown, defaulting to 1000 [ 253.932219][ T7478] lo speed is unknown, defaulting to 1000 [ 253.950415][ T7526] EXT4-fs (loop5): can't get journal size [ 254.005319][ T7526] EXT4-fs (loop5): 1 truncate cleaned up [ 254.023164][ T7526] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.382958][ T7543] netlink: 8 bytes leftover after parsing attributes in process `syz.1.372'. [ 255.644724][ T7327] udevd[7327]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 255.743257][ T7327] udevd[7327]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 256.108326][ T7478] lo speed is unknown, defaulting to 1000 [ 256.381154][ T7554] loop4: detected capacity change from 0 to 512 [ 256.405832][ T7554] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 256.456055][ T7554] EXT4-fs (loop4): invalid journal inode [ 256.463124][ T7554] EXT4-fs (loop4): can't get journal size [ 256.571084][ T30] kauditd_printk_skb: 30 callbacks suppressed [ 256.571104][ T30] audit: type=1326 audit(1763066197.624:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 256.633800][ T30] audit: type=1326 audit(1763066197.624:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 256.656514][ T5889] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 256.656817][ T7554] EXT4-fs (loop4): 1 truncate cleaned up [ 256.671789][ T7554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.820026][ T30] audit: type=1326 audit(1763066197.624:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 257.691050][ T5889] usb 4-1: Using ep0 maxpacket: 32 [ 257.705017][ T30] audit: type=1326 audit(1763066197.624:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 257.713801][ T5889] usb 4-1: config 0 has an invalid interface number: 85 but max is 0 [ 257.759087][ T5889] usb 4-1: config 0 has no interface number 0 [ 257.770026][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.779607][ T30] audit: type=1326 audit(1763066197.624:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 257.803609][ T5889] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 257.852800][ T30] audit: type=1326 audit(1763066197.624:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 257.881364][ T30] audit: type=1326 audit(1763066197.624:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 257.891043][ T5889] usb 4-1: config 0 interface 85 has no altsetting 0 [ 257.904209][ T30] audit: type=1326 audit(1763066197.624:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 257.936345][ T30] audit: type=1326 audit(1763066197.624:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe1598f6c9 code=0x7ffc0000 [ 257.980326][ T30] audit: type=1326 audit(1763066197.624:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7557 comm="syz.1.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efe1598df10 code=0x7ffc0000 [ 258.007826][ T5889] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 258.048693][ T5889] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.077611][ T5889] usb 4-1: Product: syz [ 258.091794][ T5889] usb 4-1: Manufacturer: syz [ 258.096479][ T5889] usb 4-1: SerialNumber: syz [ 258.146428][ T5889] usb 4-1: config 0 descriptor?? [ 258.293760][ T7478] lo speed is unknown, defaulting to 1000 [ 258.802495][ T5889] appletouch 4-1:0.85: Geyser mode initialized. [ 258.828068][ T5889] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.85/input/input11 [ 259.027269][ T5889] usb 4-1: USB disconnect, device number 2 [ 259.121840][ T5889] appletouch 4-1:0.85: input: appletouch disconnected [ 259.149275][ T7083] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.339036][ T7478] lo speed is unknown, defaulting to 1000 [ 260.455745][ T7607] loop3: detected capacity change from 0 to 1024 [ 260.520316][ T7607] EXT4-fs: inline encryption not supported [ 260.565355][ T7607] EXT4-fs: Ignoring removed nobh option [ 260.621133][ T7607] EXT4-fs: Ignoring removed bh option [ 260.675576][ T7607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 260.948976][ T7478] lo speed is unknown, defaulting to 1000 [ 261.005319][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.011831][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.030143][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.329081][ T7627] loop5: detected capacity change from 0 to 512 [ 261.352091][ T7627] EXT4-fs: Ignoring removed nobh option [ 261.438505][ T7627] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 261.460672][ T7627] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it [ 261.473971][ T7627] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.389: Corrupt directory, running e2fsck is recommended [ 261.497574][ T7627] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 261.549510][ T7627] EXT4-fs error (device loop5): ext4_iget_extra_inode:5079: inode #15: comm syz.5.389: corrupted in-inode xattr: invalid ea_ino [ 261.647893][ T7627] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.389: couldn't read orphan inode 15 (err -117) [ 261.717178][ T7627] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.721066][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 261.770111][ T7627] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 261.809214][ T7627] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it [ 261.832992][ T7627] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.389: Corrupt directory, running e2fsck is recommended [ 261.936374][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 261.961280][ T9] usb 4-1: config 0 has an invalid interface number: 77 but max is 0 [ 262.001461][ T9] usb 4-1: config 0 has no interface number 0 [ 262.013532][ T9] usb 4-1: New USB device found, idVendor=05e0, idProduct=2008, bcdDevice=27.b7 [ 262.043093][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.064021][ T7083] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.071002][ T9] usb 4-1: Product: syz [ 262.077302][ T9] usb 4-1: Manufacturer: syz [ 262.121164][ T9] usb 4-1: SerialNumber: syz [ 262.154608][ T9] usb 4-1: config 0 descriptor?? [ 262.420327][ T9] usb 4-1: USB disconnect, device number 3 [ 262.507357][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 262.523665][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 262.533271][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 262.543205][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 262.551584][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 262.648073][ T7646] lo speed is unknown, defaulting to 1000 [ 264.796522][ T5841] Bluetooth: hci4: command tx timeout [ 266.558150][ T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.610975][ T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 267.296240][ T52] Bluetooth: hci4: command tx timeout [ 267.431817][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 267.450563][ T9] usb 4-1: config 0 has an invalid interface number: 77 but max is 0 [ 267.475503][ T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.501046][ T9] usb 4-1: config 0 has no interface number 0 [ 267.514323][ T9] usb 4-1: New USB device found, idVendor=05e0, idProduct=2008, bcdDevice=27.b7 [ 267.531278][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.559042][ T9] usb 4-1: Product: syz [ 267.572445][ T9] usb 4-1: Manufacturer: syz [ 267.578942][ T9] usb 4-1: SerialNumber: syz [ 267.608308][ T9] usb 4-1: config 0 descriptor?? [ 267.685568][ T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.854341][ T9] usb 4-1: USB disconnect, device number 4 [ 268.051719][ T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.130984][ T7701] loop5: detected capacity change from 0 to 2048 [ 268.159706][ T7701] udf: Bad value for 'umask' [ 268.205649][ T7646] chnl_net:caif_netlink_parms(): no params data found [ 268.721215][ T5947] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 268.892986][ T5947] usb 6-1: Using ep0 maxpacket: 16 [ 268.919057][ T5947] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 268.964113][ T5947] usb 6-1: can't read configurations, error -61 [ 269.171845][ T5947] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 269.322007][ T52] Bluetooth: hci4: command tx timeout [ 269.410980][ T5947] usb 6-1: Using ep0 maxpacket: 16 [ 269.437362][ T5947] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 269.454772][ T7646] bridge0: port 1(bridge_slave_0) entered blocking state [ 269.471259][ T5947] usb 6-1: can't read configurations, error -61 [ 269.484389][ T7646] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.496481][ T5947] usb usb6-port1: attempt power cycle [ 269.524249][ T7646] bridge_slave_0: entered allmulticast mode [ 269.549299][ T7646] bridge_slave_0: entered promiscuous mode [ 269.586956][ T7646] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.601895][ T7646] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.631363][ T7646] bridge_slave_1: entered allmulticast mode [ 269.639677][ T7646] bridge_slave_1: entered promiscuous mode [ 269.792829][ T7712] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 269.798796][ T7712] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 270.420488][ T7646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 270.498070][ T5947] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 270.608808][ T5947] usb 6-1: Using ep0 maxpacket: 16 [ 270.619670][ T7646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 270.664582][ T5947] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 270.691771][ T5947] usb 6-1: can't read configurations, error -61 [ 270.748463][ T36] bridge_slave_1: left allmulticast mode [ 270.760974][ T36] bridge_slave_1: left promiscuous mode [ 270.773039][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.795667][ T36] bridge_slave_0: left