last executing test programs: 1m1.083010028s ago: executing program 3 (id=1968): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x7, 0x4, 0x500, 0x7, 0x20}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r0, &(0x7f0000000000), 0x0}, 0x20) 1m0.416379894s ago: executing program 3 (id=1971): r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x141201) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000005440), 0x26, 0x75c, &(0x7f0000005480)="$eJzs3M1rHGUYAPBnptmkH9GNIPhxEKGFFko3SXNpT40Xb4VCwWsNm0kImWRDdlO7sWDrWajNRUEQ9ezRq1DqH+BNCgreBdEaD+JlZTablMZsum3Sbkl/P5jO+87H+zxPd3izAzsTwAvr7eKfJGI4Ii5FRLmzPY2IwXbrcMSNjePW71+PgYhqEq3W5T+S4rRYb5W3xko662PRPiVej4i7pYjTH/8/br25Oj+V59lypz/aWFgarTdXz8wtTM1ms9ni+MT5sXMTE+fGJh5Zw2s91nrivfNHbv/47traT981br01cCaJyXbdsVFbtcdhHsvG/0kpJrdtX3wawfoo6XcCAAD0pPiefyii+F4fpSjHoXYLAAAAOEhaQy0AAADgwEui3xkAAAAAT9fm7wDW71+vbi7P8vcHv78TESM7xR9oP0MccThKEXF0PXnoyYRk4zTYkxs3I+LO5Pbr75viCruxx7HHtvUffkZ6cI+jsx/uFPPP5E7zT7o1/8QO88/A5rsT9qj7/Pcg/qEu89+lHmN8/+Ubpa7xb0a8ObBT/GQrftIl/vs9xr+19sntbvtaX0ec3PHvT/JQrF3eDzE5M5fv+vqBu/+eurdb/Ue7xU92r3+px/o/XP9rvttcUsQ/dXz3z3+n+MU18WknjzQibnfWRX9tW4zjCz//sFv90xGtJ/n8v+qx/l+/HbrW46EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQlkbEcCRpZaudppVKxLGIeDWOpnmt3jg9U1tZnC72RYxEKZ2Zy7OxiChv9JOiP95uP+if3dafiIhXfjmyEXQuzyrVWj7d7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYciwihiNJKxGRRsTf5TStVCIGejh36BnkBwAAAOyTkX4nAAAAADx17v8BAADg4HvS+/9kn/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrRLFy8WS2v9/vVq0Z++2lyZr109M53V5ysLK9VKtba8VJmt1WbzrFKtLTxqvLxWWxo/HyvXRhtZvTFab65eWaitLDauzC1MzWZXstIzqQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHNdxekrQSEWm7naaVSsRLETESpWRmLs/GIuLliLhXLg0V/fF+Jw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC+qzdX56fyPFt+bhqDncyel3w0NPa/8dFzf4X3eWICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAv6s3V+ak8z5br/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/kp/SyKiWE6WTwxv3zuY/FNuryPigy8uf3ZtqtFYHi+2/7m1vfF5Z/vZfuQPAAAAL4QLj3Pw5n365n08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAr+rN1fmpPM+W99a4EM3VVtLlmH7XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJn/AgAA///3Y8EX") r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40106614, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioprio_get$pid(0x3, 0x0) r3 = dup(0xffffffffffffffff) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3de4079cd7676ae940973768fa942cb03ff01c6f", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',k']) chdir(&(0x7f0000000040)='./file0\x00') r4 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x10, 0x0) landlock_restrict_self(r4, 0x0) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000380)=@urb_type_control={0x2, {}, 0x0, 0xa4, &(0x7f0000002b00)={0x5f}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 57.129532235s ago: executing program 3 (id=1980): ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0xc0286687, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x6}, 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000012002102000000000000000007"], 0x38}}, 0x0) 56.263495536s ago: executing program 3 (id=1984): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0xfffffffa) ppoll(&(0x7f0000000740)=[{r0}], 0x1, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, "00769a1c95595915303d60ffdeffff000400"}) r1 = syz_open_pts(r0, 0x0) ioctl$TCFLSH(r1, 0x540a, 0x0) 55.744248212s ago: executing program 0 (id=1988): syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000000)={[{@utf8}, {@utf8}, {@shortname_lower}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {@utf8no}, {@shortname_win95}, {@shortname_winnt}, {@numtail}, {@numtail}, {@shortname_win95}, {@uni_xlate}, {@utf8no}, {@uni_xlateno}, {@rodir}, {@shortname_lower}]}, 0x1, 0x2bf, &(0x7f00000027c0)="$eJzs3c2KI1UUAOBT6XRSo4tk4UoUC3ThapieJ0gjPTCYlZKFutDBmQHpBGEGGvzBOCtBXLhx6RMIwux8CTe+gQ8guHMWA1cqqZpKxiTTJaTbn+/b9Mm999Q9lVvdTS9y+oOXZqe3i7j74PNfI8+z6IxiFI+yGEYnal/GmtG3AQD8mz1KKX5PS23ysojI91cWALBHrX//P9x7SQDAnr39zrtvHo/HJ28VRR43Zl+dTcq/7Muvy/nju/FRTONOXItBPI5ITyzjGymlebcoDeO12fxsUmbO3v+5uv7xbxGL/KMYxHAxtJ5/c3xyVCyt5M/LOp6r9h+V+ddjEC9s2P/m+OT6hvyY9OL1V1fqvxqD+OXD+DimcXtRRJP/xVFRvJG+++Oz98ryyvxsfjbpL9Y10sEFHw0AAAAAAAAAAAAAAAAAAAAAAP9hV6veOf1Y9O8ph6r+OwePyxeHUdSG6/15lvlZfaGn+gPNU3xf99e5VhRFqhY2+d14sRvdy7lrAAAAAAAAAAAAAAAAAAAA+Ge5/8mnp7em0zv3VoNvImJ95FlBWgZ1N4D6Y/3nTW+Ch4us0crIK7E7q9/s1anCHVvEQb0mi9hZT3kTLYv/u8GVbTX/8GPbC+bPXnNY7pVvW1MeYctN6+NeGYl6JNv8HvafLM7rh+SneiSllHpxzt1726ZSq8evt3Fq0Pooe88vgvmONZFtK+zrl5vvy2oqe/ouemvv81pwWAWx7QTzVs/zX39WZLp1AAAAAAAAAAAAAAAAAADAXjUf+l2+vrI6+WBnaif191oaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyY5v//twjmVfKuNZ2IOL017cW9+5d8iwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwP/BkAAP//X4JY5Q==") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000300)=""/104, 0x68) 55.238611995s ago: executing program 0 (id=1992): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x4, 0x4, 0x3e0, 0x0, 0x1f0, 0x1f0, 0x2f8, 0x2f8, 0x2f8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x108, 0x0, {0x3ed}}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x20c49a, 'syz0\x00'}}}, {{@arp={@rand_addr, @loopback, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gretap0\x00', 'bridge_slave_0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x0, 0x6}}}, {{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_bridge\x00', 'lo\x00'}, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x20c49a, 'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x2}}}}, 0x430) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) close(r0) 54.157400038s ago: executing program 3 (id=1993): mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'}) 53.688890404s ago: executing program 3 (id=1999): r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000000)={0x0, "e0ffff13000000000000000000000000000000100000000000002000", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r2, 0xc0383e04, &(0x7f0000000100)={"41984db90bbc29bffd6f85172ee82ceb2cb2ec10cfba27a8770f156fee9de10f", 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2}) setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000100)=0x3, 0x4) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x808b42, &(0x7f0000000040)=ANY=[], 0x4b, 0x226, &(0x7f00000002c0)="$eJzsVU1rE10Ufs7MJNP2LbxduzFgUTeaZAqlS8GFXXXlD3CI0xoy9aMT0IRAp6tuXIh/QvAnuFIQ/AEuRAQ3UVCwaF0KcuWc++GgTk2Q2c2zyDn33HPPx5M7597I7mQhgO/Hkx5WICAs4w0RAgDnSNu2Qi2/NrVcN+sPgZZdY39s5Dsjs9H45X0ASp1Wgzhl02g8iNM02ctKFKK/+pBUCWhLWaBmeY55FELpVkO2KD/heAvW8n5JU/Kv9Zyg+JrxQfxALC0Pkp3/q9+c2RcH1dZTVBq6+3Iyq1Q+znXKY+VSuc8WLM8V1gw4C81w6vVDoKXmoffL/zPVk1fQoNJX4fL8V4LymZhXeoJkMiXQRHblwMOCJHt1POmx9ZpMJSWl2LtpwT78fTwv+JwKgBwgH4qsDw8/5esz7eHu7XY2Gl/o78Y7yU5yM4rW1jsv/tO7adJpb/fTpENQZnROeh4LM0Dh2+RHLjyX9TZwVeXYaABT+WgFtjTGEkCLOKLPy3rN8/eJOXv+TKG3RcArnDXSMUB46vKHhdKu4qwQeDcnPXsFq+BoAaS1TRB80083cPEY38D0s9fF3q30+iEI/L5sS1eFGN0pGvD2AfTTJJKF2VnbyG3SQ/ldcB1tGvnIyKmR9u2yb1IgET6Z1TPFJN2Lh8M9eby05myRs0UruXkZQ+GL22kWmwNWQ/wBv96qn9gv3alRo0aNGjVq1KgaPwIAAP//BtU6fg==") r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r3, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffff8a1dd4339693ffffffff080045000028000000000006902e00000000ffff", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) open_by_handle_at(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="f1ffff0301000028dd000000fd00050000010000"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x60}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096}, 0x70) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff007000bf"], &(0x7f00000001c0)='GPL\x00'}, 0x90) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r6, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xe9, 0xdb, 0x77, 0x40, 0x6cd, 0x10c, 0x3bc0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x15, 0x19, 0x35}}]}}]}}, 0x0) 53.550478753s ago: executing program 0 (id=2001): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r2, 0x0, 0x0) write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000080)={0x2a, 0x6, 0x0, {0x1, 0x0, 0x1, 0x2, '\x00', 0x8}}, 0x2a) openat(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)={0xb0, 0x0, 0x0, [{{0x200000000004, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000}}, {0x0, 0x0, 0x1, 0x0, '\x00'}}]}, 0x0, 0x0}) sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x0) 52.439889713s ago: executing program 0 (id=2006): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4) setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="62000000000000007b0a00ff000000001d0a0000000000009500000000000000", @ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xa, 0x95, &(0x7f0000000180)=""/149}, 0x90) memfd_create(0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(0xffffffffffffffff, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) r1 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10) connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) syz_emit_ethernet(0xc9, &(0x7f0000000380)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@mpls_uc={0x8847, {[{0x9a}, {0x7}, {0x2, 0x0, 0x1}, {0xf8000, 0x0, 0x1}], @ipv4=@tipc={{0x22, 0x4, 0x0, 0x5, 0xab, 0x65, 0x0, 0x1, 0x6, 0x0, @remote, @broadcast, {[@timestamp_addr={0x44, 0x4c, 0x58, 0x1, 0x7, [{@multicast2}, {@rand_addr=0x64010100}, {@local, 0x5}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x1}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x5}, {@empty, 0x1}, {@local, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@dev={0xac, 0x14, 0x14, 0x13}, 0x1}]}, @cipso={0x86, 0x8, 0xffffffffffffffff, [{0x7, 0x2}]}, @timestamp_prespec={0x44, 0x1c, 0x21, 0x3, 0x3, [{@empty, 0x5}, {@loopback, 0x8}, {@multicast2, 0x5}]}, @ra={0x94, 0x4, 0x1}]}}, @payload_direct={{{{0x23, 0x0, 0x1, 0x0, 0x0, 0x8, 0x3, 0x2, 0x9, 0x0, 0x2, 0x6, 0x0, 0x3, 0x1, 0x7, 0x4, 0x4e20, 0x4e22}, 0x0, 0x1}}, [0x0, 0x0, 0x0]}}}}}}, 0x0) pipe2(&(0x7f0000000000), 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = gettid() timer_create(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, @tid=r3}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1004c}, 0xb9) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001340)={0x3c, r4, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x3c}}, 0x0) 50.559837557s ago: executing program 0 (id=2011): mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'}) 50.078244651s ago: executing program 0 (id=2014): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x100000, 0x4) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000240), &(0x7f0000000280)=0x18) 35.537610342s ago: executing program 5 (id=2051): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000140)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff06006000160000005600000025000000190010000600000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) 35.126698634s ago: executing program 5 (id=2053): r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000180)="1082", 0x2, r0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020702500000000020000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='jbd2_handle_stats\x00', r1}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2e, 0x9c}, [@call={0x25}], {0x95, 0x0, 0xd00}}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x8000000, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={r2, 0x0, 0x0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events.local\x00', 0x275a, 0x0) r4 = timerfd_create(0x0, 0x0) ioctl$TIOCCBRK(0xffffffffffffffff, 0x5428) setresuid(0x0, 0xee01, 0x0) timerfd_settime(r4, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, r3, 0x0) fcntl$setlease(r3, 0x400, 0x1) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000100)=@req={0x3ff, 0x400, 0xfffffff8}, 0x10) 34.84046988s ago: executing program 5 (id=2055): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1f, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18090000000000000000000000000000850000008800000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x7, &(0x7f0000000300)=""/192, 0x0, 0x10}, 0x90) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000000)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x1c}, {0x6}]}, 0x10) connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x40000c1) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000500)={'ip6_vti0\x00', &(0x7f0000000480)={'syztnl0\x00', 0x0, 0x29, 0x6, 0x81, 0x8207, 0x64, @ipv4={'\x00', '\xff\xff', @broadcast}, @local, 0x7800, 0x3c40, 0xa6d, 0xfffffff7}}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x17, &(0x7f0000000240)=ANY=[@ANYBLOB="18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018180000", @ANYRES32=r3, @ANYRES32=r5, @ANYRES32=r3, @ANYBLOB="000000eb51b60c9138a7ec3823006de400000000b7000000000000008500001a0ce6ff00ce00000000000000958000000000a1726bdb0000000000000000000000000200227def3d6d5f03fa"], &(0x7f00000003c0)='syzkaller\x00', 0x2, 0x50, &(0x7f0000000400)=""/80, 0x40f00, 0x0, '\x00', r5, 0x25, r3, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0x0, 0x8000, 0x7}, 0x10, 0x0, 0x0, 0x4, &(0x7f00000005c0)=[r3, r4, r4], &(0x7f0000000600)=[{0x2, 0x2, 0x9, 0x2}, {0x3, 0x4, 0x1, 0x5}, {0x3, 0x2, 0x6, 0xb}, {0x1, 0x1, 0x9, 0xc}], 0x10, 0x9d}, 0x90) socket$l2tp(0x2, 0x2, 0x73) r6 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x1000}, 0x4) setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62) r8 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001d008104e00f80ecdb4cb9f207c804a01000000088080efb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0) sendto$packet(r6, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @multicast}, 0x14) recvmmsg(r6, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000000580)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000002c0)={0x3, &(0x7f0000000000)=[{0x14}, {0x2d}, {0x6}]}) socket$inet_mptcp(0x2, 0x1, 0x106) getsockname$packet(r3, &(0x7f0000000040), &(0x7f0000000180)=0x14) ioctl$KDADDIO(r4, 0x4b34, 0xfffffffffffffff7) ioprio_set$pid(0x1, 0xffffffffffffffff, 0x2004) 33.736858696s ago: executing program 5 (id=2058): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, 0x0, 0x300) 33.444088813s ago: executing program 5 (id=2060): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10) setfsgid(0x0) 32.873881998s ago: executing program 5 (id=2063): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) unshare(0x8000000) unshare(0x8040080) r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0xac802, 0x61) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @empty}, 0x290, 0x0, 0x0, 0x0, 0x8000}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCSIFBR(r3, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2}) unshare(0x6a040000) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x0, '\x00', 0x100}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) r4 = userfaultfd(0x1) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="30000000000801dda26a0bebe1fb8e1a115a0a1b44defb3636ebda9c1adbc4c318ae1de72707a3a063d48067465e7f56f99c82edd2878a684ca7964b7cc2407069b7e8e44d9a9a84096af7bf61fe40e4332cc2903b7316d1dfdeb4dcb5a06c6e9add90eddff207e870d304e16f3d995907f043f03ff7751381efb07585b7acfd54219ebe736db3540df02b36f948c75b"], 0x30}}, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000013000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe80, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) write$cgroup_subtree(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2c"], 0xfdef) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000004c0)) 22.971128898s ago: executing program 1 (id=2079): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000140)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff06006000160000005600000025000000190010000600000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) 19.036092981s ago: executing program 1 (id=2092): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000001f00)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) prctl$PR_GET_TSC(0x43, &(0x7f0000000040)) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_MCE_KILL(0x43, 0x0, 0x0) 18.447983654s ago: executing program 1 (id=2094): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x20) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 18.15009608s ago: executing program 1 (id=2096): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r2}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r3, &(0x7f0000004440)={&(0x7f0000000680)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x0) 16.590094331s ago: executing program 1 (id=2099): open(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1080c, &(0x7f0000000180)=ANY=[], 0x3, 