last executing test programs: 2m42.375019465s ago: executing program 0 (id=2061): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) pipe2(&(0x7f0000000340), 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10) socket$key(0xf, 0x3, 0x2) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x20000023896) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_extract_tcp_res$synack(0x0, 0x1, 0x0) ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "7a58beca39ed2d5a99bbc4bff0ebd3e9bd5a8e"}) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) shutdown(r0, 0x2) 2m40.184384896s ago: executing program 0 (id=2063): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==") r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000780)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket(0x1e, 0x1, 0x0) connect$tipc(r5, &(0x7f0000000040)=@id, 0x10) recvmmsg(r5, &(0x7f0000001240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000d80)=""/157, 0x9d}], 0x1}}], 0x2, 0x0, 0x0) shutdown(r5, 0x2) r6 = syz_open_dev$vim2m(&(0x7f0000000040), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) close(r6) write$uinput_user_dev(r0, 0x0, 0x0) getdents(r0, 0x0, 0x0) 2m37.646808128s ago: executing program 0 (id=2077): socket$inet6(0xa, 0x2, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ed50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e81f782db44b9b545c7910006007c09e8fe55a10a0017", 0x1f}], 0x1}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xd6, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa0}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000210081044e81", 0xa}], 0x1}, 0x0) r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r4, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) sendto$netrom(r4, 0x0, 0xfffffffffffffead, 0x0, &(0x7f0000000240)={{0x6, @rose}, [@bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) recvfrom$x25(r3, 0x0, 0x0, 0x101, 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x33fe0) 2m36.112058826s ago: executing program 0 (id=2071): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f000000c140), r0) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYBLOB="0100000000000000000001000000080001"], 0x6c}}, 0x0) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103"], 0x34}}, 0x0) recvmsg(r2, &(0x7f0000001680)={0x0, 0x0, 0x0}, 0x10002) 2m35.326587229s ago: executing program 0 (id=2074): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000200), 0x84, 0x46c, &(0x7f0000000900)="$eJzs289vFFUcAPDvzLYgv2xF/MEPtYrGxh8tLagcvGg04WJiogc81lIIUqihNRFCbDWGq+EvUI8m/gWe9GLUk8Yr3o0JMVxED2bM7M7A0m7L/uh2i/v5JNO+N/N23vvOzNt9M283gL41kv9JInZGxNWIGKplby8wUvt34/ql6b+vX5pOIsve+jOplvvr+qXpsmj5uh1FZjSNSD9NYn+DeucvXDwzNTs7c77Ijy+cfX98/sLF50+fnTo1c2rm3OTRo0cOT7z04uQLzYQxeKcCu/K27vto7sDeY+9ceWP6+JV3f/w6b+/OYnt9HDXDzdS7ppEYuf1Y1nmq471vLrvq0slADxtCSyoRMVB0oKsxFJW4dfKG4vVPeto4oKuyLMu2rlhbKRNL2U2LGfB/k0SvWwD0RvlBn9//lkts28ABSI9de6V2A5THfaNYalsGIi3KDC67v11PIxFxfOmfz/MlGj6HAABYX9/m45/nlo3/qtJ4sK7cvcXc0HBE3BcRuyPi/ojYExEPRFTLPhQRD7dY/8iy/Mrxzy9dHY3m47+Xi7mt28d/5egvhitFblc1/sHk5OnZmUPFMRmNwa15fmKNOr577dfPqokGs1T14798yesvx4JFO/4YWPaA7sTUwlSncZeufRyxb6BR/MnNmYAkIvZGxL429p8fs9PPfHVgte13jn8N6zDPlH0Z8XTt/C/FsvhLydrzk+P3xOzMofHyqljpp58vv7la/R3Fvw7y87+94fV/M/7hpH6+dr71Oi7/lq16T9Pu9b8lebua3lKs+3BqYeH8RMSWZGnl+slbry3zZfk8/tGDjfv/7oh/vyhetz8i8ov4kYh4NCIeK9r+eEQ8EREH14j/h1effK/9+Lsrj/9ES+d/jUQaDTdVznz/zWr1N3f+j1RTo8WaZt7/7tDSDq5mAAAAuPvUvgOfpGPFM86dkaZjY7Xv8O+J7ens3PzCsyfnPjh3ovZd+eEYTMsnXUN1z0MnimfDZX5yWf5w9blxlmXZtmp+bHputltz6kBzdqzS/3O/V3rdOqDrWppHW+0XbcBdye81oX/p/9C/GvT/a71oB7Cxtvn8h77WqP8vRtzoQVOADebzH/qX/g/9S/+H/qX/Q19q6kfybSR2H+vWnjdRIlusHcSO9lPpdRRtJiLdFM1oL5FujmbUElsjotnCi51dbC0kev3OBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsD7+CwAA//+VhOcD") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18003800"/24], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x5c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x4000010) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, 0x0, 