last executing test programs: 8.235838431s ago: executing program 3 (id=1240): openat$dir(0xffffffffffffff9c, &(0x7f0000002a00)='./file0\x00', 0x0, 0x0) pipe2$9p(0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) madvise(&(0x7f0000ef1000/0x2000)=nil, 0x2000, 0xc) syz_clone(0x0, 0x0, 0x32, 0x0, 0x0, 0x0) 7.703243007s ago: executing program 1 (id=1248): r0 = gettid() timer_create(0x0, &(0x7f0000000100)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000580)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r1, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838) r2 = dup(r1) write$binfmt_elf32(r2, 0x0, 0x0) close(r2) socket$inet_tcp(0x2, 0x1, 0x0) rt_sigreturn() io_setup(0x0, &(0x7f0000004040)=0x0) io_getevents(r3, 0x3, 0x3, &(0x7f0000000200)=[{}, {}, {}], 0x0) 7.240672182s ago: executing program 1 (id=1253): r0 = gettid() timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) write$binfmt_script(r2, &(0x7f0000000340), 0xffffff46) dup3(r2, r1, 0x0) sendmsg$netlink(r1, &(0x7f0000001300)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000004080)=ANY=[], 0x10}], 0x1}, 0x0) close(r1) recvmsg(0xffffffffffffffff, 0x0, 0x0) rt_sigreturn() futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x3938700}}, 0x0) mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x0, 0x0, 0x0) openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r3, &(0x7f0000000100)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.pending_reads\x00', 0x40140, 0x0) close(r4) openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x60040, 0x0) 6.722936751s ago: executing program 1 (id=1258): rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000140), 0x0, 0x0, 0x0) 6.307792617s ago: executing program 1 (id=1260): mlockall(0x1) r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x1, 0x0, 0x0) rt_sigreturn() msgctl$IPC_RMID(r0, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) lsetxattr$security_ima(0x0, 0x0, &(0x7f0000000040)=@md5={0x1, "ae0c49ae5d6a0ded63811ab0a7eefeff"}, 0xfffffffffffffe7d, 0x3) 5.408707179s ago: executing program 5 (id=1267): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000c00000018000380140003800c000180080001000000000004fc0080180001801400020076657468315f746f5f626174616476"], 0x44}}, 0x0) 5.11195262s ago: executing program 5 (id=1269): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_int(r0, 0x0, 0x0, &(0x7f0000000000), 0x4) 4.907642706s ago: executing program 5 (id=1272): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x4, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x8c}, [@call={0x85, 0x0, 0x0, 0xcc}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000fcdbdf250200000008000100", @ANYRES32=r1], 0x1c}}, 0x0) write$nci(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="15e501020303060204c6190c1facfe466818176d06801f5a01ad"], 0x1a) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x0}) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000100)={@local, 0x0, r6}) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCADDRT(r8, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022}) ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r6}) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@ipv6_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0x1c}}, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@nls={'nls', 0x3d, 'cp855'}}, {@gid}, {@gid}, {@uid}, {@nobarrier}]}, 0x1, 0x5e1, &(0x7f0000000680)="$eJzs3U9vHGcdB/DvbGLHDlK6SZOmICSscgA1IrF3IxMkJKAUZKEKVeLSq5VsaiubNLK3yO0BmYpz+xbKwZw5cEJByoEzb8GoRwR334xmdtbeJtuN88fZtfL5SLPP88wz88xvfpmZzMzK2gCvrJUPMvMwRVauvLdVtnd32t3dnfbdQT3JmSSNZC5JUc7+W5Kvku30p3x70DFUPqb4YuXm2oPPL/dbc/VULV+MW+9oDmJp9mOtyhc1Xuu5xzvcw4UkF+oSJm5/4N8ju5/zvAQAplmRnBo1v5mcrW/Wy+eA/l1x/x77RNuedAAAAADwEry2l71s5dyk4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICTpP79/6KeGoP6QorB7//P1vNS10+0h5MOAAAAAAAAAACOaNyX9N/by162cm7Q3i+q7/zfqhoXq89v5eNsppONXM1WVtNLLxtZStIc3sjWaq+3sXSENVsj12y92H0GAAAAAAAAgFfMZ1k5/P4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACmQZGc6hfVdHFQb6ZxOslcktlyue3kwaB+kj2cdAAAAADwEry2l71s5dygvV9Uz/xvVM/9c/k499LLenrpppNb1buA/lN/Y3en3d3dad8tp8fH/cX/niqMasT03z2M3vJitcSlgzVW8uv8LldmBu3fZzW9dLKQd6vaaoo067cXzUGco+P9+dda7z8p1jerSOZzO+tVbFdzMx+lm1tpVPtQLTN+i38ss1P8rHbEHN2qy3KPflOX06FZZWTmICOLde7LbJwfn4mxx8nME7e0lMbBO6iLx5Dzs3VZ5vrdY875Z0+19KOZaA0dfW+Mz0Sy2Prv/bXuvTtrtzevTM9h9IwezUR7KBOXX6lMzNbZ6F9FR1wts5D3s5H1EVfLt6p1z2U9v81HuZVObmQxN7Kc62lnOT/J8lBeL+0XTzzXGk93rn3/h3WlPOt/NfLsn5Qyr+eH8jp8pWtWfcNzDrN04cVfkU5/p66UB+s7U/e/wPlHrs2DTLw+PhN/3i8/N7v37mysrd4/4vZ+UJdlBn45VZkoj5cL5T9W1fr60VH2vT6yb6nqu3jQ13is79JB35PO1Nn6Hu7xkVpV3+WRfe2q782hvlF3OQBMvbNvn52d/8/8v+a/nP/T/Nr8e3PvnLlx5ruzmfnn6b+f+mvjL42fFm/ny/zh8PkfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4dpuffHpntdvtbKioHHsl28kUhKFyhMqkr0zAcbvWu3v/2uYnn/5o/e7qh50PO/euLy23rl9fXP7xjWu317udxf7npMMEAF6goWczAAAAAAAAAAAAAABgSr2Uv/oGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4RisfZOZhiiwtXl0s27s77W45DepJiv6Sc4PqP5J8lWynP6U5NFzxTdspvli5ufbg88uHY80Nli/GrXc0B7GUH41HYnqe8cpxWs893uEeLiS5UJcwcf8PAAD//wPmAUg=") link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r9, 0xc004743e, &(0x7f0000000140)) r10 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x3c1, 0x3, 0x318, 0xc8, 0x4c, 0x232, 0x0, 0x5, 0x248, 0x2e8, 0x2e8, 0x248, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast1, @mcast2, [], [], 'veth1_to_bond\x00', 'batadv_slave_0\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0x138, 0x180, 0x0, {}, [@common=@unspec=@physdev={{0x68}, {'ip6tnl0\x00', {}, 'veth1_to_bond\x00', {}, 0x0, 0x3a}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x378) rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r11 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r12}, 0x48) 4.635607945s ago: executing program 4 (id=1276): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000240)={0x4, 0x5, 0x9}) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000002c0)={0x5, 0x0, 0xffff}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x2, 0x83, 0x4003}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0x9, 0x9, 0x6c}) dup3(r1, r0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x6, 0xf3, 0x1}) r2 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000340)={0x6, 0x1000, 0x9}) 4.444044543s ago: executing program 4 (id=1278): openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_audit(0x10, 0x3, 0x9) syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000c00)={'wlan1\x00'}) sendmsg$NL80211_CMD_LEAVE_OCB(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) 4.293138144s ago: executing program 0 (id=1280): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000040)='./file0\x00', 0x800090, &(0x7f0000000c00)=ANY=[@ANYBLOB="73686f77657865632c756e695f786c6174653d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c756e695f786c6174653d302c726f6469722c6e6f6e756d7461696c3d302c726f6469722c756e695f786c6174653d312c696f636861727365743d6b6f69382d722c636f6465706167653d3837342c756e695f786c6174653d312c756e695f786c6174653d302c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b3d30303030303030303030303030303030303030303030362c6e6e6f6e756d7461696c3d312c73686f72746e616d653d6c6f7765722c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c726f6469722c756e695f786c6174653d312c757466383d312c73686f72746e616d573d77696e39352c757466383d302c756e695f78c214af4a654a74d634ad97f973f26c6174653d302c73686f72746e616d653d77696e396d653d77696e39352c757466383d312c726f6469722c646566636f6e746578743d756e636f6e66696e65645f752c000000"], 0x6, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300), 0x4) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'vlan0\x00', 0x112}) close(r5) sched_setscheduler(r2, 0x1, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000100)={[{@dmask={'dmask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp855'}}, {@errors_remount}, {@dmask={'dmask', 0x3d, 0x9}}, {}, {@errors_remount}, {@errors_continue}, {@discard}, {@discard}, {@dmask={'dmask', 0x3d, 0x2}}]}, 0x5, 0x1518, &(0x7f0000002280)="$eJzs3AuYjVX7MPD7Xms9Y0jaTXIY1lr3wyaHZZIkhyQ5JEmSJDklJE3ySl4khpCkIQnJYUgOQ0gOE5PG+Xw+JknSJElITsn6rgmft7f63n/f2//1v/5z/67rufa693rWetba97Nnr+fZM/Nt16G1mtSu3oiI4N+CFx+SACAWAAYCwHUAEABA+bjycVn1OSUm/XsHYX+th1Ov9gjY1cT5z944/9kb5z974/xnb5z/7I3zn71x/rM3zj9j2dnm6QWv5y37bnz/Pzvjz///RTLLjP1ybZkbu/2JJpz/7I3z/79W8F/ZifOfvXH+szfOf/bG+c8OcvxhDec/u7p4TnD+GcvOrvb9Z96u7na1zz/GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY9nDGX+FAoDL5as9LsYYY4wxxhhjjP11fI6rPQLGGGOMMcYYY4z990MQIEFBADGQA2IhJ+QCAQDXQh64DiJwPcTBDZAXboR8kB8KQEGIh0JQGDQYsEAQQhEoClEoBsXhJigBJaEUlAYHZSABboaycAuUg1uhPNwGFeB2qAiVoDJUgTugKtwJ1eAuqA53Qw2oCbWgNtwDdeBeqAv3QT24H+rDA9AAHoSG8BA0goehMTwCTeBRaAqPQTNoDi2gJbT6/2r/AvSEF6EX9IYk6AN94SXoB/3/7ysyCF6FwfAaJMMQGAqvwzB4A4bDmzACRsIoeAtGw9swBsbCOBgPKTABJsI7MAnehckwBabCNEiF6TAD3oOZMAtmw/swBz6AuTAP5sMCSIMPYSEsgnT4CBbDx5ABS2ApLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+2wA3bCLtgNn8Ae+BT2wmewDz7/k+1P/1P7bggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYF/NiPsyHBbAAxmM8FsbCaNAgIWERLIJRjGJxLI4lsASWwlLo0GECJmBZvAXLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oP3YB+si3WxHtbD+lj/8u0pbISNsDE2xibYBJtiU2yGzbAFtsBW2ApbY2tsg22wHbbD9tgeO2AHTMRE7IgdsRN2ws7YGbtgF+yKXbEbdsfu+EIOwBfxReyNNUQf7It9sR8m5xiAL+PL+AoOwlfxVXwNk3EIDsXX8XV8A4fjKRyBI3EUjsKqvjcAjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsL3cQ5+gB/gPJyHCzAN03AhLsJ0TMfFeBozcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/BT/FTTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyJJ/EUnsYzeAbP4Tk8j8/Hf914V8k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFcVFclBAlRClRSjjhRIJIEGVFWVFOlBPlxW2igrhdVBSVRFtXRVQRVUU7V03cJaqL6qKGqClqidqitqgj6oi6oq6oJ+qJ+qK+aCAeFA1FHxyAD4uszDQRQ7CpGIrNRHMhL71fW4vh2Ea0Fe3Ek2IkjsAOorVLFM+IjmIMdhJ/E2PxOdFFjMeu4u+im+gueogXRE/RxvUSvcVk7CP6imnYT/QXA8TLYibWFO/jnJy1xGsiWQwRQ8XrYgG+IYaLN8UIMVKMEm+J0eJtMUaMFePEeJEiJoiJ4h0xSbwrJospYqqYJlLFdDFDvCdmillitnhfzBEfiLlinpgvFog08aFYKBaJdPGRWCw+FhliiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH2Cl2id3iE7FHfCr2is/EPvG52C++EAfEl+Kg+Epkiq/FIfGNOCy+FUfEd+Ko+F4cE8fFCfGDOCl+FKfEaXFGnBXnxE/ivPhZXBBegEQppJRKBjJG5pCxMqfMJa+RuWVw6dW9XsbJG2ReeaPMJ/PLArKgjJeFZGGppZFWkgxlEVlURmUxWVzeJEvIkrKULC2dLCMT5M2yrLxFlpO3yvLyNllB3i4rykqysqwi75BV5Z0SIhePUUPWlLVkbXmPrCPvlXXlfbKevF/Wlw/IBvJB2VA+JBvJh2Vj+YhsIh+VTeVjsplsLlvIlrKVfFy2lk/INrKtbCeflO3lU7KDfFomymdkR+kvnSLPyS7yedlV/l12k91lD/mzvCC97CV7S4A+sq98SfaT/eUA+bIcKF+Rg+SrcrB8TSbLIXKofF0Ok2/I4fJNOUKOlKPkW3K0fFuOkWPlODlepsgJcqJ8R06S78rJcoqcKqfJVDldDrjU02wp/2X7d36n/eBfjr5JbpZb5Fa5TW6XO+ROuUvulrvlHrlH7pV75T65T+6X++UBeUAelAdlpsyUh+QheVgelkfkEXlUHpXH5HF5Vv4gT8of5Sl5Wp6WZ+U5eU6ev/QagEIllFRKBSpG5VCxKqfKpa5RudW1Ko+6TkXU9SpO3aDyqhtVPpVfFVAFVbwqpAorrYyyilSoiqiiKqqK4aUTRpVSpZVTZVSCuvnPtFfF1U2qhCr5q/aXx6f/YHytVCvVWrVWbVQb1U61U+1Ve9VBdVCJKlF1VB1VJ9VJdVadVRfVRXVVXVU31U31UD1UT9VT9VK9VJJKUn3VS6qf6q8GqJfVQPWKGqQGqcFqsEpWyWqoGqqGqWFquBquRqgRapQapUar0WqMGqPGqXEqRaWoiWqimqQmqclqspqqpqpUlapmqBlqppqpZqvZao6ao+aquWq+mq/SVJpaqBaqdJWuFqvFKkMtUUvUMrVMrVAr1Cq1Sq1Ra9Q6tU5tUBtUhtqsNqutaqvarrarnWqn2q12qz1qj9qr9qp9ap/ar/arA+qAOqgOqkyVqQ6pQ+qwOqyOqCPqqDqqjqlj6oQ6oU6qk+qUOqXOqDPqnDqnzqvz6oK6kLXsC0QgAhWoICaICWKD2CBXkCvIHeQO8gR5gkgQCeKCuCBvcGOQL8gfFAgKBvFBoaBwoAMT2EBcSno0KBYUD24KSgQlg1JB6cAFZYKE4OagbHBLUC64NSgf3BZUCG4PKgaVgspBleCOoGpwZ1AtuCuoHtwd1AhqBrWC2sE9QZ3g3qBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBI0GT4NGgafBY0CxoHrQIWgat/tL+vT+V/wnXS/fWSbqP7qtf0v10fz1Av6wH6lf0IP2qHqxf08l6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6t39Zj9Fg9To/XKXqCnqjf0ZP0u3qynqKn6mk6VU/XM/R7eqaepWfr9/Uc/YGeq+fp+XqBTtMf6oV6kU7XH+nF+mOdoZfopXqZXq5X6JV6lV6t1+i1ep1erzfojXqT3qy36K16m96ud+idepferT/Re/Sneq/+TO/Tn+v9+gt9QH+pD+qvdKb+Wh/S3+jD+lt9RH+nj+rv9TF9XJ/QP+iT+kd9Sp/WZ/RZfU7/pM/rn/UF7bMW91kf70YZZWJMjIk1sSaXyWVym9wmj8ljIiZi4kycyWvymnwmnylgCph4E28Km8ImCxkyRUwREzVRU9wUNyVMCVPKlDLOOJNgEkxZU9aUM+VMeVPeVDAVTEVT0VQ2lc0d5g5zp7nT3GXuMnebu01NU9PUNrVNHVPH1DV1TT1Tz9Q39U0D08A0NA1NI9PINDaNTRPTxDQ1TU0z08y0MC1MK9PKtDatTRvTxrQz7Ux70950MB1Mokk0HU1H08l0Mp1NZ9PFdDFdTVfTzXQzPUwP09P0NL1ML5Nkkkxf09f0M/3MADPADDQDzSAzyAw2g02ySTZDzVAzzAwzw81wM8KMNKOyFqrmbTPGjDXjzHiTYlLMRDPRTDKTzGQz2Uw13qSaVDPDzDAzzUwz28w2c8wcM9fMNfPNfJNm0sxCs9Ckm3Sz2Cw2GSbDLDVLzXKz3Kw0K81qs9qsNWvNelhvNpqNZrPZbLaarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloMk2mOWQOmcPmsDlijpij5qg5Zo6ZE+aEOWlOmlPmlDljzphzJv+lz0tvYm1Om8teY3Pba20ee53957iALWjjbSFb2Gqbz+b/VWystSVsSVvKlrbOlrEJ9ubfxBVtJVvZVrF32Kr2TlvtN3Ede6+ta++z9ez9tra951dxffuAbWAftQ0RAWxz29i2tE3so7apfcw2s81tC9vStrdP2Q72aZton7Ed7bO/iRfaRXa1XWPX2nV2j/3UnrFn7WH7rT1nf7K9bG870L5iB9lX7WD7mk22Q34Tj7Jv2dH2bTvGjrXj7PjfxFPtNJtqp9sZ9j070876TZxmP7RzbLqda+fZ+XbBL3HWmNLtR3ax/dhm2CV2qV1ml9sVdqVddXmsl7+tt7vtJ3ar3Wa32x12p931S5w1j732M7vPfm4P2W/sAfulPWiP2Ez79S9x1vyO2O/sUfu9PWaP2xP2B3vS/mhP2dO/zD9r7j/Yn+0F6y0QEpAkRQHFUA6KpZyUi66h3HQt5aHrKELXUxzdQHnpRspH+akAFaR4KkSFSZMhS0QhFaGiFKVidHmdXopKk6MylEA3U1m6hcrRrVSebqMKdDtVpEpUmarQHVSV7qRqdBdVp7upBtWkWlSb7qE6dC/VpfuoHt1P9ekBakAPUkN6iBrRw9SYHqEm9Cg1pceoGTWnFtSSWtHj1JqeoDbUltrRk9SenqIO9DQl0jPUkZ6lTvQ36kzPURd6nrrS36kbdace9AL1pBepF/WmJOpDfekl6kf9aQC9TAPpFRpEr9Jgeo2SaQgNpddpGL1Bw+lNGkEjaRS9RaPpbRpDY2kcjacUmkAT6R2aRO/SZJpCU2kapdJ0mkHv0UyaRbPpfZpDH9BcmkfzaQGl0Ye0kBZROn1Ei+ljyqAltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdtpBO2kX7aZPaA99SnvpM9pHn9N++oIO0Jd0kL6iTPqaDtE3dJi+pSP0ne9N39MxOk4n6Ac6ST/SKTpNZ+gsnaOf6Dz9TBfIE4QYilCGKgzCmDBHGBvmDHOF14S5w2vDPOF1YSS8PowLbwjzhjeG+cL8YYGwYBgfFgoLhzo0oQ0pDMMiYdEwGhYLi4c3hSXCkmGpsHTowjJhQnhzWDa8JSwX3hqWD28LK4S3hxXDSuGj91cJ7wirhneG1cK7wurh3WGNsGZYK6wd3hPWCe8N64b3hfXC+8Ny4QNhg/DBsGH4UNgofDhsHD4SNgkfDZuGj4XNwuZhi7Bl2Cp8PGwdPhG2CduG7cInw/bhU2GH8OkwMXwm7Bg++0v9A4v+uD4p7BP2DV8KXwq9v0/Ojy6IpkU/jC6MLoqmRz+KLo5+HM2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel87Bzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qKumCvubnIlXElXypV2zpVxCa6la+VaudbuCdfGtXXt3JPuSfeUe8o97Z52z7iO7lnXyf3NdXbPuS7ueRUD4Lq57q6He8H1dBPyXHxPJrm+rq/r5/q5AW6AG+gGukFukBvsBrtkl+yGuqFumBvmhrvhboTLCQCj3Gg32o1xY9w4N86luBQ30U10k9wkN9lNdlPdVJfqUt0MN8PNdDNd1VkXjzLXzXXz3XyX5tLcQpe1Zkx3i91il+Ey3FK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdTrfT7Xa73R5/3cVO3T633+13B9wBd9B95TLd1+6Q+8Yddt+6I+47d9R974654+6E+8GddD+6U+60O+POunPuJ3fe/ewuOO9SIhMiEyPvRCZF3o1MjkyJTI1Mi6RGpkdmRN6LzIzMisyOvB+ZE/kgMjcyLzI/siCSFvkwsjCyKJIe+SiyOPJxJCOyJLI0siyyPLIi4n2hraEv4ov6qC/mi/ubfAlf0pfypb3zZXyCv9mX9bf4cv5WX97f5iv4231FX8lX9o/5Zr65b+Fb+lb+cd/aP+Hb+La+nX/St/dP+Q7+aZ/on/Ed/bO+k/+b7+yf8138876r/7vv5rv7Hv4F39O/6Hv53j7J9/F9/Uu+n+/vB/iX/UD/ih/kX/WD/Ws+2Q/xQ/3rfph/ww/3b/oRfqQfFfOWH335EhnG+xQ/wU/07/hJ/l0/2U/xU/00n+qn+xn+PT/Tz/Kz/ft+jv8Akvw8P98v8Gn+Q7/QL/Lp/iO/2H/sM/ySy7dQ/Uq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3O/xOv8vv9p/4Pf5Tv9d/5vf5z/1+/4U/4L/0B/1XPtN/7Q/5b/xh/60/4r/zR/33/pg/7k/4H/xJ/6M/5U/7M/6sP+d/8uf9z/4C/80aY4wxxth/yYQrRfF79X1+5znxDzv3BYBrtxXM/Mf6rBXl+nwXy/1FfPsIADzTu+vDl7caNZKSki7tmyEhKDoP4PI3QVli4Eq8BNrBU5AIbaHs746/v+h+jv5F/9HbAHL9Q5tYuBJf6f+LP+j/8SdHLawQnon7f/Q/D6BE0Sttsq6TLsdLoJ3KemwL5f6g//yt/8X4c36ZAtDmH9rkhivxlfEnwBPwLCT+ak/GGGOMMcYYY+yi/qJy58vXn5d/4/P3rs/j1ZU2OeBK/K+uzxljjDHGGGOMMXb1Pde9x9OPX1OsbedfComJf6JQ7c/szIXfK3j4HzGMiwXvAS4/owDg3+wQ4JfCuP/gLLb8R46VfOmt889Vy8/6AP5npPKvKFzlH0yMMcYYY4yxv9yVRf+vn1dXa0CMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlg29J/4d2JXe46MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbY1fZ/AgAA//81OQSC") 4.222836154s ago: executing program 4 (id=1281): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000c00000018000380140003800c000180080001000000000004fc0080180001801400020076657468315f746f5f626174616476"], 0x44}}, 0x0) 4.043792067s ago: executing program 5 (id=1282): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) unshare(0x2040400) r1 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) unshare(0x2000400) fsmount(r1, 0x0, 0x0) syz_read_part_table(0x5f4, &(0x7f00000024c0)="$eJzs00Fom2UYB/AnWUiMWspuuy2sh85dWtCDUAJqyT5KYSlhsh3GUE+bkMt2UTBmuoh40F06BrvUw0TYxoa40xjDwhiYHYSeqsV6aUvpqdBLscgnSaPW9uIhEQa/3yHJ+z7/l39e+L7gufbKZ5++n6aZiEgL/54cOhj+ZP/G27crJ6dKM2/WTndW5yJi/LuJC53fme48uye7u7Pcayk8ytXTbsfQkQelnWfZPakrEbHWvnm+T1dkgI5fPjF/dHvh8MN8qbN8I+pnIxeR741zf+XGBtR/v/x0+Grr0kcvf1i+uJg0VpL17NZmcurG3Fj+WrM2ujHeCRV74fn073NDmf701/84k79z68lka7WYDk9Xq7P3lq6PNCqPWx8vtEd+2f7i3Xi9+2i3/3m70rQ/1QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMDxyyfmj24vHH44HV8fih8nXqyfvXB3dLJ596eZ79/6pvTtsW4qP7D+++Wnw1dbl5JMlC8uJo2VZD27tZmcujE3lr/WrI1ujPdy73Q/Sy9Fn/9PLs7k79x6MtlaLX7w2nS1Ontv6fpIo/K4FREv7Mn9Woj3+lYKAAAAAAAAAAAAAAAAAAAA+1ROTpVmsrXTEZk4FxETc1NLnf20cKU7z/zwc/f7WC+/XCj+nkbEq49y9S9vJ59/NTt05EFp59lvhd15LiI6J9faN88fKEub/9u9+G/+DAAA///FdH2M") mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x10012, r3, 0x0) write$cgroup_int(r2, &(0x7f0000000040), 0x12) 4.043365338s ago: executing program 4 (id=1283): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}}) r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getdents(r4, 0x0, 0x0) 3.628474114s ago: executing program 2 (id=1285): setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c40)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000100), 0x4) 3.575890842s ago: executing program 4 (id=1286): rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000140), 0x0, 0x0, 0x0) 3.474928645s ago: executing program 4 (id=1287): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfed7) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000000)) sendmmsg$unix(r3, &(0x7f0000000000), 0x3ffffffffffffda, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x1c}}, 0x0) 3.444409899s ago: executing program 2 (id=1288): getpid() sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x43}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) fcntl$setlease(r0, 0x400, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0xc) fcntl$setlease(r0, 0x400, 0x2) 3.223673587s ago: executing program 5 (id=1289): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x8, 0x0, &(0x7f0000002540)="1ae19309000000000000003f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594ee14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfb654374cb1e2da7530d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"}) 3.067923051s ago: executing program 2 (id=1290): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000240)={0x4, 0x5, 0x9}) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000002c0)={0x5, 0x0, 0xffff}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x2, 0x83, 0x4003}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0x9, 0x9, 0x6c}) dup3(r1, r0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000280)={0x6, 0xf3, 0x1}) r2 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000340)={0x6, 0x1000, 0x9}) 2.995733719s ago: executing program 3 (id=1291): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x4e, &(0x7f0000000040)=0x5) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r5 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)={0x64, r5, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@FOU_ATTR_AF={0x5, 0x2, 0x2}, @FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x2e}, @FOU_ATTR_PEER_V6={0x14, 0x9, @empty}, @FOU_ATTR_IPPROTO={0x5}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x64}, 