0xa53, &(0x7f0000000bc0)="$eJzs3U2MW0cdAPBn73rzWeKUhIa0tAmFtgK62+yG8BFBUzUXoqbiVqniEqVpiUgDIpWgVQ5JTtxoFYUb4kOceqkAIdELinriUolG4tJT4cCBKEiROEBLYhTvjNf+x+6zk9196/XvJ43H783YM8/7/PZ53puZAphY9fZjo/146e2Lh//5yD823Xr+ZCdHs/043bV0K3ctLU+H9/tgajG+cf3s8X5xrZhvP+bl4tlrndduKYriXLGnuFw0i92Xrrzx7vwzR88fubD3vTcPXl2JbQcAgEnz7csH9+/821/u3/7hWw8eKjZ01ufz82Za3prO+w+lE/98/l8vepdrXaHbTMg3nUI95Jvqk6+7nEbOt7H3dbH8mfC+jQH5NpSUP9W1rt92wzjL+3GzqNVne5br9dnZxd/kRft3/Uxt9vTJUy+eqaiiwLL790NFUewRhEkLrW2dL0HldakudH0KAJWK1wtvcy62LNydzrtND1f+tafq/V8Py2C193/lx/fvrcdql1+2/b8574jD8hl+b9q4ovVYbnm78vdoa1qO1xHi/UujHn/y+02F92sMWc9B1xHG5frCoHpOrXI97tSg+sf9Yr36Rorz5/DNkN79/Yl/03H5GwP9/WfNtf9vWqpc5XUZKWwc03oLExxa1Rx2gDEQ75trJTk93tcX0zeUpG8sSd9Ukr65JH1LSTpMst+/8tPi9drS7/z4m/7G9bPtL8uw7WG5ne2eFH9ixPrE9shR2+Pifb+jutvy4/3EsJb98dhzJ776wvNXFu//r3X2/5tpf9+Tlpvpu3U5ZcjthbFdvXPvf7O3nPqAfPeG+tzTJ3/7+Y7efLUdS+9TdB1nbqvHrt7XbRuU74HefM2Qb1MK8SpIPD/ZHF6Xzz/ycTV/XtNhexthO2ZCPfJxZXuKx+tqDGtV3h8H3f+f989dRaP24slTJ55Iy3k//fNUY8Ot9ftWud7A3Ru2/8+uorf/z9bO+ka9+7iwbWl9rfu40Azr5wesX0jL+f/cd6c2tdfPHv/+qReWe+Nhwp159bXvHTt16sQPPfHEE086T6o+MgErbe6Vl38wd+bV1x4/+fKxl068dOL0woEDC/PzB762sH+ufV4/1312D6wnS//0q64JAAAAAAAAAAAAMKwfHTl85a/vfOX9xf7/S/3/cv//fOdv7v//k9D/P/aTz/3gcz/A7X3S23nCAKszIV8jhU+G+u4I5ewMr/tUijvz+KX+/7m4OK5rrs99YX0cvzfnC8MJ3DZeykwYgyTOF/jZFF9I8a8LqFDt5/1Xp7hsfOu8r+fxKYxLMZ7y3y2PZ5LHMcn9vweN65SP/9tXoY4sv9XoTlj1NgL9/WvNjf+93kPXL4bK6yKstXCj1WqtZnmtllk8gLWh6vk/c7tnjk//6Vsbb4Wc7dpTvcfLOH4p3I2q57+srPzcsDip2z9k+cs9/2dn/ruhj39hxrzmnZX7319cfb+r2GL3sOXH7c/jQO8YrfwPU/l5ax4thiu/9atQfrwgNKSPQvmbhyw/bv/FUQtOBf4vlZ8/tsceHrb8xTeo1XvrEduN8/W/2G6c3Qjbn8f2HPnvf4cTNd5M5cMkG5d5Zkc1LvP/DhLvw/hyWs4HwnyfQ5zvZNT65/sr8v+BneH9ayX/38z/O96+nuKy70Oe/zfvj80+y/Wu5Uafz3a9HmtgXH3g+p8w5qF9RrMG6jGOodVqrWyDVolKC6fyz7/q3wlVl1/1518mzv8bz+Hj/L8xPc7/G9Pj/L8xvd2u+NHSpL0xPc7/Gz/POP9vTL8vlBvnB95Vkv7pkvTdJen3l6Q/UJL+mZL0vSXpD5akP1SSfm9J+sMl6Z8rSf98SfojJemPfXz6wo9LXr/e5f4ok7r9MMli/zzff5gc+frPoO//jpJ0YHz97K19Tz//u+80F/v/z3TaQ/J1vENpuZF+O8ffS7H9ZCqlvZOW/x7S13p7B0ySOH5G/P/+aEk6ML7yfV6+3zCBav1H7Bl23KpB5/mMly+k+Isp/lKKH0/xbIrnUrwvxfOrVD9WxtO//cPB12tLv/e3hfRh7yeP/YHiOFELQ9Yntg+Mej97HMdvVHdb/h12BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhMvf24f/+uWlFcevvi4eeOnpy7tebJTo5m+3G6a6nReV1RPJHiqRT/Mj25cf3s8e74ZoprxXxRK2qd9cWz1zolbSmK4lyxp7hcNIvdl6688e78M0fPH7mw9703D15duU8AAAAA1r//BwAA///3txjh") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40106e80, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2401}) 15.836046852s ago: executing program 1 (id=2103): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000001f00)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0) prctl$PR_GET_TSC(0x43, &(0x7f0000000040)) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_MCE_KILL(0x43, 0x0, 0x0) 10.520231762s ago: executing program 2 (id=2119): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) recvmmsg(r3, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) setsockopt$sock_int(r3, 0x1, 0x28, &(0x7f0000000040)=0xfd87, 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0216000002"], 0x10}}, 0x0) 8.926136657s ago: executing program 2 (id=2120): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) syz_emit_ethernet(0x1de, &(0x7f0000000580)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a601a80000fc020000000000000000000000000000fe8000000000000000000000000000aa2234c204c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b7c6f8e512d2531361278b0f75fb784afc292d1d90f257f18fe14a3192d29cf6fe7887d4fcfb92663fb755926b1007649d0f9dcc7f848bf60b51e1b4a74161dfbe00e9796667737f853803fb94db1211c91af7dc1d05c6fbf4f6608c6794a529edd97db839f08cfe9a34d2eaef840e990b53"], 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349bfd2}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r1) socket(0x10, 0x803, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x6}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48) quotactl$Q_SYNC(0x8000000040000182, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000800)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018140000", @ANYRES32=r6, @ANYBLOB="00000000000000001600000001000000180000000000000000000000000000009500000000000000360a000000000000180200002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000720afbff0000000485000000060000009500000000000000d582a27ce32b3947c7c45798672fcaf17e2b51e4404c630e959cc93ee9330cfe642b3f8ba76956f1fc3004640135562bf8621156cc6699e3075b151c08388c0ca3aeff2b52cdca7798f1354cf55fc4a3dcec3062ac8d686ad3dd8a4b4a7fda190a97bea718"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x78) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000000)={'bridge_slave_1\x00', 0x400}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x4a) close_range(r0, 0xffffffffffffffff, 0x0) 7.237400223s ago: executing program 2 (id=2123): socket$kcm(0x11, 0x200000000000002, 0x300) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x8a653ff2d6225f10, 0xe, &(0x7f0000000a00)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x4, 0x3}, 0x10}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1f, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'veth0_vlan\x00', @random='\x00\x00\x00 \x00'}) 6.816788527s ago: executing program 2 (id=2126): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f00000002c0), 0x24, 0x0) chdir(&(0x7f0000000140)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380), 0x1, 0x0, 0x0) chdir(&(0x7f0000000100)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0) 5.890346793s ago: executing program 2 (id=2127): syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_mr_vif\x00') r0 = socket$kcm(0xf, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="0205000902000000e4a17c45c8d260c9", 0x10}], 0x7}, 0x0) recvmsg(r0, &(0x7f0000000800)={0x0, 0x9, &(0x7f0000000000), 0x1}, 0x0) 5.596808854s ago: executing program 2 (id=2129): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) unshare(0x8000000) unshare(0x8040080) r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0xac802, 0x61) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @empty}, 0x290, 0x0, 0x0, 0x0, 0x8000}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCSIFBR(r3, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2}) unshare(0x6a040000) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x0, '\x00', 0x100}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) r4 = userfaultfd(0x1) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="30000000000801dda26a0bebe1fb8e1a115a0a1b44defb3636ebda9c1adbc4c318ae1de72707a3a063d48067465e7f56f99c82edd2878a684ca7964b7cc2407069b7e8e44d9a9a84096af7bf61fe40e4332cc2903b7316d1dfdeb4dcb5a06c6e9add90eddff207e870d304e16f3d995907f043f03ff7751381efb07585b7acfd54219ebe736db3540df02b36f948c75b"], 0x30}}, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000013000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0xe80, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) write$cgroup_subtree(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2c"], 0xfdef) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000004c0)) 2.397570017s ago: executing program 4 (id=2131): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000640)={&(0x7f0000121000/0x1000)=nil, 0x1000}) 2.010949217s ago: executing program 4 (id=2132): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0xd, &(0x7f0000000040)={0x0, 0x7ff, 0x0, 0x1ff}, 0x8) 1.82500412s ago: executing program 4 (id=2133): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000f51f20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000000085000000720000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.685815225s ago: executing program 4 (id=2134): r0 = syz_io_uring_setup(0x24fe, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='%'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 1.383160027s ago: executing program 4 (id=2135): syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04220400c90000"], 0x7) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x50) socket$inet6(0xa, 0x0, 0x0) mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x0, &(0x7f0000007000/0x1000)=nil) syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000500)='./file0\x00', 0x18000, &(0x7f0000000080)=ANY=[], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000280)={[{@nodiscard}, {@resgid={'resgid', 0x3d, 0xee00}}, {@init_itable}, {@noload}, {@minixdf}, {@usrjquota}]}, 0xfe, 0x43e, &(0x7f00000004c0)="$eJzs3MtvG0UYAPBv7SR9k1DKo6WFQEFEPJImfdADFxBIHEBCgkMRp5CkVajboCZItIogcAhHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZu6iZ3GiVOX7O8nbTvjHWvm292xZ2e8CaCwBtN/koi9EfFHRPTXs7cXGKz/d3NpfuKfpfmJJKrVt/9OauVuLM1P5EXz9+2pZ6rVLL+jSb2L70WMVypTl7L8yNyFD0dmL195YfrC+Lmpc1MXx06fPnH8SN+psZMdiTON68ahT2YOH3z93atvTpy5+v4v36Xt3Zvtb4yjUwbrR7eppztdWZfta0gnPV1sCG0pR0R6unpr/b8/yrFreV9/vPZ5VxsHbKlqtVpt9v2cWagC21gS3W4B0B35F316/5tvd2nocU+4/nL9BiiN+2a21ff0RCkr07vi/raTBiPizMK/X6dbbNE8BABAox/S8c/zzcZ/pXioodx92RrKQETcHxH7I+KBiDgQEQ9G1Mo+HBGPtFn/yhWS1eOf0rUNBbZO6fjvpWxt6/bxXz76i4FylttXi783OTtdmTqWHZOh6N2R5kfXqOPHV3//stW+xvFfuqX152PBrB3XelZM0E2Oz41vJuZG1z+LONTTLP4k8mWcJCIORsShDdYx/ey3h1vtu3P8a+jAOlP1m4hn6ud/IVbEn0tark+Ovnhq7OTIzqhMHRvJr4rVfv1t8a1W9W8q/g5Iz//uptf/cvwDyc6I2ctXztfWa2fbr2Pxzy9a3tNs9PrvS96ppfuy1z4en5u7NBrRl7yx+vWxW+/N83n5NP6ho837//64dSQejYj0Ij4SEY9FxONZ25+IiCcj4uga8f/8ylMftB//GrPyHZTGP3mn8x+N57/9RPn8T9+3H38uPf8naqmh7JX1fP6tt4GbOXYAAADwf1Gq/QY+KQ0vp0ul4eH6b/gPxO5SZWZ27rmzMx9dnKz/Vn4gekv5TFd/w3zoaDY3nOfHVuSPZ/PGX5V31fLDEzOVyW4HDwW3p0X/T/1V7nbrgC3neS0oLv0fikv/h+LS/6G49H8ormb9/9MutAO4+3z/Q3Hp/1Bc+j8Ul/4PhdTy2fjSph75l9j2iSjdE83Y/omedf8xiw0mdjTd1e1PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74LwAA//9wiOSH") r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000004f80), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000004fc0)={0x0, 0xfffffeff, 0x1, {0x2, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x104}}}) syz_emit_vhci(&(0x7f0000000300)=ANY=[], 0xffffffffffffff75) creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) rename(&(0x7f0000000b40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000100)={'syztnl0\x00', 0x0}) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0xd086, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c4701800824d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x100002000000000]}) 0s ago: executing program 4 (id=2136): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f00000002c0), 0x24, 0x0) chdir(&(0x7f0000000140)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380), 0x1, 0x0, 0x0) chdir(&(0x7f0000000100)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0) kernel console output (not intermixed with test programs): 0055] bridge_slave_0: entered promiscuous mode [ 594.782717][ T5267] Bluetooth: hci0: command tx timeout [ 594.839507][ T1100] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.895123][ T9905] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 594.987886][T10055] bridge0: port 2(bridge_slave_1) entered blocking state [ 595.002635][T10055] bridge0: port 2(bridge_slave_1) entered disabled state [ 595.012798][T10055] bridge_slave_1: entered allmulticast mode [ 595.027137][T10055] bridge_slave_1: entered promiscuous mode [ 595.048856][ T5075] bridge0: port 1(bridge_slave_0) entered blocking state [ 595.056246][ T5075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 595.110038][ T1100] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.327085][ T8839] bridge0: port 2(bridge_slave_1) entered blocking state [ 595.334620][ T8839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 595.420313][T10055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 595.454289][T10055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 595.632043][T10055] team0: Port device team_slave_0 added [ 595.680513][T10066] chnl_net:caif_netlink_parms(): no params data found [ 595.777831][T10055] team0: Port device team_slave_1 added [ 595.793708][ T5267] Bluetooth: hci6: command tx timeout [ 596.190290][T10055] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 596.213240][T10055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 596.259207][T10055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 596.372126][T10055] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 596.384115][T10055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 596.410673][T10055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 596.587800][ T9868] 8021q: adding VLAN 0 to HW filter on device bond0 [ 596.628054][T10055] hsr_slave_0: entered promiscuous mode [ 596.637559][T10055] hsr_slave_1: entered promiscuous mode [ 596.646514][T10055] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 596.654378][T10055] Cannot create hsr debugfs directory [ 596.833684][ T5267] Bluetooth: hci0: command tx timeout [ 596.886110][ T1100] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 596.968309][ T9868] 8021q: adding VLAN 0 to HW filter on device team0 [ 597.058698][T10066] bridge0: port 1(bridge_slave_0) entered blocking state [ 597.067467][T10066] bridge0: port 1(bridge_slave_0) entered disabled state [ 597.078517][T10066] bridge_slave_0: entered allmulticast mode [ 597.105881][T10066] bridge_slave_0: entered promiscuous mode [ 597.124933][T10066] bridge0: port 2(bridge_slave_1) entered blocking state [ 597.132229][T10066] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.139709][T10066] bridge_slave_1: entered allmulticast mode [ 597.151167][T10066] bridge_slave_1: entered promiscuous mode [ 597.259453][ T1100] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 597.682675][ T1100] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 597.709177][ T8839] bridge0: port 1(bridge_slave_0) entered blocking state [ 597.716530][ T8839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 597.842446][ T1100] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 597.874655][ T5267] Bluetooth: hci6: command tx timeout [ 597.882560][T10066] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 597.905642][T10066] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 598.032773][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 598.040131][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 598.277714][T10066] team0: Port device team_slave_0 added [ 598.388192][T10066] team0: Port device team_slave_1 added [ 598.551363][T10066] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 598.566235][T10066] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 598.603560][T10066] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 598.774076][T10066] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 598.781118][T10066] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 598.851462][T10066] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 598.915307][ T5267] Bluetooth: hci0: command tx timeout [ 598.931895][ T9905] 8021q: adding VLAN 0 to HW filter on device bond0 [ 599.029072][ T1100] bridge_slave_1: left allmulticast mode [ 599.038950][ T1100] bridge_slave_1: left promiscuous mode [ 599.045533][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 599.059477][ T1100] bridge_slave_0: left allmulticast mode [ 599.066311][ T1100] bridge_slave_0: left promiscuous mode [ 599.073110][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 599.090737][ T1100] bridge_slave_1: left allmulticast mode [ 599.096692][ T1100] bridge_slave_1: left promiscuous mode [ 599.102569][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 599.116733][ T1100] bridge_slave_0: left allmulticast mode [ 599.126218][ T1100] bridge_slave_0: left promiscuous mode [ 599.132119][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 600.515176][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 600.535124][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 600.571681][ T1100] bond0 (unregistering): Released all slaves [ 600.824203][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 600.886094][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 600.938191][ T1100] bond0 (unregistering): Released all slaves [ 600.995438][ T5267] Bluetooth: hci0: command tx timeout [ 601.624630][ T9851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 601.852024][T10066] hsr_slave_0: entered promiscuous mode [ 601.878847][T10066] hsr_slave_1: entered promiscuous mode [ 601.893670][T10066] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 601.903503][T10066] Cannot create hsr debugfs directory [ 602.291092][ T9905] 8021q: adding VLAN 0 to HW filter on device team0 [ 602.701340][ T5318] bridge0: port 1(bridge_slave_0) entered blocking state [ 602.708690][ T5318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 602.725040][ T5318] bridge0: port 2(bridge_slave_1) entered blocking state [ 602.732246][ T5318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 602.824936][ T1100] hsr_slave_0: left promiscuous mode [ 602.835847][ T1100] hsr_slave_1: left promiscuous mode [ 602.842990][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 602.850792][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 602.859424][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 602.869804][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 602.892798][ T1100] hsr_slave_0: left promiscuous mode [ 602.901247][ T1100] hsr_slave_1: left promiscuous mode [ 602.908558][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 602.920932][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 602.930789][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 602.938670][ T1153] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 602.946577][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 603.006952][ T1100] veth1_macvtap: left promiscuous mode [ 603.013972][ T1100] veth0_macvtap: left promiscuous mode [ 603.019853][ T1100] veth1_vlan: left promiscuous mode [ 603.027533][ T1100] veth0_vlan: left promiscuous mode [ 603.039532][ T1100] veth1_macvtap: left promiscuous mode [ 603.045344][ T1100] veth0_macvtap: left promiscuous mode [ 603.051095][ T1100] veth1_vlan: left promiscuous mode [ 603.056766][ T1100] veth0_vlan: left promiscuous mode [ 603.145574][ T1153] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 603.169023][ T1153] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 603.192147][ T1153] usb 1-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 603.201467][ T1153] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 603.225924][ T1153] usb 1-1: config 0 descriptor?? [ 603.710518][ T1153] lenovo 0003:17EF:6067.0002: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.0-1/input0 [ 603.948800][ T927] usb 