0x15) dup(r2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235ca57eaa9a40b76b8fc81ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115f13889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694e9417d68694f17ba5e27ea1cec518b93fadcfe0deb70ae9be3273ff73c34f5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6eb3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436282c91f5d0fc4ec525933381e84d625b41c71de6befdceb5f929ae199c2a1220413e97b41209c6a626d304f8849c4799fd28bb65c9282b8da7188b389518d46b46e0db497b51fe6d22fe6750bee32e9788dbcd079a322897fc005953066abc60356984918a586213"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="020a010002000000fdffffff000000002d9e82ef3fcd145cd65b66b3c5da594fad953794a96748e0e7d0ee0090b3bb29f9f493079908debd4c3159bc9800a94a4662638eb315d48d874f0573d625d42c34c06e79f009a16814028a8a89ec9c189e4e6e2b2b233ab90617ee217fa1609eefbda6f2cf4b26849f23f4a1e431a60f753b53e615ae2160d76bf42c172ac9c5240b89b8dafb81f4b470bacd2e976de1b8f1c41cb70dfc2864ef260b483a9be2ac8336f66f"], 0x10}}, 0x0) execve(&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000082000005c578e2c7080bc", @ANYRES32, @ANYBLOB="d40e00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r8}, 0x4) 2m29.562938567s ago: executing program 0 (id=2093): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$key(0xffffffffffffffff, 0x0, 0x10000) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) sched_setscheduler(0x0, 0x3, &(0x7f00000008c0)=0x3ff) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) close(r0) prlimit64(r2, 0x0, &(0x7f0000000180)={0x4, 0x8}, &(0x7f00000001c0)) 2m14.036755572s ago: executing program 32 (id=2093): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$key(0xffffffffffffffff, 0x0, 0x10000) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) sched_setscheduler(0x0, 0x3, &(0x7f00000008c0)=0x3ff) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) close(r0) prlimit64(r2, 0x0, &(0x7f0000000180)={0x4, 0x8}, &(0x7f00000001c0)) 20.632858311s ago: executing program 4 (id=2358): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0xffffffffffffff53, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) open(0x0, 0x101bff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x200000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r6 = add_key$keyring(&(0x7f0000000240), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f0000000280)='0', 0x1, r6) 19.490680896s ago: executing program 4 (id=2361): socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f00000000c0), 0x200, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r4, &(0x7f0000000040)=0x1c8, 0x12) r5 = openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x2800, 0x101, 0x28}, 0x18) clock_gettime(0x0, &(0x7f00000000c0)) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r5, 0xc038943b, &(0x7f0000000180)={0xf190, 0x28, '\x00', 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0]}) io_setup(0x8, &(0x7f00000006c0)=0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) io_submit(r6, 0x1, &(0x7f0000000bc0)=[&(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0}]) io_pgetevents(r6, 0x0, 0x5, 0x0, 0x0, 0x0) 17.075430668s ago: executing program 4 (id=2364): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, 0x0}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket(0x2, 0x2, 0x1) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)=ANY=[@ANYBLOB="38000000020201040000000000000000020000052400028014000180080001000a0101"], 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x40804) ioprio_set$uid(0x3, 0x0, 0x0) 15.742082504s ago: executing program 2 (id=2368): socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa10000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r4}, 0x18) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="b70000000000000007000000000000009500e200000000001e5286574356940658273ad1326fc65be4b1037a74cfb5af100fc4e94d123d9b22a7561b8850821bc1f8b5b0a3e3b79b0d96ab7cc60e0e144f0f04bfffe68fe46421a161eedd1a5cee316f68f7617859f06c8efd5da6abe446649c322209b1af93c6c999058168ad0a70992124d19c7c9cc22ff9a6b1a058039ab938480e8697f8715bcb18e1fd0773909464a783148e0e7b604a6c47b33c43a3ffff92ec8bbde1af40f29cfcf0836a70a2f6b1192ab8f24ca363492393e1c2a3b190180caafbf8cfca720074bdcc7cbd978efd8404a1c700000000d97899514e64e36cad5eba82010b2d149ac02e5f07000000000000000000000000000000000000000000009d5df0e0dbb9821d9c5402474d5866ce5eb60188d83ac741b45aeacac594cf09de9b460f48b96ae8a0eead478e46c8ca3e4c5d2b3cb4ad48c830e8003c45f5b2dcbf36b7e8be59ca4b46266cf75bea8a22ab71895d954dc6d28864144c73391770690a9301cde97565d509effc252599b26555355d7955f551df82ea475a711ec56d00000000a89c7533c9955fd6"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ppoll(&(0x7f00000001c0)=[{}, {r6, 