last executing test programs: 13.498982346s ago: executing program 1 (id=2): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) removexattr(0x0, 0x0) 12.443999732s ago: executing program 1 (id=6): syz_mount_image$udf(&(0x7f00000005c0), &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00a49ecdde7828e1aafa4aca170f7ab2cadbac60175f6ab85d2709542d6960b11a2a387e69774fc920c6b622ab30e803008bc0b2e6a4c58d6b38dba9cdb8dcb30c313386e9ed22acbd604ca4b0616853f87e31f5645e7db06b93c9ec5a32d1fdae209ccffc5ce2b6ebbdff24f4fcef831998129a4918191c4ac59d8a62741133927809ebb2a83ef939019b38cbc6a3cbcbcb0acc4157e4ab6d55ec3d50fe6615d0f540baffeb5fd79b3072aee3af551a61ef5aeb982740385618720a66b0df6be665fc801fb63db5fabf38a9f9701068db705aff83cab3f3c72f49eeadc56a8b23ec6ea5dd271efdc94b6eceedb11b5b7a95448537"], 0x1, 0x5bd, &(0x7f0000000680)="$eJzs3U9sHFcdB/Dfm3jtdRonmzR1CwR1paoqCiKKHdomNhKYGFeIqLFwHBFOmHgTlvpPZCfIqQD1BgckxIEDBySEhBSBQIgj4kBPcEDcgXt74OIDEhIHhGZ21ruxt8Sqs3Fdfz5SvLNvfvPmzRwifffNvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOLzX5g6P5b2exQAAABAP70+9+Xz4/I/AAAAfKhdM/8PAAAAAAAAAAddiiy+Fym+NLmZjhXvW6pXmiv3NuanZ3ofNpyKI48U9fm/6tj4hU+//MqrF9uv///4x+0jcXXu2lT98urynbXG+npjsT6/0ry5utjYdQ97PX67s8UNqC+/cW/x1q31+vi5Cw/t3qi9M/TUaG3y4sSNWrt2fnpmZq6rZqDyvs++gyc8AAAADrfByOL1SPH2n3+TRiIii71n4Ud8dtBvw1HL83dxEfPTM8WFLDUXVu7mO2fbQbhWXmtpsJ2Rn0AW35OfRZzKxzoo0QMAALB7lSIFp3jtd5vpeEQcaefgTxYLA773gfUnOMge8nGeiYgX4gBkdgAAANhnQ5HFTyPF8olqnMgz834PCAAAAHjsBiKLVyPFvyY3U614HiAizs5Pz9SvXK9/ceXWalftbCpn1A/69wOeJM8mAAAA8AFQjSxGiif+N9PJ/R4MAAAA0BfDkcVfI8XHnv9Wsa5cFOvSn5i8NDg+1r3C3LOP6CevPRcRz+zyO/mVcq3B2TSbUvb4rwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDDZShl8d9I8Z3r9U5jLUUWkdpvq/mf2fS54/szRAAAAAAAAADgUVIWP44UP6lspiwiNmrvDD01Wpu8OHGjdiSOFA8BpO76q3PXpuqXV5fvrDXW1xuL9fmV5s3VxcZuT1e90ly5tzE/PdOXi3mk4T6Pf7h6efXO/bXm7W/c7bn/aHXq6+t31xZu9t4dw1GPONLdcrYY8Pz0TDHopebCSnHobNrtiAEAACCikrL4T6R4sf4gbeXO1vP/A603nTT6i89E3l6obs+fxecGx4vPDVrbJyYvVcZf6t7uGVnPFoE6D7gzc13NA5Wdpfk5U8piKlK8O/FcMbIUR2NHZo5W3Uik+OFXz5R12WDUItrd1lo93mouNc7ntT+KFKdvtGujqK2WtU93asfy2qG832sP1w6Xtac7teN57Uyk+MdrvWuf6dReyGs3IsWDB/V27dG8dqSsHe3Unru5urTY61YCAAAAAAAAcHhVUha/ihR//EM9tefGB1rzzzvn/7/d+S7AW9s7eo85/73O/9e62t4q5/V/kI/im88Vc/nF/H+t9/z/VKT4y9UzZV1r7n2w3H+y+NuZ/78eKd5efbh2qKw91akd2/WNBQAAgA+QPP+fiRTf/9PvB9rZuMz/ZQLvnf8/OrCtoz7l/5Ndbfk51++/+cbC0lJjzYYNGza2Nvb+fyEAAHzY5fm/ESl+/re/b813l/n/WOtdJ///+7ud/D+xvaM+5f9TXW0T5VqElYGI6t3lO5XRiOr6/Tc/1VxeuN243VgZu/TK+MXx82MvVwbbc/udrT3fKgAAADiw8vw/Fyl+/c9fbq13t5v5/6PbO+pT/n+6qy0/Z2fSb8+XDgAAAIdGnv8vRYqvPP/brXXpH87/ndSe5//2+v+feKH12vnNgP7k/9NdbbXyvDs+ewAAAAAAAAAAAAAAAAAAAIADrpKyeClSvPjuQBop23az/t/i9o769P3/0a62xXgyv/+355sKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcSllk0YwUH392M302b/haxLHuVwAAAODA+18AAAD//0qnGWg=") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) r2 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r2, &(0x7f0000000200), 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x1}, 0x5) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f0000000100)=0x3) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0) ioctl$SNDCTL_SEQ_PANIC(r6, 0x5100) shmctl$SHM_LOCK(0x0, 0xb) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56", 0x2) pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0xfece) writev(r1, &(0x7f00000004c0)=[{&(0x7f0000000100)="1d", 0x1}], 0x1) openat(0xffffffffffffff9c, &(0x7f00000003c0)='./bus\x00', 0x101042, 0x2) sendfile(r0, 0xffffffffffffffff, 0x0, 0x100001) 12.107421585s ago: executing program 3 (id=7): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@setlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4280}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_to_bond\x00'}, @IFLA_MASTER={0x8, 0x3a}]}, 0x3c}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0xb8}, 0x1, 0x0, 0x0, 0x20}, 0x0) 11.301097207s ago: executing program 2 (id=3): r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0x639) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x2}) r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x200, 0x0, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]}) r3 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x1) r5 = syz_open_dev$radio(0x0, 0x1, 0x2) setxattr$incfs_metadata(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), &(0x7f0000000240)="f4dc8d08deb0d7125a7e3e1e26eeedad48f424146d12708dee3937850ceb7b3aa7a500315deab4f82a1f84cd1cd1dbd685cd3e4b8e652bb817f53208f0b07decf1a35db51b5bc0e150dde75ce3319ffd88cacb2d24c8fc9bfbddceb122aa7d", 0x5f, 0x0) getpgrp(0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200)) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4) r6 = openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sys/net/ipv4/tcp_recovery\x00', 0x1, 0x0) r8 = inotify_init1(0x0) dup(r8) pselect6(0x40, &(0x7f0000000100)={0x0, 0x200000008, 0x0, 0x4cb, 0x8, 0x0, 0x1}, 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x9, 0x0, 0x0, 0x10, 0x4}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) r9 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x60009c0e, 0x10100}, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r9, 0x2df0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r5, 0xc0205648, 0x0) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000040)='\a', 0xfc19}, {0x0, 0x2}], 0x2) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, 0x0) fcntl$getflags(r3, 0x3) syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x120}, @l2cap_cid_signaling={{0x11c}, [@l2cap_info_rsp={{0xb, 0x4, 0x92}, {0x40, 0x2, "77deae1a26dbe1575ce655f1ad40a031d595f3573aa8673cffbf72ed68404dc022de7dcc9c57df292f83f2ea8b6c6f9f6e560f51833c60e66c90ec7bca738f6affa398a0f2cb7e2859ae56fd3f62b116621f7965f829723535a9cf49d27343a2acb4ed6596cb136370224dad7d2fd835f2503e024cb5c67395522cb9b0f85612d519111a0b6c11e36a0b373d1bff"}}, @l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x4, 0x1, 0xe666, 0x8}}, @l2cap_conn_req={{0x2, 0x4, 0x4}, {0x7, 0x200}}, @l2cap_cmd_rej_unk={{0x1, 0x1, 0x2}, {0x5}}, @l2cap_conf_rsp={{0x5, 0x6, 0x16}, {0x3ff, 0x9, 0xfffe, [@l2cap_conf_flushto={0x2, 0x2, 0xc7c}, @l2cap_conf_ews={0x7, 0x2, 0x2}, @l2cap_conf_ews={0x7, 0x2}, @l2cap_conf_ews={0x7, 0x2, 0x7}]}}, @l2cap_disconn_req={{0x6, 0xf3, 0x4}, {0x401, 0x7fff}}, @l2cap_create_chan_rsp={{0xd, 0x7d, 0x8}, {0xa, 0x8001, 0x0, 0xb}}, @l2cap_info_rsp={{0xb, 0x7, 0x3a}, {0xa, 0x0, "2ff289c00acb8bcf176161831a92a0831978a3da64c92bf8c5b4c341dca432236b2a2aaa7c75d53a40f9aec78b22b9454a88fbbee4b2"}}]}}, 0x125) close_range(r7, r6, 0x2) 11.154170496s ago: executing program 0 (id=8): syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="696f636861727365743d63703835302c706172743d3078303030303030303030303030303030332c636f6465706167653d69736f383835392d332c6469725f756d61736b3d30303030303030303030303030303030303030303030352c706172743d3078303030303030303030303030303038322c00724acebf9930ce7d6654ef852160bc6dcb17f5e27c7d187e041f030061162b687a6ebac3f35b1c179e467710c0c8"], 0x1, 0x2fe, &(0x7f0000000240)="$eJzs3U1vE0ccx/HfrO3EaaJ0m6Sq1EurtJHaS9S0PVS9uKp87b2nqm3sSBFWEEmQgAsm4oh4Adx5C7wILiDeAHDhxAvIbdHMzq7X9nidCDubhO9HsjWenYf/sE8zK5EVgE/Wn+3XT395Zz9Gqqkm6XcpktSU6pK+1FfN2wfH+8e9bqesoZqrYT9GaU0zVmb3oBuqauu5Gl5sf9W1UszDfCRJ8sebqoNA5dzZHxBJi/48dNubFxzXrIwOri99U1EolSn+G5hTneqOVisMBwBwCfj7f+RvEysuyyiKpC1/27/S9/9Rp1UHMFu/9sayktIKhfu/m90lxu7fz92mwXrPLeHs9ihbJZ4lmMbI7wWlR9bQHMyEV5Vvk5SPJVra269re/eBOpFO1PIKFTbcdyc9dDNTot0MrE1LTG6tob8+S0djZ5RLo5uzkPb2e91FmwjEv36+Hj+eeW5emn9MrCfq5PO/emLsbnJ7Kh7ZU1HDxv/T5BaXXS1bSn7Z32q1oqEiX7hOvvY9eFNG2QyvSIptZg8I+nkEgThPsoTre03DjxXS0e2EOjCDxtdDteL813hd19fGUK2aPxK2d2/2Sh+lzEc2RPPY/G029V7P1C7M/yMb35YKZ2bZpd64kv7ISMezEC5ZdyXjsTtHP099m0fgLZ57bJDO+bTskf7Xb1o9unvvRq3X6x7axH+BxK2VQ+NzGg+lYJn5J2oqKaP+IMfdPO4nyVlbTuYZ/I8zbdBeP/Ice/qECtuzLM+JLno3Xb9EXaFN7RcqOyDnmsimLjNp0E60JmyayzUKl8yRyXa6zxibxOKas/Muk67/3Ezez+rcdcZ+xSXz9PJFpoZa3MlXcMNTwbXQ3GXK2mB58gqu0OPPE9aMbs313Q/S94VMo9IeYxfntWHaeqV/ef4PAAAAAAAAAAAAAAAAAABw1VzE/1ioeowAAAAAAAAAAAAAAAAAAAAAAFx1Z3//79LgTU2hvxHv3v8bT33/79ALgP2Lonj/L1CNDwEAAP//FJB9Ww==") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) sendfile(r0, r0, 0x0, 0x800000009) 10.8902514s ago: executing program 3 (id=9): bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYRES32, @ANYRESOCT, @ANYBLOB], 0x48) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x604440, 0x0) close(r0) r1 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000), &(0x7f0000000280)) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ptrace(0x10, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0, 0x5, 0x3, 0x700}]}, 0x1, 0x1}, 0x1) socket$nl_generic(0x10, 0x3, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 6.020808049s ago: executing program 1 (id=10): syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x810084, &(0x7f0000000900)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRES16, @ANYRESDEC, @ANYRESOCT=0x0, @ANYRES64, @ANYRES64=0x0], 0x1, 0x686, &(0x7f00000001c0)="$eJzs3U9sHFcdB/DvrDd2NpTUbZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJwT1SuXCBW4/4WAnBpSdzYdHMztobe9d/Qux1yucTjd9782be+81vZ3b2j6IN8H/ryrk076fIlXOvLJft1ZWZ9urKzK1ePclEkkbSrIqiLDqdD5PL6S55PklRD1cMm+fewuxrH32y+nG31ayXavvGdvvtzt16yZkkY3W5ya2HHe/q4PE2HN1puGL9CMuEne0lDkbtSHU5l/55r7vmB395Yr2nT2vQ3jue+cBjoOjeN7eYTI7VF3r5OqB7V+zesx9rd0cdAAAAAByAJ9eyluUcH3UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DgpvtIaK4t6afTqZ1L0fv9/vF6Xun64nN7b5vf3Kw4AAAAAAAAAOECn17KW5RzvtTtF9Z3/i1XjRPX3M3k7dzKfxZzPcuaylKUsZjrJZN9A48tzS0uL0/17Tgze8+LAPS/uEOhEXbYe0YEDAAAAAAAAwKfLT3Nl4/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DIpkrFtUy4lefTKNZpKJ3nZ3k78lGR9ttP+7+6MOAAAAAA7Ak2tZy3KO99qdonrP/2z1vv9o3s7tLGUhS2lnPteqzwK67/obqysz7dWVmVvlsnXcb/5rT2FUI6b72cPgmU9VW7RyPQvVmvO5mjfTzrU0qj1Lp3rxDI7rJ2VMxTdqu4zsWl2WR/5+XW7x3p4Odpg9fpgyWWXkyHpGpurYymw8tX0m9vjobJ5pOo31YE9smqleX9ztVE4/TM6P1WV5PL8clvODcry/sTkTF/vOvme3z3nyhT/9/ns32rdv3rh+59xID+khjNVlp/rb2pqJmb5MPNfNwPdf/zRmYoupKhMn19tX8p28nnM5k1ezmIX8MHNZynzO5NtVba4+n4u+z1OHnDOXH2i9ulMk4/UZ2n2w9hbTi9W+x7OQ7+bNXMt8Xqr+Xcx0vppLuZTZvkf45C6eaRtDrvrOZwcGf/aLdaWV5Fd1OSqdif5Wmden+vLa/5w7WfX1r9nI0tOP/n7U/FxdKef4WV0eDpszMd2XiWe2z8Rvq6eVO+3bNxdvzL21u+mefr+ulNfRL0Z9l3hAeb48XT5YVevBs6Pse6bb19ycr/H6G5fufo0tfSd7fX//za9frrYZdqWO16/hml+f3XLHKvueGzjLTNV3qq9v0OstAA69Y186Nt76R+uvrQ9aP2/daL1y9FsTX5t4YTxH/nzk5ebU2OcbLxR/yAf58YNvcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIdz5513b8612/OLmyrNdN4b0rUvlf8M6SqSPMK5ej9nNnSbI3seudhhm+efSA4mh1sr40kOfNKBlX93Op16TXEY4tm+Uv2E4UQ6+z5XM8mgrtOjT8KIn5iAfXdh6dZbF+688+6XF27NvTH/xvzt2UuXZqdmL700c+H6Qnt+qvt31FEC+2Hjpj/qSAAAAAAAAAAAAIDdOoj/TjB89qMHeagAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAY+rKuTTvp8j01Pk/lu3VlZl2ufTqG1s2kzSSFD9Kig+Ty+kumewbrhg2z72F2dc++mT1442xmr3tG9vttzt36yVnkozV5aMa7+puxvvddp3F+hGWCTvbSxyM2n8DAAD//xcoC0M=") rename(&(0x7f0000000080)='./file2\x00', &(0x7f0000000000)='./file1\x00') 5.973952399s ago: executing program 0 (id=11): bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kfree\x00', r0}, 0x18) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$rfkill(r1, 0x0, 0x0) 5.722754102s ago: executing program 2 (id=12): sched_setscheduler(0x0, 0x2, 0x0) syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x7, 0x2}, {0xd}}}}, 0xf) 5.584424614s ago: executing program 3 (id=13): syz_open_dev$hidraw(&(0x7f0000000080), 0x6, 0x40000) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a0100001905"], 0x0) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) 5.188247985s ago: executing program 4 (id=5): socket$nl_route(0x10, 0x3, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000018dfde1035121000822953050a01090212000100"], 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x11, 0x0, 0x0, 0x2) r0 = socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.swap.events\x00', 0x275a, 0x0) fcntl$lock(r3, 0x6, &(0x7f0000000040)={0x0, 0x0, 0xf6, 0x1ff}) fcntl$lock(r3, 0x25, &(0x7f0000000280)={0x0, 0x0, 0x8}) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bond0\x00'}) fcntl$lock(r3, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x4}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0) r5 = socket(0x10, 0x3, 0x0) ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000200)={r3, 0x1, 0x1000, 0xfffff000}) write(r5, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) 5.137143864s ago: executing program 0 (id=14): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_emit_ethernet(0x39e, 0x0, 0x0) ptrace(0x10, r0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, r0) 4.642042901s ago: executing program 1 (id=15): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000009c0)={0x2, 0x400000000000003, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6}, @sadb_lifetime={0x4, 0x4}, @sadb_sa={0x2, 0x1, 0x40}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}]}, 0xb0}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x1, {{@in6=@dev={0xfe, 0x80, '\x00', 0x3b}, @in6=@local, 0x0, 0x0, 0x0, 0x8, 0xa, 0x60, 0x30, 0x58, 0x0, 0xee01}, {0x0, 0x7f, 0x7, 0x3, 0x0, 0xfffffffffffffffd, 0x5, 0xffffffffffffffff}, {0xffffffff, 0x0, 0x0, 0x10001}, 0x0, 0x0, 0x1, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x1158e3b975e78980}, 0x0) 4.52766476s ago: executing