1-1: USB disconnect, device number 13 [ 604.382355][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 604.437920][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 606.015267][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 606.097511][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 607.048081][T10151] ucma_write: process 701 (syz.0.1382) changed security contexts after opening file descriptor, this is not allowed. [ 607.129875][ T9851] veth0_vlan: entered promiscuous mode [ 607.439890][ T9868] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 607.569020][ T9851] veth1_vlan: entered promiscuous mode [ 607.606006][T10055] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 607.758506][T10055] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 608.008150][ T9905] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 608.120889][T10055] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 608.417660][T10055] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 609.455350][ T9851] veth0_macvtap: entered promiscuous mode [ 609.667329][ T9851] veth1_macvtap: entered promiscuous mode [ 610.057862][ T9851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.068632][ T9851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.088081][ T9851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.099890][ T9851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.136204][ T9851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 610.282049][ T9868] veth0_vlan: entered promiscuous mode [ 610.338008][ T9851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 610.403225][ T9851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.413108][ T9851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 610.447231][ T9851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.476606][ T9851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 610.599098][ T9851] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 610.623971][ T9851] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 610.632725][ T9851] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 610.677230][ T9851] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 610.717923][ T9905] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 610.994309][ T5075] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 611.022864][ T9868] veth1_vlan: entered promiscuous mode [ 611.104225][T10066] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 611.187237][T10066] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 611.200052][ T5075] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 611.231159][T10066] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 611.238546][ T5075] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 611.263511][ T5075] usb 1-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 611.272623][ T5075] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.324622][ T5075] usb 1-1: config 0 descriptor?? [ 611.379622][T10066] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 611.682672][ T9905] veth0_vlan: entered promiscuous mode [ 611.799653][ T5075] lenovo 0003:17EF:6067.0003: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.0-1/input0 [ 611.957324][ T5765] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 611.980146][ T5765] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 612.002610][T10055] 8021q: adding VLAN 0 to HW filter on device bond0 [ 612.054463][ T9868] veth0_macvtap: entered promiscuous mode [ 612.075832][ T9905] veth1_vlan: entered promiscuous mode [ 612.139428][ T5318] usb 1-1: USB disconnect, device number 14 [ 612.222317][ T9868] veth1_macvtap: entered promiscuous mode [ 612.261018][T10055] 8021q: adding VLAN 0 to HW filter on device team0 [ 612.339325][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 612.348424][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 612.430506][ T5307] bridge0: port 1(bridge_slave_0) entered blocking state [ 612.437849][ T5307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 612.462458][ T9868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.477518][ T9868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.488063][ T9868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.498801][ T9868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.508714][ T9868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.529546][ T9868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.545424][ T9868] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 612.579695][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 612.587011][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 612.653927][ T9868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.676588][ T9868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.698021][ T9868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.722488][ T9868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.732792][ T9868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.772141][ T9868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.796454][ T9868] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 612.812716][T10202] loop1: detected capacity change from 0 to 1024 [ 612.889464][ T9868] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.907691][T10202] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 612.980236][ T9868] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.989373][ T9868] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.998756][ T9868] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 613.167365][ T9905] veth0_macvtap: entered promiscuous mode [ 613.258369][ T9905] veth1_macvtap: entered promiscuous mode [ 613.462693][ T9851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.567751][T10066] 8021q: adding VLAN 0 to HW filter on device bond0 [ 613.690103][ T9905] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 613.727330][T10214] loop1: detected capacity change from 0 to 256 [ 613.736794][ T9905] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 613.761131][T10214] FAT-fs (loop1): Unrecognized mount option "shortnaqe=lower" or missing value [ 613.783299][ T9905] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 613.818920][ T9905] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 613.839600][ T9905] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 613.865196][ T9905] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 613.891251][ T9905] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 613.902038][ T9905] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 613.917249][ T9905] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 613.928910][T10027] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 613.988869][ T9905] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 614.008233][ T9905] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.020574][ T9905] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 614.051355][ T9905] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.072710][ T9905] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 614.103290][ T9905] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.120624][ T9905] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 614.143253][ T9905] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.166659][ T9905] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 614.255465][ T9905] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.284268][ T9905] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.293052][ T9905] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.354226][ T9905] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.624543][T10066] 8021q: adding VLAN 0 to HW filter on device team0 [ 614.665022][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 614.672910][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 614.717776][ T5311] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.725108][ T5311] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.785057][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.792365][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 615.140329][T10055] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 615.183887][ T5497] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 615.191833][ T5497] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 615.222488][T10228] loop1: detected capacity change from 0 to 16 [ 615.248582][T10228] erofs: (device loop1): mounted with root inode @ nid 36. [ 616.111214][T10232] loop5: detected capacity change from 0 to 64 [ 616.167226][T10232] hfs: session requires an argument [ 616.226850][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.249326][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.262386][T10232] hfs: unable to parse mount options [ 616.840785][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.909264][T10055] veth0_vlan: entered promiscuous mode [ 616.935668][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 617.186436][T10055] veth1_vlan: entered promiscuous mode [ 617.773627][T10055] veth0_macvtap: entered promiscuous mode [ 617.910909][T10055] veth1_macvtap: entered promiscuous mode [ 618.124238][T10066] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 618.413491][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.457539][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.483332][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.522525][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.541777][T10254] loop1: detected capacity change from 0 to 1024 [ 618.563844][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.586615][ T5306] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 618.609118][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.641495][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.711982][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.749395][T10254] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 618.751215][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.776490][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.805735][ T5306] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 618.816995][ T5306] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 618.834545][ T5306] usb 6-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 618.852940][ T5306] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.864336][T10055] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 618.914897][ T5306] usb 6-1: config 0 descriptor?? [ 619.044523][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.124463][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.158433][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.219895][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.250574][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.308841][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.342185][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.354892][T10264] loop3: detected capacity change from 0 to 2048 [ 619.373327][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.440891][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.457094][ T5306] lenovo 0003:17EF:6067.0004: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.5-1/input0 [ 619.515121][T10264] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 619.527607][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.548548][T10264] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 619.567676][T10055] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 619.656351][T10264] fs-verity: sha512 using implementation "sha512-avx2" [ 619.686628][ T9851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.783840][T10055] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.792629][T10055] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.843832][T10055] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.852620][T10055] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.962557][ T5306] usb 6-1: USB disconnect, device number 6 [ 620.155892][ T9905] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 620.752618][T10280] input: syz0 as /devices/virtual/input/input13 [ 620.876210][ T29] audit: type=1326 audit(1720102829.565:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10276 comm="syz.0.1403" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8298b75bd9 code=0x0 [ 620.898035][ C1] vkms_vblank_simulate: vblank timer overrun [ 621.400577][ T5497] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 621.474082][ T5497] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 621.745944][T10066] veth0_vlan: entered promiscuous mode [ 621.952272][T10296] loop1: detected capacity change from 0 to 1024 [ 621.968704][T10066] veth1_vlan: entered promiscuous mode [ 622.033433][ T5497] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 622.077632][T10296] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 622.081325][ T5497] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 622.521778][T10066] veth0_macvtap: entered promiscuous mode [ 622.589954][T10066] veth1_macvtap: entered promiscuous mode [ 622.899924][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.927612][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.938039][T10316] syz.5.1412 (10316) used obsolete PPPIOCDETACH ioctl [ 622.953075][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 622.977468][ T9851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 622.995056][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.017517][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 623.038009][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.051217][T10318] loop3: detected capacity change from 0 to 2048 [ 623.057882][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 623.102420][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.173599][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 623.236438][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.270801][T10318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 623.308640][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 623.349896][T10318] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 623.360830][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.418484][T10066] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 623.547420][T10319] loop2: detected capacity change from 0 to 40427 [ 623.579134][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 623.590235][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.603048][T10319] F2FS-fs (loop2): invalid crc value [ 623.611080][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 623.621689][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.632593][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 623.676978][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.691779][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 623.721582][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.731613][T10319] F2FS-fs (loop2): Found nat_bits in checkpoint [ 623.851571][T10319] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 623.868203][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 623.879948][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 623.890283][T10066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 624.031836][T10066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 624.082058][T10066] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 624.102533][ T9905] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 624.217747][T10066] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 624.285071][T10066] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 624.293985][T10066] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 624.302930][T10066] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 626.919792][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 626.971513][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 627.129689][ T5765] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 627.150894][ T5765] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 628.471508][T10390] loop4: detected capacity change from 0 to 2048 [ 628.578158][T10390] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 629.334451][ T29] audit: type=1326 audit(1720102837.985:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10401 comm="syz.3.1436" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5abc575bd9 code=0x0 [ 630.084373][T10419] loop2: detected capacity change from 0 to 1024 [ 630.156599][T10413] loop1: detected capacity change from 0 to 512 [ 630.265223][T10419] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 630.380013][T10413] evm: overlay not supported [ 630.472887][T10433] loop5: detected capacity change from 0 to 512 [ 630.587728][T10433] EXT4-fs: Ignoring removed mblk_io_submit option [ 630.633884][T10433] EXT4-fs: Ignoring removed oldalloc option [ 630.758772][T10433] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2234: inode #12: comm syz.5.1443: corrupted in-inode xattr: invalid ea_ino [ 630.808518][T10441] loop3: detected capacity change from 0 to 1764 [ 630.905473][T10433] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1443: couldn't read orphan inode 12 (err -117) [ 630.989423][T10433] EXT4-fs (loop5): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 631.146374][T10055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.205367][T10445] loop3: detected capacity change from 0 to 1024 [ 631.411679][ T9868] EXT4-fs (loop5): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 