0x7cdc}, {r5, 0x200}], 0x2, 0x0, 0x0, 0x37) setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x18) syz_emit_ethernet(0x1a, &(0x7f0000000740)=ANY=[@ANYBLOB="ffffffffffff00000000000081000000000000000095b02b00e045cc020000040000000022ac35507682f08ac883060655631175059e38cad2dffa06910b250eb018d2c8053e9a208f9ff6bd66094129ae0cf62c6f7e5090bbff99bbf6a977c664fced1bec01918e5ae133fc220d064b7413653bd1980429b39d0f4de97fa3cc5398a121256602bab7ebeaf83149120214fb01c4e93020344cbabca8d2135ffbd1746d2d16b29487f61036e501800b5c60412eb6c06e47a4cd4d43e9a864f2c4bb4f38f32c1fa97697060812da"], 0x0) r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r7, 0x40186f40, 0x20000502) r8 = dup(r0) write$UHID_INPUT(r8, &(0x7f0000001040)={0xc, {"a2f70e06d038e7ff7fc6e5539b5b43078b089b3b32376d090890e0878f0e1ac6e7049b3371959b719a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f9a9cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f317cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4dd0c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc15df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bf3e3c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 14.281675091s ago: executing program 2 (id=2371): socket$inet6_tcp(0xa, 0x1, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$key(0xffffffffffffffff, 0x0, 0x10000) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f00000006c0)={0x4, 0x1, 0x0, &(0x7f00000004c0)=""/178, &(0x7f0000000580)=""/190, 0x1}) prlimit64(r1, 0x0, &(0x7f0000000180)={0x4, 0x8}, &(0x7f00000001c0)) 12.612988909s ago: executing program 5 (id=2374): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x80000000, 0x8000000002}) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) 12.45993273s ago: executing program 2 (id=2375): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101b01) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, &(0x7f0000000000)={0x3f}) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012000e000500140f0a00070000100f01"], 0x17) 10.50606566s ago: executing program 1 (id=2380): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = socket$pppl2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = open(&(0x7f0000000040)='./file0\x00', 0x42082, 0x0) setsockopt$inet6_int(r4, 0x29, 0x42, &(0x7f0000000340)=0x1, 0x4) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000c63289eec99cc0c210210eb176ffcb365d1a98c5a287642d6daa6177323b1a0458b5aba33bef60cb0335210874efe02c05b2aedfca25fa959c05c7ce3926e0312ab507c611b372fea4bc709a2348137c7655bf811a"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) r7 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000040)={'gre0\x00', &(0x7f0000000200)={'syztnl2\x00', 0x0, 0x0, 0x8, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x4, 0x14, 0x65, 0x0, 0x0, 0x2f, 0x0, @remote, @remote}}}}) r8 = syz_open_dev$usbfs(&(0x7f00000000c0), 0xfffffffffffffffe, 0x204001) ioctl$USBDEVFS_RELEASEINTERFACE(r8, 0x80045510, &(0x7f0000000100)=0x3) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3eydhyg2FjYWHniit9ndqFxzxQmWgnCKWgZvPU73LpKskAQEg42NpYVga2NpYWFl4V9gq4UKgoUp7YSR+djdyWYT4gdG9P3BzT7z9c68L9yzsAFBEP8tHz98ff/w3NqlUwD2YxkLZvyzo5/i4Oj6d4/vnHy0fv7J87dPX+8duPuyHI/JPWL28z0ArzYcpGCuOXFk93IRNtO4DI4TRl8Bg6/lN6HQnRgM18yam5Zu7TMiif3rrWTrxk4SB7IJZRPJpmGfLy81HDBsAVhUtxOCWfOdXv9WM0nidlnURHbO2NSPimn1U/fb4FhHVj0hOICrD+4PZN/UBgF4Xr8QHKHRDTBsGr2GBfi+X5TEyv+IW8R3Zsl/vuKZEodW/9Sh4Locf0Pu/7Co/ZY4rDwi/6HzkcPDzAPtNZ/mnvvPC2VcAMam3iwlyYVfiOxVFCoXhT9JZz9u+ZMLN/ePerp7u97p9Vd3dpvb8Xa8F0WNs8HpIDgT1ZUR6XaK/y0qf1qy4tcmrPWYh24zTdthF0jbYd6PdGs57uaL1he1hyv/41g5pmMw887KX5QlmPnj6inVilO98t7EnAiCIAiCIAiCIAiCIAiCIKo5Cgb9S5hg5oNoFdFF9YXyewAAAP//L0Rm/Q==") bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r9, &(0x7f0000000000)=0x700, 