program 2 (id=16): ioprio_set$pid(0x1, 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a) r1 = creat(&(0x7f0000000580)='./bus\x00', 0x0) io_setup(0x1, &(0x7f0000000040)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x1a00001a}]) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0) 3.271393882s ago: executing program 0 (id=17): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@private2, 0xfffffffd, 0x1, 0x3, 0x6, 0x0, 0x2}, 0x20) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r2, 0x8b32, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) r3 = socket$kcm(0x21, 0x2, 0x2) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r4, &(0x7f0000000000)="0a000000010001", 0x7) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000340)=0x80000) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r6, 0x400448ca, 0x0) 2.593083829s ago: executing program 3 (id=18): bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000c00)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_RW(0xffffffffffffffff, 0x3ba0, &(0x7f0000000d00)={0x48, 0x8, r0, 0x0, 0x80000000, 0x6b, &(0x7f0000000c80)="4e45469e1c82b309defca9ab25fd14e49affc09e5b403b8c588156b9ecb28886b7b36df6ab12ad6dbd1b95021870594ea806857f147987b73d8f8183e050a6e0c4cf9df5c3a91970904d9b61db8433a575eac61e5bebd38931814e9caff9a49f3a1d9ca4e4de27bb679146", 0x1}) r1 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff) r2 = add_key$user(&(0x7f0000000100), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r1) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xf, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246) r5 = add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000bc0)="0477960a4a7cdcc82d22c608976fa6f22b7490ecdbaaf42479d77d9e627191a829d060f883de6e51d53849ee5f3bf9", 0x2f, 0xfffffffffffffffe) syz_emit_vhci(&(0x7f00000018c0)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x0, 0xc8, @none, 0x1, 0x93}}}, 0xe) keyctl$dh_compute(0x17, &(0x7f00000001c0)={r5, r2, r5}, &(0x7f0000000580)=""/259, 0x54, &(0x7f00000002c0)={&(0x7f00000003c0)={'sha256-generic\x00'}}) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x44}}, 0x0) ioctl$PPPIOCSFLAGS1(r4, 0x40047459, &(0x7f0000000d80)=0x2810b0) 2.528372255s ago: executing program 1 (id=19): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x100}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x81}, 0x4000000) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x6}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 1.809970704s ago: executing program 0 (id=20): syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="040e06006220"], 0x9) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) 1.36074315s ago: executing program 4 (id=21): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, 0x0, 0x0) 1.335515665s ago: executing program 1 (id=22): syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000180)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_procfs(0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000005c0)='./file3\x00', 0x80800, 0x1ad) 1.045837804s ago: executing program 2 (id=23): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @local}, {0x0, 0x17c1, 0x8}}}}}, 0x0) close(r1) socket(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) timer_create(0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x2a) 1.013726835s ago: executing program 3 (id=24): bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kfree\x00', r0}, 0x18) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$rfkill(r1, 0x0, 0x0) 963.659271ms ago: executing program 0 (id=25): syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x810084, &(0x7f0000000900)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRES16, @ANYRESDEC, @ANYRESOCT=0x0, @ANYRES64, @ANYRES64=0x0], 0x1, 0x686, &(0x7f00000001c0)="$eJzs3U9sHFcdB/DvrDd2NpTUbZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJwT1SuXCBW4/4WAnBpSdzYdHMztobe9d/Qux1yucTjd9782be+81vZ3b2j6IN8H/ryrk076fIlXOvLJft1ZWZ9urKzK1ePclEkkbSrIqiLDqdD5PL6S55PklRD1cMm+fewuxrH32y+nG31ayXavvGdvvtzt16yZkkY3W5ya2HHe/q4PE2HN1puGL9CMuEne0lDkbtSHU5l/55r7vmB395Yr2nT2vQ3jue+cBjoOjeN7eYTI7VF3r5OqB7V+zesx9rd0cdAAAAAByAJ9eyluUcH3UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DgpvtIaK4t6afTqZ1L0fv9/vF6Xun64nN7b5vf3Kw4AAAAAAAAAOECn17KW5RzvtTtF9Z3/i1XjRPX3M3k7dzKfxZzPcuaylKUsZjrJZN9A48tzS0uL0/17Tgze8+LAPS/uEOhEXbYe0YEDAAAAAAAAwKfLT3Nl4/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DIpkrFtUy4lefTKNZpKJ3nZ3k78lGR9ttP+7+6MOAAAAAA7Ak2tZy3KO99qdonrP/2z1vv9o3s7tLGUhS2lnPteqzwK67/obqysz7dWVmVvlsnXcb/5rT2FUI6b72cPgmU9VW7RyPQvVmvO5mjfTzrU0qj1Lp3rxDI7rJ2VMxTdqu4zsWl2WR/5+XW7x3p4Odpg9fpgyWWXkyHpGpurYymw8tX0m9vjobJ5pOo31YE9smqleX9ztVE4/TM6P1WV5PL8clvODcry/sTkTF/vOvme3z3nyhT/9/ns32rdv3rh+59xID+khjNVlp/rb2pqJmb5MPNfNwPdf/zRmYoupKhMn19tX8p28nnM5k1ezmIX8MHNZynzO5NtVba4+n4u+z1OHnDOXH2i9ulMk4/UZ2n2w9hbTi9W+x7OQ7+bNXMt8Xqr+Xcx0vppLuZTZvkf45C6eaRtDrvrOZwcGf/aLdaWV5Fd1OSqdif5Wmden+vLa/5w7WfX1r9nI0tOP/n7U/FxdKef4WV0eDpszMd2XiWe2z8Rvq6eVO+3bNxdvzL21u+mefr+ulNfRL0Z9l3hAeb48XT5YVevBs6Pse6bb19ycr/H6G5fufo0tfSd7fX//za9frrYZdqWO16/hml+f3XLHKvueGzjLTNV3qq9v0OstAA69Y186Nt76R+uvrQ9aP2/daL1y9FsTX5t4YTxH/nzk5ebU2OcbLxR/yAf58YNvcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIdz5513b8612/OLmyrNdN4b0rUvlf8M6SqSPMK5ej9nNnSbI3seudhhm+efSA4mh1sr40kOfNKBlX93Op16TXEY4tm+Uv2E4UQ6+z5XM8mgrtOjT8KIn5iAfXdh6dZbF+688+6XF27NvTH/xvzt2UuXZqdmL700c+H6Qnt+qvt31FEC+2Hjpj/qSAAAAAAAAAAAAIDdOoj/TjB89qMHeagAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAY+rKuTTvp8j01Pk/lu3VlZl2ufTqG1s2kzSSFD9Kig+Ty+kumewbrhg2z72F2dc++mT1442xmr3tG9vttzt36yVnkozV5aMa7+puxvvddp3F+hGWCTvbSxyM2n8DAAD//xcoC0M=") rename(&(0x7f0000000080)='./file2\x00', &(0x7f0000000000)='./file1\x00') 239.547943ms ago: executing program 4 (id=26): r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0x639) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x2}) r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x200, 0x0, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]}) r3 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x1) r5 = syz_open_dev$radio(0x0, 0x1, 0x2) setxattr$incfs_metadata(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), &(0x7f0000000240)="f4dc8d08deb0d7125a7e3e1e26eeedad48f424146d12708dee3937850ceb7b3aa7a500315deab4f82a1f84cd1cd1dbd685cd3e4b8e652bb817f53208f0b07decf1a35db51b5bc0e150dde75ce3319ffd88cacb2d24c8fc9bfbddceb122aa7d", 0x5f, 0x0) getpgrp(0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200)) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4) r6 = openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sys/net/ipv4/tcp_recovery\x00', 0x1, 0x0) r8 = inotify_init1(0x0) dup(r8) pselect6(0x40, &(0x7f0000000100)={0x0, 0x200000008, 0x0, 0x4cb, 0x8, 0x0, 0x1}, 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x9, 0x0, 0x0, 0x10, 0x4}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) r9 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x60009c0e, 0x10100}, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r9, 0x2df0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r5, 0xc0205648, 0x0) writev(r4, &(0x7f0000000780)=[{&(0x7f0000000040)='\a', 0xfc19}, {0x0, 0x2}], 0x2) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, 0x0) fcntl$getflags(r3, 0x3) syz_emit_vhci(&(0x7f0000000240)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x120}, @l2cap_cid_signaling={{0x11c}, [@l2cap_info_rsp={{0xb, 0x4, 0x92}, {0x40, 0x2, "77deae1a26dbe1575ce655f1ad40a031d595f3573aa8673cffbf72ed68404dc022de7dcc9c57df292f83f2ea8b6c6f9f6e560f51833c60e66c90ec7bca738f6affa398a0f2cb7e2859ae56fd3f62b116621f7965f829723535a9cf49d27343a2acb4ed6596cb136370224dad7d2fd835f2503e024cb5c67395522cb9b0f85612d519111a0b6c11e36a0b373d1bff"}}, @l2cap_create_chan_rsp={{0xd, 0x7f, 0x8}, {0x4, 0x1, 0xe666, 0x8}}, @l2cap_conn_req={{0x2, 0x4, 0x4}, {0x7, 0x200}}, @l2cap_cmd_rej_unk={{0x1, 0x1, 0x2}, {0x5}}, @l2cap_conf_rsp={{0x5, 0x6, 0x16}, {0x3ff, 0x9, 0xfffe, [@l2cap_conf_flushto={0x2, 0x2, 0xc7c}, @l2cap_conf_ews={0x7, 0x2, 0x2}, @l2cap_conf_ews={0x7, 0x2}, @l2cap_conf_ews={0x7, 0x2, 0x7}]}}, @l2cap_disconn_req={{0x6, 0xf3, 0x4}, {0x401, 0x7fff}}, @l2cap_create_chan_rsp={{0xd, 0x7d, 0x8}, {0xa, 0x8001, 0x0, 0xb}}, @l2cap_info_rsp={{0xb, 0x7, 0x3a}, {0xa, 0x0, "2ff289c00acb8bcf176161831a92a0831978a3da64c92bf8c5b4c341dca432236b2a2aaa7c75d53a40f9aec78b22b9454a88fbbee4b2"}}]}}, 0x125) close_range(r7, r6, 0x2) 0s ago: executing program 3 (id=27): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x1) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCFLSH(r0, 0x89f1, 0x20001119) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.92' (ED25519) to the list of known hosts. [ 208.000816][ T5774] cgroup: Unknown subsys name 'net' [ 208.193782][ T5774] cgroup: Unknown subsys name 'cpuset' [ 208.218406][ T5774] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 229.715724][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 229.722652][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.000929][ T5774] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 269.536816][ T5799] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 269.545984][ T5799] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 269.555255][ T5799] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 269.563931][ T5799] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 269.575431][ T5805] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 269.612144][ T5805] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 269.612793][ T5799] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 269.631017][ T5805] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 269.642529][ T5805] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 269.651846][ T5805] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 269.662320][ T5805] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 269.672129][ T5805] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 269.685616][ T5809] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 269.693805][ T5806] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 269.704809][ T5809] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 269.708794][ T5806] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 269.721721][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 269.734792][ T5809] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 269.740725][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 269.748203][ T5809] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 269.762133][ T5809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 269.762905][ T5806] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 269.774316][ T5809] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 269.815713][ T5809] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 269.834192][ T49] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 271.389718][ T5802] chnl_net:caif_netlink_parms(): no params data found [ 271.774022][ T5801] Bluetooth: hci0: command tx timeout [ 271.858844][ T5796] chnl_net:caif_netlink_parms(): no params data found [ 271.888405][ T5801] Bluetooth: hci3: command tx timeout [ 271.894377][ T5801] Bluetooth: hci4: command tx timeout [ 271.894648][ T49] Bluetooth: hci1: command tx timeout [ 271.942941][ T49] Bluetooth: hci2: command tx timeout [ 271.950834][ T5811] chnl_net:caif_netlink_parms(): no params data found [ 272.314522][ T5797] chnl_net:caif_netlink_parms(): no params data found [ 272.602797][ T5800] chnl_net:caif_netlink_parms(): no params data found [ 273.090377][ T5802] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.100670][ T5802] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.108629][ T5802] bridge_slave_0: entered allmulticast mode [ 273.118912][ T5802] bridge_slave_0: entered promiscuous mode [ 273.197699][ T5802] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.205513][ T5802] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.213513][ T5802] bridge_slave_1: entered allmulticast mode [ 273.223607][ T5802] bridge_slave_1: entered promiscuous mode [ 273.619047][ T5796] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.630349][ T5796] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.638444][ T5796] bridge_slave_0: entered allmulticast mode [ 273.648132][ T5796] bridge_slave_0: entered promiscuous mode [ 273.769249][ T5802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 273.779272][ T5797] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.787306][ T5797] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.795194][ T5797] bridge_slave_0: entered allmulticast mode [ 273.805437][ T5797] bridge_slave_0: entered promiscuous mode [ 273.822255][ T5796] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.829969][ T5796] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.840932][ T5796] bridge_slave_1: entered allmulticast mode [ 273.851257][ T5796] bridge_slave_1: entered promiscuous mode [ 273.863137][ T49] Bluetooth: hci0: command tx timeout [ 273.974465][ T49] Bluetooth: hci1: command tx timeout [ 273.975184][ T5809] Bluetooth: hci4: command tx timeout [ 273.980077][ T49] Bluetooth: hci3: command tx timeout [ 274.001343][ T5797] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.011100][ T5797] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.019423][ T5797] bridge_slave_1: entered allmulticast mode [ 274.021770][ T49] Bluetooth: hci2: command tx timeout [ 274.029362][ T5797] bridge_slave_1: entered promiscuous mode [ 274.052669][ T5802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 274.189132][ T5811] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.197098][ T5811] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.205143][ T5811] bridge_slave_0: entered allmulticast mode [ 274.215167][ T5811] bridge_slave_0: entered promiscuous mode [ 274.394463][ T5811] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.402294][ T5811] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.410115][ T5811] bridge_slave_1: entered allmulticast mode [ 274.420944][ T5811] bridge_slave_1: entered promiscuous mode [ 274.445040][ T5797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 274.508245][ T5796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 274.518737][ T5800] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.526664][ T5800] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.534679][ T5800] bridge_slave_0: entered allmulticast mode [ 274.544091][ T5800] bridge_slave_0: entered promiscuous mode [ 274.610895][ T5797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 274.673488][ T5802] team0: Port device team_slave_0 added [ 274.694109][ T5796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 274.704551][ T5800] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.712831][ T5800] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.720649][ T5800] bridge_slave_1: entered allmulticast mode [ 274.729754][ T5800] bridge_slave_1: entered promiscuous mode [ 274.792348][ T5811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 274.811199][ T5802] team0: Port device team_slave_1 added [ 274.947940][ T5811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 274.966754][ T5797] team0: Port device team_slave_0 added [ 275.122963][ T5797] team0: Port device team_slave_1 added [ 275.143813][ T5800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 275.239570][ T5796] team0: Port device team_slave_0 added [ 275.250202][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 275.257690][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.284384][ T5802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 275.308134][ T5800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 275.470303][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 275.477707][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.504325][ T5802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 275.524524][ T5796] team0: Port device team_slave_1 added [ 275.625268][ T5811] team0: Port device team_slave_0 added [ 275.663656][ T5811] team0: Port device team_slave_1 added [ 275.718177][ T5800] team0: Port device team_slave_0 added [ 275.729498][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 275.737014][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.763457][ T5797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 275.921258][ T5800] team0: Port device team_slave_1 added [ 275.931783][ T49] Bluetooth: hci0: command tx timeout [ 275.932238][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 275.946150][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 275.974132][ T5797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.013126][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.020354][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.031875][ T49] Bluetooth: hci3: command tx timeout [ 276.046765][ T5811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.052333][ T5809] Bluetooth: hci4: command tx timeout [ 276.068877][ T5809] Bluetooth: hci1: command tx timeout [ 276.094229][ T49] Bluetooth: hci2: command tx timeout [ 276.112412][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.119539][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.147051][ T5796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.210905][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 276.218544][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.245175][ T5811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.307573][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 276.315016][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.342044][ T5796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 276.476061][ T5802] hsr_slave_0: entered promiscuous mode [ 276.485404][ T5802] hsr_slave_1: entered promiscuous mode [ 276.522521][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.529862][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.556446][ T5800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 276.627109][ T5797] hsr_slave_0: entered promiscuous mode [ 276.638172][ T5797] hsr_slave_1: entered promiscuous mode [ 276.647802][ T5797] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 276.655907][ T5797] Cannot create hsr debugfs directory [ 276.727132][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 276.734780][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.761900][ T5800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 277.210574][ T5800] hsr_slave_0: entered promiscuous mode [ 277.224568][ T5800] hsr_slave_1: entered promiscuous mode [ 277.234290][ T5800] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 277.242745][ T5800] Cannot create hsr debugfs directory [ 277.284884][ T5796] hsr_slave_0: entered promiscuous mode [ 277.295908][ T5796] hsr_slave_1: entered promiscuous mode [ 277.304601][ T5796] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 277.312688][ T5796] Cannot create hsr debugfs directory [ 277.336146][ T5811] hsr_slave_0: entered promiscuous mode [ 277.347005][ T5811] hsr_slave_1: entered promiscuous mode [ 277.356566][ T5811] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 277.364729][ T5811] Cannot create hsr debugfs directory [ 278.011908][ T5801] Bluetooth: hci0: command tx timeout [ 278.100095][ T5801] Bluetooth: hci3: command tx timeout [ 278.106199][ T49] Bluetooth: hci1: command tx timeout [ 278.107787][ T5801] Bluetooth: hci4: command tx timeout [ 278.174339][ T5801] Bluetooth: hci2: command tx timeout [ 278.796182][ T5802] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 278.943105][ T5802] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 278.968814][ T5802] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 279.010580][ T5802] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 279.332127][ T5797] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 279.370601][ T5797] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 279.434430][ T5797] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 279.499861][ T5797] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 279.648830][ T5800] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 279.738791][ T5800] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 279.785564][ T5800] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 279.895932][ T5800] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 280.009592][ T5811] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 280.117163][ T5811] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 280.267067][ T5811] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 280.298717][ T5796] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 280.328027][ T5796] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 280.378982][ T5796] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 280.406039][ T5811] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 280.497528][ T5796] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 280.731410][ T5802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 281.006518][ T5802] 8021q: adding VLAN 0 to HW filter on device team0 [ 281.176943][ T4100] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.184753][ T4100] bridge0: port 1(bridge_slave_0) entered forwarding state [ 281.209913][ T5797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 281.312345][ T4143] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.320194][ T4143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 281.524209][ T5797] 8021q: adding VLAN 0 to HW filter on device team0 [ 281.704926][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.712741][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 281.786490][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.794276][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 281.864146][ T5800] 8021q: adding VLAN 0 to HW filter on device bond0 [ 282.090790][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 282.159891][ T5800] 8021q: adding VLAN 0 to HW filter on device team0 [ 282.329621][ T3539] bridge0: port 1(bridge_slave_0) entered blocking state [ 282.337411][ T3539] bridge0: port 1(bridge_slave_0) entered forwarding state [ 282.442707][ T3539] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.450394][ T3539] bridge0: port 2(bridge_slave_1) entered forwarding state [ 282.490447][ T5796] 8021q: adding VLAN 0 to HW filter on device bond0 [ 282.529282][ T5811] 8021q: adding VLAN 0 to HW filter on device team0 [ 282.670414][ T3539] bridge0: port 1(bridge_slave_0) entered blocking state [ 282.678197][ T3539] bridge0: port 1(bridge_slave_0) entered forwarding state [ 282.806708][ T3539] bridge0: port 2(bridge_slave_1) entered blocking state [ 282.814472][ T3539] bridge0: port 2(bridge_slave_1) entered forwarding state [ 282.869960][ T5796] 8021q: adding VLAN 0 to HW filter on device team0 [ 283.087146][ T3539] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.095018][ T3539] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.122731][ T3539] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.130399][ T3539] bridge0: port 2(bridge_slave_1) entered forwarding state [ 283.351117][ T5811] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 284.704605][ T5802] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 284.938408][ T5797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 285.406691][ T5802] veth0_vlan: entered promiscuous mode [ 285.544930][ T5797] veth0_vlan: entered promiscuous mode [ 285.614752][ T5802] veth1_vlan: entered promiscuous mode [ 285.749313][ T5800] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 285.802807][ T5797] veth1_vlan: entered promiscuous mode [ 285.888352][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 286.008381][ T5796] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 286.160739][ T5802] veth0_macvtap: entered promiscuous mode [ 286.323926][ T5802] veth1_macvtap: entered promiscuous mode [ 286.459753][ T5797] veth0_macvtap: entered promiscuous mode [ 286.491334][ T5800] veth0_vlan: entered promiscuous mode [ 286.596968][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 286.637577][ T5797] veth1_macvtap: entered promiscuous mode [ 286.677468][ T5800] veth1_vlan: entered promiscuous mode [ 286.762015][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 286.778675][ T5811] veth0_vlan: entered promiscuous mode [ 286.919575][ T5802] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.929000][ T5802] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.940540][ T5802] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 286.949818][ T5802] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.029064][ T5811] veth1_vlan: entered promiscuous mode [ 287.117351][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 287.173068][ T5800] veth0_macvtap: entered promiscuous mode [ 287.208675][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 287.306591][ T5800] veth1_macvtap: entered promiscuous mode [ 287.346501][ T5797] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.356615][ T5797] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.366021][ T5797] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.376195][ T5797] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.604441][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 287.630876][ T5811] veth0_macvtap: entered promiscuous mode [ 287.732393][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 287.788645][ T5811] veth1_macvtap: entered promiscuous mode [ 287.889639][ T5800] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.900985][ T5800] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.911123][ T5800] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.920319][ T5800] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.104547][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 288.214702][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 288.360675][ T5811] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.370195][ T5811] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.382404][ T5811] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 288.392930][ T5811] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.480407][ T5796] veth0_vlan: entered