631.488829][T10441] loop3: detected capacity change from 0 to 256 [ 631.507512][T10441] FAT-fs (loop3): Unrecognized mount option "iocharseodir" or missing value [ 631.820258][T10458] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1451'. [ 632.703362][ T29] audit: type=1326 audit(1720102841.095:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10462 comm="syz.2.1454" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9670b75bd9 code=0x0 [ 634.774830][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.785030][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 635.328231][T10495] loop2: detected capacity change from 0 to 64 [ 635.438733][T10498] loop4: detected capacity change from 0 to 512 [ 635.477451][T10498] EXT4-fs: Ignoring removed mblk_io_submit option [ 635.565514][T10498] EXT4-fs: Ignoring removed oldalloc option [ 635.744086][T10498] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #12: comm syz.4.1464: corrupted in-inode xattr: invalid ea_ino [ 635.835456][T10498] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1464: couldn't read orphan inode 12 (err -117) [ 635.960394][T10498] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 638.365146][T10066] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 640.838370][T10546] ieee802154 phy0 wpan0: encryption failed: -90 [ 642.671592][T10574] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 642.884642][T10577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1493'. [ 643.382534][T10585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1493'. [ 644.103956][T10601] ieee802154 phy0 wpan0: encryption failed: -90 [ 645.634239][ T29] audit: type=1326 audit(1720102854.345:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10621 comm="syz.5.1509" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6158975bd9 code=0x0 [ 645.664974][T10617] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1506'. [ 645.705708][T10617] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1506'. [ 645.809677][T10627] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1506'. [ 645.976259][T10625] loop1: detected capacity change from 0 to 1024 [ 646.170724][T10625] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 646.238344][T10625] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 646.259226][T10625] EXT4-fs (loop1): orphan cleanup on readonly fs [ 646.382234][T10625] EXT4-fs error (device loop1): ext4_free_blocks:6589: comm syz.1.1510: Freeing blocks not in datazone - block = 0, count = 4096 [ 646.526201][T10625] EXT4-fs (loop1): 1 orphan inode deleted [ 646.588481][T10625] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 646.744105][T10640] loop3: detected capacity change from 0 to 1024 [ 646.774898][T10640] EXT4-fs: Ignoring removed nomblk_io_submit option [ 646.906142][T10640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 646.955652][ T29] audit: type=1800 audit(1720102855.665:67): pid=10640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1515" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 647.075598][ T9905] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 647.226950][ T9851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 647.604873][T10661] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 649.482325][T10695] loop5: detected capacity change from 0 to 1024 [ 649.535553][T10695] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 649.726878][T10695] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 649.761943][T10695] EXT4-fs (loop5): orphan cleanup on readonly fs [ 649.783551][T10695] EXT4-fs error (device loop5): ext4_free_blocks:6589: comm syz.5.1535: Freeing blocks not in datazone - block = 0, count = 4096 [ 649.835091][T10695] EXT4-fs (loop5): 1 orphan inode deleted [ 649.896777][T10695] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 650.482975][ T9868] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 651.191614][T10720] loop4: detected capacity change from 0 to 40427 [ 651.333660][T10720] F2FS-fs (loop4): invalid crc value [ 651.385806][T10720] F2FS-fs (loop4): Found nat_bits in checkpoint [ 651.475690][T10720] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 651.820791][T10733] openvswitch: netlink: Unknown nsh attribute 0 [ 657.027714][ T5308] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 657.579186][ T5308] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 657.611239][ T5308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 657.713808][ T5308] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 657.773896][ T5308] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 657.833239][ T5308] usb 1-1: Manufacturer: syz [ 657.868780][ T5308] usb 1-1: config 0 descriptor?? [ 658.226551][T10747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 658.252265][T10747] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 658.260446][ T5308] rc_core: IR keymap rc-hauppauge not found [ 658.292607][ T5308] Registered IR keymap rc-empty [ 658.325262][ T5308] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 658.374197][ T5308] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input14 [ 659.223462][T10776] loop1: detected capacity change from 0 to 40427 [ 659.277470][T10776] F2FS-fs (loop1): invalid crc value [ 659.299325][T10779] openvswitch: netlink: Unknown nsh attribute 0 [ 659.318574][T10780] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 659.362143][T10776] F2FS-fs (loop1): Found nat_bits in checkpoint [ 659.505646][T10776] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 659.905767][T10780] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 661.298465][ T8839] usb 1-1: USB disconnect, device number 15 [ 662.440352][T10810] loop4: detected capacity change from 0 to 256 [ 662.536806][T10810] exfat: Deprecated parameter 'namecase' [ 662.575367][ T29] audit: type=1326 audit(1720102871.305:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10811 comm="syz.5.1578" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6158975bd9 code=0x0 [ 662.677312][T10810] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 662.889636][ T5181] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 662.907773][ T5181] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 663.201411][ T5181] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 663.266266][ T5181] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 663.297625][ T5181] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 663.318472][ T5181] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 664.243458][ T45] usb 2-1: new low-speed USB device number 6 using dummy_hcd [ 664.395383][T10828] 9pnet_fd: Insufficient options for proto=fd [ 664.425390][ T25] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 664.488910][ T45] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 664.585803][ T45] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 664.636241][ T45] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 664.665511][ T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 664.720056][ T45] usb 2-1: config 0 descriptor?? [ 664.766241][ T25] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 664.802808][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 664.849995][ T25] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 664.885458][ T25] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 664.919035][ T25] usb 6-1: Manufacturer: syz [ 664.985514][ T25] usb 6-1: config 0 descriptor?? [ 665.079785][ T45] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 665.160966][ T45] usb 2-1: USB disconnect, device number 6 [ 665.254730][ T45] iowarrior 2-1:0.0: I/O-Warror #0 now disconnected [ 665.286030][T10830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 665.303813][ T25] rc_core: IR keymap rc-hauppauge not found [ 665.334908][T10830] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 665.343501][ T25] Registered IR keymap rc-empty [ 665.356674][ T25] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 665.437035][ T25] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input15 [ 665.479939][ T5181] Bluetooth: hci1: command tx timeout [ 665.490389][ T5306] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 665.734826][ T5306] usb 1-1: config index 0 descriptor too short (expected 45, got 36) [ 665.753260][ T5306] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 665.774741][ T5306] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 665.796057][ T1100] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 665.845065][T10851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 665.884070][ T5306] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 665.904446][T10851] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 665.983347][ T5306] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 666.073378][ T5306] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 666.160333][ T5306] usb 1-1: config 0 descriptor?? [ 666.216311][T10845] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 666.773249][ T25] usb 6-1: USB disconnect, device number 7 [ 666.812677][ T5306] plantronics 0003:047F:FFFF.0005: unknown main item tag 0xd [ 666.886415][ T5306] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 666.990503][ T1100] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 667.132618][ T5306] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 667.240240][T10863] loop1: detected capacity change from 0 to 256 [ 667.253326][ T5306] usb 1-1: USB disconnect, device number 16 [ 667.325632][T10863] exfat: Deprecated parameter 'namecase' [ 667.397242][T10863] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 667.413340][ T45] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 667.533810][ T1100] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 667.554338][ T5181] Bluetooth: hci1: command tx timeout [ 667.604985][T10818] chnl_net:caif_netlink_parms(): no params data found [ 667.686013][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 667.723065][ T45] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 667.774604][ T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 667.847667][ T45] usb 3-1: config 0 descriptor?? [ 668.484807][ T45] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor [ 668.615000][T10860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 668.675595][ T1100] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.744397][ T5267] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 668.766046][ T5267] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 668.777041][ T5267] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 668.792005][ T5267] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 668.801476][ T5267] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 668.819619][ T5267] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 668.879344][T10860] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 668.927393][ T45] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0006/input/input17 [ 668.954508][ T29] audit: type=1326 audit(1720102877.675:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1596" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6399775bd9 code=0x0 [ 669.149181][T10860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 669.303142][T10860] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 669.567362][T10860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 669.683682][ T5181] Bluetooth: hci1: command tx timeout [ 669.844548][T10860] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 670.044500][T10860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 670.133890][T10860] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 670.216044][T10860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 670.318590][T10860] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 670.355714][ T45] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 670.508326][ T45] usb 3-1: USB disconnect, device number 4 [ 670.675890][T10818] bridge0: port 1(bridge_slave_0) entered blocking state [ 670.702725][T10818] bridge0: port 1(bridge_slave_0) entered disabled state [ 670.713643][T10818] bridge_slave_0: entered allmulticast mode [ 670.732952][T10818] bridge_slave_0: entered promiscuous mode [ 670.740188][ T5306] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 670.873872][T10818] bridge0: port 2(bridge_slave_1) entered blocking state [ 670.913829][ T5181] Bluetooth: hci0: command tx timeout [ 670.935355][T10818] bridge0: port 2(bridge_slave_1) entered disabled state [ 670.942900][T10818] bridge_slave_1: entered allmulticast mode [ 670.952123][T10818] bridge_slave_1: entered promiscuous mode [ 670.961451][ T5306] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 670.989365][ T5306] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 671.043558][ T5306] usb 1-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 671.074187][ T5306] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.087447][ T5306] usb 1-1: config 0 descriptor?? [ 671.625266][ T45] usb 6-1: new low-speed USB device number 8 using dummy_hcd [ 671.648486][T10818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 671.713734][ T5181] Bluetooth: hci1: command tx timeout [ 671.731160][T10818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 671.776353][ T5306] lenovo 0003:17EF:6067.0007: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.0-1/input0 [ 671.852822][ T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 671.923420][ T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 671.947846][T10905] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1605'. [ 671.974281][ T45] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 672.006365][ T45] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 672.052840][ T1100] bridge_slave_1: left allmulticast mode [ 672.056912][ T5310] usb 1-1: USB disconnect, device number 17 [ 672.065378][ T45] usb 6-1: config 0 descriptor?? [ 672.073106][ T1100] bridge_slave_1: left promiscuous mode [ 672.096521][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 672.179460][ T1100] bridge_slave_0: left allmulticast mode [ 672.207135][ T1100] bridge_slave_0: left promiscuous mode [ 672.248092][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 672.389406][ T45] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 672.500740][ T45] usb 6-1: USB disconnect, device number 8 [ 672.930696][ T45] iowarrior 6-1:0.0: I/O-Warror #0 now disconnected [ 673.035123][ T5181] Bluetooth: hci0: command tx timeout [ 675.011729][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 675.074005][ T5181] Bluetooth: hci0: command tx timeout [ 675.114828][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 675.147945][ T1100] bond0 (unregistering): Released all slaves [ 675.250796][T10923] loop1: detected capacity change from 0 to 32768 [ 675.382105][T10818] team0: Port device team_slave_0 added [ 675.406540][T10923] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 675.430056][T10818] team0: Port device team_slave_1 added [ 675.455773][T10931] netlink: 1328 bytes leftover after parsing attributes in process `syz.0.1613'. [ 675.474335][ T45] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 675.547503][T10923] XFS (loop1): Ending clean mount [ 675.681909][ T45] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 675.713865][ T45] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 675.743290][ T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 675.784257][ T45] usb 3-1: config 0 descriptor?? [ 676.146005][ T9851] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 676.183344][T10818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 676.200753][T10818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 676.251221][ T45] keytouch 0003:0926:3333.0008: fixing up Keytouch IEC report descriptor [ 676.328271][T10818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 676.341472][ T45] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0008/input/input18 [ 676.490028][T10933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 676.569176][T10933] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 676.667384][ T45] keytouch 0003:0926:3333.0008: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 676.825749][T10818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 676.832749][T10818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 677.027180][T10933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 677.028710][T10818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 677.088040][T10933] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 677.158680][ T5181] Bluetooth: hci0: command tx timeout [ 677.337307][T10933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 677.388684][T10933] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 677.423530][ T5311] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 677.451838][ T1100] hsr_slave_0: left promiscuous mode [ 677.504531][T10933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 677.527772][ T1100] hsr_slave_1: left promiscuous mode [ 677.546228][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 677.564625][T10933] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 677.594731][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 677.625971][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 677.652906][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 677.656004][ T5311] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 677.701218][ T5311] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 