0x12) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) 9.407454235s ago: executing program 5 (id=2381): prlimit64(0x0, 0xe, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES64], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0x94c, 0x4) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) syz_open_dev$tty1(0xc, 0x4, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 9.407141195s ago: executing program 2 (id=2382): socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r4}, 0x18) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="b70000000000000007000000000000009500e200000000001e5286574356940658273ad1326fc65be4b1037a74cfb5af100fc4e94d123d9b22a7561b8850821bc1f8b5b0a3e3b79b0d96ab7cc60e0e144f0f04bfffe68fe46421a161eedd1a5cee316f68f7617859f06c8efd5da6abe446649c322209b1af93c6c999058168ad0a70992124d19c7c9cc22ff9a6b1a058039ab938480e8697f8715bcb18e1fd0773909464a783148e0e7b604a6c47b33c43a3ffff92ec8bbde1af40f29cfcf0836a70a2f6b1192ab8f24ca363492393e1c2a3b190180caafbf8cfca720074bdcc7cbd978efd8404a1c700000000d97899514e64e36cad5eba82010b2d149ac02e5f07000000000000000000000000000000000000000000009d5df0e0dbb9821d9c5402474d5866ce5eb60188d83ac741b45aeacac594cf09de9b460f48b96ae8a0eead478e46c8ca3e4c5d2b3cb4ad48c830e8003c45f5b2dcbf36b7e8be59ca4b46266cf75bea8a22ab71895d954dc6d28864144c73391770690a9301cde97565d509effc252599b26555355d7955f551df82ea475a711ec56d00000000a89c7533c9955fd6"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ppoll(&(0x7f00000001c0)=[{}, {r6, 0x7cdc}, {r5, 0x200}], 0x2, 0x0, 0x0, 0x37) setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x18) syz_emit_ethernet(0x1a, &(0x7f0000000740)=ANY=[@ANYBLOB="ffffffffffff00000000000081000000000000000095b02b00e045cc020000040000000022ac35507682f08ac883060655631175059e38cad2dffa06910b250eb018d2c8053e9a208f9ff6bd66094129ae0cf62c6f7e5090bbff99bbf6a977c664fced1bec01918e5ae133fc220d064b7413653bd1980429b39d0f4de97fa3cc5398a121256602bab7ebeaf83149120214fb01c4e93020344cbabca8d2135ffbd1746d2d16b29487f61036e501800b5c60412eb6c06e47a4cd4d43e9a864f2c4bb4f38f32c1fa97697060812da"], 0x0) r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r7, 0x40186f40, 0x20000502) r8 = dup(r0) write$UHID_INPUT(r8, &(0x7f0000001040)={0xc, {"a2f70e06d038e7ff7fc6e5539b5b43078b089b3b32376d090890e0878f0e1ac6e7049b3371959b719a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f9a9cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f317cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4dd0c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc15df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bf3e3c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 9.375588015s ago: executing program 4 (id=2384): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000780)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$tipc(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001240)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000d80)=""/157, 0x9d}], 0x1}}], 0x2, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x2) r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) close(r4) write$uinput_user_dev(r0, 0x0, 0x0) getdents(r0, 0x0, 0x0) 9.375012375s ago: executing program 1 (id=2385): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0xffffffffffffff53, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) open(0x0, 0x101bff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x200000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r6 = add_key$keyring(&(0x7f0000000240), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f0000000280)='0', 0x1, r6) 8.27956418s ago: executing program 4 (id=2387): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b'], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) gettid() syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r3, 0x0, 0x0, 0x40408c3, &(0x7f0000001180)={0x2, 0x0, @remote}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000001800010000000000fffff000020000000017fe010000000008001e00"], 0x24}}, 0x0) utimes(&(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) 5.951732511s ago: executing program 5 (id=2390): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="03"], 