allmulticast mode [ 270.807072][ T36] bridge_slave_0: left promiscuous mode [ 270.837892][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 271.021158][ T5947] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 271.950284][ T5947] usb 6-1: Using ep0 maxpacket: 16 [ 272.600961][ T5947] usb 6-1: device descriptor read/all, error -71 [ 272.620990][ T5947] usb usb6-port1: unable to enumerate USB device [ 273.129764][ T7744] loop3: detected capacity change from 0 to 128 [ 273.194571][ T7744] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 273.259081][ T7744] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 273.664592][ T7755] xt_hashlimit: max too large, truncated to 1048576 [ 273.674350][ T7755] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 275.225230][ T30] kauditd_printk_skb: 22 callbacks suppressed [ 275.225248][ T30] audit: type=1326 audit(1763066215.644:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.255863][ T30] audit: type=1326 audit(1763066215.644:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.278479][ T30] audit: type=1326 audit(1763066215.654:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.300795][ T30] audit: type=1326 audit(1763066215.654:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.335428][ T30] audit: type=1326 audit(1763066215.654:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.357763][ T30] audit: type=1326 audit(1763066215.654:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.550654][ T30] audit: type=1326 audit(1763066215.654:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.584430][ T30] audit: type=1326 audit(1763066215.654:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.612268][ T30] audit: type=1326 audit(1763066215.654:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 275.639892][ T30] audit: type=1326 audit(1763066215.654:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.3.417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425f18f6c9 code=0x7ffc0000 [ 277.853291][ T7766] loop5: detected capacity change from 0 to 512 [ 277.875885][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 277.906827][ T7766] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.924710][ T7766] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 277.963592][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 278.012327][ T36] bond0 (unregistering): Released all slaves [ 278.071964][ T7771] loop1: detected capacity change from 0 to 2048 [ 278.093749][ T7646] team0: Port device team_slave_0 added [ 278.124647][ T7736] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 278.133572][ T7771] udf: Bad value for 'umask' [ 278.134202][ T7736] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 278.148633][ T7736] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 278.354486][ T7646] team0: Port device team_slave_1 added [ 278.969592][ T7083] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.160367][ T5865] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 279.389801][ T7646] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 279.406012][ T7646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 279.441322][ T5865] usb 2-1: Using ep0 maxpacket: 16 [ 279.596082][ T5865] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 279.619746][ T5865] usb 2-1: can't read configurations, error -61 [ 279.641023][ T7646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 279.734385][ T7646] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 279.760972][ T5865] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 279.771591][ T7646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 279.951094][ T7646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 280.007930][ T5865] usb 2-1: Using ep0 maxpacket: 16 [ 280.064858][ T5865] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 280.076231][ T5865] usb 2-1: can't read configurations, error -61 [ 280.102172][ T5865] usb usb2-port1: attempt power cycle [ 280.245051][ T7646] hsr_slave_0: entered promiscuous mode [ 280.283864][ T7646] hsr_slave_1: entered promiscuous mode [ 280.317919][ T7646] debugfs: 'hsr0' already exists in 'hsr' [ 280.336474][ T7646] Cannot create hsr debugfs directory [ 280.363405][ T7788] netlink: 8 bytes leftover after parsing attributes in process `syz.5.425'. [ 280.509346][ T5865] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 280.549858][ T5865] usb 2-1: Using ep0 maxpacket: 16 [ 280.559404][ T5865] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 280.588081][ T5865] usb 2-1: can't read configurations, error -61 [ 280.731386][ T5865] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 280.808949][ T5865] usb 2-1: Using ep0 maxpacket: 16 [ 280.835261][ T5865] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 280.858593][ T5865] usb 2-1: can't read configurations, error -61 [ 280.901457][ T5865] usb usb2-port1: unable to enumerate USB device [ 280.930944][ T36] hsr_slave_0: left promiscuous mode [ 280.943416][ T36] hsr_slave_1: left promiscuous mode [ 280.960433][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 280.995530][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 281.062659][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 281.070114][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 281.199929][ T36] veth1_macvtap: left promiscuous mode [ 281.294412][ T36] veth0_macvtap: left promiscuous mode [ 281.306358][ T36] veth1_vlan: left promiscuous mode [ 281.372352][ T36] veth0_vlan: left promiscuous mode [ 285.431927][ T5947] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 285.440189][ T36] team0 (unregistering): Port device team_slave_1 removed [ 285.661581][ T5947] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 285.671110][ T5947] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.688731][ T5947] usb 4-1: Product: syz [ 285.697286][ T36] team0 (unregistering): Port device team_slave_0 removed [ 285.697686][ T5947] usb 4-1: Manufacturer: syz [ 285.720661][ T5947] usb 4-1: SerialNumber: syz [ 286.502754][ T5947] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE [ 286.521909][ T5947] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 286.544944][ T5947] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 286.560225][ T5947] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -32 [ 286.737351][ T7843] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 286.944716][ T1316] smc: removing ib device sz1 [ 287.341117][ T7810] v: renamed from vlan0 [ 287.365249][ T794] lo speed is unknown, defaulting to 1000 [ 287.391231][ T794] sz1: Port: 1 Link DOWN [ 287.402320][ T7848] netlink: 8 bytes leftover after parsing attributes in process `syz.4.440'. [ 287.910661][ T7854] overlayfs: overlapping lowerdir path [ 290.721765][ T794] usb 4-1: USB disconnect, device number 5 [ 291.723554][ T7885] xt_hashlimit: max too large, truncated to 1048576 [ 291.731152][ T7885] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 294.273546][ T7899] loop3: detected capacity change from 0 to 512 [ 294.326725][ T7899] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 294.387935][ T7899] EXT4-fs (loop3): invalid journal inode [ 294.440708][ T7899] EXT4-fs (loop3): can't get journal size [ 294.515723][ T7901] netlink: 8 bytes leftover after parsing attributes in process `syz.1.455'. [ 294.623859][ T7899] EXT4-fs (loop3): 1 truncate cleaned up [ 294.717138][ T7899] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 295.090195][ T7646] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 295.268611][ T7646] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 295.480066][ T7646] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 295.565897][ T7646] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 296.105783][ T5865] hid_parser_main: 28 callbacks suppressed [ 296.105800][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x1 [ 296.157817][ T7646] 8021q: adding VLAN 0 to HW filter on device bond0 [ 296.174894][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 296.236093][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 296.255352][ T7646] 8021q: adding VLAN 0 to HW filter on device team0 [ 296.282780][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 296.316861][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 296.343870][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 296.357234][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.362338][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 296.364481][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 296.382569][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 296.410366][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x2 [ 296.474933][ T5865] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 296.493248][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.500395][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 296.530199][ T5865] hid-generic 0000:0000:0000.0003: hidraw0: HID v8.00 Device [syz0] on syz0 [ 296.811511][ T7945] fido_id[7945]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 296.841779][ T7948] loop4: detected capacity change from 0 to 512 [ 296.948688][ T7948] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.062079][ T7948] ext4 filesystem being mounted at /99/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 299.129839][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.267890][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.646734][ T7980] loop4: detected capacity change from 0 to 512 [ 299.667067][ T7981] netlink: 4 bytes leftover after parsing attributes in process `syz.3.466'. [ 299.677547][ T7980] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 