677.734451][ T5311] usb 6-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 677.762070][ T5311] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 677.828453][ T5311] usb 6-1: config 0 descriptor?? [ 677.833123][ T1100] veth1_macvtap: left promiscuous mode [ 677.839357][ T1100] veth0_macvtap: left promiscuous mode [ 677.890466][ T1100] veth1_vlan: left promiscuous mode [ 677.915959][ T1100] veth0_vlan: left promiscuous mode [ 678.138486][T10933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 678.203733][T10977] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1618'. [ 678.204460][T10933] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 678.450056][ T5311] lenovo 0003:17EF:6067.0009: hidraw1: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.5-1/input0 [ 678.496273][ T5318] usb 3-1: USB disconnect, device number 5 [ 678.721039][ T5310] usb 6-1: USB disconnect, device number 9 [ 680.002297][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 680.183026][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 682.697790][ T29] audit: type=1326 audit(1720102891.405:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11014 comm="syz.2.1632" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9670b75bd9 code=0x0 [ 683.880517][T10818] hsr_slave_0: entered promiscuous mode [ 683.956677][T11036] loop2: detected capacity change from 0 to 128 [ 684.017549][T10818] hsr_slave_1: entered promiscuous mode [ 684.044800][T10818] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 684.052483][T10818] Cannot create hsr debugfs directory [ 684.110524][T11036] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 684.179530][ T45] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 684.204963][T11036] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 684.430004][ T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 684.492067][ T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 684.536280][ T45] usb 6-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 684.593375][ T45] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 684.654022][ T45] usb 6-1: config 0 descriptor?? [ 684.918093][T10055] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 685.217962][ T45] lenovo 0003:17EF:6067.000A: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.5-1/input0 [ 685.252895][T10867] chnl_net:caif_netlink_parms(): no params data found [ 685.573413][ T5311] usb 6-1: USB disconnect, device number 10 [ 686.133838][T11071] loop2: detected capacity change from 0 to 1024 [ 686.143617][T11071] hfsplus: Filesystem is marked locked, mounting read-only. [ 686.873722][T11089] loop5: detected capacity change from 0 to 128 [ 687.037780][T11089] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 687.161132][T11089] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 687.479327][T11102] loop1: detected capacity change from 0 to 128 [ 687.501120][T10867] bridge0: port 1(bridge_slave_0) entered blocking state [ 687.513095][T10867] bridge0: port 1(bridge_slave_0) entered disabled state [ 687.527545][T10867] bridge_slave_0: entered allmulticast mode [ 687.536907][T10867] bridge_slave_0: entered promiscuous mode [ 687.579691][T10867] bridge0: port 2(bridge_slave_1) entered blocking state [ 687.606292][T11102] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 687.633731][ T5267] Bluetooth: hci2: command 0x0406 tx timeout [ 687.653790][T10867] bridge0: port 2(bridge_slave_1) entered disabled state [ 687.661455][T10867] bridge_slave_1: entered allmulticast mode [ 687.670272][T10867] bridge_slave_1: entered promiscuous mode [ 687.687950][T11102] ext4 filesystem being mounted at /52/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 687.735449][T11102] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:405: inode #2: comm syz.1.1654: No space for directory leaf checksum. Please run e2fsck -D. [ 687.751099][T11102] EXT4-fs error (device loop1): __ext4_find_entry:1693: inode #2: comm syz.1.1654: checksumming directory block 0 [ 688.057315][ T9868] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 688.153074][ T1100] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.205505][ T9851] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 689.180766][ T1100] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 689.218928][T10867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 689.263381][T10867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 689.401697][ T1100] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 689.564542][T11124] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1660'. [ 689.676792][T11128] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1661'. [ 689.696631][ T1100] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 689.883440][T11131] loop5: detected capacity change from 0 to 1764 [ 689.944450][T10867] team0: Port device team_slave_0 added [ 690.516820][T10867] team0: Port device team_slave_1 added [ 691.069818][T11131] loop5: detected capacity change from 0 to 1024 [ 691.340442][T11145] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 691.418094][T10818] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 692.422921][T10867] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 692.496615][T10867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 692.649402][T10867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 692.761084][ T5267] Bluetooth: hci4: command 0x0406 tx timeout [ 692.828101][T10867] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 692.873796][T11153] loop2: detected capacity change from 0 to 1024 [ 692.900497][T10867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 692.938083][T11153] hfsplus: Filesystem is marked locked, mounting read-only. [ 692.945688][T10867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 692.993390][T10818] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 693.297292][T10818] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 693.632514][T10867] hsr_slave_0: entered promiscuous mode [ 693.727432][T10867] hsr_slave_1: entered promiscuous mode [ 693.794568][T10867] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 693.828737][T10867] Cannot create hsr debugfs directory [ 693.930197][T10818] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 694.054459][T11167] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1672'. [ 694.815495][ T1100] bridge_slave_1: left allmulticast mode [ 694.821209][ T1100] bridge_slave_1: left promiscuous mode [ 694.878557][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 694.907247][ T1100] bridge_slave_0: left allmulticast mode [ 694.921916][ T1100] bridge_slave_0: left promiscuous mode [ 694.933816][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 695.813853][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 695.820363][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 695.957148][T11200] 9pnet: p9_errstr2errno: server reported unknown error @í΂Í(ááí«QhQI¸¥ÿÿ [ 696.632167][T11216] loop5: detected capacity change from 0 to 1024 [ 696.685491][T11216] hfsplus: Filesystem is marked locked, mounting read-only. [ 697.420742][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 697.467342][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 697.510975][ T1100] bond0 (unregistering): Released all slaves [ 697.747675][T11186] netlink: 'syz.1.1677': attribute type 10 has an invalid length. [ 697.875813][T11186] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 698.265782][T11236] loop2: detected capacity change from 0 to 512 [ 698.382290][T11236] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 698.398345][T11240] loop5: detected capacity change from 0 to 1024 [ 698.411691][T11240] EXT4-fs: Ignoring removed i_version option [ 698.437193][T11240] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 698.482584][ T29] audit: type=1800 audit(1720102907.205:71): pid=11236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1687" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 698.585808][T11240] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 698.600465][ T29] audit: type=1804 audit(1720102907.205:72): pid=11236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1687" name="/newroot/61/file0/file2" dev="loop2" ino=16 res=1 errno=0 [ 698.607346][T10055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 698.697931][T11245] netlink: 1328 bytes leftover after parsing attributes in process `syz.1.1686'. [ 699.776237][ T9868] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 700.083479][ T1100] hsr_slave_0: left promiscuous mode [ 700.157989][ T1100] hsr_slave_1: left promiscuous mode [ 700.200533][T11267] loop2: detected capacity change from 0 to 256 [ 700.243049][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 700.254192][T11267] FAT-fs (loop2): Unrecognized mount option "shortnaqe=lower" or missing value [ 700.269841][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 700.319033][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 700.368301][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 700.473354][ T45] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 700.565012][ T1100] veth1_macvtap: left promiscuous mode [ 700.570673][ T1100] veth0_macvtap: left promiscuous mode [ 700.605455][ T1100] veth1_vlan: left promiscuous mode [ 700.623467][ T1100] veth0_vlan: left promiscuous mode [ 700.700000][ T45] usb 2-1: config 0 has an invalid descriptor of length 180, skipping remainder of the config [ 700.747094][ T45] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 700.772954][ T45] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 700.803275][ T45] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 700.863730][ T45] usb 2-1: Product: syz [ 700.867936][ T45] usb 2-1: Manufacturer: syz [ 700.872565][ T45] usb 2-1: SerialNumber: syz [ 700.920263][ T45] usb 2-1: config 0 descriptor?? [ 701.237816][ T45] usb 2-1: USB disconnect, device number 7 [ 701.970523][T11295] loop2: detected capacity change from 0 to 16 [ 701.987139][T11295] erofs: (device loop2): mounted with root inode @ nid 36. [ 702.834078][T11307] loop5: detected capacity change from 0 to 1024 [ 702.841928][T11307] EXT4-fs: Ignoring removed i_version option [ 702.863509][T11307] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 702.968721][T11307] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 703.535006][ T9868] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 704.638088][T11330] loop5: detected capacity change from 0 to 512 [ 704.779965][T11330] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 704.993568][ T29] audit: type=1800 audit(1720102913.725:73): pid=11330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1707" name="file2" dev="loop5" ino=16 res=0 errno=0 [ 705.045284][ T29] audit: type=1804 audit(1720102913.765:74): pid=11330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1707" name="/newroot/64/file0/file2" dev="loop5" ino=16 res=1 errno=0 [ 705.190263][ T9868] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 705.631127][T11348] loop2: detected capacity change from 0 to 256 [ 705.712170][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 705.759232][T11348] FAT-fs (loop2): Directory bread(block 64) failed [ 705.780553][T11348] FAT-fs (loop2): Directory bread(block 65) failed [ 705.803821][T11348] FAT-fs (loop2): Directory bread(block 66) failed [ 705.828638][T11348] FAT-fs (loop2): Directory bread(block 67) failed [ 705.849661][T11348] FAT-fs (loop2): Directory bread(block 68) failed [ 705.858225][T11348] FAT-fs (loop2): Directory bread(block 69) failed [ 705.865593][T11348] FAT-fs (loop2): Directory bread(block 70) failed [ 705.872230][T11348] FAT-fs (loop2): Directory bread(block 71) failed [ 705.879708][T11348] FAT-fs (loop2): Directory bread(block 72) failed [ 705.888084][T11348] FAT-fs (loop2): Directory bread(block 73) failed [ 705.892479][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 707.302353][T11365] loop2: detected capacity change from 0 to 256 [ 707.383299][T11365] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 707.868452][T11346] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1713'. [ 708.269573][T11378] loop1: detected capacity change from 0 to 256 [ 708.451478][T11380] loop2: detected capacity change from 0 to 1024 [ 708.509665][T11378] FAT-fs (loop1): Directory bread(block 64) failed [ 708.517899][T11380] EXT4-fs: Ignoring removed i_version option [ 708.524208][T11378] FAT-fs (loop1): Directory bread(block 65) failed [ 708.532184][T11380] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 708.552813][T11378] FAT-fs (loop1): Directory bread(block 66) failed [ 708.576271][T11378] FAT-fs (loop1): Directory bread(block 67) failed [ 708.605555][T11378] FAT-fs (loop1): Directory bread(block 68) failed [ 708.639894][T11378] FAT-fs (loop1): Directory bread(block 69) failed [ 708.694483][T11378] FAT-fs (loop1): Directory bread(block 70) failed [ 708.701283][T11378] FAT-fs (loop1): Directory bread(block 71) failed [ 708.708070][T11378] FAT-fs (loop1): Directory bread(block 72) failed [ 708.715342][T11378] FAT-fs (loop1): Directory bread(block 73) failed [ 708.730105][T11380] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 708.753519][T11384] loop5: detected capacity change from 0 to 512 [ 708.773697][ T45] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 708.921439][T11384] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 708.954496][T11384] ext4 filesystem being mounted at /68/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 709.004416][ T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 709.063444][ T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 709.095251][ T45] usb 1-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 709.122950][T10818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 709.139081][ T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 709.159736][ T45] usb 1-1: config 0 descriptor?? [ 709.331068][T10055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 709.358712][ T9868] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 709.566771][T10818] 8021q: adding VLAN 0 to HW filter on device team0 [ 709.687206][ T8839] bridge0: port 1(bridge_slave_0) entered blocking state [ 709.694629][ T8839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 709.705833][ T45] lenovo 0003:17EF:6067.000B: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.0-1/input0 [ 709.847496][ T927] bridge0: port 2(bridge_slave_1) entered blocking state [ 709.854938][ T927] bridge0: port 2(bridge_slave_1) entered forwarding state [ 709.883043][ T45] usb 1-1: USB disconnect, device number 18 [ 710.349617][T10867] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 710.414243][T11414] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1735'. [ 710.431333][T11410] loop5: detected capacity change from 0 to 256 [ 710.473830][T10867] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 710.516494][T11410] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 710.584819][T10867] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 710.677773][T10867] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 711.348882][T11431] loop2: detected capacity change from 0 to 256 [ 711.418957][T11431] FAT-fs (loop2): Unrecognized mount option "rodir" or missing value [ 711.798657][T10867] 8021q: adding VLAN 0 to HW filter on device bond0 [ 712.089890][T10867] 8021q: adding VLAN 0 to HW filter on device team0 [ 712.115243][T11443] loop5: detected capacity change from 0 to 1024 [ 712.174752][T10818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 712.265879][ T5318] bridge0: port 1(bridge_slave_0) entered blocking state [ 712.273310][ T5318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 712.290095][T11443] hfsplus: bad catalog entry type [ 712.460105][ T5318] bridge0: port 2(bridge_slave_1) entered blocking state [ 712.467494][ T5318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 712.505014][ T5766] hfsplus: b-tree write err: -5, ino 4 [ 712.527036][T11450] netlink: 'syz.0.1747': attribute type 10 has an invalid length. [ 712.666339][T11450] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 713.233566][ T5181] Bluetooth: hci6: command 0x0406 tx timeout [ 713.455351][T10818] veth0_vlan: entered promiscuous mode [ 713.595670][T10818] veth1_vlan: entered promiscuous mode [ 713.613483][ T45] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 713.837696][ T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 713.892126][ T45] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 713.939129][ T45] usb 6-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 713.939897][T10818] veth0_macvtap: entered promiscuous mode [ 713.977769][ T45] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.012922][ T45] usb 6-1: config 0 descriptor?? [ 714.102956][T10818] veth1_macvtap: entered promiscuous mode [ 714.363324][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 714.403151][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 714.453282][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 714.512833][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 714.578427][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 714.653268][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 714.693501][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 714.707630][T11494] loop2: detected capacity change from 0 to 256 [ 714.717267][ T45] lenovo 0003:17EF:6067.000C: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.5-1/input0 [ 714.743265][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 714.753106][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 714.765479][T11494] FAT-fs (loop2): Unrecognized mount option "rodir" or missing value [ 714.830986][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 714.877687][T10818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 714.948526][ T9406] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 714.961926][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 715.011646][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.023732][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 715.037071][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.051232][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 715.061841][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.072715][ T45] usb 6-1: USB disconnect, device number 11 [ 715.075518][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 715.127970][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.170148][T10818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 715.208533][T10818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.236843][T10818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 715.343122][T10818] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.386880][T10818] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.403250][T10818] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.421444][T10818] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 715.608523][T11501] loop1: detected capacity change from 0 to 8192 [ 715.646450][T10867] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 716.293874][T11033] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 716.345591][T11033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 716.348377][T11519] loop1: detected capacity change from 0 to 512 [ 716.446744][T11519] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 716.478368][T11518] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1766'. [ 716.514109][T11519] UDF-fs: Scanning with blocksize 512 failed [ 716.550857][T11523] loop2: detected capacity change from 0 to 1024 [ 716.552643][T11519] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 716.596646][T11519] UDF-fs: Scanning with blocksize 1024 failed [ 716.633376][T11519] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 716.647411][T11519] UDF-fs: Scanning with blocksize 2048 failed [ 716.686779][T11523] hfsplus: bad catalog entry type [ 716.694558][T11519] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 716.759107][ T1092] hfsplus: b-tree write err: -5, ino 4 [ 716.766851][T11519] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 716.800078][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 716.847577][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 716.874885][T11519] [syz.1.1767/11519] FS: loop1 File: /blkio.throttle.io_service_bytes_recursive would truncate fibmap result [ 717.356605][T11539] loop1: detected capacity change from 0 to 8 [ 717.409047][T11539] squashfs: Unknown parameter 'ªªªªªªªªùÿ†Ý`‹—' [ 717.540497][T10027] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 717.704947][T11539] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1773'. [ 717.707637][T10867] veth0_vlan: entered promiscuous mode [ 717.729554][T11548] loop5: detected capacity change from 0 to 512 [ 717.902990][T11548] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 718.453917][T10867] veth1_vlan: entered promiscuous mode [ 718.899186][ T5310] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 719.010037][T10867] veth0_macvtap: entered promiscuous mode [ 719.069042][T11548] EXT4-fs (loop5): failed to open journal device unknown-block(0,0) -6 [ 719.071269][T11560] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 719.104114][T10867] veth1_macvtap: entered promiscuous mode [ 719.174564][ T5310] usb 2-1: New USB device found, idVendor=06cd, idProduct=010c, bcdDevice=3b.c0 [ 719.195860][T11564] loop2: detected capacity change from 0 to 1024 [ 719.203410][ T5310] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 719.257775][ T5310] usb 2-1: config 0 descriptor?? [ 719.269848][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 719.307158][ T5310] keyspan 2-1:0.0: Keyspan 1 port adapter converter detected [ 719.344339][T11566] kAFS: unparsable volume name [ 719.346283][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 719.360362][ T5310] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 84 [ 719.400863][ T5310] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81 [ 719.408680][T11564] hfsplus: bad catalog entry type [ 719.408768][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 719.449244][ T5310] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 82 [ 719.474889][ T5310] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1 [ 719.485670][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 719.533367][ T5310] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2 [ 719.552141][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 719.585491][ T5310] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 83 [ 719.597197][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 719.616296][ T5310] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 3 [ 719.641732][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 719.678515][ T5310] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 719.699692][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 719.724779][ T29] audit: type=1326 audit(1720102928.455:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11568 comm="syz.0.1783" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8298b75bd9 code=0x0 [ 719.738996][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 719.782494][ T5310] usb 2-1: USB disconnect, device number 8 [ 719.839642][ T5310] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 719.854516][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 719.891244][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 719.905410][ T5310] keyspan 2-1:0.0: device disconnected [ 719.941173][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 719.968637][ T5766] hfsplus: b-tree write err: -5, ino 4 [ 719.987975][T10867] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 720.088813][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.151639][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.217877][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.269110][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.332184][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.373298][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.436162][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.478123][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.522779][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.573551][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.618695][T10867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 720.648213][T10867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 720.712405][T10867] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 721.257325][T10867] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.541077][T10867] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.596729][T10867] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.656599][T10867] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.827344][T11599] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 722.126392][T11604] loop3: detected capacity change from 0 to 64 [ 722.155413][T11608] loop2: detected capacity change from 0 to 8 [ 722.287303][T11608] SQUASHFS error: Failed to read block 0x63a: -5 [ 722.314927][T11604] hfs: invalid extent max_key_len 510 [ 722.324054][T11608] SQUASHFS error: Unable to read metadata cache entry [638] [ 722.341108][T11604] hfs: unable to open extent tree [ 722.355891][T11604] hfs: can't find a HFS filesystem on dev loop3 [ 722.370054][T11608] SQUASHFS error: Unable to read directory block [26067d:0] [ 722.469159][T11610] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1798'. [ 722.586686][T11613] loop5: detected capacity change from 0 to 512 [ 722.801152][T11613] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 722.816377][T11613] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 722.879495][ T5497] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 722.915492][ T5497] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 723.115044][T11033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 723.148645][T11033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 723.368325][ T9868] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.676313][T11634] loop1: detected capacity change from 0 to 1024 [ 723.689067][T11636] loop3: detected capacity change from 0 to 512 [ 723.722161][T11636] EXT4-fs: Ignoring removed nobh option [ 723.772686][T11636] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 723.841442][T11641] bridge_slave_1: left allmulticast mode [ 723.843385][T11636] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61 [ 723.853911][T11641] bridge_slave_1: left promiscuous mode [ 723.868249][T11641] bridge0: port 2(bridge_slave_1) entered disabled state [ 723.912008][T11636] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #13: comm syz.3.1807: casefold flag without casefold feature [ 723.936699][T11641] netlink: 'syz.2.1809': attribute type 2 has an invalid length. [ 723.978465][T11636] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1807: couldn't read orphan inode 13 (err -117) [ 724.016151][T11641] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 724.038077][ T51] hfsplus: b-tree write err: -5, ino 8 [ 724.047209][T11636] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 724.264888][T11650] loop5: detected capacity change from 0 to 8 [ 724.307021][T11641] loop2: detected capacity change from 0 to 1024 [ 724.335457][T11641] hfsplus: unable to parse mount options [ 724.352662][T11650] SQUASHFS error: Failed to read block 0x63a: -5 [ 724.374966][T10818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 724.389886][T11650] SQUASHFS error: Unable to read metadata cache entry [638] [ 724.473423][T11650] SQUASHFS error: Unable to read directory block [26067d:0] [ 724.538323][T11653] sg_write: process 267 (syz.1.1813) changed security contexts after opening file descriptor, this is not allowed. [ 724.592169][T11655] netlink: 64535 bytes leftover after parsing attributes in process `syz.4.1814'. [ 724.827066][T11658] loop3: detected capacity change from 0 to 64 [ 724.932843][T11658] hfs: invalid extent max_key_len 510 [ 724.943668][T11658] hfs: unable to open extent tree [ 724.948972][T11658] hfs: can't find a HFS filesystem on dev loop3 [ 726.062006][T11681] loop2: detected capacity change from 0 to 512 [ 726.128520][T11681] EXT4-fs: Ignoring removed nobh option [ 726.289091][T11681] fscrypt (loop2, inode 2): Error -61 getting encryption context [ 726.362414][T11681] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61 [ 726.438538][T11681] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #13: comm syz.2.1824: casefold flag without casefold feature [ 726.497823][T11681] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1824: couldn't read orphan inode 13 (err -117) [ 726.576984][T11681] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 726.662022][T11689] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1828'. [ 726.757225][T11694] netlink: 64535 bytes leftover after parsing attributes in process `syz.3.1829'. [ 727.044273][T10055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 727.106677][T11697] loop4: detected capacity change from 0 to 2048 [ 727.213784][T11700] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 727.255192][ T5306] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 727.454413][ T5306] usb 2-1: Using ep0 maxpacket: 32 [ 727.500632][ T5306] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 727.543886][ T5306] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 727.600788][ T5306] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 727.640891][ T5306] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 727.696017][ T5306] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 727.729005][ T5306] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 727.759093][ T5306] usb 2-1: Product: syz [ 727.771319][ T5306] usb 2-1: Manufacturer: syz [ 727.802471][ T5306] usb 2-1: SerialNumber: syz [ 727.913087][T11704] loop3: detected capacity change from 0 to 4096 [ 727.958374][T11704] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 728.294500][T11704] ntfs3: loop3: failed to convert "c46c" to cp861 [ 728.787439][T11717] loop4: detected capacity change from 0 to 64 [ 728.879320][ T5306] usb 2-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 728.924238][ T5306] usb 2-1: found format II with max.bitrate = 0, frame size=0 [ 728.980788][ T5306] usb 2-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 729.012100][T11717] hfs: invalid extent max_key_len 510 [ 729.017714][ T5306] usb 2-1: found format II with max.bitrate = 0, frame size=0 [ 729.038198][T11717] hfs: unable to open extent tree [ 729.043529][ T5306] usb 2-1: failed to enable PITCH for EP 0x82 [ 729.050056][T11717] hfs: can't find a HFS filesystem on dev loop4 [ 729.060853][ T5306] usb 2-1: 2:1: cannot set freq 16318258 to ep 0x82 [ 729.309108][ T5306] usb 2-1: USB disconnect, device number 9 [ 729.498750][T11728] loop2: detected capacity change from 0 to 512 [ 729.573775][T11728] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 729.640657][T11728] UDF-fs: Scanning with blocksize 512 failed [ 729.725574][T11728] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 729.765607][T11728] UDF-fs: Scanning with blocksize 1024 failed [ 729.815832][T11728] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 729.838331][T11728] UDF-fs: Scanning with blocksize 2048 failed [ 729.877578][T11728] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 729.928678][ T9287] udevd[9287]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 729.971574][T11728] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 730.203546][T11728] [syz.2.1843/11728] FS: loop2 File: /blkio.throttle.io_service_bytes_recursive would truncate fibmap result [ 730.752383][T11752] loop3: detected capacity change from 0 to 8 [ 730.765114][T11751] netlink: 'syz.0.1853': attribute type 10 has an invalid length. [ 730.806252][T11746] loop5: detected capacity change from 0 to 4096 [ 730.840570][T11746] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 730.862168][T11754] netlink: 64535 bytes leftover after parsing attributes in process `syz.2.1852'. [ 730.873960][T11755] loop4: detected capacity change from 0 to 512 [ 730.882546][T11752] SQUASHFS error: Failed to read block 0x63a: -5 [ 730.905425][T11755] EXT4-fs: Ignoring removed nobh option [ 730.931583][T11752] SQUASHFS error: Unable to read metadata cache entry [638] [ 730.951929][T11755] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 730.973281][T11752] SQUASHFS error: Unable to read directory block [26067d:0] [ 730.973473][T11755] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61 [ 731.001932][T11755] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #13: comm syz.4.1856: casefold flag without casefold feature [ 731.076706][T11746] ntfs3: loop5: failed to convert "c46c" to cp861 [ 731.163737][T11762] sock: sock_timestamping_bind_phc: sock not bind to device [ 731.205197][T11755] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1856: couldn't read orphan inode 13 (err -117) [ 731.332515][T11755] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 731.503582][T11766] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1858'. [ 731.681842][T10867] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 731.904517][ T5318] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 731.941898][T11778] loop2: detected capacity change from 0 to 64 [ 732.070254][T11778] hfs: invalid extent max_key_len 510 [ 732.077831][T11778] hfs: unable to open extent tree [ 732.088161][T11778] hfs: can't find a HFS filesystem on dev loop2 [ 732.163248][ T5318] usb 2-1: Using ep0 maxpacket: 32 [ 732.223577][ T5318] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 732.257398][ T5318] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 732.311255][ T5318] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 732.335606][T10028] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 732.385399][ T5318] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 732.463443][ T5318] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 732.500210][ T5318] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 732.539514][ T5318] usb 2-1: Product: syz [ 732.563579][ T5318] usb 2-1: Manufacturer: syz [ 732.593432][T11789] TCP: MD5 Hash failed for 172.20.20.187.0->172.20.20.170.20002 [] L3 index 0 [ 732.601744][ T5318] usb 2-1: SerialNumber: syz [ 732.670715][T11775] loop3: detected capacity change from 0 to 4096 [ 732.804988][T11775] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 733.033920][T11795] loop4: detected capacity change from 0 to 512 [ 733.050036][T11775] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 733.143317][T11795] EXT4-fs: test_dummy_encryption requires encrypt feature [ 733.151244][T11775] ntfs3: loop3: Failed to load $MFT (-22). [ 733.238282][T11791] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1868'. [ 