0x14}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f000000c140), r0) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x6c}}, 0x0) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103"], 0x34}}, 0x0) recvmsg(r2, &(0x7f0000001680)={0x0, 0x0, 0x0}, 0x10002) 4.914934016s ago: executing program 5 (id=2391): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x80000000, 0x8000000002}) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) 4.913390536s ago: executing program 1 (id=2392): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101b01) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, &(0x7f0000000000)={0x3f}) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012000e000500140f0a00070000100f01"], 0x17) 4.683835648s ago: executing program 3 (id=2393): syz_open_dev$dri(0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0) sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f0000002fc0)=ANY=[], 0x2b08}}, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000380)=@ccm_128={{0x304}, "1bb59684423031d5", "b518ec45e428570213debdfea23df4fe", "bafe5ad9", "ab31d35bed3ad4c4"}, 0x28) recvmmsg(r0, &(0x7f0000001040)=[{{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)=""/106, 0x6a}], 0x1}, 0x4}], 0x2, 0x40000002, 0x0) 4.557400668s ago: executing program 2 (id=2394): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000008000000080000000800000005"], 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40000001, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x10000000}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r4}, 0x18) socket$inet6_tcp(0xa, 0x1, 0x0) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073113a00000000008510000002000000070000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xb8, &(0x7f000000cf3d)=""/184, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r6, 0x400455c8, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000002000/0x1000)=nil) ioctl$sock_bt_hci(r5, 0x400448ca, 0x0) syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="008ca76d1e"], 0x1, 0x2de, &(0x7f00000003c0)="$eJzs3bGLI1UcB/Df7a6erNwlhQgK4kMbbYZNaosLsguHAUUvggrCnDvRkEmyZEIgh7h2tv4TFieWgoUg/gPb+DfYbbPlFYeRuzlzG1kr9QK3n0/zvvDLN7zHg2G6OX3r29GwX2X9fBZbN67Ezo2IrXtXohlbsR21r+PN7346e+WDjz5+p9Pt7r+f0kHnVqudUrr+6i+ffPnDa7/Onv/wx+s/X42T5qenZ+3fT148een0j1tfDKo0qNJ4Mkt5uj2ZzPLbZZEOB9UwS+m9ssirIg3GVTFdm/fLydHRIuXjw2u7R9OiqlI+XqRhsUizSZpNFyn/PB+MU5Zl6dpu8G/0vr+3XMbZsrbp3fDkuf/Lzf1fbu7/cjv3UvdcxOibeW/eq9d63unHIMooYi8acT9iuVLng5vd/b30UDPujo4f9Y/nve31fisa0by436r7ab3/TOye77ejES9c3G9f2H823nj9XD+LRvz2WUyijMN40H3c/6qV0tvvdv/Wv/rwdwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADydsrTSjLuj43lv3ot4sG7X8+yf5nW/049BlFHEXjTifsRypc4HN7v7e4/+YL2/Ey/vbPbsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCXanFnmJdlMRUEQViFTT+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ml7/NHvTe8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACATaoWd4Z5WRbT/zFs+owAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwX/kzAAD//3/b5DI=") creat(&(0x7f0000000380)='./bus\x00', 0x0) 3.465107174s ago: executing program 3 (id=2395): bpf$ENABLE_STATS(0x20, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000980)=ANY=[@ANYBLOB="b001"], 0x1b0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0xc5, &(0x7f00000002c0)=ANY=[]) 3.195693945s ago: executing program 1 (id=2396): socket$inet6(0xa, 0x2, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ed50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e81f782db44b9b545c7910006007c09e8fe55a10a0017", 0x1f}], 0x1}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xd6, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa0}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r5, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) sendto$netrom(r5, 0x0, 0xfffffffffffffead, 0x0, &(0x7f0000000240)={{0x6, @rose}, [@bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) recvfrom$x25(r4, 0x0, 0x0, 0x101, 0x0, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x33fe0) 3.178374605s ago: executing program 5 (id=2397): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f000000c140), r0) syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000001000000080001"], 