299.798403][ T7986] xt_hashlimit: max too large, truncated to 1048576 [ 299.808278][ T7986] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 299.932149][ T7980] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 300.692003][ T7646] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 300.902339][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.958251][ T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 302.710943][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 302.732142][ T9] usb 5-1: config 0 has an invalid interface number: 77 but max is 0 [ 302.740304][ T9] usb 5-1: config 0 has no interface number 0 [ 302.747156][ T8011] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN PTI [ 302.759094][ T8011] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] [ 302.766384][ T9] usb 5-1: New USB device found, idVendor=05e0, idProduct=2008, bcdDevice=27.b7 [ 302.767546][ T8011] CPU: 1 UID: 0 PID: 8011 Comm: syz.1.471 Not tainted syzkaller #0 PREEMPT(full) [ 302.785893][ T8011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 302.795972][ T8011] RIP: 0010:put_mnt_ns+0x34/0x2f0 [ 302.801045][ T8011] Code: 55 41 54 53 48 89 fb e8 ca e7 7d ff 48 85 db 0f 84 df 00 00 00 49 bc 00 00 00 00 00 fc ff df 4c 8d 73 20 4d 89 f5 49 c1 ed 03 <43> 80 7c 25 00 00 74 08 4c 89 f7 e8 8c 95 e4 ff 4d 8b 3e 31 ff 4c [ 302.820671][ T8011] RSP: 0018:ffffc90004a07cd0 EFLAGS: 00010203 [ 302.826754][ T8011] RAX: ffffffff8243b886 RBX: fffffffffffffff4 RCX: 0000000000080000 [ 302.834737][ T8011] RDX: ffffc90010129000 RSI: 0000000000000569 RDI: 000000000000056a [ 302.842725][ T8011] RBP: fffffffffffffff4 R08: ffffffff8f7dd077 R09: 1ffffffff1efba0e [ 302.850704][ T8011] R10: dffffc0000000000 R11: fffffbfff1efba0f R12: dffffc0000000000 [ 302.858777][ T8011] R13: 0000000000000002 R14: 0000000000000014 R15: ffff88802d9be4d8 [ 302.866760][ T8011] FS: 00007efe1681f6c0(0000) GS:ffff888125fc1000(0000) knlGS:0000000000000000 [ 302.875713][ T8011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 302.882301][ T8011] CR2: 000000110c418b46 CR3: 0000000075fb8000 CR4: 00000000003526f0 [ 302.890284][ T8011] Call Trace: [ 302.893569][ T8011] [ 302.896523][ T8011] nsproxy_free+0x3c/0x7c0 [ 302.900956][ T8011] create_new_namespaces+0x47a/0x540 [ 302.906266][ T8011] unshare_nsproxy_namespaces+0x11c/0x170 [ 302.912003][ T8011] ksys_unshare+0x4c8/0x8c0 [ 302.916512][ T8011] ? __pfx_ksys_unshare+0x10/0x10 [ 302.921547][ T8011] __x64_sys_unshare+0x38/0x50 [ 302.926318][ T8011] do_syscall_64+0xfa/0xfa0 [ 302.930830][ T8011] ? irqentry_exit+0x10f/0x640 [ 302.935617][ T8011] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.941687][ T8011] ? clear_bhb_loop+0x60/0xb0 [ 302.946374][ T8011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.952360][ T8011] RIP: 0033:0x7efe1598f6c9 [ 302.956798][ T8011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 302.976434][ T8011] RSP: 002b:00007efe1681f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 302.984860][ T8011] RAX: ffffffffffffffda RBX: 00007efe15be6270 RCX: 00007efe1598f6c9 [ 302.992840][ T8011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040020000 [ 303.000901][ T8011] RBP: 00007efe15a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 303.009317][ T8011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.017296][ T8011] R13: 00007efe15be6308 R14: 00007efe15be6270 R15: 00007ffdf6b62fc8 [ 303.025398][ T8011] [ 303.028436][ T8011] Modules linked in: [ 303.032842][ T8011] ---[ end trace 0000000000000000 ]--- [ 303.032904][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.038337][ T8011] RIP: 0010:put_mnt_ns+0x34/0x2f0 [ 303.051625][ T8011] Code: 55 41 54 53 48 89 fb e8 ca e7 7d ff 48 85 db 0f 84 df 00 00 00 49 bc 00 00 00 00 00 fc ff df 4c 8d 73 20 4d 89 f5 49 c1 ed 03 <43> 80 7c 25 00 00 74 08 4c 89 f7 e8 8c 95 e4 ff 4d 8b 3e 31 ff 4c [ 303.053863][ T9] usb 5-1: Product: syz [ 303.071328][ T8011] RSP: 0018:ffffc90004a07cd0 EFLAGS: 00010203 [ 303.071361][ T8011] RAX: ffffffff8243b886 RBX: fffffffffffffff4 RCX: 0000000000080000 [ 303.077040][ T9] usb 5-1: Manufacturer: syz [ 303.081736][ T8011] RDX: ffffc90010129000 RSI: 0000000000000569 RDI: 000000000000056a [ 303.081757][ T8011] RBP: fffffffffffffff4 R08: ffffffff8f7dd077 R09: 1ffffffff1efba0e [ 303.081774][ T8011] R10: dffffc0000000000 R11: fffffbfff1efba0f R12: dffffc0000000000 [ 303.081790][ T8011] R13: 0000000000000002 R14: 0000000000000014 R15: ffff88802d9be4d8 [ 303.081805][ T8011] FS: 00007efe1681f6c0(0000) GS:ffff888125fc1000(0000) knlGS:0000000000000000 [ 303.081825][ T8011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 303.081841][ T8011] CR2: 000000110c418b46 CR3: 0000000075fb8000 CR4: 00000000003526f0 [ 303.081864][ T8011] Kernel panic - not syncing: Fatal exception [ 303.082185][ T8011] Kernel Offset: disabled