0x1, 0x0, 0x0, 0x40001}, 0x40000) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000004c0)={&(0x7f0000000580)={0x60, r5, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @local}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x1b}}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e24}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V6={0x14, 0x9, @loopback}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x24000051) ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000100)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000000c0)={{0x0, 0x3}}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000780)={0x1a4, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x174, 0x2, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}]}]}, 0x1a4}}, 0x2000c050) 2.965139747s ago: executing program 5 (id=1292): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='ext4_ext_handle_unwritten_extents\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x6) getpid() socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}}) 2.795968553s ago: executing program 2 (id=1293): openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_audit(0x10, 0x3, 0x9) syz_genetlink_get_family_id$nl80211(&(0x7f00000008c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000c00)={'wlan1\x00'}) sendmsg$NL80211_CMD_LEAVE_OCB(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) 2.776884953s ago: executing program 0 (id=1294): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x4, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x8c}, [@call={0x85, 0x0, 0x0, 0xcc}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000fcdbdf250200000008000100", @ANYRES32=r1], 0x1c}}, 0x0) write$nci(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="15e501020303060204c6190c1facfe466818176d06801f5a01ad"], 0x1a) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x0}) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000100)={@local, 0x0, r6}) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCADDRT(r8, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022}) ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r6}) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@ipv6_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0x1c}}, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@nls={'nls', 0x3d, 'cp855'}}, {@gid}, {@gid}, {@uid}, {@nobarrier}]}, 0x1, 0x5e1, &(0x7f0000000680)="$eJzs3U9vHGcdB/DvbGLHDlK6SZOmICSscgA1IrF3IxMkJKAUZKEKVeLSq5VsaiubNLK3yO0BmYpz+xbKwZw5cEJByoEzb8GoRwR334xmdtbeJtuN88fZtfL5SLPP88wz88xvfpmZzMzK2gCvrJUPMvMwRVauvLdVtnd32t3dnfbdQT3JmSSNZC5JUc7+W5Kvku30p3x70DFUPqb4YuXm2oPPL/dbc/VULV+MW+9oDmJp9mOtyhc1Xuu5xzvcw4UkF+oSJm5/4N8ju5/zvAQAplmRnBo1v5mcrW/Wy+eA/l1x/x77RNuedAAAAADwEry2l71s5dyk4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICTpP79/6KeGoP6QorB7//P1vNS10+0h5MOAAAAAAAAAACOaNyX9N/by162cm7Q3i+q7/zfqhoXq89v5eNsppONXM1WVtNLLxtZStIc3sjWaq+3sXSENVsj12y92H0GAAAAAAAAgFfMZ1k5/P4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACmQZGc6hfVdHFQb6ZxOslcktlyue3kwaB+kj2cdAAAAADwEry2l71s5dygvV9Uz/xvVM/9c/k499LLenrpppNb1buA/lN/Y3en3d3dad8tp8fH/cX/niqMasT03z2M3vJitcSlgzVW8uv8LldmBu3fZzW9dLKQd6vaaoo067cXzUGco+P9+dda7z8p1jerSOZzO+tVbFdzMx+lm1tpVPtQLTN+i38ss1P8rHbEHN2qy3KPflOX06FZZWTmICOLde7LbJwfn4mxx8nME7e0lMbBO6iLx5Dzs3VZ5vrdY875Z0+19KOZaA0dfW+Mz0Sy2Prv/bXuvTtrtzevTM9h9IwezUR7KBOXX6lMzNbZ6F9FR1wts5D3s5H1EVfLt6p1z2U9v81HuZVObmQxN7Kc62lnOT/J8lBeL+0XTzzXGk93rn3/h3WlPOt/NfLsn5Qyr+eH8jp8pWtWfcNzDrN04cVfkU5/p66UB+s7U/e/wPlHrs2DTLw+PhN/3i8/N7v37mysrd4/4vZ+UJdlBn45VZkoj5cL5T9W1fr60VH2vT6yb6nqu3jQ13is79JB35PO1Nn6Hu7xkVpV3+WRfe2q782hvlF3OQBMvbNvn52d/8/8v+a/nP/T/Nr8e3PvnLlx5ruzmfnn6b+f+mvjL42fFm/ny/zh8PkfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4dpuffHpntdvtbKioHHsl28kUhKFyhMqkr0zAcbvWu3v/2uYnn/5o/e7qh50PO/euLy23rl9fXP7xjWu317udxf7npMMEAF6goWczAAAAAAAAAAAAAABgSr2Uv/oGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4RisfZOZhiiwtXl0s27s77W45DepJiv6Sc4PqP5J8lWynP6U5NFzxTdspvli5ufbg88uHY80Nli/GrXc0B7GUH41HYnqe8cpxWs893uEeLiS5UJcwcf8PAAD//wPmAUg=") link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r9, 0xc004743e, &(0x7f0000000140)) r10 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x3c1, 0x3, 0x318, 0xc8, 0x4c, 0x232, 0x0, 0x5, 0x248, 0x2e8, 0x2e8, 0x248, 0x2e8, 0x3, 0x0, {[{{@ipv6={@mcast1, @mcast2, [], [], 'veth1_to_bond\x00', 'batadv_slave_0\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0x138, 0x180, 0x0, {}, [@common=@unspec=@physdev={{0x68}, {'ip6tnl0\x00', {}, 'veth1_to_bond\x00', {}, 0x0, 0x3a}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x378) rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r11 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r12}, 0x48) 2.526515446s ago: executing program 2 (id=1295): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18071100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x70, 0x49, 0x27, 0x20, 0xb54, 0x62a0, 0xa056, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0x6, 0x62}}]}}]}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="72b9800007"], 0xd) 1.675847311s ago: executing program 0 (id=1296): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, 0x0, 0x0) 1.54893146s ago: executing program 3 (id=1297): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_int(r0, 0x0, 0x0, &(0x7f0000000000), 0x4) 1.404174451s ago: executing program 0 (id=1298): futex(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x77359400}, 0x0, 0x0) 1.287994112s ago: executing program 3 (id=1299): rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000140)=[{0x0}], 0x1, 0x0, 0x0) 1.27875563s ago: executing program 0 (id=1300): r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000100), 0x4) 1.166170569s ago: executing program 3 (id=1301): syz_open_dev$video4linux(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$IOCTL_STOP_ACCEL_DEV(r3, 0x40046104, &(0x7f0000000240)) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000000)={0x2, 0x52b, 0x3}) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0) r4 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r4, &(0x7f0000000040)={0x2a, 0xffffffff, 0xfffffffe}, 0xc) 108.984765ms ago: executing program 0 (id=1302): memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0) socket$netlink(0x10, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg0\x00', 0x0}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="850000004f0000006400000000000000166ba7", @ANYRESHEX=0x0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', r0}, 0x90) r2 = socket$pppl2tp(0x18, 0x1, 0x1) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x9) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) getresuid(&(0x7f00000003c0)=0x0, &(0x7f0000000500), &(0x7f0000000380)) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000700)={{{@in=@broadcast, @in6=@private0, 0x4e24, 0x1cf, 0x4e21, 0x7, 0xa, 0x20, 0x0, 0x2c, 0x0, r5}, {0x6, 0x7, 0x8, 0x6, 0x1, 0xffffffffffffffff, 0x4, 0x2}, {0x1, 0x8, 0x1f, 0x800}, 0xfffffffa, 0x6e6bbd, 0x2, 0x0, 0x4, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x27}, 0x4d6, 0x33}, 0x0, @in=@empty, 0x0, 0x2, 0x1, 0x12, 0x9, 0x9, 0xa87e}}, 0xe8) write$tun(r4, &(0x7f0000000040)=ANY=[@ANYRESDEC=r4], 0x15) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x1, 0x81, 0x7fffffff, 0x8, 0xffffffffffffffff, 0x2, '\x00', r3, r4, 0x0, 0x3, 0x5}, 0x48) ioctl$SIOCGETSGCNT_IN6(r4, 0x89e1, &(0x7f0000001100)={@ipv4={'\x00', '\xff\xff', @empty}, @empty}) r6 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="350a0000000000006911d40000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80) connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @multicast2}, 0x20000003}}, 0x2e) ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000001300)) readv(r2, &(0x7f0000001440)=[{&(0x7f0000000040)=""/4096, 0x1000}], 0x1) r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0) r8 = syz_open_dev$tty1(0xc, 0x4, 0x1) r9 = dup(r8) write$binfmt_misc(r1, &(0x7f0000001040)=ANY=[@ANYBLOB="73797a310b5ea318ed94ef76b485c9f6ddb3b6518e1db783ecef54dbb65d9b583a969f3b8ae48a74258c1b65e985f34542360233f45be9541697873c5f7658f19e181a36979127328ffedbd62e32d913d3911b52dda7d376ef032844e7cfd1524922b1695b0760f3cb8c0c382db32b0ecedda55f20d60adda96a38333db289804fe342953b0b93e1b79d4f79e1e199ff637f6a652029"], 0x96) ioctl$TIOCL_SETSEL(r9, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x0, 0xd6e}}) ioctl$TIOCL_SETSEL(r9, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x2, 0x4, 0xfffd, 0x0, 0xf}}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002700000000000000e1ffffff"], 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) syz_usb_control_io$hid(r7, 0x0, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) syz_usb_control_io(r7, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 108.653057ms ago: executing program 2 (id=1303): openat$dir(0xffffffffffffff9c, &(0x7f0000002a00)='./file0\x00', 0x0, 0x0) pipe2$9p(0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) madvise(&(0x7f0000ef1000/0x2000)=nil, 0x2000, 0xc) syz_clone(0x0, 0x0, 0x32, 0x0, 0x0, 0x0) 108.401782ms ago: executing program 3 (id=1304): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x8, 0x0, &(0x7f0000002540)="1ae19309000000000000003f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594ee14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfb654374cb1e2da7530d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"}) 6.757844ms ago: executing program 1 (id=1305): prctl$PR_SET_SECUREBITS(0x1c, 0x1d) setgroups(0x0, 0x0) getgroups(0x0, 0x0) setregid(0x0, 0x0) socket$unix(0x1, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) msgget$private(0x0, 0x0) msgrcv(0x0, 0x0, 0x0, 0x0, 0x0) msgsnd(0x0, &(0x7f0000000040)=ANY=[], 0x8, 0x0) 0s ago: executing program 1 (id=1306): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="a8b25e06772d372c5a7514d4aad17b0e366c230d50f22201649c6730f7145a80de46b0764bed7e684c5e2bc80ff990ade8611e6607d90ce7315db8aeba57ee"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1d, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x93) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e23, @dev={0xac, 0x2}}, {0x2, 0x4e21, @private=0xa010100}, {0x2, 0x4e23, @loopback}, 0xde, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r4, &(0x7f0000000380), 0x20000000}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f0000001080)=""/4096, 0x1000, 0x0, &(0x7f00000004c0)=""/122, 0x7a}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000eeffffffffff00000000ebffff17110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r6}, 0x10) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) r8 = socket(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000840)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x4, 0x4e22, @rand_addr=0x64010101}, {0x2, 0x4e23, @remote}, 0x184, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)='lo\x00', 0xffffffff}) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r8, 0x8982, &(0x7f0000000680)={0x0, 'veth0_to_team\x00', {0x1}, 0x23ff}) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): p=0x7f224c775b99 code=0x0 [ 247.531953][ T8] imon 6-1:0.0: unable to register, err -19 [ 247.558321][ T8] usb 6-1: USB disconnect, device number 15 [ 247.584035][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.651372][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.687320][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.769406][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.869193][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 247.888504][ T7858] loop3: detected capacity change from 0 to 1024 [ 248.199345][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.390080][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.465247][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.552283][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.632813][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.660295][ T7866] sg_write: process 303 (syz.4.658) changed security contexts after opening file descriptor, this is not allowed. [ 248.725528][ T7514] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 248.796238][ T7870] loop4: detected capacity change from 0 to 512 [ 248.798269][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.849318][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.874727][ T7870] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.893326][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.914527][ T7870] ext4 filesystem being mounted at /root/syzkaller.1SPqcH/109/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 248.933385][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.942178][ T29] audit: type=1326 audit(1719654183.204:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7875 comm="syz.2.661" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff071b75b99 code=0x0 [ 248.943560][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.976778][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.988040][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.998810][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.008857][ T7514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.019415][ T7514] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.043453][ T7514] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 249.089732][ T7868] EXT4-fs error (device loop4): ext4_do_update_inode:5075: inode #2: comm syz.4.660: corrupted inode contents [ 249.118802][ T7868] EXT4-fs error (device loop4): ext4_dirty_inode:5935: inode #2: comm syz.4.660: mark_inode_dirty error [ 249.120161][ T7514] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.140513][ T7868] EXT4-fs error (device loop4): ext4_do_update_inode:5075: inode #2: comm syz.4.660: corrupted inode contents [ 249.146619][ T7514] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.161349][ T7514] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.170636][ T7868] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.660: mark_inode_dirty error [ 249.181963][ T7514] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.218223][ T7868] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 249.319110][ T5091] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.547613][ T2907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.594119][ T2907] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 249.882337][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.934032][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 250.811748][ T5153] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 251.062508][ T45] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 251.115438][ T5153] usb 5-1: Using ep0 maxpacket: 8 [ 251.153445][ T5153] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 251.174088][ T7911] netlink: 16 bytes leftover after parsing attributes in process `syz.5.668'. [ 251.202587][ T25] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 251.241906][ T5153] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 251.262357][ T45] usb 3-1: Using ep0 maxpacket: 16 [ 251.338396][ T45] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 251.357314][ T5153] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 251.429696][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 251.462089][ T5153] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 251.485577][ T25] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 251.545645][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 251.561879][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.626550][ T5153] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 251.649053][ T45] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 251.692778][ T5153] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.700794][ T5153] usb 5-1: Product: syz [ 251.716630][ T25] usb 4-1: config 0 descriptor?? [ 251.756187][ T45] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 251.817747][ T5153] usb 5-1: Manufacturer: syz [ 251.852981][ T5153] usb 5-1: SerialNumber: syz [ 251.872987][ T45] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 251.923382][ T5153] usb 5-1: config 0 descriptor?? [ 251.949016][ T45] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 251.974469][ T5218] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 251.997836][ T7900] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 252.039276][ T7925] fuse: Bad value for 'fd' [ 252.058222][ T45] usb 3-1: Manufacturer: syz [ 252.105865][ T45] usb 3-1: config 0 descriptor?? [ 252.115151][ T5153] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input13 [ 252.252122][ T5218] usb 2-1: Using ep0 maxpacket: 8 [ 252.362572][ T5218] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 252.520349][ T5218] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 252.683409][ T5218] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.847371][ T45] rc_core: IR keymap rc-hauppauge not found [ 252.870344][ T5218] usb 2-1: config 0 descriptor?? [ 252.910288][ T45] Registered IR keymap rc-empty [ 252.956018][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.022082][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.102081][ T45] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 253.123767][ T45] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input15 [ 253.154138][ T5218] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 253.237665][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.307267][ T7936] loop5: detected capacity change from 0 to 1024 [ 253.314968][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.365243][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.482316][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.568988][ T5153] imon:send_packet: packet tx failed (-71) [ 253.612347][ T5153] imon 5-1:0.0: panel buttons/knobs setup failed [ 253.636778][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.702303][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.764245][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 253.903921][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 254.042421][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 254.072962][ T25] pegasus 4-1:0.0: setup Pegasus II specific registers [ 254.142526][ T5153] rc_core: IR keymap rc-imon-pad not found [ 254.148549][ T5153] Registered IR keymap rc-empty [ 254.157197][ T45] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 254.202338][ T5153] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 254.230563][ T45] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 254.240258][ T29] audit: type=1326 audit(1719654188.494:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.677" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa691d75b99 code=0x0 [ 254.245625][ T5153] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 254.292663][ T5093] usb 2-1: USB disconnect, device number 8 [ 254.316951][ T45] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 254.384222][ T5093] iowarrior 2-1:0.0: I/O-Warror #0 now disconnected [ 254.442070][ T45] usb 