promiscuous mode [ 289.643985][ T5796] veth1_vlan: entered promiscuous mode [ 290.083977][ T5796] veth0_macvtap: entered promiscuous mode [ 290.182169][ T5796] veth1_macvtap: entered promiscuous mode [ 290.394548][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 290.468753][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 290.630598][ T5796] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.641722][ T5796] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.650829][ T5796] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.661788][ T5796] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.170219][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.179421][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 295.402236][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.410254][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.689665][ T1786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.698881][ T1786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.872940][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.881061][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.045028][ T1786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.055089][ T1786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.190967][ T5802] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 296.452474][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.462628][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.789238][ T4100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.797837][ T4100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 297.305711][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 297.314680][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 297.447712][ T5981] Bluetooth: MGMT ver 1.23 [ 297.808552][ T4100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 297.816928][ T4100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.411308][ T5987] loop1: detected capacity change from 0 to 512 [ 298.496961][ T5990] veth0_to_bond: entered allmulticast mode [ 298.559281][ T5987] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 298.567395][ T5987] UDF-fs: Scanning with blocksize 512 failed [ 298.673247][ T5987] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 298.681111][ T5987] UDF-fs: Scanning with blocksize 1024 failed [ 298.820434][ T5987] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 298.837727][ T5987] UDF-fs: Scanning with blocksize 2048 failed [ 298.884564][ T5987] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 298.983892][ T5987] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 299.533852][ T5801] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 299.542106][ T5801] Bluetooth: hci0: command 0x1407 tx timeout [ 299.794909][ T5996] loop0: detected capacity change from 0 to 64 [ 300.499051][ T30] audit: type=1800 audit(1750670661.636:2): pid=5996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.8" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 300.633599][ T49] Bluetooth: Unknown BR/EDR signaling command 0x0d [ 300.640585][ T49] Bluetooth: Wrong link type (-22) [ 300.646854][ T49] Bluetooth: Unknown BR/EDR signaling command 0x0d [ 300.654088][ T49] Bluetooth: Wrong link type (-22) [ 300.933291][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 300.941621][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 301.377461][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.379186][ T0] NOHZ tick-stop error: local softirq work is pending, handler #108!!! [ 301.477251][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.478735][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.579683][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.580904][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.622614][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.631147][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.682160][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 301.683478][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 301.690668][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 303.974610][ T1786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 303.983739][ T1786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 304.748741][ T6007] loop1: detected capacity change from 0 to 1024 [ 305.010291][ T49] Bluetooth: Wrong link type (-71) [ 305.578980][ T42] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 305.732513][ T5849] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 305.762437][ T42] usb 4-1: Using ep0 maxpacket: 8 [ 305.821933][ T30] audit: type=1326 audit(1750670666.976:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6015 comm="syz.0.14" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f66539 code=0x0 [ 305.823933][ T42] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 305.855581][ T42] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 305.865214][ T42] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x76, changing to 0x6 [ 305.877190][ T42] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 100, changing to 10 [ 305.895310][ T42] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24936, setting to 1024 [ 305.906995][ T42] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 305.916788][ T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.986396][ T5849] usb 5-1: Using ep0 maxpacket: 16 [ 306.031815][ T5849] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 306.042760][ T5849] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 306.170370][ T5849] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82 [ 306.180536][ T5849] usb 5-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10 [ 306.194307][ T5849] usb 5-1: Product: syz [ 306.198782][ T5849] usb 5-1: Manufacturer: syz [ 306.205476][ T5849] usb 5-1: SerialNumber: syz [ 306.300164][ T42] hub 4-1:1.0: bad descriptor, ignoring hub [ 306.306917][ T42] hub 4-1:1.0: probe with driver hub failed with error -5 [ 306.316429][ T42] cdc_wdm 4-1:1.0: skipping garbage [ 306.322224][ T42] cdc_wdm 4-1:1.0: skipping garbage [ 306.327877][ T42] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22 [ 306.426110][ T5849] usb 5-1: config 0 descriptor?? [ 306.553557][ T42] usb 4-1: USB disconnect, device number 2 [ 306.920981][ T6016] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5'. [ 306.930581][ T6016] bridge_slave_1: left allmulticast mode [ 306.936817][ T6016] bridge_slave_1: left promiscuous mode [ 306.944662][ T6016] bridge0: port 2(bridge_slave_1) entered disabled state [ 