733.268582][T11791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1868'. [ 733.619238][T11798] netlink: 64535 bytes leftover after parsing attributes in process `syz.2.1872'. [ 733.663875][ T5318] usb 2-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 733.723296][ T5318] usb 2-1: found format II with max.bitrate = 0, frame size=0 [ 733.731105][ T5318] usb 2-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 733.793790][ T5318] usb 2-1: found format II with max.bitrate = 0, frame size=0 [ 733.833395][ T5318] usb 2-1: failed to enable PITCH for EP 0x82 [ 733.843738][ T5318] usb 2-1: 2:1: cannot set freq 16318258 to ep 0x82 [ 734.015622][ T5318] usb 2-1: USB disconnect, device number 10 [ 734.398327][T11814] fuse: Bad value for 'fd' [ 734.694368][ T9432] udevd[9432]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 734.856352][T11817] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1880'. [ 734.876892][T11823] input: syz0 as /devices/virtual/input/input19 [ 735.447171][T11833] loop1: detected capacity change from 0 to 512 [ 735.481679][T11833] EXT4-fs: Ignoring removed nobh option [ 735.531575][T11833] fscrypt (loop1, inode 2): Error -61 getting encryption context [ 735.538315][T11828] loop3: detected capacity change from 0 to 4096 [ 735.553358][T11833] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -61 [ 735.626425][T11833] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #13: comm syz.1.1887: casefold flag without casefold feature [ 735.657544][T11833] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1887: couldn't read orphan inode 13 (err -117) [ 735.679843][T11838] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 735.839485][T11833] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 736.228054][ T9851] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 736.556447][T11847] loop3: detected capacity change from 0 to 512 [ 736.634072][T11847] EXT4-fs: test_dummy_encryption requires encrypt feature [ 736.814932][T10027] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 736.968183][T11857] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1895'. [ 737.353593][T11867] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1899'. [ 737.408304][ T1153] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 737.613357][ T1153] usb 3-1: Using ep0 maxpacket: 32 [ 737.646318][ T1153] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 737.695119][ T1153] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 737.738978][ T1153] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 737.792839][T11881] sock: sock_timestamping_bind_phc: sock not bind to device [ 737.801416][ T1153] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 737.894599][ T1153] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 737.922003][ T1153] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 737.968003][ T1153] usb 3-1: Product: syz [ 737.972230][ T1153] usb 3-1: Manufacturer: syz [ 738.042984][ T1153] usb 3-1: SerialNumber: syz [ 739.094834][ T1153] usb 3-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 739.164363][ T1153] usb 3-1: found format II with max.bitrate = 0, frame size=0 [ 739.192587][ T1153] usb 3-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 739.239117][T11903] loop5: detected capacity change from 0 to 16 [ 739.245919][ T1153] usb 3-1: found format II with max.bitrate = 0, frame size=0 [ 739.321622][T11903] erofs: (device loop5): mounted with root inode @ nid 36. [ 739.333568][ T1153] usb 3-1: failed to enable PITCH for EP 0x82 [ 739.341674][ T1153] usb 3-1: 2:1: cannot set freq 16318258 to ep 0x82 [ 739.669292][ T1153] usb 3-1: USB disconnect, device number 6 [ 740.232630][ T9432] udevd[9432]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 740.689185][T11925] loop3: detected capacity change from 0 to 2048 [ 740.782758][T11925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 740.811731][T11925] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 740.879925][T11930] sock: sock_timestamping_bind_phc: sock not bind to device [ 741.121310][T11937] 9pnet_fd: Insufficient options for proto=fd [ 742.045724][T10818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 742.095554][T11942] bridge_slave_1: left allmulticast mode [ 742.101272][T11942] bridge_slave_1: left promiscuous mode [ 742.153877][T11942] bridge0: port 2(bridge_slave_1) entered disabled state [ 742.232613][T11942] netlink: 'syz.0.1924': attribute type 2 has an invalid length. [ 742.257769][T11942] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 742.730970][T11959] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1930'. [ 742.765876][T11964] loop2: detected capacity change from 0 to 16 [ 742.832871][T11964] erofs: (device loop2): mounted with root inode @ nid 36. [ 743.253330][ T927] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 743.450351][T11976] loop5: detected capacity change from 0 to 2048 [ 743.534440][ T927] usb 2-1: Using ep0 maxpacket: 32 [ 743.585314][T11984] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 743.603286][T11977] loop4: detected capacity change from 0 to 256 [ 743.621464][ T927] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 743.699522][ T927] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 743.724916][T11977] FAT-fs (loop4): invalid media value (0x29) [ 743.733586][T11977] FAT-fs (loop4): Can't find a valid FAT filesystem [ 743.782517][ T927] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 743.870778][ T927] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 743.928966][ T927] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 743.962406][ T927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 744.045609][ T927] usb 2-1: Product: syz [ 744.072498][ T927] usb 2-1: Manufacturer: syz [ 744.089238][ T927] usb 2-1: SerialNumber: syz [ 744.937724][ T927] usb 2-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 744.969874][ T927] usb 2-1: found format II with max.bitrate = 0, frame size=0 [ 744.992666][ T927] usb 2-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 745.031362][ T927] usb 2-1: found format II with max.bitrate = 0, frame size=0 [ 745.136196][ T927] usb 2-1: failed to enable PITCH for EP 0x82 [ 745.160427][ T927] usb 2-1: 2:1: cannot set freq 16318258 to ep 0x82 [ 746.387619][T12009] loop2: detected capacity change from 0 to 40427 [ 748.289660][ T927] usb 2-1: USB disconnect, device number 11 [ 748.394583][T12009] F2FS-fs (loop2): Found nat_bits in checkpoint [ 748.472464][T12009] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 749.008623][T12017] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1946'. [ 749.056913][T12017] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1946'. [ 749.427529][T12021] ptrace attach of "./syz-executor exec"[9868] was attempted by "./syz-executor exec"[12021] [ 749.661781][T10029] udevd[10029]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 750.294070][T12033] loop3: detected capacity change from 0 to 47 [ 751.279569][T12049] wireguard0: entered promiscuous mode [ 751.285266][T12049] wireguard0: entered allmulticast mode [ 753.600078][T12074] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1965'. [ 753.673515][T12074] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1965'. [ 754.013323][T12068] loop5: detected capacity change from 0 to 256 [ 754.315878][T12068] FAT-fs (loop5): invalid media value (0x29) [ 754.336339][T12068] FAT-fs (loop5): Can't find a valid FAT filesystem [ 754.539535][T12087] loop1: detected capacity change from 0 to 256 [ 754.640590][T12087] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 754.852796][T12087] exFAT-fs (loop1): hint_cluster is invalid (65537), rewind to the first cluster [ 755.106064][T12095] loop2: detected capacity change from 0 to 8 [ 755.126052][T12093] loop3: detected capacity change from 0 to 2048 [ 755.145941][T12095] squashfs: Unknown parameter 'ªªªªªªªªùÿ†Ý`‹—' [ 755.223080][T12093] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 755.308720][T12093] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 755.351652][T12095] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1973'. [ 755.533870][T12105] netlink: 8192 bytes leftover after parsing attributes in process `syz.0.1976'. [ 756.734305][ T5318] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 756.764476][T12108] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 756.792911][T12110] 9pnet_fd: Insufficient options for proto=fd [ 757.427352][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 757.441799][ T5318] usb 3-1: New USB device found, idVendor=06cd, idProduct=010c, bcdDevice=3b.c0 [ 757.451792][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 757.505849][ T5318] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 757.554654][ T5318] usb 3-1: config 0 descriptor?? [ 757.612207][ T5318] keyspan 3-1:0.0: Keyspan 1 port adapter converter detected [ 757.683742][ T5318] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 84 [ 757.767916][ T5318] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 81 [ 757.854262][ T5318] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 82 [ 757.862136][ T5318] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 1 [ 757.914044][T10818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 758.034528][ T5318] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 2 [ 758.042287][ T5318] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 83 [ 758.101635][ T5318] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 3 [ 758.147186][ T5318] usb 3-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 758.173564][T12125] Bluetooth: MGMT ver 1.22 [ 758.207668][ T5318] usb 3-1: USB disconnect, device number 7 [ 758.242992][ T5318] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 758.287300][T12128] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1980'. [ 758.322933][ T5318] keyspan 3-1:0.0: device disconnected [ 758.336097][T12128] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1980'. [ 760.154797][T12157] wireguard0: entered promiscuous mode [ 760.160440][T12157] wireguard0: entered allmulticast mode [ 760.296587][T12156] netlink: 8192 bytes leftover after parsing attributes in process `syz.2.1991'. [ 761.742143][T12186] loop1: detected capacity change from 0 to 256 [ 761.744583][T12181] loop5: detected capacity change from 0 to 256 [ 761.877813][T12186] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 761.905163][T12181] FAT-fs (loop5): invalid media value (0x29) [ 761.932375][T12181] FAT-fs (loop5): Can't find a valid FAT filesystem [ 762.079707][T12186] exFAT-fs (loop1): hint_cluster is invalid (65537), rewind to the first cluster [ 762.685470][T12196] loop4: detected capacity change from 0 to 256 [ 762.718086][T12196] exfat: Deprecated parameter 'namecase' [ 762.753928][T12196] exfat: Deprecated parameter 'namecase' [ 762.925496][T12196] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 763.107751][T12202] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2006'. [ 764.054344][T12207] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR [ 764.584421][T12211] fuse: Bad value for 'fd' [ 768.694623][T12241] dccp_close: ABORT with 190 bytes unread [ 769.364316][ T5267] Bluetooth: hci0: unexpected event 0x06 length: 23 > 3 [ 769.612146][T12251] loop1: detected capacity change from 0 to 4096 [ 770.621934][T12251] NILFS (loop1): invalid segment: Checksum error in segment payload [ 770.691421][T12251] NILFS (loop1): trying rollback from an earlier position [ 770.722134][T12253] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2024'. [ 770.752776][T12251] NILFS (loop1): norecovery option specified, skipping roll-forward recovery [ 770.899868][T12247] NILFS (loop1): couldn't remount because the filesystem is in an incomplete recovery state [ 771.055284][T12261] loop5: detected capacity change from 0 to 256 [ 771.082936][T12261] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 771.135112][T12261] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 771.287302][T12261] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 773.186759][T12267] loop1: detected capacity change from 0 to 4096 [ 773.238099][T12267] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 773.267877][T12274] loop2: detected capacity change from 0 to 128 [ 773.326493][T12274] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 773.435534][T12274] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 773.552940][T12267] ntfs3: loop1: failed to convert "c46c" to iso8859-7 [ 773.751984][T10055] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 774.314210][T12292] netlink: 'syz.5.2039': attribute type 16 has an invalid length. [ 774.531006][ T5181] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 774.650644][ T5181] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 774.662566][ T5181] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 774.681728][ T5181] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 774.697533][ T5181] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 774.707705][ T5181] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 775.592403][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 776.835265][ T5181] Bluetooth: hci1: command tx timeout [ 777.054538][T12299] loop5: detected capacity change from 0 to 4096 [ 777.213370][T12299] NILFS (loop5): invalid segment: Checksum error in segment payload [ 777.255922][T12299] NILFS (loop5): trying rollback from an earlier position [ 777.451417][T12299] NILFS (loop5): norecovery option specified, skipping roll-forward recovery [ 777.704826][T12299] NILFS (loop5): couldn't remount because the filesystem is in an incomplete recovery state [ 777.714589][T12320] loop2: detected capacity change from 0 to 256 [ 777.818989][T12320] FAT-fs (loop2): invalid media value (0x29) [ 777.825449][T12320] FAT-fs (loop2): Can't find a valid FAT filesystem [ 777.840982][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 778.639899][ T5267] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 778.652863][ T5267] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 778.710285][ T5267] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 778.718003][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 778.772872][ T5267] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 778.782276][ T5267] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 778.793016][ T5267] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 778.923679][ T5181] Bluetooth: hci1: command tx timeout [ 779.021933][T12331] loop5: detected capacity change from 0 to 128 [ 779.111400][T12331] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 779.126955][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.222728][T12331] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 779.486466][ T9868] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 780.490471][ T29] audit: type=1326 audit(1720102989.215:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12346 comm="syz.5.2055" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6158975bd9 code=0x0 [ 780.595421][T12348] netlink: 830 bytes leftover after parsing attributes in process `syz.5.2055'. [ 780.771896][T12294] chnl_net:caif_netlink_parms(): no params data found [ 780.916515][ T5181] Bluetooth: hci3: command tx timeout [ 780.993678][ T5181] Bluetooth: hci1: command tx timeout [ 781.583926][ T11] bridge_slave_1: left allmulticast mode [ 781.589612][ T11] bridge_slave_1: left promiscuous mode [ 781.644035][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 781.696862][ T11] bridge_slave_0: left allmulticast mode [ 781.707155][ T11] bridge_slave_0: left promiscuous mode [ 781.713019][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 781.890286][T12361] loop1: detected capacity change from 0 to 2048 [ 781.949547][T12361] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 782.096799][T12365] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 782.993403][ T5181] Bluetooth: hci3: command tx timeout [ 783.073884][ T5181] Bluetooth: hci1: command tx timeout [ 784.997666][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 785.014277][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 785.029928][ T11] bond0 (unregistering): Released all slaves [ 785.050826][T12327] chnl_net:caif_netlink_parms(): no params data found [ 785.073562][ T5181] Bluetooth: hci3: command tx timeout [ 785.579162][T12389] loop2: detected capacity change from 0 to 2048 [ 785.653306][T12389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 785.709332][T12389] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 785.851391][T12386] netlink: 'syz.4.2065': attribute type 16 has an invalid length. [ 786.581384][T12389] 9pnet_fd: Insufficient options for proto=fd [ 786.735487][ T5181] Bluetooth: hci2: unexpected event 0x06 length: 23 > 3 [ 786.736227][T10055] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 786.818327][T12294] bridge0: port 1(bridge_slave_0) entered blocking state [ 786.855187][T12294] bridge0: port 1(bridge_slave_0) entered disabled state [ 786.904185][T12294] bridge_slave_0: entered allmulticast mode [ 786.930297][T12294] bridge_slave_0: entered promiscuous mode [ 787.035409][T12405] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2071'. [ 787.153939][ T5181] Bluetooth: hci3: command tx timeout [ 787.213248][T12294] bridge0: port 2(bridge_slave_1) entered blocking state [ 787.253029][T12294] bridge0: port 2(bridge_slave_1) entered disabled state [ 787.266781][T12294] bridge_slave_1: entered