3-1: USB disconnect, device number 11 [ 254.484432][ T5153] imon:send_packet: packet tx failed (-71) [ 254.568863][ T5153] imon 5-1:0.0: remote input dev register failed [ 254.604312][ T5153] imon 5-1:0.0: imon_init_intf0: rc device setup failed [ 254.761327][ T25] pegasus 4-1:0.0: can't locate MII phy, using default [ 254.984663][ T5153] imon 5-1:0.0: unable to initialize intf0, err 0 [ 254.998115][ T25] pegasus 4-1:0.0: eth1, ELECOM USB Ethernet LD-USB20, 12:88:b5:35:29:88 [ 255.441326][ T1241] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.449722][ T1241] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.007372][ T5153] imon:imon_probe: failed to initialize context! [ 256.620198][ T5153] imon 5-1:0.0: unable to register, err -19 [ 257.457594][ T25] usb 4-1: USB disconnect, device number 13 [ 257.471480][ T5153] usb 5-1: USB disconnect, device number 10 [ 257.489783][ T7980] netlink: 16 bytes leftover after parsing attributes in process `syz.0.683'. [ 258.142982][ T8002] loop1: detected capacity change from 0 to 512 [ 258.330903][ T8002] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.414998][ T5150] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 258.452995][ T8002] ext4 filesystem being mounted at /root/syzkaller.FbRuNP/113/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.661904][ T5150] usb 3-1: Using ep0 maxpacket: 8 [ 258.718874][ T5150] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 258.741194][ T7998] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz.1.688: corrupted inode contents [ 258.821751][ T5150] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 258.863844][ T7998] EXT4-fs error (device loop1): ext4_dirty_inode:5935: inode #2: comm syz.1.688: mark_inode_dirty error [ 258.921612][ T5150] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 258.962214][ T7998] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz.1.688: corrupted inode contents [ 259.015081][ T5150] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 259.045134][ T7998] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.688: mark_inode_dirty error [ 259.158166][ T5150] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 259.237668][ T7998] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 259.259202][ T5150] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 259.326466][ T5150] usb 3-1: Product: syz [ 259.330703][ T5150] usb 3-1: Manufacturer: syz [ 259.446807][ T5150] usb 3-1: SerialNumber: syz [ 259.528977][ T5150] usb 3-1: config 0 descriptor?? [ 259.599663][ T8003] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 259.689719][ T5150] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input16 [ 259.798404][ T29] audit: type=1326 audit(1719654194.034:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8019 comm="syz.0.694" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c775b99 code=0x0 [ 261.141997][ T5150] imon:send_packet: packet tx failed (-71) [ 261.303587][ T5150] imon 3-1:0.0: panel buttons/knobs setup failed [ 261.353181][ T9] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 261.364080][ T5089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.661868][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 261.753707][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 261.901919][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 262.162213][ T8054] netlink: 16 bytes leftover after parsing attributes in process `syz.2.702'. [ 262.361537][ T8057] fuse: Bad value for 'fd' [ 262.424982][ T5150] rc_core: IR keymap rc-imon-pad not found [ 262.430982][ T5150] Registered IR keymap rc-empty [ 262.451878][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 262.471890][ T5150] imon 3-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 263.455887][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 263.466956][ T5150] imon 3-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 263.476520][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 263.490659][ T5150] imon:send_packet: packet tx failed (-71) [ 263.531992][ T5150] imon 3-1:0.0: remote input dev register failed [ 263.567050][ T9] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 263.719857][ T5150] imon 3-1:0.0: imon_init_intf0: rc device setup failed [ 263.812016][ T9] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 264.010246][ T9] usb 4-1: Manufacturer: syz [ 264.105256][ T8066] loop1: detected capacity change from 0 to 4096 [ 264.176193][ T9] usb 4-1: config 0 descriptor?? [ 264.340870][ T9] usb 4-1: can't set config #0, error -71 [ 264.405842][ T29] audit: type=1326 audit(1719654198.634:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8080 comm="syz.5.710" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f224c775b99 code=0x0 [ 264.555066][ T9] usb 4-1: USB disconnect, device number 14 [ 264.708672][ T5150] imon 3-1:0.0: unable to initialize intf0, err 0 [ 264.815166][ T5150] imon:imon_probe: failed to initialize context! [ 264.886715][ T5150] imon 3-1:0.0: unable to register, err -19 [ 265.039777][ T5150] usb 3-1: USB disconnect, device number 12 [ 265.170879][ T8093] loop4: detected capacity change from 0 to 512 [ 265.563517][ T8093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 265.797230][ T8093] ext4 filesystem being mounted at /root/syzkaller.1SPqcH/117/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 266.041350][ T8091] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz.4.712: path /root/syzkaller.1SPqcH/117/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 266.099316][ T8091] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz.4.712: path /root/syzkaller.1SPqcH/117/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 266.279147][ T8093] EXT4-fs error (device loop4): ext4_do_update_inode:5075: inode #2: comm syz.4.712: corrupted inode contents [ 266.355853][ T8093] EXT4-fs error (device loop4): ext4_dirty_inode:5935: inode #2: comm syz.4.712: mark_inode_dirty error [ 266.385229][ T8093] EXT4-fs error (device loop4): ext4_do_update_inode:5075: inode #2: comm syz.4.712: corrupted inode contents [ 266.403502][ T8] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 266.502768][ T8093] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.712: mark_inode_dirty error [ 266.621768][ T8] usb 6-1: device descriptor read/64, error -71 [ 266.636806][ T8091] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz.4.712: path /root/syzkaller.1SPqcH/117/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 266.802321][ T8091] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz.4.712: path /root/syzkaller.1SPqcH/117/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 266.920003][ T8] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 266.942356][ T8091] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 15: comm syz.4.712: path /root/syzkaller.1SPqcH/117/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 267.206164][ T8] usb 6-1: device descriptor read/64, error -71 [ 267.661861][ T8091] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz.4.712: path /root/syzkaller.1SPqcH/117/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 267.772182][ T8] usb usb6-port1: attempt power cycle [ 268.144288][ T8093] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 268.216492][ T8] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 268.304933][ T8] usb 6-1: device descriptor read/8, error -71 [ 268.502271][ T8126] fuse: Bad value for 'fd' [ 268.594749][ T5091] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.612772][ T8] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 268.809593][ T8] usb 6-1: device descriptor read/8, error -71 [ 268.982238][ T8] usb usb6-port1: unable to enumerate USB device [ 270.980194][ T29] audit: type=1326 audit(1719654204.544:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8147 comm="syz.4.726" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa691d75b99 code=0x0 [ 271.011766][ T9] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 271.188718][ T8150] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 271.194863][ T8150] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 271.203962][ T8155] ceph: No mds server is up or the cluster is laggy [ 271.982716][ T8168] netlink: 16 bytes leftover after parsing attributes in process `syz.1.731'. [ 272.044287][ T8174] loop4: detected capacity change from 0 to 512 [ 272.144043][ T8174] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.473423][ T8174] ext4 filesystem being mounted at /root/syzkaller.1SPqcH/120/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 272.650419][ T8174] EXT4-fs error (device loop4): ext4_do_update_inode:5075: inode #2: comm syz.4.732: corrupted inode contents [ 272.692899][ T9] usb 3-1: device not accepting address 13, error -71 [ 273.373974][ T8174] EXT4-fs error (device loop4): ext4_dirty_inode:5935: inode #2: comm syz.4.732: mark_inode_dirty error [ 273.538927][ T8174] EXT4-fs error (device loop4): ext4_do_update_inode:5075: inode #2: comm syz.4.732: corrupted inode contents [ 273.738591][ T8174] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.732: mark_inode_dirty error [ 274.015260][ T8172] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 275.692671][ T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 275.769471][ T5091] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.868437][ T29] audit: type=1326 audit(1719654210.134:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.744" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c775b99 code=0x0 [ 276.412765][ T9] usb 3-1: device descriptor read/64, error -71 [ 276.559888][ T8224] IPv6: addrconf: prefix option has invalid lifetime [ 276.573738][ T8221] netlink: 8 bytes leftover after parsing attributes in process `syz.3.749'. [ 276.679710][ T9] usb usb3-port1: attempt power cycle [ 277.131021][ T8226] ceph: No mds server is up or the cluster is laggy [ 277.531746][ T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 277.625360][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 277.827907][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 277.904279][ T9] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 277.938305][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.959607][ T9] usb 3-1: config 0 descriptor?? [ 278.218121][ T8213] netlink: 16 bytes leftover after parsing attributes in process `syz.2.746'. [ 278.230254][ T8248] loop1: detected capacity change from 0 to 512 [ 278.812136][ T8248] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 278.896086][ T8248] ext4 filesystem being mounted at /root/syzkaller.FbRuNP/123/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.931195][ T8244] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.757: path /root/syzkaller.FbRuNP/123/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 278.966798][ T8244] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 12: comm syz.1.757: path /root/syzkaller.FbRuNP/123/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 279.006998][ T8248] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz.1.757: corrupted inode contents [ 279.038946][ T8248] EXT4-fs error (device loop1): ext4_dirty_inode:5935: inode #2: comm syz.1.757: mark_inode_dirty error [ 279.061980][ T25] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 279.104434][ T8248] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz.1.757: corrupted inode contents [ 279.134630][ T8213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 279.158206][ T8213] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.175305][ T8248] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.757: mark_inode_dirty error [ 279.204647][ T8213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 279.251148][ T8244] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 13: comm syz.1.757: path /root/syzkaller.FbRuNP/123/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 279.274915][ T8213] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.313893][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 279.367860][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 279.408255][ T8244] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 14: comm syz.1.757: path /root/syzkaller.FbRuNP/123/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 279.437547][ T25] usb 4-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 279.481245][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.510730][ T25] usb 4-1: config 0 descriptor?? [ 279.540684][ T8244] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 15: comm syz.1.757: path /root/syzkaller.FbRuNP/123/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 279.586531][ T25] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 279.684487][ T8244] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz.1.757: path /root/syzkaller.FbRuNP/123/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 279.791424][ T8267] netlink: 8 bytes leftover after parsing attributes in process `syz.5.763'. [ 279.808728][ T25] usb 4-1: USB disconnect, device number 15 [ 280.005344][ T9] hid-generic 0003:0158:0100.0005: unknown main item tag 0x1 [ 280.014558][ T9] hid-generic 0003:0158:0100.0005: unexpected long global item [ 280.062019][ T8248] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 280.197452][ T5089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.430580][ T29] audit: type=1326 audit(1719654214.694:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8271 comm="syz.5.766" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f224c775b99 code=0x0 [ 280.911352][ T8252] syz.4.756 (8252): drop_caches: 1 [ 280.999127][ T9] hid-generic 0003:0158:0100.0005: probe with driver hid-generic failed with error -22 [ 281.272059][ T9] usb 3-1: USB disconnect, device number 15 [ 282.501226][ T8290] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 283.342145][ T924] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 283.352462][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.4.776'. [ 283.582060][ T924] usb 6-1: Using ep0 maxpacket: 8 [ 283.602812][ T924] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 283.638265][ T924] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 283.671169][ T924] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 283.689681][ T924] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 283.785527][ T924] usb 6-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 283.812633][ T924] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.835145][ T924] usb 6-1: Product: syz [ 283.847467][ T924] usb 6-1: Manufacturer: syz [ 283.878730][ T924] usb 6-1: SerialNumber: syz [ 283.911265][ T924] usb 6-1: config 0 descriptor?? [ 283.945278][ T8304] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 283.998315][ T924] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input18 [ 284.038550][ T8302] loop3: detected capacity change from 0 to 32768 [ 284.126217][ T8302] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.773 (8302) [ 284.193600][ T8302] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 284.257969][ T8302] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 284.287675][ T924] imon:send_packet: packet tx failed (-71) [ 284.300101][ T8302] BTRFS info (device loop3): using free-space-tree [ 284.301910][ T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 284.348329][ T924] imon 6-1:0.0: panel buttons/knobs setup failed [ 284.467038][ T29] audit: type=1326 audit(1719654218.734:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.4.784" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa691d75b99 code=0x0 [ 284.547090][ T8302] BTRFS info (device loop3): rebuilding free space tree [ 284.561865][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 284.572939][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 284.601928][ T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 284.611830][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.632396][ T9] usb 3-1: config 0 descriptor?? [ 284.661528][ T9] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 284.681892][ T924] rc_core: IR keymap rc-imon-pad not found [ 284.688171][ T924] Registered IR keymap rc-empty [ 284.695210][ T924] imon 6-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 284.705724][ T924] imon 6-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 284.715926][ T924] imon:send_packet: packet tx failed (-71) [ 284.772414][ T924] imon 6-1:0.0: remote input dev register failed [ 284.784397][ T29] audit: type=1804 audit(1719654219.044:75): pid=8302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.773" name="/root/syzkaller.0YPdRn/136/bus/bus" dev="loop3" ino=263 res=1 errno=0 [ 284.791996][ T924] imon 6-1:0.0: imon_init_intf0: rc device setup failed [ 284.854032][ T45] usb 3-1: USB disconnect, device number 16 [ 284.974809][ T924] imon 6-1:0.0: unable to initialize intf0, err 0 [ 284.981294][ T924] imon:imon_probe: failed to initialize context! [ 285.008557][ T5097] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 285.029876][ T924] imon 6-1:0.0: unable to register, err -19 [ 285.080734][ T924] usb 6-1: USB disconnect, device number 20 [ 285.746135][ T8362] netlink: 4 bytes leftover after parsing attributes in process `syz.1.790'. [ 286.720842][ T8375] ceph: No mds server is up or the cluster is laggy [ 287.150362][ T8384] sp0: Synchronizing with TNC [ 287.172593][ T45] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 287.428537][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 287.490787][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 287.536777][ T45] usb 3-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00 [ 287.591917][ T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.634423][ T45] usb 3-1: config 0 descriptor?? [ 288.070259][ T45] magicmouse 0003:05AC:0269.0006: unbalanced delimiter at end of report description [ 288.093206][ T924] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 288.109396][ T45] magicmouse 0003:05AC:0269.0006: magicmouse hid parse failed [ 288.128932][ T45] magicmouse 0003:05AC:0269.0006: probe with driver magicmouse failed with error -22 [ 288.255826][ T8380] loop4: detected capacity change from 0 to 32768 [ 288.291751][ T924] usb 4-1: Using ep0 maxpacket: 8 [ 288.304065][ T924] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 288.321981][ T8380] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.794 (8380) [ 288.344260][ T924] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 288.394221][ T924] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 288.423072][ T25] usb 3-1: USB disconnect, device number 17 [ 288.436089][ T8380] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 288.461500][ T924] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 288.521887][ T8380] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 288.551096][ T924] usb 4-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 288.571754][ T8380] BTRFS info (device loop4): using free-space-tree [ 288.578469][ T924] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.605744][ T924] usb 4-1: Product: syz [ 288.609944][ T924] usb 4-1: Manufacturer: syz [ 288.624942][ T29] audit: type=1326 audit(1719654222.894:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8395 comm="syz.5.800" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f224c775b99 code=0x0 [ 288.662573][ T924] usb 4-1: SerialNumber: syz [ 288.702368][ T924] usb 4-1: config 0 descriptor?? [ 288.721514][ T8388] loop1: detected capacity change from 0 to 32768 [ 288.743829][ T8392] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 288.774957][ T8388] BTRFS: device /dev/loop1 (7:1) using temp-fsid d5fc19d5-7367-4466-8b96-694e6c9097ae [ 288.794690][ T8388] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.797 (8388) [ 288.800740][ T924] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input20 [ 288.898104][ T8388] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 288.920803][ T8380] BTRFS info (device loop4): rebuilding free space tree [ 288.937109][ T8388] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 288.976522][ T8388] BTRFS info (device loop1): using free-space-tree [ 288.999120][ T924] imon:send_packet: packet tx failed (-71) [ 289.034402][ T924] imon 4-1:0.0: panel buttons/knobs setup failed [ 289.271936][ T8388] BTRFS info (device loop1): rebuilding free space tree [ 289.278641][ T924] rc_core: IR keymap rc-imon-pad not found [ 289.311193][ T924] Registered IR keymap rc-empty [ 289.342226][ T924] imon 4-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 289.382234][ T924] imon 4-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 289.413895][ T924] imon:send_packet: packet tx failed (-71) [ 289.467853][ T924] imon 4-1:0.0: remote input dev register failed [ 289.494736][ T924] imon 4-1:0.0: imon_init_intf0: rc device setup failed [ 289.500191][ T29] audit: type=1804 audit(1719654223.754:77): pid=8388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.797" name="/root/syzkaller.FbRuNP/128/bus/bus" dev="loop1" ino=263 res=1 errno=0 [ 289.504868][ T5091] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 289.705255][ T924] imon 4-1:0.0: unable to initialize intf0, err 0 [ 289.719260][ T924] imon:imon_probe: failed to initialize context! [ 289.736004][ T924] imon 4-1:0.0: unable to register, err -19 [ 289.794238][ T924] usb 4-1: USB disconnect, device number 16 [ 289.863222][ T5089] BTRFS info (device loop1): last unmount of filesystem d5fc19d5-7367-4466-8b96-694e6c9097ae [ 289.896781][ T8447] netlink: 4 bytes leftover after parsing attributes in process `syz.2.805'. [ 290.061914][ T45] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 290.312424][ T45] usb 6-1: Using ep0 maxpacket: 8 [ 290.345882][ T45] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 290.382051][ T45] usb 6-1: config 0 has no interface number 0 [ 290.402101][ T45] usb 6-1: config 0 interface 1 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 290.445919][ T45] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 290.481695][ T45] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.527775][ T45] usb 6-1: config 0 descriptor?? [ 290.536528][ T45] iowarrior 6-1:0.1: no interrupt-in endpoint found [ 290.866479][ T29] audit: type=1326 audit(1719654225.134:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.2.816" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff071b75b99 code=0x0 [ 291.672653][ T8479] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 292.296302][ T8490] sp0: Synchronizing with TNC [ 292.621797][ T5153] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 292.861775][ T5153] usb 3-1: Using ep0 maxpacket: 16 [ 292.911742][ T5153] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 292.998232][ T5153] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 293.039209][ T5153] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.073130][ T5153] usb 3-1: config 0 descriptor?? [ 293.089026][ T5153] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 293.108148][ T924] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 293.231172][ T9] usb 6-1: USB disconnect, device number 21 [ 293.344706][ T5150] usb 3-1: USB disconnect, device number 18 [ 293.352421][ T924] usb 2-1: Using ep0 maxpacket: 8 [ 293.366871][ T924] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 293.398102][ T924] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 293.437067][ T924] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 293.469749][ T924] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 293.509016][ T924] usb 2-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 293.523026][ T924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.531107][ T924] usb 2-1: Product: syz [ 293.536046][ T924] usb 2-1: Manufacturer: syz [ 293.540656][ T924] usb 2-1: SerialNumber: syz [ 293.550544][ T924] usb 2-1: config 0 descriptor?? [ 293.573562][ T8499] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 293.642695][ T924] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input22 [ 295.317964][ T8518] Zero length message leads to an empty skb [ 295.477848][ T8518] loop5: detected capacity change from 0 to 1024 [ 295.700950][ T924] imon:send_packet: packet tx failed (-71) [ 295.759699][ T924] imon 2-1:0.0: panel buttons/knobs setup failed [ 295.761805][ T29] audit: type=1326 audit(1719654230.004:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8529 comm="syz.3.830" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6f75b99 code=0x0 [ 295.787666][ C1] vkms_vblank_simulate: vblank timer overrun [ 295.934459][ T45] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 296.012937][ T924] rc_core: IR keymap rc-imon-pad not found [ 296.022020][ T8539] 9pnet_virtio: no channels available for device syz [ 296.041110][ T924] Registered IR keymap rc-empty [ 296.046321][ T924] imon 2-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 296.136004][ T924] imon 2-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 296.239612][ T924] imon:send_packet: packet tx failed (-71) [ 296.366496][ T45] usb 3-1: Using ep0 maxpacket: 8 [ 296.392280][ T45] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 296.550614][ T45] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 296.567323][ T5153] libceph: connect (1)[c::]:6789 error -101 [ 296.658892][ T5153] libceph: mon0 (1)[c::]:6789 connect error [ 296.717944][ T8541] ceph: No mds server is up or the cluster is laggy [ 296.760663][ T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.048863][ T924] imon 2-1:0.0: remote input dev register failed [ 297.065530][ T924] imon 2-1:0.0: imon_init_intf0: rc device setup failed [ 297.067760][ T5093] libceph: connect (1)[c::]:6789 error -101 [ 297.101532][ T45] usb 3-1: config 0 descriptor?? [ 297.121241][ T5093] libceph: mon0 (1)[c::]:6789 connect error [ 297.143980][ T45] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 297.173509][ T924] imon 2-1:0.0: unable to initialize intf0, err 0 [ 297.179969][ T924] imon:imon_probe: failed to initialize context! [ 297.247283][ T924] imon 2-1:0.0: unable to register, err -19 [ 297.311080][ T924] usb 2-1: USB disconnect, device number 9 [ 297.484134][ T5153] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 297.550383][ T8554] loop4: detected capacity change from 0 to 4096 [ 297.682879][ T5153] usb 6-1: Using ep0 maxpacket: 8 [ 297.703827][ T5153] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 297.732646][ T5153] usb 6-1: config 0 has no interface number 0 [ 297.740450][ T5153] usb 6-1: config 0 interface 1 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 297.756733][ T5153] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 297.787148][ T5153] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.814944][ T5153] usb 6-1: config 0 descriptor?? [ 297.836340][ T5153] iowarrior 6-1:0.1: no interrupt-in endpoint found [ 297.873166][ T924] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 298.003315][ T29] audit: type=1800 audit(1719654232.274:80): pid=8569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.843" name="file1" dev="sda1" ino=1988 res=0 errno=0 [ 298.101863][ T924] usb 2-1: Using ep0 maxpacket: 16 [ 298.120446][ T29] audit: type=1800 audit(1719654232.304:81): pid=8569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.843" name="file2" dev="sda1" ino=1989 res=0 errno=0 [ 298.133322][ T924] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 298.181523][ T924] usb 2-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 298.211633][ T924] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.239191][ T45] gspca_vc032x: reg_r err -32 [ 298.250406][ T45] vc032x 3-1:0.0: probe with driver vc032x failed with error -32 [ 298.279137][ T29] audit: type=1800 audit(1719654232.304:82): pid=8569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.843" name="file2" dev="sda1" ino=1989 res=0 errno=0 [ 298.314149][ T45] usb 3-1: USB disconnect, device number 19 [ 298.319769][ T924] usb 2-1: config 0 descriptor?? [ 298.335797][ T924] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 298.344813][ T8572] netlink: 16 bytes leftover after parsing attributes in process `syz.0.843'. [ 298.538573][ T924] usb 2-1: USB disconnect, device number 10 [ 298.907752][ T8581] sp0: Synchronizing with TNC [ 298.978700][ T8575] loop3: detected capacity change from 0 to 1024 [ 299.231324][ T29] audit: type=1326 audit(1719654233.494:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8584 comm="syz.1.847" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe13db75b99 code=0x0 [ 299.458284][ T8591] process 'syz.0.849' launched './file1' with NULL argv: empty string added [ 300.838935][ T8600] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 300.843113][ T5153] usb 6-1: USB disconnect, device number 22 [ 301.153072][ T8604] loop2: detected capacity change from 0 to 4096 [ 301.205793][ T29] audit: type=1800 audit(1719654235.464:84): pid=8612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.857" name="file1" dev="sda1" ino=1977 res=0 errno=0 [ 301.294045][ T29] audit: type=1800 audit(1719654235.474:85): pid=8612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.857" name="file2" dev="sda1" ino=1978 res=0 errno=0 [ 301.314538][ C0] vkms_vblank_simulate: vblank timer overrun [ 301.331101][ T8612] netlink: 16 bytes leftover after parsing attributes in process `syz.3.857'. [ 301.385711][ T29] audit: type=1800 audit(1719654235.474:86): pid=8612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.857" name="file2" dev="sda1" ino=1978 res=0 errno=0 [ 301.469312][ T8615] loop1: detected capacity change from 0 to 2048 [ 301.558838][ T8615] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 301.591181][ T8620] input: syz0 as /devices/virtual/input/input24 [ 301.599271][ T8615] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 301.742097][ T5150] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 301.971777][ T5150] usb 6-1: Using ep0 maxpacket: 16 [ 301.996275][ T5150] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 302.026486][ T5150] usb 6-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 302.062601][ T5150] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.091794][ T5153] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 302.092748][ T5150] usb 6-1: config 0 descriptor?? [ 302.158501][ T5150] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 302.275623][ T8632] loop1: detected capacity change from 0 to 1024 [ 302.301747][ T5153] usb 4-1: Using ep0 maxpacket: 8 [ 302.307732][ T8640] loop2: detected capacity change from 0 to 8 [ 302.318786][ T29] audit: type=1326 audit(1719654236.584:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8638 comm="syz.0.867" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c775b99 code=0x0 [ 302.318902][ T5153] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 302.368165][ T5153] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 302.381252][ T924] usb 6-1: USB disconnect, device number 23 [ 302.387466][ T5153] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 302.387506][ T5153] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 302.394258][ T5153] usb 4-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 302.443190][ T5153] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 302.451231][ T5153] usb 4-1: Product: syz [ 302.455985][ T5153] usb 4-1: Manufacturer: syz [ 302.460599][ T5153] usb 4-1: SerialNumber: syz [ 302.537552][ T5153] usb 4-1: config 0 descriptor?? [ 302.559681][ T8624] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 302.610478][ T5153] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input25 [ 302.687905][ T8640] SQUASHFS error: zlib decompression failed, data probably corrupt [ 302.704970][ T8640] SQUASHFS error: Failed to read block 0x9b: -5 [ 302.714871][ T8640] SQUASHFS error: Unable to read metadata cache entry [99] [ 302.722697][ T8640] SQUASHFS error: Unable to read inode 0x127 [ 303.286818][ T8652] warning: `syz.5.871' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 303.655684][ T8647] ceph: No mds server is up or the cluster is laggy [ 303.723342][ T8658] loop5: detected capacity change from 0 to 512 [ 303.741899][ T8658] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 303.750687][ T8658] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 303.764157][ T8658] EXT4-fs (loop5): blocks per group (39) and clusters per group (32768) inconsistent [ 304.316603][ T8667] loop2: detected capacity change from 0 to 512 [ 304.426590][ T8667] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.876: corrupted in-inode xattr: invalid ea_ino [ 304.485555][ T8667] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.876: couldn't read orphan inode 15 (err -117) [ 304.768929][ T8667] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.243092][ T5795] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.275159][ T29] audit: type=1326 audit(1719654239.504:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8680 comm="syz.3.884" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa1b6f75b99 code=0x0 [ 305.566564][ T5153] imon:send_packet: packet tx failed (-71) [ 305.612069][ T5153] imon 4-1:0.0: panel buttons/knobs setup failed [ 305.621204][ T8690] loop1: detected capacity change from 0 to 512 [ 305.692086][ T5150] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 305.713818][ T8696] overlayfs: missing 'lowerdir' [ 305.727357][ T8690] EXT4-fs (loop1): blocks per group (33) and clusters per group (32768) inconsistent [ 305.752093][ T5153] rc_core: IR keymap rc-imon-pad not found [ 305.768437][ T5153] Registered IR keymap rc-empty [ 305.795910][ T5153] imon 4-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 305.839741][ T5153] imon 4-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 305.872080][ T5153] imon:send_packet: packet tx failed (-71) [ 305.886252][ T5150] usb 5-1: Using ep0 maxpacket: 16 [ 305.905295][ T5150] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 305.915815][ T5153] imon 4-1:0.0: remote input dev register failed [ 305.948986][ T5153] imon 4-1:0.0: imon_init_intf0: rc device setup failed [ 305.961422][ T5150] usb 5-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 306.036037][ T5150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.094523][ T5153] imon 4-1:0.0: unable to initialize intf0, err 0 [ 306.099504][ T5150] usb 5-1: config 0 descriptor?? [ 306.109463][ T5153] imon:imon_probe: failed to initialize context! [ 306.133494][ T5153] imon 4-1:0.0: unable to register, err -19 [ 306.155312][ T5150] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 306.205367][ T5153] usb 4-1: USB disconnect, device number 17 [ 306.374459][ T5150] usb 5-1: USB disconnect, device number 11 [ 306.921784][ T58] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 307.003033][ T924] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 307.037573][ T8731] loop4: detected capacity change from 0 to 2048 [ 307.056155][ T29] audit: type=1804 audit(1719654241.324:89): pid=8698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.888" name="/root/syzkaller.Hifcsv/52/bus" dev="sda1" ino=1978 res=1 errno=0 [ 307.096604][ T8731] loop4: p1 p2 p3 [ 307.110843][ T8731] loop4: p3 size 2164260864 extends beyond EOD, truncated [ 307.127091][ T58] usb 2-1: Using ep0 maxpacket: 8 [ 307.138152][ T58] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 307.165462][ T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 307.184371][ T4541] loop4: p1 p2 p3 [ 307.190583][ T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 307.192726][ T924] usb 4-1: Using ep0 maxpacket: 8 [ 307.214549][ T4541] loop4: p3 size 2164260864 extends beyond EOD, truncated [ 307.218064][ T924] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 307.233074][ T58] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 307.260601][ T58] usb 2-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 307.274664][ T924] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 307.281520][ T58] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.294511][ T29] audit: type=1326 audit(1719654241.544:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.0.904" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c775b99 code=0x0 [ 307.309303][ T58] usb 2-1: Product: syz [ 307.323687][ T924] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.349438][ T58] usb 2-1: Manufacturer: syz [ 307.357393][ T924] usb 4-1: config 0 descriptor?? [ 307.373825][ T58] usb 2-1: SerialNumber: syz [ 307.376682][ T924] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 307.421097][ T58] usb 2-1: config 0 descriptor?? [ 307.439102][ T8722] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 307.486722][ T58] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input27 [ 307.487151][ T8740] loop4: detected capacity change from 0 to 512 [ 307.519000][ T8740] ext3: Unknown parameter 'defcontext' [ 307.613148][ T7380] udevd[7380]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 307.621114][ T5152] udevd[5152]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 307.631004][ T7297] udevd[7297]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 308.403685][ T924] gspca_vc032x: reg_r err -32 [ 308.408521][ T924] vc032x 4-1:0.0: probe with driver vc032x failed with error -32 [ 308.450597][ T924] usb 4-1: USB disconnect, device number 18 [ 308.762024][ T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 308.874233][ T8763] loop2: detected capacity change from 0 to 256 [ 308.884666][ T8763] exfat: Unknown parameter '000000000000000000000x0000000020737365rem_¦Ü1ɦŒŠ Ÿb]ÉA©ÅÉwvB5$WF]Ƚ9„„œç‚-ðΈp˜Óf%FïÐ3*¹ý)i€kG `óãÃüS푸]˱¼EÕF"™9çчÜ×8ûœÈÄ?Kjz'ä8è!zàé [ 308.884666][ T8763] Ñý' [ 308.945952][ T7297] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 308.971570][ T8763] loop2: detected capacity change from 0 to 512 [ 308.977972][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 308.991809][ T7297] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 309.000958][ T7297] Buffer I/O error on dev loop2, logical block 0, async page