306.982290][ T6016] bridge_slave_0: left allmulticast mode [ 306.988465][ T6016] bridge_slave_0: left promiscuous mode [ 306.995715][ T6016] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.062926][ T6029] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15'. [ 307.624428][ T6024] loop2: detected capacity change from 0 to 8192 [ 307.832116][ T1539] usb 5-1: USB disconnect, device number 2 [ 308.574219][ T49] Bluetooth: hci2: unexpected Set CIG Parameters response data [ 309.935123][ T6050] loop0: detected capacity change from 0 to 1024 [ 310.046499][ T6043] loop1: detected capacity change from 0 to 4096 [ 310.158559][ T6043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.173954][ T6050] ===================================================== [ 310.186596][ T6050] BUG: KMSAN: uninit-value in hfsplus_lookup+0x674/0xf70 [ 310.195827][ T6050] hfsplus_lookup+0x674/0xf70 [ 310.200793][ T6050] lookup_one_qstr_excl_raw+0x207/0x5b0 [ 310.207094][ T6050] do_renameat2+0x869/0x1d70 [ 310.212141][ T6050] __ia32_sys_rename+0xd7/0x140 [ 310.217241][ T6050] ia32_sys_call+0x3d36/0x42c0 [ 310.222399][ T6050] __do_fast_syscall_32+0xb0/0x150 [ 310.227767][ T6050] do_fast_syscall_32+0x38/0x80 [ 310.233166][ T6050] do_SYSENTER_32+0x1f/0x30 [ 310.237927][ T6050] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 310.244743][ T6050] [ 310.247215][ T6050] Uninit was created at: [ 310.252009][ T6050] __alloc_frozen_pages_noprof+0x689/0xf00 [ 310.258116][ T6050] alloc_pages_mpol+0x328/0x860 [ 310.263448][ T6050] alloc_frozen_pages_noprof+0xf7/0x200 [ 310.269320][ T6050] allocate_slab+0x24d/0x1220 [ 310.274464][ T6050] ___slab_alloc+0xfec/0x3480 [ 310.279421][ T6050] kmem_cache_alloc_lru_noprof+0x922/0xed0 [ 310.290699][ T6050] hfsplus_alloc_inode+0x5a/0xd0 [ 310.297663][ T6050] alloc_inode+0x8a/0x4a0 [ 310.302428][ T6050] iget_locked+0x239/0x12d0 [ 310.307161][ T6050] hfsplus_iget+0x5c/0xb80 [ 310.311986][ T6050] hfsplus_btree_open+0x134/0x1d00 [ 310.317401][ T6050] hfsplus_fill_super+0x1161/0x2740 [ 310.322986][ T6050] get_tree_bdev_flags+0x6e3/0x920 [ 310.328407][ T6050] get_tree_bdev+0x38/0x50 [ 310.337294][ T6050] hfsplus_get_tree+0x35/0x40 [ 310.343113][ T6050] vfs_get_tree+0xb0/0x5c0 [ 310.347861][ T6050] do_new_mount+0x738/0x1610 [ 310.353039][ T6050] path_mount+0x6db/0x1e90 [ 310.357740][ T6050] __se_sys_mount+0x6eb/0x7d0 [ 310.362897][ T6050] __ia32_sys_mount+0xe2/0x150 [ 310.367967][ T6050] ia32_sys_call+0x2733/0x42c0 [ 310.373128][ T6050] __do_fast_syscall_32+0xb0/0x150 [ 310.378517][ T6050] do_fast_syscall_32+0x38/0x80 [ 310.388922][ T6050] do_SYSENTER_32+0x1f/0x30 [ 310.395321][ T6050] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 310.402109][ T6050] [ 310.404599][ T6050] CPU: 0 UID: 0 PID: 6050 Comm: syz.0.25 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(undef) [ 310.417561][ T6050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 310.428080][ T6050] ===================================================== [ 310.435435][ T6050] Disabling lock debugging due to kernel taint [ 310.442040][ T6050] Kernel panic - not syncing: kmsan.panic set ... [ 310.448779][ T6050] CPU: 0 UID: 0 PID: 6050 Comm: syz.0.25 Tainted: G B 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(undef) [ 310.462896][ T6050] Tainted: [B]=BAD_PAGE [ 310.467225][ T6050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 310.477587][ T6050] Call Trace: [ 310.481048][ T6050] [ 310.484152][ T6050] __dump_stack+0x26/0x30 [ 310.488770][ T6050] dump_stack_lvl+0x53/0x270 [ 310.493641][ T6050] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 310.499801][ T6050] dump_stack+0x1e/0x25 [ 310.504246][ T6050] panic+0x4bd/0xd50 [ 310.508496][ T6050] kmsan_report+0x31c/0x320 [ 310.513445][ T6050] ? __msan_warning+0x1b/0x30 [ 310.518849][ T6050] ? hfsplus_lookup+0x674/0xf70 [ 310.524058][ T6050] ? lookup_one_qstr_excl_raw+0x207/0x5b0 [ 310.530038][ T6050] ? do_renameat2+0x869/0x1d70 [ 310.535022][ T6050] ? __ia32_sys_rename+0xd7/0x140 [ 310.540273][ T6050] ? ia32_sys_call+0x3d36/0x42c0 [ 310.545429][ T6050] ? __do_fast_syscall_32+0xb0/0x150 [ 310.550960][ T6050] ? do_fast_syscall_32+0x38/0x80 [ 310.556216][ T6050] ? do_SYSENTER_32+0x1f/0x30 [ 310.561124][ T6050] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 310.568002][ T6050] ? __hfsplus_brec_find+0x6d3/0x840 [ 310.573588][ T6050] ? kmsan_get_metadata+0xfb/0x160 [ 310.578986][ T6050] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 310.585525][ T6050] ? __msan_memcpy+0x108/0x1c0 [ 310.590564][ T6050] ? hfsplus_bnode_read+0x34b/0x3a0 [ 310.596083][ T6050] ? kmsan_get_metadata+0xfb/0x160 [ 310.601497][ T6050] __msan_warning+0x1b/0x30 [ 310.606271][ T6050] hfsplus_lookup+0x674/0xf70 [ 310.611265][ T6050] ? kmsan_get_metadata+0xfb/0x160 [ 310.616722][ T6050] ? kmsan_get_metadata+0xfb/0x160 [ 310.622204][ T6050] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 310.628986][ T6050] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 310.635371][ T6050] ? _raw_spin_unlock+0x30/0x50 [ 310.640509][ T6050] ? kmsan_get_metadata+0xfb/0x160 [ 310.645932][ T6050] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 310.652066][ T6050] ? __pfx_hfsplus_lookup+0x10/0x10 [ 310.657556][ T6050] lookup_one_qstr_excl_raw+0x207/0x5b0 [ 310.663406][ T6050] do_renameat2+0x869/0x1d70 [ 310.668216][ T6050] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 310.674413][ T6050] ? getname_flags+0x5f4/0xac0 [ 310.679650][ T6050] __ia32_sys_rename+0xd7/0x140 [ 310.684815][ T6050] ia32_sys_call+0x3d36/0x42c0 [ 310.689806][ T6050] __do_fast_syscall_32+0xb0/0x150 [ 310.695285][ T6050] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 310.701271][ T6050] do_fast_syscall_32+0x38/0x80 [ 310.706367][ T6050] do_SYSENTER_32+0x1f/0x30 [ 310.711104][ T6050] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 310.717716][ T6050] RIP: 0023:0xf7f66539 [ 310.721961][ T6050] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 310.741822][ T6050] RSP: 002b:00000000f508655c EFLAGS: 00000206 ORIG_RAX: 0000000000000026 [ 310.750479][ T6050] RAX: ffffffffffffffda RBX: 0000000080000080 RCX: 0000000080000000 [ 310.758836][ T6050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 310.766988][ T6050] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 310.775167][ T6050] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 310.783351][ T6050] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 310.791574][ T6050] [ 310.795057][ T6050] Kernel Offset: disabled [ 310.799481][ T6050] Rebooting in 86400 seconds..