allmulticast mode [ 787.286714][T12294] bridge_slave_1: entered promiscuous mode [ 788.235214][T12417] loop2: detected capacity change from 0 to 256 [ 788.343284][T12417] FAT-fs (loop2): invalid media value (0x29) [ 788.352496][T12417] FAT-fs (loop2): Can't find a valid FAT filesystem [ 788.849247][T12294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 789.500584][T12294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 789.537204][T12327] bridge0: port 1(bridge_slave_0) entered blocking state [ 789.580301][T12327] bridge0: port 1(bridge_slave_0) entered disabled state [ 789.636672][T12327] bridge_slave_0: entered allmulticast mode [ 789.703692][T12327] bridge_slave_0: entered promiscuous mode [ 789.930379][T12424] loop1: detected capacity change from 0 to 2048 [ 789.981655][T12424] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 790.025593][ T11] hsr_slave_0: left promiscuous mode [ 790.130518][ T11] hsr_slave_1: left promiscuous mode [ 790.131481][T12429] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 790.152432][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 790.192956][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 790.249381][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 790.306812][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 790.419839][ T11] veth1_macvtap: left promiscuous mode [ 790.437547][ T11] veth0_macvtap: left promiscuous mode [ 790.444118][ T11] veth1_vlan: left promiscuous mode [ 790.449657][ T11] veth0_vlan: left promiscuous mode [ 793.246786][T10057] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 793.257854][T10057] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 793.267042][T10057] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 793.279758][T10057] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 793.291488][T10057] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 793.299363][T10057] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 794.020822][ T11] team0 (unregistering): Port device team_slave_1 removed [ 794.180747][ T11] team0 (unregistering): Port device team_slave_0 removed [ 794.949706][T12468] loop2: detected capacity change from 0 to 4096 [ 794.959026][T12468] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 795.076467][T12468] ntfs3: loop2: failed to convert "c46c" to iso8859-7 [ 795.166198][ T5267] Bluetooth: hci0: command 0x0406 tx timeout [ 795.367552][T12472] loop2: detected capacity change from 0 to 2048 [ 795.377206][T12472] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 795.405719][ T5181] Bluetooth: hci5: command tx timeout [ 795.435593][T12473] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 795.589455][T12327] bridge0: port 2(bridge_slave_1) entered blocking state [ 795.597783][T12327] bridge0: port 2(bridge_slave_1) entered disabled state [ 795.605508][T12327] bridge_slave_1: entered allmulticast mode [ 795.615387][T12327] bridge_slave_1: entered promiscuous mode [ 795.779710][T12294] team0: Port device team_slave_0 added [ 795.837182][T12453] netlink: 'syz.1.2079': attribute type 16 has an invalid length. [ 796.192971][T12294] team0: Port device team_slave_1 added [ 796.477146][T12327] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 796.556019][T12327] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 796.750699][T12294] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 796.780041][T12294] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 796.901642][T12294] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 797.565248][ T5181] Bluetooth: hci5: command tx timeout [ 798.287493][T12294] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 798.333606][T12294] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 798.403702][T12294] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 798.540774][T12327] team0: Port device team_slave_0 added [ 798.588393][T12327] team0: Port device team_slave_1 added [ 798.761383][T12504] loop1: detected capacity change from 0 to 2048 [ 798.820240][T12504] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 798.954542][T12509] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 799.126112][T12327] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 799.133121][T12327] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 799.243717][T12327] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 799.456968][T12294] hsr_slave_0: entered promiscuous mode [ 799.478475][T12294] hsr_slave_1: entered promiscuous mode [ 799.508895][T12294] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 799.522077][T12294] Cannot create hsr debugfs directory [ 799.634238][ T5181] Bluetooth: hci5: command tx timeout [ 799.676224][T12516] netlink: 'syz.2.2101': attribute type 16 has an invalid length. [ 799.744971][T12327] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 799.774154][T12327] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 799.853995][T12327] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 801.713943][ T5181] Bluetooth: hci5: command tx timeout [ 802.219945][T12327] hsr_slave_0: entered promiscuous mode [ 802.278262][ T5267] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 802.295124][T12327] hsr_slave_1: entered promiscuous mode [ 802.318518][ T5267] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 802.329430][ T5267] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 802.339041][ T5267] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 802.348442][ T5267] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 802.357333][ T5267] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 802.392620][T12327] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 802.402712][T12327] Cannot create hsr debugfs directory [ 803.932713][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.212580][ T29] audit: type=1326 audit(1720103012.935:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12562 comm="syz.4.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc77f575bd9 code=0x7fc00000 [ 804.514167][ T5181] Bluetooth: hci2: command tx timeout [ 804.520238][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 806.092608][ T29] audit: type=1326 audit(1720103014.815:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12562 comm="syz.4.2116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc77f575bd9 code=0x7fc00000 [ 806.579270][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 806.617359][ T5181] Bluetooth: hci2: command tx timeout [ 807.941949][ T11] bond0: (slave netdevsim0): Releasing backup interface [ 807.988315][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 808.673795][ T5181] Bluetooth: hci2: command tx timeout [ 808.934058][T12327] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 809.057059][T12459] chnl_net:caif_netlink_parms(): no params data found [ 809.302042][T12327] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 809.886390][T12622] loop4: detected capacity change from 0 to 256 [ 809.894440][T12622] exfat: Deprecated parameter 'namecase' [ 809.900158][T12622] exfat: Deprecated parameter 'namecase' [ 810.016610][T12622] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 810.151748][T12327] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 810.755447][ T5181] Bluetooth: hci2: command tx timeout [ 812.212988][T12628] fuse: Bad value for 'fd' [ 812.353391][T12327] bond0: (slave netdevsim0): Releasing backup interface [ 812.389905][T12327] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 812.843719][T12459] bridge0: port 1(bridge_slave_0) entered blocking state [ 812.873515][T12459] bridge0: port 1(bridge_slave_0) entered disabled state [ 812.880884][T12459] bridge_slave_0: entered allmulticast mode [ 812.929091][T12459] bridge_slave_0: entered promiscuous mode [ 812.959052][T12459] bridge0: port 2(bridge_slave_1) entered blocking state [ 812.976681][T12459] bridge0: port 2(bridge_slave_1) entered disabled state [ 812.993561][T12459] bridge_slave_1: entered allmulticast mode [ 813.014374][T12459] bridge_slave_1: entered promiscuous mode [ 813.218796][T12547] chnl_net:caif_netlink_parms(): no params data found [ 813.390689][ T11] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 813.561399][T12459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 813.802563][T12660] syz.4.2135 (12660): attempted to duplicate a private mapping with mremap. This is not supported. [ 813.839963][T12660] loop4: detected capacity change from 0 to 128 [ 813.864282][T12660] udf: Unknown parameter '"' [ 813.888954][ T11] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 813.950814][T12658] loop4: detected capacity change from 0 to 512 [ 813.987692][T12658] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 813.988103][T12459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 814.023976][T12658] EXT4-fs (loop4): 1 truncate cleaned up [ 814.032042][T12658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 814.370626][ T11] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 814.677820][T12459] team0: Port device team_slave_0 added [ 814.744206][T12660] loop4: detected capacity change from 512 to 407 [ 814.787269][T12327] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 815.019597][T10867] EXT4-fs error (device loop4): htree_dirblock_to_tree:1108: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 815.114649][T10867] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 815.184311][T10867] ------------[ cut here ]------------ [ 815.194521][T10867] ida_free called for id=8192 which is not allocated. [ 815.207978][T10867] WARNING: CPU: 0 PID: 10867 at lib/idr.c:525 ida_free+0x1fb/0x2f0 [ 815.216097][T10867] Modules linked in: [ 815.220022][T10867] CPU: 0 PID: 10867 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 815.231225][T10867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 815.241664][T10867] RIP: 0010:ida_free+0x1fb/0x2f0 [ 815.247170][T10867] Code: bc f6 41 83 fe 3e 76 73 e8 12 34 bc f6 48 8b 7c 24 28 4c 89 ee e8 95 0a 19 00 90 48 c7 c7 c0 60 81 8c 89 ee e8 66 4f 7e f6 90 <0f> 0b 90 90 e8 ec 33 bc f6 48 b8 00 00 00 00 00 fc ff df 48 01 c3 [ 815.266938][T10867] RSP: 0018:ffffc900099c7a40 EFLAGS: 00010282 [ 815.273059][T10867] RAX: 0000000000000000 RBX: 1ffff92001338f49 RCX: ffffffff81514a39 [ 815.282051][T10867] RDX: ffff888029dc8000 RSI: ffffffff81514a46 RDI: 0000000000000001 [ 815.291858][T10867] RBP: 0000000000002000 R08: 0000000000000001 R09: 0000000000000000 [ 815.302237][T10867] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000000 [ 815.310454][T10867] R13: 0000000000000293 R14: 0000000000000000 R15: 0000000000000000 [ 815.318678][T10867] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 815.327696][T10867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 815.335317][T10867] CR2: 00007fffdcadcfd8 CR3: 0000000059798000 CR4: 0000000000350ef0 [ 815.343420][T10867] Call Trace: [ 815.346731][T10867] [ 815.349693][T10867] ? show_regs+0x8c/0xa0 [ 815.354081][T10867] ? __warn+0xe5/0x3c0 [ 815.359624][T10867] ? ida_free+0x1fb/0x2f0 [ 815.364167][T10867] ? report_bug+0x3c0/0x580 [ 815.368737][T10867] ? handle_bug+0x3d/0x70 [ 815.373132][T10867] ? exc_invalid_op+0x17/0x50 [ 815.377947][T10867] ? asm_exc_invalid_op+0x1a/0x20 [ 815.383055][T10867] ? __warn_printk+0x199/0x350 [ 815.387946][T10867] ? __warn_printk+0x1a6/0x350 [ 815.394607][T10867] ? ida_free+0x1fb/0x2f0 [ 815.399009][T10867] ? __pfx_ida_free+0x10/0x10 [ 815.405432][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.411146][T10867] hci_conn_del+0x768/0xdb0 [ 815.415764][T10867] hci_conn_hash_flush+0x18f/0x260 [ 815.420949][T10867] hci_dev_close_sync+0x591/0x1100 [ 815.426196][T10867] ? __pfx_hci_dev_close_sync+0x10/0x10 [ 815.431807][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.437548][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.443297][T10867] ? up_write+0x1b2/0x520 [ 815.447693][T10867] hci_dev_do_close+0x2e/0x90 [ 815.452429][T10867] hci_unregister_dev+0x1e3/0x5f0 [ 815.457570][T10867] ? __pfx_vhci_release+0x10/0x10 [ 815.462668][T10867] vhci_release+0x7f/0x100 [ 815.467323][T10867] __fput+0x40b/0xbb0 [ 815.471384][T10867] task_work_run+0x151/0x250 [ 815.476414][T10867] ? __pfx_task_work_run+0x10/0x10 [ 815.481613][T10867] do_exit+0xa9b/0x2ba0 [ 815.485917][T10867] ? do_group_exit+0x1c3/0x2a0 [ 815.490733][T10867] ? __pfx_lock_release+0x10/0x10 [ 815.497710][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.504836][T10867] ? do_raw_spin_lock+0x12d/0x2c0 [ 815.509924][T10867] ? __pfx_do_exit+0x10/0x10 [ 815.514601][T10867] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 815.520057][T10867] do_group_exit+0xd3/0x2a0 [ 815.524696][T10867] __x64_sys_exit_group+0x3e/0x50 [ 815.529774][T10867] do_syscall_64+0xcd/0x250 [ 815.534398][T10867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.541207][T10867] RIP: 0033:0x7fc77f575bd9 [ 815.545765][T10867] Code: Unable to access opcode bytes at 0x7fc77f575baf. [ 815.552844][T10867] RSP: 002b:00007fffdcadf658 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 815.561772][T10867] RAX: ffffffffffffffda RBX: 00007fc77f5e3587 RCX: 00007fc77f575bd9 [ 815.570093][T10867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 815.578155][T10867] RBP: 0000000000000010 R08: 00007fffdcadd3f6 R09: 00007fffdcae0910 [ 815.586252][T10867] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffdcae0910 [ 815.596175][T10867] R13: 00007fc77f5e3515 R14: 00005555730554a8 R15: 000000000000003c [ 815.605683][T10867] [ 815.608733][T10867] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 815.616031][T10867] CPU: 0 PID: 10867 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 815.626396][T10867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 815.636479][T10867] Call Trace: [ 815.639775][T10867] [ 815.642725][T10867] dump_stack_lvl+0x3d/0x1f0 [ 815.647364][T10867] panic+0x6f5/0x7a0 [ 815.651302][T10867] ? __pfx_panic+0x10/0x10 [ 815.655757][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.661428][T10867] ? show_trace_log_lvl+0x363/0x500 [ 815.666798][T10867] ? check_panic_on_warn+0x1f/0xb0 [ 815.671956][T10867] ? ida_free+0x1fb/0x2f0 [ 815.676329][T10867] check_panic_on_warn+0xab/0xb0 [ 815.681310][T10867] __warn+0xf1/0x3c0 [ 815.685245][T10867] ? ida_free+0x1fb/0x2f0 [ 815.689618][T10867] report_bug+0x3c0/0x580 [ 815.694003][T10867] handle_bug+0x3d/0x70 [ 815.698217][T10867] exc_invalid_op+0x17/0x50 [ 815.702780][T10867] asm_exc_invalid_op+0x1a/0x20 [ 815.707692][T10867] RIP: 0010:ida_free+0x1fb/0x2f0 [ 815.712669][T10867] Code: bc f6 41 83 fe 3e 76 73 e8 12 34 bc f6 48 8b 7c 24 28 4c 89 ee e8 95 0a 19 00 90 48 c7 c7 c0 60 81 8c 89 ee e8 66 4f 7e f6 90 <0f> 0b 90 90 e8 ec 33 bc f6 48 b8 00 00 00 00 00 fc ff df 48 01 c3 [ 815.732316][T10867] RSP: 0018:ffffc900099c7a40 EFLAGS: 00010282 [ 815.738413][T10867] RAX: 0000000000000000 RBX: 1ffff92001338f49 RCX: ffffffff81514a39 [ 815.746405][T10867] RDX: ffff888029dc8000 RSI: ffffffff81514a46 RDI: 0000000000000001 [ 815.754399][T10867] RBP: 0000000000002000 R08: 0000000000000001 R09: 0000000000000000 [ 815.762386][T10867] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000000 [ 815.770376][T10867] R13: 0000000000000293 R14: 0000000000000000 R15: 0000000000000000 [ 815.778380][T10867] ? __warn_printk+0x199/0x350 [ 815.783184][T10867] ? __warn_printk+0x1a6/0x350 [ 815.787992][T10867] ? __pfx_ida_free+0x10/0x10 [ 815.792698][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.798389][T10867] hci_conn_del+0x768/0xdb0 [ 815.802971][T10867] hci_conn_hash_flush+0x18f/0x260 [ 815.808140][T10867] hci_dev_close_sync+0x591/0x1100 [ 815.813307][T10867] ? __pfx_hci_dev_close_sync+0x10/0x10 [ 815.818895][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.824562][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.830225][T10867] ? up_write+0x1b2/0x520 [ 815.834602][T10867] hci_dev_do_close+0x2e/0x90 [ 815.839326][T10867] hci_unregister_dev+0x1e3/0x5f0 [ 815.844397][T10867] ? __pfx_vhci_release+0x10/0x10 [ 815.849467][T10867] vhci_release+0x7f/0x100 [ 815.853929][T10867] __fput+0x40b/0xbb0 [ 815.857958][T10867] task_work_run+0x151/0x250 [ 815.862587][T10867] ? __pfx_task_work_run+0x10/0x10 [ 815.867753][T10867] do_exit+0xa9b/0x2ba0 [ 815.871943][T10867] ? do_group_exit+0x1c3/0x2a0 [ 815.876739][T10867] ? __pfx_lock_release+0x10/0x10 [ 815.881883][T10867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 815.887545][T10867] ? do_raw_spin_lock+0x12d/0x2c0 [ 815.892611][T10867] ? __pfx_do_exit+0x10/0x10 [ 815.897232][T10867] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 815.902668][T10867] do_group_exit+0xd3/0x2a0 [ 815.907216][T10867] __x64_sys_exit_group+0x3e/0x50 [ 815.912274][T10867] do_syscall_64+0xcd/0x250 [ 815.916826][T10867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.922773][T10867] RIP: 0033:0x7fc77f575bd9 [ 815.927207][T10867] Code: Unable to access opcode bytes at 0x7fc77f575baf. [ 815.934235][T10867] RSP: 002b:00007fffdcadf658 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 815.942677][T10867] RAX: ffffffffffffffda RBX: 00007fc77f5e3587 RCX: 00007fc77f575bd9 [ 815.950670][T10867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 815.958661][T10867] RBP: 0000000000000010 R08: 00007fffdcadd3f6 R09: 00007fffdcae0910 [ 815.966657][T10867] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffdcae0910 [ 815.974654][T10867] R13: 00007fc77f5e3515 R14: 00005555730554a8 R15: 000000000000003c [ 815.982671][T10867] [ 815.985803][T10867] Kernel Offset: disabled [ 815.990286][T10867] Rebooting in 86400 seconds..