read [ 309.029285][ T8763] ext3: Unknown parameter 'nouser_xattr' [ 309.038016][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 309.076176][ T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 309.112283][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.133914][ T9] usb 5-1: config 0 descriptor?? [ 309.181558][ T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 309.239263][ T29] audit: type=1804 audit(1719654243.504:91): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.916" name="/root/syzkaller.00nZ0i/119/bus" dev="sda1" ino=1987 res=1 errno=0 [ 309.499749][ T58] imon:send_packet: packet tx failed (-71) [ 309.514613][ T29] audit: type=1804 audit(1719654243.534:92): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.916" name="/root/syzkaller.00nZ0i/119/bus" dev="sda1" ino=1987 res=1 errno=0 [ 309.540088][ T58] imon 2-1:0.0: panel buttons/knobs setup failed [ 309.547823][ T9] usb 5-1: USB disconnect, device number 12 [ 309.547854][ T29] audit: type=1804 audit(1719654243.534:93): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.916" name="/root/syzkaller.00nZ0i/119/bus" dev="sda1" ino=1987 res=1 errno=0 [ 309.586382][ T29] audit: type=1804 audit(1719654243.534:94): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.916" name="/root/syzkaller.00nZ0i/119/bus" dev="sda1" ino=1987 res=1 errno=0 [ 309.624842][ T29] audit: type=1804 audit(1719654243.544:95): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.916" name="/root/syzkaller.00nZ0i/119/bus" dev="sda1" ino=1987 res=1 errno=0 [ 310.431829][ T58] rc_core: IR keymap rc-imon-pad not found [ 310.437845][ T58] Registered IR keymap rc-empty [ 310.447789][ T58] imon 2-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 310.471685][ T58] imon 2-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 310.502444][ T58] imon:send_packet: packet tx failed (-71) [ 310.534374][ T58] imon 2-1:0.0: remote input dev register failed [ 310.541159][ T58] imon 2-1:0.0: imon_init_intf0: rc device setup failed [ 310.588488][ T8774] loop1: detected capacity change from 0 to 16 [ 310.663276][ T58] imon 2-1:0.0: unable to initialize intf0, err 0 [ 310.669753][ T58] imon:imon_probe: failed to initialize context! [ 310.699749][ T8774] erofs: (device loop1): mounted with root inode @ nid 36. [ 310.709037][ T58] imon 2-1:0.0: unable to register, err -19 [ 310.754937][ T58] usb 2-1: USB disconnect, device number 11 [ 310.871000][ T29] audit: type=1804 audit(1719654245.134:96): pid=8761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.915" name="/root/syzkaller.Hifcsv/56/bus" dev="sda1" ino=1977 res=1 errno=0 [ 310.934000][ T29] audit: type=1326 audit(1719654245.194:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.923" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff071b75b99 code=0x0 [ 311.061363][ T8788] loop4: detected capacity change from 0 to 2048 [ 311.122914][ T8788] loop4: p1 p2 p3 [ 311.156230][ T8788] loop4: p3 size 2164260864 extends beyond EOD, truncated [ 311.565489][ T8807] loop4: detected capacity change from 0 to 256 [ 311.742561][ T8814] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 311.974439][ T8822] loop1: detected capacity change from 0 to 256 [ 311.999604][ T8822] exfat: Unknown parameter '000000000000000000000x0000000020737365rem_¦Ü1ɦŒŠ Ÿb]ÉA©ÅÉwvB5$WF]Ƚ9„„œç‚-ðΈp˜Óf%FïÐ3*¹ý)i€kG `óãÃüS푸]˱¼EÕF"™9çчÜ×8ûœÈÄ?Kjz'ä8è!zàé [ 311.999604][ T8822] Ñý' [ 312.106032][ T8822] loop1: detected capacity change from 0 to 512 [ 312.125094][ T8822] ext3: Unknown parameter 'nouser_xattr' [ 312.171921][ T58] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 312.187916][ T7297] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 312.391919][ T58] usb 3-1: Using ep0 maxpacket: 8 [ 312.408496][ T58] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 312.423037][ T58] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 312.432595][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.479988][ T58] usb 3-1: config 0 descriptor?? [ 312.481746][ T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 312.489004][ T58] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 312.525874][ T29] audit: type=1804 audit(1719654246.794:98): pid=8835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.932" name="/root/syzkaller.FbRuNP/147/bus" dev="sda1" ino=1987 res=1 errno=0 [ 312.704771][ T29] audit: type=1804 audit(1719654246.974:99): pid=8837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.932" name="/root/syzkaller.FbRuNP/147/bus" dev="sda1" ino=1987 res=1 errno=0 [ 312.952194][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 313.098192][ T9] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 313.109845][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 313.128389][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 313.139679][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 313.205833][ T9] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 313.252127][ T29] audit: type=1804 audit(1719654247.034:100): pid=8835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.932" name="/root/syzkaller.FbRuNP/147/bus" dev="sda1" ino=1987 res=1 errno=0 [ 313.275181][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.357923][ T9] usb 5-1: Product: syz [ 313.382140][ T9] usb 5-1: Manufacturer: syz [ 313.431765][ T29] audit: type=1804 audit(1719654247.084:101): pid=8835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.932" name="/root/syzkaller.FbRuNP/147/bus" dev="sda1" ino=1987 res=1 errno=0 [ 313.465453][ T9] usb 5-1: SerialNumber: syz [ 313.503231][ T9] usb 5-1: config 0 descriptor?? [ 313.551977][ T8832] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 313.554171][ T29] audit: type=1800 audit(1719654247.824:102): pid=8868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.935" name="file1" dev="sda1" ino=1987 res=0 errno=0 [ 313.582991][ T58] gspca_vc032x: reg_r err -32 [ 313.599077][ T58] vc032x 3-1:0.0: probe with driver vc032x failed with error -32 [ 313.627216][ T9] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input29 [ 313.649241][ T58] usb 3-1: USB disconnect, device number 20 [ 313.693923][ T29] audit: type=1800 audit(1719654247.854:103): pid=8868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.935" name="file2" dev="sda1" ino=1989 res=0 errno=0 [ 313.890617][ T8871] loop3: detected capacity change from 0 to 2048 [ 313.953106][ T8871] loop3: p1 p2 p3 [ 313.971975][ T8871] loop3: p3 size 2164260864 extends beyond EOD, truncated [ 314.213799][ T7297] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 314.229425][ T8869] loop1: detected capacity change from 0 to 32768 [ 314.241881][ T8873] capability: warning: `syz.0.938' uses deprecated v2 capabilities in a way that may be insecure [ 314.260415][ T8869] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.936 (8869) [ 314.296925][ T8869] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 314.330210][ T8869] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 314.358463][ T5391] udevd[5391]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 314.372291][ T8869] BTRFS info (device loop1): using free-space-tree [ 314.398646][ T7517] udevd[7517]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 314.406509][ T7297] udevd[7297]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 314.569454][ T29] audit: type=1326 audit(1719654248.814:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.0.941" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c775b99 code=0x0 [ 314.615124][ T8886] loop3: detected capacity change from 0 to 16 [ 314.646528][ T8869] BTRFS info (device loop1): rebuilding free space tree [ 314.652388][ T8886] erofs: (device loop3): mounted with root inode @ nid 36. [ 314.747798][ T8895] netlink: 12 bytes leftover after parsing attributes in process `syz.0.941'. [ 314.777761][ T29] audit: type=1804 audit(1719654249.044:105): pid=8869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.936" name="/root/syzkaller.FbRuNP/149/bus/bus" dev="loop1" ino=263 res=1 errno=0 [ 314.905752][ T5089] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 315.144204][ T9] imon:send_packet: packet tx failed (-71) [ 315.195334][ T9] imon 5-1:0.0: panel buttons/knobs setup failed [ 315.471894][ T9] rc_core: IR keymap rc-imon-pad not found [ 315.501565][ T9] Registered IR keymap rc-empty [ 315.553150][ T9] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 315.601838][ T9] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 315.618929][ T9] imon:send_packet: packet tx failed (-71) [ 315.682006][ T9] imon 5-1:0.0: remote input dev register failed [ 315.706688][ T9] imon 5-1:0.0: imon_init_intf0: rc device setup failed [ 315.801983][ T29] audit: type=1800 audit(1719654250.054:106): pid=8918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.949" name="file1" dev="sda1" ino=1975 res=0 errno=0 [ 315.824629][ T8921] netlink: 8 bytes leftover after parsing attributes in process `syz.1.951'. [ 315.898877][ T29] audit: type=1800 audit(1719654250.064:107): pid=8918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.949" name="file2" dev="sda1" ino=1981 res=0 errno=0 [ 315.902040][ T9] imon 5-1:0.0: unable to initialize intf0, err 0 [ 316.011794][ T9] imon:imon_probe: failed to initialize context! [ 316.018177][ T9] imon 5-1:0.0: unable to register, err -19 [ 316.082320][ T9] usb 5-1: USB disconnect, device number 13 [ 316.136250][ T8929] loop1: detected capacity change from 0 to 2048 [ 316.184836][ T8929] loop1: p1 p2 p3 [ 316.200930][ T8929] loop1: p3 size 2164260864 extends beyond EOD, truncated [ 316.729151][ T8941] loop2: detected capacity change from 0 to 512 [ 316.749228][ T1241] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.759568][ T1241] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.817481][ T8941] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.959: corrupted in-inode xattr: invalid ea_ino [ 316.954906][ T8941] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.959: couldn't read orphan inode 15 (err -117) [ 317.030933][ T8941] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 317.364220][ T8958] loop1: detected capacity change from 0 to 1024 [ 317.467971][ T5795] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 318.221899][ T8934] loop4: detected capacity change from 0 to 32768 [ 318.253168][ T8934] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.956 (8934) [ 318.301721][ T29] audit: type=1800 audit(1719654252.553:108): pid=8963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.965" name="file1" dev="sda1" ino=1992 res=0 errno=0 [ 318.343938][ T8934] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 318.344494][ T5110] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 318.367555][ T5110] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 318.376925][ T5110] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 318.392039][ T5110] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 318.402194][ T5110] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 318.413301][ T5110] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 318.420781][ T29] audit: type=1800 audit(1719654252.573:109): pid=8963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.965" name="file2" dev="sda1" ino=1994 res=0 errno=0 [ 318.453575][ T8934] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 318.477507][ T5094] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 318.495247][ T5094] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 318.505452][ T5094] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 318.521861][ T5094] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 318.529031][ T8934] BTRFS info (device loop4): using free-space-tree [ 318.537321][ T5094] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 318.546284][ T5094] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 318.835153][ T8934] BTRFS info (device loop4): rebuilding free space tree [ 318.869699][ T8987] loop2: detected capacity change from 0 to 2048 [ 318.952682][ T8987] loop2: p1 p2 p3 [ 318.984737][ T8987] loop2: p3 size 2164260864 extends beyond EOD, truncated [ 318.994380][ T8989] loop3: detected capacity change from 0 to 4096 [ 319.003860][ T29] audit: type=1804 audit(1719654253.273:110): pid=8934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.956" name="/root/syzkaller.1SPqcH/157/bus/bus" dev="loop4" ino=263 res=1 errno=0 [ 319.031450][ T8989] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 319.083753][ T8989] ntfs3: loop3: It is recommened to use chkdsk. [ 319.227998][ T5091] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 319.389775][ T9002] netlink: 68 bytes leftover after parsing attributes in process `syz.2.975'. [ 319.452023][ T9002] netlink: 32 bytes leftover after parsing attributes in process `syz.2.975'. [ 319.612761][ T5097] ntfs3: loop3: failed to convert "076c" to cp855 [ 320.377168][ T9014] ceph: No mds server is up or the cluster is laggy [ 320.385129][ T9012] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 320.391128][ T9012] Bluetooth: hci6: Error when powering off device on rfkill (-4) [ 320.610465][ T9021] Process accounting resumed [ 320.799345][ T9023] Cannot find add_set index 0 as target [ 320.927557][ T8964] chnl_net:caif_netlink_parms(): no params data found [ 321.031915][ T29] audit: type=1800 audit(1719654255.223:111): pid=9029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.982" name="file1" dev="sda1" ino=1980 res=0 errno=0 [ 321.180365][ T29] audit: type=1800 audit(1719654255.223:112): pid=9029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.982" name="file2" dev="sda1" ino=1982 res=0 errno=0 [ 322.083409][ T9041] loop2: detected capacity change from 0 to 16 [ 322.107428][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.119292][ T9041] erofs: Unknown parameter '/dev/nbd2' [ 322.215441][ T7297] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 322.325678][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.403652][ T9051] Process accounting resumed [ 322.535412][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.585913][ T8964] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.610549][ T8964] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.636530][ T8964] bridge_slave_0: entered allmulticast mode [ 322.663211][ T8964] bridge_slave_0: entered promiscuous mode [ 322.700548][ T8964] bridge0: port 2(bridge_slave_1) entered blocking state [ 322.709454][ T8964] bridge0: port 2(bridge_slave_1) entered disabled state [ 322.729450][ T8964] bridge_slave_1: entered allmulticast mode [ 322.739130][ T8964] bridge_slave_1: entered promiscuous mode [ 322.752224][ T5110] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 322.757445][ T5110] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 322.758268][ T5110] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 322.759975][ T5110] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 322.763666][ T5110] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 322.764236][ T5110] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 322.781231][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.828093][ T5094] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 322.829318][ T5094] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 322.830136][ T5094] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 322.837966][ T5094] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 322.839300][ T5094] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 322.839854][ T5094] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 323.110980][ T8964] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 323.172707][ T8964] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 323.265091][ T29] audit: type=1800 audit(1719654257.533:113): pid=9071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.998" name="file1" dev="sda1" ino=1957 res=0 errno=0 [ 323.373315][ T29] audit: type=1800 audit(1719654257.543:114): pid=9071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.998" name="file2" dev="sda1" ino=1958 res=0 errno=0 [ 323.393786][ C0] vkms_vblank_simulate: vblank timer overrun [ 323.461278][ T8964] team0: Port device team_slave_0 added [ 323.487106][ T8964] team0: Port device team_slave_1 added [ 323.515730][ T9081] overlayfs: failed to resolve './file1': -2 [ 323.562713][ T9081] Process accounting resumed [ 323.606553][ T8964] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 323.654939][ T8964] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 323.680891][ C0] vkms_vblank_simulate: vblank timer overrun [ 323.764788][ T8964] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 324.376664][ T8964] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 324.436251][ T8964] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.462299][ C0] vkms_vblank_simulate: vblank timer overrun [ 324.520281][ T8964] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 324.551288][ T9088] tipc: Started in network mode [ 324.556593][ T9088] tipc: Node identity ac14140f, cluster identity 4711 [ 324.569326][ T9088] tipc: Enabled bearer , priority 10 [ 324.902210][ T5094] Bluetooth: hci5: command tx timeout [ 325.019736][ T12] bridge_slave_1: left allmulticast mode [ 325.033167][ T12] bridge_slave_1: left promiscuous mode [ 325.052842][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.097423][ T12] bridge_slave_0: left allmulticast mode [ 325.111413][ T12] bridge_slave_0: left promiscuous mode [ 325.118343][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.633375][ T29] audit: type=1800 audit(1719654259.883:115): pid=9124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1014" name="file1" dev="sda1" ino=1986 res=0 errno=0 [ 325.683331][ T5093] tipc: Node number set to 2886997007 [ 325.725337][ T29] audit: type=1800 audit(1719654259.923:116): pid=9124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1014" name="file2" dev="sda1" ino=1989 res=0 errno=0 [ 325.745852][ C0] vkms_vblank_simulate: vblank timer overrun [ 325.846286][ T29] audit: type=1800 audit(1719654259.933:117): pid=9124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1014" name="file2" dev="sda1" ino=1989 res=0 errno=0 [ 326.636422][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 326.986552][ T5094] Bluetooth: hci5: command tx timeout [ 327.413316][ T9170] loop1: detected capacity change from 0 to 1024 [ 327.529019][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 327.553467][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 327.597980][ T12] bond0 (unregistering): Released all slaves [ 327.664062][ T8964] hsr_slave_0: entered promiscuous mode [ 327.681299][ T8964] hsr_slave_1: entered promiscuous mode [ 327.696454][ T8964] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 327.722007][ T8964] Cannot create hsr debugfs directory [ 329.062059][ T5094] Bluetooth: hci5: command tx timeout [ 329.593634][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 329.801197][ T12] hsr_slave_0: left promiscuous mode [ 329.852924][ T12] hsr_slave_1: left promiscuous mode [ 329.864070][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 329.890668][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 329.921488][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 329.936287][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 329.986065][ T12] veth1_macvtap: left promiscuous mode [ 330.011763][ T12] veth0_macvtap: left promiscuous mode [ 330.017463][ T12] veth1_vlan: left promiscuous mode [ 330.049315][ T12] veth0_vlan: left promiscuous mode [ 330.531838][ T45] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 331.142035][ T5094] Bluetooth: hci5: command tx timeout [ 331.624325][ T45] usb 5-1: device descriptor read/64, error -71 [ 331.941955][ T45] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 332.121855][ T45] usb 5-1: device descriptor read/64, error -71 [ 332.262703][ T45] usb usb5-port1: attempt power cycle [ 332.681954][ T45] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 332.735882][ T45] usb 5-1: device descriptor read/8, error -71 [ 332.780630][ T12] team0 (unregistering): Port device team_slave_1 removed [ 332.995314][ T12] team0 (unregistering): Port device team_slave_0 removed [ 333.003024][ T45] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 333.045576][ T45] usb 5-1: device descriptor read/8, error -71 [ 333.175854][ T45] usb usb5-port1: unable to enumerate USB device [ 333.951180][ T5110] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 333.960793][ T5110] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 333.975297][ T5110] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 333.984865][ T5110] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 333.994738][ T5110] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 334.008043][ T5110] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 334.339233][ T8964] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.579551][ T8964] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.644497][ T9059] chnl_net:caif_netlink_parms(): no params data found [ 334.932196][ T8964] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.183906][ T8964] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.223668][ T29] audit: type=1800 audit(1719654269.493:118): pid=9301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1059" name="file1" dev="sda1" ino=1983 res=0 errno=0 [ 335.254799][ T29] audit: type=1800 audit(1719654269.493:119): pid=9301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1059" name="file2" dev="sda1" ino=1984 res=0 errno=0 [ 335.322402][ T29] audit: type=1800 audit(1719654269.493:120): pid=9301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1059" name="file2" dev="sda1" ino=1984 res=0 errno=0 [ 335.375981][ T9299] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 335.561366][ T9059] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.571297][ T9059] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.579362][ T9059] bridge_slave_0: entered allmulticast mode [ 335.588101][ T9059] bridge_slave_0: entered promiscuous mode [ 335.766157][ T9059] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.811885][ T9059] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.819098][ T9059] bridge_slave_1: entered allmulticast mode [ 335.868556][ T9059] bridge_slave_1: entered promiscuous mode [ 336.111601][ T5110] Bluetooth: hci2: command tx timeout [ 336.178686][ T9059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 336.402943][ T9059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 336.801304][ T5093] libceph: connect (1)[c::]:6789 error -101 [ 336.877800][ T5093] libceph: mon0 (1)[c::]:6789 connect error [ 337.021090][ T9343] ceph: No mds server is up or the cluster is laggy [ 337.216065][ T9342] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 337.227047][ T9342] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 337.237768][ T9348] loop2: detected capacity change from 0 to 512 [ 337.285942][ T9059] team0: Port device team_slave_0 added [ 337.294409][ T9342] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 337.300377][ T9342] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 337.305590][ T9059] team0: Port device team_slave_1 added [ 337.358719][ T9269] chnl_net:caif_netlink_parms(): no params data found [ 337.372720][ T9348] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 337.431910][ T9348] ext4 filesystem being mounted at /root/syzkaller.00nZ0i/151/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 337.539437][ T9348] EXT4-fs error (device loop2): ext4_do_update_inode:5075: inode #2: comm syz.2.1072: corrupted inode contents [ 337.581584][ T9348] EXT4-fs error (device loop2): ext4_dirty_inode:5935: inode #2: comm syz.2.1072: mark_inode_dirty error [ 337.608935][ T9348] EXT4-fs error (device loop2): ext4_do_update_inode:5075: inode #2: comm syz.2.1072: corrupted inode contents [ 337.638708][ T9348] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.1072: mark_inode_dirty error [ 337.693618][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.729618][ T9348] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 337.883376][ T9059] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 337.890358][ T9059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 337.930515][ T9059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 337.943961][ T5795] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.000366][ T8964] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 338.053951][ T8964] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 338.132167][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.197183][ T9059] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 338.237967][ T9059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 338.271726][ T9059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 338.358187][ T8964] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 338.586602][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.635035][ T9358] loop1: detected capacity change from 0 to 32768 [ 338.961036][ T9358] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 339.211977][ T9059] hsr_slave_0: entered promiscuous mode [ 339.270408][ T9059] hsr_slave_1: entered promiscuous mode [ 339.423434][ T8964] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 339.603072][ T9358] XFS (loop1): Ending clean mount [ 339.624962][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.658802][ T9358] XFS (loop1): Quotacheck needed: Please wait. [ 340.098877][ T9358] XFS (loop1): Quotacheck: Done. [ 340.317022][ T5089] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 340.329394][ T9269] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.342830][ T9269] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.389140][ T9269] bridge_slave_0: entered allmulticast mode [ 340.415627][ T9269] bridge_slave_0: entered promiscuous mode [ 340.638700][ T9368] loop2: detected capacity change from 0 to 32768 [ 340.693229][ T9269] bridge0: port 2(bridge_slave_1) entered blocking state [ 340.700389][ T9269] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.775081][ T9269] bridge_slave_1: entered allmulticast mode [ 340.842432][ T9269] bridge_slave_1: entered promiscuous mode [ 340.881059][ T9368] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 341.115227][ T9368] XFS (loop2): Ending clean mount [ 341.191087][ T9269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 341.357777][ T9269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 341.797555][ T5795] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 341.809200][ T12] bridge_slave_1: left allmulticast mode [ 341.817470][ T12] bridge_slave_1: left promiscuous mode [ 341.823702][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.837441][ T12] bridge_slave_0: left allmulticast mode [ 341.843470][ T12] bridge_slave_0: left promiscuous mode [ 341.849977][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.740790][ T9433] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1088'. [ 342.849169][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 342.863243][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 342.878426][ T12] bond0 (unregistering): Released all slaves [ 342.902128][ T12] bond1 (unregistering): Released all slaves [ 342.909481][ T9431] loop2: detected capacity change from 0 to 32768 [ 342.927696][ T9269] team0: Port device team_slave_0 added [ 342.939206][ T9431] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1087 (9431) [ 342.965454][ T9431] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 342.982829][ T9431] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 343.006816][ T9431] BTRFS info (device loop2): using free-space-tree [ 343.136935][ T9431] BTRFS info (device loop2): rebuilding free space tree [ 343.140566][ T9269] team0: Port device team_slave_1 added [ 343.529199][ T9269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 343.535713][ T5795] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 343.548342][ T9269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.577607][ T9269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.639864][ T9269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.651048][ T9269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.677827][ T9269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 344.138627][ T9269] hsr_slave_0: entered promiscuous mode [ 344.148030][ T9269] hsr_slave_1: entered promiscuous mode [ 344.154680][ T9269] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 344.162416][ T9269] Cannot create hsr debugfs directory [ 344.229918][ T12] hsr_slave_0: left promiscuous mode [ 344.254496][ T12] hsr_slave_1: left promiscuous mode [ 344.284202][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 344.312244][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 344.344279][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.351992][ T924] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 344.391965][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 344.529749][ T12] veth0_macvtap: left promiscuous mode [ 344.535577][ T12] veth1_vlan: left promiscuous mode [ 344.542295][ T12] veth0_vlan: left promiscuous mode [ 344.571772][ T924] usb 3-1: Using ep0 maxpacket: 16 [ 344.627406][ T924] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 344.685213][ T924] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 344.715821][ T924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.744344][ T924] usb 3-1: config 0 descriptor?? [ 344.764975][ T924] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 344.981578][ T924] usb 3-1: USB disconnect, device number 21 [ 345.430035][ T12] team0 (unregistering): Port device team_slave_1 removed [ 345.473956][ T12] team0 (unregistering): Port device team_slave_0 removed [ 345.936687][ T9476] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1098'. [ 345.988350][ T924] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 346.201998][ T924] usb 3-1: Using ep0 maxpacket: 16 [ 346.211107][ T924] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 346.232722][ T924] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 346.250955][ T924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.278189][ T8964] 8021q: adding VLAN 0 to HW filter on device bond0 [ 346.304266][ T924] usb 3-1: config 0 descriptor?? [ 346.465131][ T9059] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 346.499497][ T9059] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 346.523257][ T9480] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1100'. [ 346.594017][ T8964] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.674301][ T9059] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 346.736794][ T9059] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 346.770402][ T9484] loop1: detected capacity change from 0 to 32768 [ 346.787001][ T9484] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1101 (9484) [ 346.806760][ T9484] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 346.844183][ T9484] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 346.872757][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.879987][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 346.888810][ T9484] BTRFS info (device loop1): using free-space-tree [ 346.896752][ T9480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.926753][ T9480] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 346.948871][ T9480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.982924][ T9480] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 347.013745][ T924] hid (null): report_id 2838798905 is invalid [ 347.057596][ T924] hid (null): unknown global tag 0xc [ 347.088946][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 347.096188][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 347.103972][ T924] hid (null): unknown global tag 0xa5 [ 347.116089][ T924] hid (null): unknown global tag 0xd [ 347.155023][ T924] hid-generic 0003:0158:0100.0007: unknown main item tag 0x1 [ 347.173071][ T9484] BTRFS info (device loop1): rebuilding free space tree [ 347.206867][ T924] hid-generic 0003:0158:0100.0007: unexpected long global item [ 347.239167][ T924] hid-generic 0003:0158:0100.0007: probe with driver hid-generic failed with error -22 [ 347.310033][ T924] usb 3-1: USB disconnect, device number 22 [ 347.329515][ T29] audit: type=1804 audit(1719654281.593:121): pid=9484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1101" name="/root/syzkaller.FbRuNP/191/bus/bus" dev="loop1" ino=263 res=1 errno=0 [ 347.410766][ T29] audit: type=1804 audit(1719654281.593:122): pid=9484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1101" name="/root/syzkaller.FbRuNP/191/bus/bus" dev="loop1" ino=263 res=1 errno=0 [ 347.442980][ T29] audit: type=1804 audit(1719654281.593:123): pid=9484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1101" name="/root/syzkaller.FbRuNP/191/bus/bus" dev="loop1" ino=263 res=1 errno=0 [ 347.721456][ T5089] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 347.993500][ T9059] 8021q: adding VLAN 0 to HW filter on device bond0 [ 348.022722][ T9269] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 348.078692][ T9269] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 348.159604][ T9269] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 348.268677][ T9059] 8021q: adding VLAN 0 to HW filter on device team0 [ 348.312488][ T9269] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 348.358433][ T8964] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 348.419874][ T924] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.427113][ T924] bridge0: port 1(bridge_slave_0) entered forwarding state [ 348.453910][ T924] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.461068][ T924] bridge0: port 2(bridge_slave_1) entered forwarding state [ 348.572687][ T58] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 348.782805][ T58] usb 3-1: Using ep0 maxpacket: 16 [ 348.833766][ T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 348.878364][ T58] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 348.901095][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 348.952912][ T58] usb 3-1: config 0 descriptor?? [ 348.997139][ T9269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 349.002615][ T58] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 349.134962][ T9269] 8021q: adding VLAN 0 to HW filter on device team0 [ 349.188423][ T924] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.190374][ T58] usb 3-1: USB disconnect, device number 23 [ 349.195643][ T924] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.335054][ T924] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.342307][ T924] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.679363][ T9059] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 349.835043][ T8964] veth0_vlan: entered promiscuous mode [ 349.957720][ T8964] veth1_vlan: entered promiscuous mode [ 350.102211][ T9059] veth0_vlan: entered promiscuous mode [ 350.188210][ T9059] veth1_vlan: entered promiscuous mode [ 350.393460][ T8964] veth0_macvtap: entered promiscuous mode [ 350.505914][ T8964] veth1_macvtap: entered promiscuous mode [ 350.623281][ T8964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.662087][ T8964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.689372][ T8964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.710305][ T8964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.730745][ T8964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.753100][ T8964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.763573][ T8964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.782232][ T8964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.804415][ T8964] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 350.820885][ T9059] veth0_macvtap: entered promiscuous mode [ 350.867551][ T9269] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 350.964750][ T8964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.991196][ T8964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.020020][ T8964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 351.032430][ T8964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.044061][ T8964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 351.065185][ T8964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.085390][ T8964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 351.121780][ T8964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.155654][ T8964] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 351.177479][ T9059] veth1_macvtap: entered promiscuous mode [ 351.217680][ T8964] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 351.247639][ T8964] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 351.278282][ T8964] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 351.318420][ T8964] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 351.588194][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 351.626924][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.678054][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 351.711720][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.742030][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 351.782900][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.812145][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 351.831114][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.871768][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 351.910782][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 351.948698][ T9059] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 352.050762][ T2907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 352.061219][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.096296][ T2907] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.110266][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.151332][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.183679][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.211755][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.241723][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.263174][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.303193][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.331725][ T9059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.351996][ T9059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.383978][ T9059] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 352.458763][ T9059] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.500356][ T9059] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.548928][ T9059] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.567888][ T9059] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.624260][ T29] audit: type=1804 audit(1719654286.893:124): pid=9573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1115" name="/root/syzkaller.Hifcsv/119/bus" dev="sda1" ino=1962 res=1 errno=0 [ 352.699190][ T2896] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 352.737848][ T2896] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.747449][ T29] audit: type=1804 audit(1719654286.893:125): pid=9573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1115" name="/root/syzkaller.Hifcsv/119/bus" dev="sda1" ino=1962 res=1 errno=0 [ 352.786798][ T29] audit: type=1804 audit(1719654286.893:126): pid=9573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1115" name="/root/syzkaller.Hifcsv/119/bus" dev="sda1" ino=1962 res=1 errno=0 [ 353.136488][ T9269] veth0_vlan: entered promiscuous mode [ 353.300046][ T9269] veth1_vlan: entered promiscuous mode [ 353.413498][ T2778] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.421360][ T2778] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 353.584516][ T9269] veth0_macvtap: entered promiscuous mode [ 353.659269][ T9269] veth1_macvtap: entered promiscuous mode [ 353.710669][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.742044][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 353.769656][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 353.801787][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.811605][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 353.856750][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.901779][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 353.932009][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.943528][ T5150] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 353.962259][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 353.984042][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.011871][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 354.044734][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.069643][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 354.090500][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.133603][ T9269] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 354.171888][ T5150] usb 6-1: Using ep0 maxpacket: 16 [ 354.186448][ T5150] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 354.204884][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 354.221323][ T5150] usb 6-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 354.251845][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.264576][ T5150] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.298460][ T5150] usb 6-1: config 0 descriptor?? [ 354.301486][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 354.326985][ T5150] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 354.337729][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.387309][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 354.422460][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.454125][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 354.471470][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.499475][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 354.512502][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.534107][ T5150] usb 6-1: USB disconnect, device number 24 [ 354.556181][ T9269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 354.603559][ T9269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.625617][ T9269] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 354.705830][ T9269] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 354.735094][ T9269] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 354.766192][ T9269] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 354.783899][ T9269] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.237486][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 355.309519][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 355.469190][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 355.531717][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 355.618415][ T9652] loop5: detected capacity change from 0 to 4096 [ 355.681711][ T9652] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 355.761871][ T8] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 355.784195][ T9652] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 355.827883][ T9652] ntfs3: loop5: Failed to load $Extend (-22). [ 355.843483][ T9652] ntfs3: loop5: Failed to initialize $Extend. [ 355.984554][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 356.021215][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 356.086929][ T8] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 356.116517][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 356.174320][ T8] usb 4-1: config 0 descriptor?? [ 356.426303][ T9654] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1127'. [ 356.905142][ T9654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 356.952130][ T9654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 357.004658][ T9654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 357.092478][ T9654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 357.135854][ T8] hid (null): report_id 2838798905 is invalid [ 357.153577][ T8] hid (null): unknown global tag 0xc [ 357.158894][ T8] hid (null): unknown global tag 0xa5 [ 357.199017][ T8] hid (null): unknown global tag 0xd [ 357.243975][ T8] hid-generic 0003:0158:0100.0008: unknown main item tag 0x1 [ 357.288191][ T8] hid-generic 0003:0158:0100.0008: unexpected long global item [ 357.332836][ T8] hid-generic 0003:0158:0100.0008: probe with driver hid-generic failed with error -22 [ 357.413113][ T8] usb 4-1: USB disconnect, device number 19 [ 358.182953][ T9669] loop5: detected capacity change from 0 to 32768 [ 358.248877][ T9669] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1128 (9669) [ 358.348698][ T9669] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 358.405930][ T9669] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 358.460807][ T9669] BTRFS info (device loop5): using free-space-tree [ 358.607004][ T9708] loop3: detected capacity change from 0 to 2048 [ 358.678584][ T9669] BTRFS info (device loop5): rebuilding free space tree [ 358.685765][ T5166] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 358.732054][ T58] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 358.744343][ T9708] loop3: p1 p2 p3 [ 358.782989][ T9708] loop3: p3 size 2164260864 extends beyond EOD, truncated [ 358.891442][ T29] audit: type=1804 audit(1719654293.153:127): pid=9669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1128" name="/root/syzkaller.ccr3ie/4/bus/bus" dev="loop5" ino=263 res=1 errno=0 [ 358.926073][ T5166] usb 5-1: Using ep0 maxpacket: 8 [ 358.960364][ T5166] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 358.971906][ T58] usb 3-1: Using ep0 maxpacket: 16 [ 358.997649][ T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 359.002770][ T5166] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 359.026862][ T29] audit: type=1804 audit(1719654293.183:128): pid=9669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1128" name="/root/syzkaller.ccr3ie/4/bus/bus" dev="loop5" ino=263 res=1 errno=0 [ 359.080163][ T58] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 359.143608][ T5166] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 359.145205][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.173392][ T29] audit: type=1804 audit(1719654293.223:129): pid=9669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1128" name="/root/syzkaller.ccr3ie/4/bus/bus" dev="loop5" ino=263 res=1 errno=0 [ 359.207711][ T5166] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 359.287630][ T58] usb 3-1: config 0 descriptor?? [ 359.319050][ T5166] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 359.324772][ T58] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 359.362254][ T5166] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 359.385537][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 359.418708][ T8964] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 359.420589][ T5166] usb 5-1: Product: syz [ 359.448905][ T7380] udevd[7380]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 359.467752][ T5152] udevd[5152]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 359.493280][ T5391] udevd[5391]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 359.519167][ T5166] usb 5-1: Manufacturer: syz [ 359.531994][ T5166] usb 5-1: SerialNumber: syz [ 359.563252][ T5166] usb 5-1: config 0 descriptor?? [ 359.602325][ T58] usb 3-1: USB disconnect, device number 24 [ 359.613610][ T9710] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 359.653665][ T5166] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input31 [ 359.710379][ T5391] udevd[5391]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 359.742128][ T7380] udevd[7380]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 359.767892][ T9741] loop1: detected capacity change from 0 to 4096 [ 359.778017][ T7517] udevd[7517]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 359.877200][ T5166] imon:send_packet: packet tx failed (-71) [ 359.911755][ T9741] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 359.922741][ T5166] imon 5-1:0.0: panel buttons/knobs setup failed [ 360.125327][ T8] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 360.141991][ T5166] rc_core: IR keymap rc-imon-pad not found [ 360.168915][ T5166] Registered IR keymap rc-empty [ 360.192657][ T5166] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 360.222060][ T5166] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 360.268767][ T5166] imon:send_packet: packet tx failed (-71) [ 360.302309][ T5166] imon 5-1:0.0: remote input dev register failed [ 360.347939][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 360.353883][ T5166] imon 5-1:0.0: imon_init_intf0: rc device setup failed [ 360.377636][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 360.430837][ T8] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 360.480494][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.551358][ T8] usb 4-1: config 0 descriptor?? [ 360.633084][ T9741] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 360.677913][ T5166] imon 5-1:0.0: unable to initialize intf0, err 0 [ 360.711786][ T9741] ntfs3: loop1: Failed to load $Extend (-22). [ 360.718022][ T5166] imon:imon_probe: failed to initialize context! [ 360.752105][ T5166] imon 5-1:0.0: unable to register, err -19 [ 360.783797][ T9741] ntfs3: loop1: Failed to initialize $Extend. [ 360.830152][ T9755] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1146'. [ 360.841917][ T5166] usb 5-1: USB disconnect, device number 18 [ 361.247531][ T9755] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 361.303558][ T9755] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 361.353141][ T9755] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 361.393985][ T9755] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 361.434849][ T8] hid (null): report_id 2838798905 is invalid [ 361.453393][ T8] hid (null): unknown global tag 0xc [ 361.489156][ T8] hid (null): unknown global tag 0xa5 [ 361.506937][ T8] hid (null): unknown global tag 0xd [ 361.560870][ T8] hid-generic 0003:0158:0100.0009: unknown main item tag 0x1 [ 361.598536][ T8] hid-generic 0003:0158:0100.0009: unexpected long global item [ 361.634965][ T8] hid-generic 0003:0158:0100.0009: probe with driver hid-generic failed with error -22 [ 361.693073][ T8] usb 4-1: USB disconnect, device number 20 [ 362.781960][ T45] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 362.849503][ T58] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 363.032895][ T45] usb 3-1: Using ep0 maxpacket: 8 [ 363.048351][ T45] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 363.060400][ T58] usb 6-1: Using ep0 maxpacket: 8 [ 363.087987][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x93 has an invalid bInterval 127, changing to 10 [ 363.101039][ T58] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 363.134214][ T58] usb 6-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 363.143739][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x93 has invalid maxpacket 33936, setting to 1024 [ 363.175311][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.183493][ T45] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 363.213427][ T58] usb 6-1: config 0 descriptor?? [ 363.223095][ T45] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 363.253466][ T58] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 363.263132][ T45] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.300004][ T45] usb 3-1: Product: syz [ 363.313505][ T45] usb 3-1: Manufacturer: syz [ 363.338179][ T45] usb 3-1: SerialNumber: syz [ 363.363213][ T45] usb 3-1: config 0 descriptor?? [ 363.372576][ T9809] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 363.384255][ T9794] loop4: detected capacity change from 0 to 32768 [ 363.444527][ T9794] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1157 (9794) [ 363.474318][ T45] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input33 [ 363.492719][ T58] gspca_vc032x: reg_r err -32 [ 363.498901][ T58] vc032x 6-1:0.0: probe with driver vc032x failed with error -32 [ 363.532396][ T9794] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 363.582004][ T9794] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 363.650093][ T45] imon:send_packet: packet tx failed (-71) [ 363.690466][ T9794] BTRFS info (device loop4): using free-space-tree [ 363.734784][ T45] imon 3-1:0.0: panel buttons/knobs setup failed [ 363.930040][ T9794] BTRFS info (device loop4): rebuilding free space tree [ 363.980360][ T9859] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1174'. [ 364.066649][ T45] rc_core: IR keymap rc-imon-pad not found [ 364.085909][ T45] Registered IR keymap rc-empty [ 364.091056][ T45] imon 3-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 364.107597][ T45] imon 3-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 364.135452][ T45] imon:send_packet: packet tx failed (-71) [ 364.162136][ T45] imon 3-1:0.0: remote input dev register failed [ 364.169020][ T45] imon 3-1:0.0: imon_init_intf0: rc device setup failed [ 364.224024][ T45] imon 3-1:0.0: unable to initialize intf0, err 0 [ 364.230468][ T45] imon:imon_probe: failed to initialize context! [ 364.271939][ T45] imon 3-1:0.0: unable to register, err -19 [ 364.298367][ T45] usb 3-1: USB disconnect, device number 25 [ 364.315562][ T9269] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 365.099117][ T9879] loop2: detected capacity change from 0 to 2048 [ 365.192937][ T9879] loop2: p1 p2 p3 [ 365.200383][ T9879] loop2: p3 size 2164260864 extends beyond EOD, truncated [ 365.595210][ T45] usb 6-1: USB disconnect, device number 25 [ 365.793687][ T9898] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.1191'. [ 365.922661][ T9900] veth0_vlan: entered allmulticast mode [ 366.137455][ T9906] veth0_vlan: left promiscuous mode [ 366.154584][ T9906] veth0_vlan: entered promiscuous mode [ 366.253806][ T9910] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1189'. [ 367.201845][ T8] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 367.287556][ T9894] loop4: detected capacity change from 0 to 32768 [ 367.331801][ T9894] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1188 (9894) [ 367.404152][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 367.411932][ T9894] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 367.431539][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 367.455369][ T9894] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 367.481730][ T8] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 367.496666][ T9894] BTRFS info (device loop4): using free-space-tree [ 367.503658][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 367.585222][ T8] usb 4-1: config 0 descriptor?? [ 367.801510][ T9894] BTRFS info (device loop4): rebuilding free space tree [ 367.810666][ T9904] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1193'. [ 368.146758][ T9904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 368.192645][ T9904] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 368.202901][ T9904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 368.253330][ T9904] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 368.267772][ T9269] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 368.276980][ T8] hid (null): report_id 2838798905 is invalid [ 368.297974][ T8] hid (null): unknown global tag 0xc [ 368.320270][ T8] hid (null): unknown global tag 0xa5 [ 368.336202][ T8] hid (null): unknown global tag 0xd [ 368.374487][ T8] hid-generic 0003:0158:0100.000A: unknown main item tag 0x1 [ 368.419485][ T8] hid-generic 0003:0158:0100.000A: unexpected long global item [ 368.443037][ T8] hid-generic 0003:0158:0100.000A: probe with driver hid-generic failed with error -22 [ 368.538204][ T8] usb 4-1: USB disconnect, device number 21 [ 369.004724][ T9962] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1209'. [ 370.158034][ T9979] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1205'. [ 371.143197][ T5154] libceph: connect (1)[c::]:6789 error -101 [ 371.149702][ T5154] libceph: mon0 (1)[c::]:6789 connect error [ 371.455654][ T5154] libceph: connect (1)[c::]:6789 error -101 [ 371.494242][T10004] ceph: No mds server is up or the cluster is laggy [ 371.511843][ T5154] libceph: mon0 (1)[c::]:6789 connect error [ 374.190199][T10058] loop4: detected capacity change from 0 to 32768 [ 374.231277][T10058] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1242 (10058) [ 374.289173][T10058] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 374.330511][T10058] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 374.364879][T10058] BTRFS info (device loop4): using free-space-tree [ 374.542222][T10058] BTRFS info (device loop4): rebuilding free space tree [ 374.713676][ T29] audit: type=1804 audit(1719654308.973:130): pid=10058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1242" name="/root/syzkaller.jwr3IZ/16/bus/bus" dev="loop4" ino=263 res=1 errno=0 [ 374.736314][ C1] vkms_vblank_simulate: vblank timer overrun [ 374.851819][ T29] audit: type=1804 audit(1719654308.973:131): pid=10058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1242" name="/root/syzkaller.jwr3IZ/16/bus/bus" dev="loop4" ino=263 res=1 errno=0 [ 374.936284][ T9269] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 376.274321][T10158] overlayfs: missing 'lowerdir' [ 376.390345][T10158] loop5: detected capacity change from 0 to 1024 [ 376.775143][T10181] syz.0.1280[10181] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 376.775338][T10181] syz.0.1280[10181] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 377.346135][T10193] loop5: detected capacity change from 0 to 2048 [ 377.457135][T10193] loop5: p1 p2 p3 [ 377.475838][T10193] loop5: p3 size 2164260864 extends beyond EOD, truncated [ 377.868645][ T7297] udevd[7297]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 377.887421][ T7517] udevd[7517]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 377.888189][ T7380] udevd[7380]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 378.192550][ T1241] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.198901][ T1241] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.443694][T10215] overlayfs: missing 'lowerdir' [ 378.841788][ T5166] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 379.214715][ T5166] usb 3-1: Using ep0 maxpacket: 32 [ 379.235919][ T5166] usb 3-1: New USB device found, idVendor=0b54, idProduct=62a0, bcdDevice=a0.56 [ 379.275714][ T5166] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 379.323917][ T5166] usb 3-1: Product: syz [ 379.341634][ T5166] usb 3-1: Manufacturer: syz [ 379.346294][ T5166] usb 3-1: SerialNumber: syz [ 379.422966][ T5166] usb 3-1: config 0 descriptor?? [ 379.710131][ T5166] usb 3-1: USB disconnect, device number 26 [ 381.029308][T10242] kernel profiling enabled (shift: 5) [ 381.131719][ C0] ================================================================== [ 381.139826][ C0] BUG: KASAN: stack-out-of-bounds in profile_pc+0xd2/0x170 [ 381.147045][ C0] Read of size 8 at addr ffffc90004737040 by task syz.0.1302/10242 [ 381.154937][ C0] [ 381.157348][ C0] CPU: 0 PID: 10242 Comm: syz.0.1302 Not tainted 6.10.0-rc5-syzkaller-00243-g6c0483dbfe72 #0 [ 381.167505][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 381.177561][ C0] Call Trace: [ 381.180842][ C0] [ 381.183689][ C0] dump_stack_lvl+0x241/0x360 [ 381.188397][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 381.193625][ C0] ? __pfx__printk+0x10/0x10 [ 381.198234][ C0] ? _printk+0xd5/0x120 [ 381.202413][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.208064][ C0] print_report+0x169/0x550 [ 381.212587][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.218231][ C0] ? __virt_addr_valid+0x44e/0x520 [ 381.223368][ C0] ? profile_pc+0xd2/0x170 [ 381.227803][ C0] kasan_report+0x143/0x180 [ 381.232331][ C0] ? profile_pc+0xd2/0x170 [ 381.236767][ C0] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 381.242673][ C0] profile_pc+0xd2/0x170 [ 381.246934][ C0] profile_tick+0xd7/0x150 [ 381.251373][ C0] tick_nohz_handler+0x386/0x500 [ 381.256340][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 381.261828][ C0] __hrtimer_run_queues+0x553/0xd50 [ 381.267051][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 381.273058][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 381.278807][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.284460][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 381.290552][ C0] hrtimer_interrupt+0x396/0x990 [ 381.295532][ C0] __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 381.301582][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 381.307237][ C0] [ 381.310174][ C0] [ 381.313108][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 381.319114][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 [ 381.325632][ C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 0e 1a 6b f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 83 d7 d4 f5 65 8b 05 14 0f 73 74 85 c0 74 43 48 c7 04 24 0e 36 [ 381.345250][ C0] RSP: 0018:ffffc90004737040 EFLAGS: 00000206 [ 381.351330][ C0] RAX: b078c9a0e0fbed00 RBX: 1ffff920008e6e0c RCX: ffffffff8172d9ea [ 381.359310][ C0] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: 0000000000000001 [ 381.367290][ C0] RBP: ffffc900047370d8 R08: ffffffff92fa8587 R09: 1ffffffff25f50b0 [ 381.375270][ C0] R10: dffffc0000000000 R11: fffffbfff25f50b1 R12: dffffc0000000000 [ 381.383251][ C0] R13: 1ffff920008e6e08 R14: ffffc90004737060 R15: 0000000000000246 [ 381.391237][ C0] ? mark_lock+0x9a/0x350 [ 381.395591][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 381.401963][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.407609][ C0] ? expand+0x1ba/0x220 [ 381.411787][ C0] __rmqueue_pcplist+0x1e66/0x22c0 [ 381.416925][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.422581][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.428230][ C0] ? do_raw_spin_trylock+0xc8/0x1f0 [ 381.433472][ C0] get_page_from_freelist+0x85a/0x2f10 [ 381.438963][ C0] ? __alloc_pages_noprof+0x166/0x6c0 [ 381.444361][ C0] ? mark_lock+0x9a/0x350 [ 381.448709][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.454357][ C0] ? prepare_alloc_pages+0x369/0x5d0 [ 381.459673][ C0] __alloc_pages_noprof+0x256/0x6c0 [ 381.464901][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 381.470650][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.476298][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 381.481783][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 381.487782][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.493428][ C0] ? __pfx___pte_alloc_kernel+0x10/0x10 [ 381.498998][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.504641][ C0] ? alloc_pages_noprof+0xef/0x170 [ 381.509778][ C0] get_free_pages_noprof+0xc/0x30 [ 381.514827][ C0] kasan_populate_vmalloc_pte+0x38/0xe0 [ 381.520395][ C0] __apply_to_page_range+0x8aa/0xe50 [ 381.525714][ C0] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 381.531972][ C0] ? __pfx___apply_to_page_range+0x10/0x10 [ 381.537801][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 381.543026][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.548673][ C0] ? kmem_cache_alloc_node_noprof+0x1c4/0x320 [ 381.554766][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.560416][ C0] alloc_vmap_area+0x1d41/0x23e0 [ 381.565386][ C0] ? __pfx_alloc_vmap_area+0x10/0x10 [ 381.570681][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.576325][ C0] ? __kasan_kmalloc+0x98/0xb0 [ 381.581104][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.586749][ C0] ? kmalloc_node_trace_noprof+0x1d3/0x300 [ 381.592585][ C0] ? __get_vm_area_node+0x113/0x270 [ 381.597791][ C0] ? profile_init+0xee/0x130 [ 381.602395][ C0] __get_vm_area_node+0x1a9/0x270 [ 381.607451][ C0] __vmalloc_node_range_noprof+0x3bc/0x1460 [ 381.613363][ C0] ? profile_init+0xee/0x130 [ 381.617970][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.623616][ C0] ? __alloc_pages_noprof+0xbd/0x6c0 [ 381.628943][ C0] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 381.635288][ C0] ? rcu_is_watching+0x15/0xb0 [ 381.640069][ C0] ? profile_init+0xee/0x130 [ 381.644672][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 381.649893][ C0] vzalloc_noprof+0x79/0x90 [ 381.654409][ C0] ? profile_init+0xee/0x130 [ 381.659015][ C0] profile_init+0xee/0x130 [ 381.663449][ C0] profiling_store+0x5e/0xc0 [ 381.668057][ C0] kernfs_fop_write_iter+0x3a3/0x500 [ 381.673366][ C0] vfs_write+0xa74/0xc90 [ 381.677628][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 381.683457][ C0] ? __pfx_vfs_write+0x10/0x10 [ 381.688238][ C0] ? do_futex+0x392/0x560 [ 381.692589][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.698237][ C0] ksys_write+0x1a0/0x2c0 [ 381.702597][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 381.708247][ C0] ? __pfx_ksys_write+0x10/0x10 [ 381.713111][ C0] ? do_syscall_64+0x100/0x230 [ 381.717900][ C0] ? do_syscall_64+0xb6/0x230 [ 381.722599][ C0] do_syscall_64+0xf3/0x230 [ 381.727127][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.733044][ C0] RIP: 0033:0x7f6a4c775b99 [ 381.737467][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 381.757079][ C0] RSP: 002b:00007f6a4d602048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 381.765511][ C0] RAX: ffffffffffffffda RBX: 00007f6a4c903fa0 RCX: 00007f6a4c775b99 [ 381.773486][ C0] RDX: 0000000000000015 RSI: 0000000020000040 RDI: 0000000000000005 [ 381.781721][ C0] RBP: 00007f6a4c7f677e R08: 0000000000000000 R09: 0000000000000000 [ 381.789701][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.797683][ C0] R13: 000000000000000b R14: 00007f6a4c903fa0 R15: 00007ffccdb5c438 [ 381.805675][ C0] [ 381.808695][ C0] [ 381.811015][ C0] The buggy address belongs to stack of task syz.0.1302/10242 [ 381.818473][ C0] and is located at offset 0 in frame: [ 381.824010][ C0] _raw_spin_unlock_irqrestore+0x0/0x140 [ 381.829657][ C0] [ 381.831977][ C0] This frame has 1 object: [ 381.836387][ C0] [32, 40) 'flags.i.i.i.i' [ 381.836406][ C0] [ 381.843208][ C0] The buggy address belongs to the virtual mapping at [ 381.843208][ C0] [ffffc90004730000, ffffc90004739000) created by: [ 381.843208][ C0] copy_process+0x5d1/0x3dc0 [ 381.861002][ C0] [ 381.863328][ C0] The buggy address belongs to the physical page: [ 381.869731][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802962a8c0 pfn:0x2962a [ 381.879797][ C0] memcg:ffff88801dc7c082 [ 381.884033][ C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 381.891157][ C0] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 381.899755][ C0] raw: ffff88802962a8c0 0000000000000000 00000001ffffffff ffff88801dc7c082 [ 381.908336][ C0] page dumped because: kasan: bad access detected [ 381.914746][ C0] page_owner tracks the page as allocated [ 381.920464][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 10198, tgid 10198 (syz.4.1287), ts 379757650413, free_ts 379644230070 [ 381.938977][ C0] post_alloc_hook+0x1f3/0x230 [ 381.943765][ C0] get_page_from_freelist+0x2e4c/0x2f10 [ 381.949335][ C0] __alloc_pages_noprof+0x256/0x6c0 [ 381.954553][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 381.960034][ C0] __vmalloc_node_range_noprof+0x971/0x1460 [ 381.965938][ C0] dup_task_struct+0x444/0x8c0 [ 381.970713][ C0] copy_process+0x5d1/0x3dc0 [ 381.975313][ C0] kernel_clone+0x226/0x8f0 [ 381.979826][ C0] __se_sys_clone3+0x2cb/0x350 [ 381.984604][ C0] do_syscall_64+0xf3/0x230 [ 381.989249][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.995168][ C0] page last free pid 10225 tgid 10225 stack trace: [ 382.001672][ C0] free_unref_folios+0xf23/0x19e0 [ 382.006715][ C0] folios_put_refs+0x93a/0xa60 [ 382.011490][ C0] free_pages_and_swap_cache+0x2ea/0x690 [ 382.017138][ C0] tlb_flush_mmu+0x3a3/0x680 [ 382.021742][ C0] tlb_finish_mmu+0xd4/0x200 [ 382.026342][ C0] exit_mmap+0x44f/0xc80 [ 382.030595][ C0] __mmput+0x115/0x3c0 [ 382.034667][ C0] exit_mm+0x220/0x310 [ 382.038749][ C0] do_exit+0x9aa/0x27e0 [ 382.042918][ C0] do_group_exit+0x207/0x2c0 [ 382.047523][ C0] __x64_sys_exit_group+0x3f/0x40 [ 382.052569][ C0] do_syscall_64+0xf3/0x230 [ 382.057092][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.063003][ C0] [ 382.065325][ C0] Memory state around the buggy address: [ 382.070951][ C0] ffffc90004736f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 382.079013][ C0] ffffc90004736f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 382.087079][ C0] >ffffc90004737000: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 [ 382.095141][ C0] ^ [ 382.101291][ C0] ffffc90004737080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 382.109351][ C0] ffffc90004737100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 382.117410][ C0] ================================================================== [ 382.125473][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 382.132668][ C0] CPU: 0 PID: 10242 Comm: syz.0.1302 Not tainted 6.10.0-rc5-syzkaller-00243-g6c0483dbfe72 #0 [ 382.142826][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 382.152885][ C0] Call Trace: [ 382.156171][ C0] [ 382.159021][ C0] dump_stack_lvl+0x241/0x360 [ 382.163726][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 382.168949][ C0] ? __pfx__printk+0x10/0x10 [ 382.173563][ C0] ? rcu_is_watching+0x15/0xb0 [ 382.178342][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.183987][ C0] ? vscnprintf+0x5d/0x90 [ 382.188332][ C0] panic+0x349/0x860 [ 382.192249][ C0] ? __pfx_lock_release+0x10/0x10 [ 382.197289][ C0] ? check_panic_on_warn+0x21/0xb0 [ 382.202425][ C0] ? __pfx_panic+0x10/0x10 [ 382.206861][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.212505][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 382.217730][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.223377][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 382.229281][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 382.235625][ C0] check_panic_on_warn+0x86/0xb0 [ 382.240580][ C0] ? profile_pc+0xd2/0x170 [ 382.245015][ C0] end_report+0x77/0x160 [ 382.249276][ C0] kasan_report+0x154/0x180 [ 382.253798][ C0] ? profile_pc+0xd2/0x170 [ 382.258239][ C0] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 382.264144][ C0] profile_pc+0xd2/0x170 [ 382.268407][ C0] profile_tick+0xd7/0x150 [ 382.272854][ C0] tick_nohz_handler+0x386/0x500 [ 382.277822][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 382.283305][ C0] __hrtimer_run_queues+0x553/0xd50 [ 382.288532][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 382.294539][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 382.300282][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.305926][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 382.312010][ C0] hrtimer_interrupt+0x396/0x990 [ 382.316985][ C0] __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 382.322990][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 382.328645][ C0] [ 382.331579][ C0] [ 382.334515][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 382.340520][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 [ 382.347033][ C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 0e 1a 6b f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 83 d7 d4 f5 65 8b 05 14 0f 73 74 85 c0 74 43 48 c7 04 24 0e 36 [ 382.366647][ C0] RSP: 0018:ffffc90004737040 EFLAGS: 00000206 [ 382.372724][ C0] RAX: b078c9a0e0fbed00 RBX: 1ffff920008e6e0c RCX: ffffffff8172d9ea [ 382.380705][ C0] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: 0000000000000001 [ 382.388685][ C0] RBP: ffffc900047370d8 R08: ffffffff92fa8587 R09: 1ffffffff25f50b0 [ 382.396662][ C0] R10: dffffc0000000000 R11: fffffbfff25f50b1 R12: dffffc0000000000 [ 382.404638][ C0] R13: 1ffff920008e6e08 R14: ffffc90004737060 R15: 0000000000000246 [ 382.412628][ C0] ? mark_lock+0x9a/0x350 [ 382.416983][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 382.423350][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.428996][ C0] ? expand+0x1ba/0x220 [ 382.433171][ C0] __rmqueue_pcplist+0x1e66/0x22c0 [ 382.438489][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.444143][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.449786][ C0] ? do_raw_spin_trylock+0xc8/0x1f0 [ 382.455020][ C0] get_page_from_freelist+0x85a/0x2f10 [ 382.460517][ C0] ? __alloc_pages_noprof+0x166/0x6c0 [ 382.465913][ C0] ? mark_lock+0x9a/0x350 [ 382.470260][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.475908][ C0] ? prepare_alloc_pages+0x369/0x5d0 [ 382.481222][ C0] __alloc_pages_noprof+0x256/0x6c0 [ 382.486449][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 382.492201][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.497848][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 382.503338][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 382.509342][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.514990][ C0] ? __pfx___pte_alloc_kernel+0x10/0x10 [ 382.520551][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.526194][ C0] ? alloc_pages_noprof+0xef/0x170 [ 382.531329][ C0] get_free_pages_noprof+0xc/0x30 [ 382.536376][ C0] kasan_populate_vmalloc_pte+0x38/0xe0 [ 382.541942][ C0] __apply_to_page_range+0x8aa/0xe50 [ 382.547258][ C0] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 382.553521][ C0] ? __pfx___apply_to_page_range+0x10/0x10 [ 382.559445][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 382.564665][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.570313][ C0] ? kmem_cache_alloc_node_noprof+0x1c4/0x320 [ 382.576407][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.582063][ C0] alloc_vmap_area+0x1d41/0x23e0 [ 382.587029][ C0] ? __pfx_alloc_vmap_area+0x10/0x10 [ 382.592323][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.597966][ C0] ? __kasan_kmalloc+0x98/0xb0 [ 382.602749][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.608395][ C0] ? kmalloc_node_trace_noprof+0x1d3/0x300 [ 382.614235][ C0] ? __get_vm_area_node+0x113/0x270 [ 382.619448][ C0] ? profile_init+0xee/0x130 [ 382.624052][ C0] __get_vm_area_node+0x1a9/0x270 [ 382.629094][ C0] __vmalloc_node_range_noprof+0x3bc/0x1460 [ 382.635010][ C0] ? profile_init+0xee/0x130 [ 382.639614][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.645260][ C0] ? __alloc_pages_noprof+0xbd/0x6c0 [ 382.650586][ C0] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 382.656930][ C0] ? rcu_is_watching+0x15/0xb0 [ 382.661713][ C0] ? profile_init+0xee/0x130 [ 382.666317][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 382.671538][ C0] vzalloc_noprof+0x79/0x90 [ 382.676059][ C0] ? profile_init+0xee/0x130 [ 382.680663][ C0] profile_init+0xee/0x130 [ 382.685096][ C0] profiling_store+0x5e/0xc0 [ 382.689707][ C0] kernfs_fop_write_iter+0x3a3/0x500 [ 382.695017][ C0] vfs_write+0xa74/0xc90 [ 382.699278][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 382.705100][ C0] ? __pfx_vfs_write+0x10/0x10 [ 382.709880][ C0] ? do_futex+0x392/0x560 [ 382.714236][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.719888][ C0] ksys_write+0x1a0/0x2c0 [ 382.724307][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.730055][ C0] ? __pfx_ksys_write+0x10/0x10 [ 382.734954][ C0] ? do_syscall_64+0x100/0x230 [ 382.739752][ C0] ? do_syscall_64+0xb6/0x230 [ 382.745251][ C0] do_syscall_64+0xf3/0x230 [ 382.749787][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.755807][ C0] RIP: 0033:0x7f6a4c775b99 [ 382.760242][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 382.779928][ C0] RSP: 002b:00007f6a4d602048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 382.788375][ C0] RAX: ffffffffffffffda RBX: 00007f6a4c903fa0 RCX: 00007f6a4c775b99 [ 382.796365][ C0] RDX: 0000000000000015 RSI: 0000000020000040 RDI: 0000000000000005 [ 382.804352][ C0] RBP: 00007f6a4c7f677e R08: 0000000000000000 R09: 0000000000000000 [ 382.812398][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 382.820419][ C0] R13: 000000000000000b R14: 00007f6a4c903fa0 R15: 00007ffccdb5c438 [ 382.828428][ C0] [ 382.831673][ C0] Kernel Offset: disabled [ 382.835993][ C0] Rebooting in 86400 seconds..