0x6c}}, 0x0) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[], 0x34}}, 0x0) recvmsg(r1, &(0x7f0000001680)={0x0, 0x0, 0x0}, 0x10002) 3.166628065s ago: executing program 3 (id=2398): sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x35, 0x0, 0x0) 3.075598795s ago: executing program 4 (id=2399): ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, 0x0) openat$rfkill(0xffffffffffffff9c, 0x0, 0xc2200, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r3, 0x0, 0x20000000}, 0x20) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004d00)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000140a010300000000000000000200000008000340000000000900010073797a30000000000c000640"], 0x5c}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) 2.367997798s ago: executing program 3 (id=2400): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885, 0x80}, &(0x7f0000000380)=0x0, &(0x7f00000003c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x54, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x1800, 0x1}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 2.14036836s ago: executing program 1 (id=2401): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = socket$pppl2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = open(&(0x7f0000000040)='./file0\x00', 0x42082, 0x0) write$FUSE_IOCTL(r4, &(0x7f0000000100)={0x20}, 0xfdef) setsockopt$inet6_int(r4, 0x29, 0x42, &(0x7f0000000340)=0x1, 0x4) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000c63289eec99cc0c210210eb176ffcb365d1a98c5a287642d6daa6177323b1a0458b5aba33bef60cb0335210874efe02c05b2aedfca25fa959c05c7ce3926e0312ab507c611b372fea4bc709a2348137c7655bf811a"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) r7 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000040)={'gre0\x00', &(0x7f0000000200)={'syztnl2\x00', 0x0, 0x0, 0x8, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x4, 0x14, 0x65, 0x0, 0x0, 0x2f, 0x0, @remote, @remote}}}}) r8 = syz_open_dev$usbfs(&(0x7f00000000c0), 0xfffffffffffffffe, 0x204001) ioctl$USBDEVFS_RELEASEINTERFACE(r8, 0x80045510, &(0x7f0000000100)=0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r10, &(0x7f0000000000)=0x700, 0x12) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) 772.935436ms ago: executing program 3 (id=2402): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="03"], 0x14}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f000000c140), r0) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), r0) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x6c}}, 0x0) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103"], 0x34}}, 0x0) recvmsg(r2, &(0x7f0000001680)={0x0, 0x0, 0x0}, 0x10002) 250.806939ms ago: executing program 2 (id=2403): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x200000000000008e, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socket$packet(0x11, 0x3, 0x300) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14001}, 0x800) connect$inet(0xffffffffffffffff, 0x0, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f00000004c0), 0x101000, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x6080, 0x0) io_setup(0x1, &(0x7f0000000040)=0x0) io_submit(r4, 0x2, &(0x7f00000001c0)=[&(0x7f0000000200)={0x0, 0x0, 0x2, 0x0, 0x0, r3, &(0x7f0000000000)='%', 0x1}, 0x0]) 248.230679ms ago: executing program 5 (id=2404): socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r4}, 0x18) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="b70000000000000007000000000000009500e200000000001e5286574356940658273ad1326fc65be4b1037a74cfb5af100fc4e94d123d9b22a7561b8850821bc1f8b5b0a3e3b79b0d96ab7cc60e0e144f0f04bfffe68fe46421a161eedd1a5cee316f68f7617859f06c8efd5da6abe446649c322209b1af93c6c999058168ad0a70992124d19c7c9cc22ff9a6b1a058039ab938480e8697f8715bcb18e1fd0773909464a783148e0e7b604a6c47b33c43a3ffff92ec8bbde1af40f29cfcf0836a70a2f6b1192ab8f24ca363492393e1c2a3b190180caafbf8cfca720074bdcc7cbd978efd8404a1c700000000d97899514e64e36cad5eba82010b2d149ac02e5f07000000000000000000000000000000000000000000009d5df0e0dbb9821d9c5402474d5866ce5eb60188d83ac741b45aeacac594cf09de9b460f48b96ae8a0eead478e46c8ca3e4c5d2b3cb4ad48c830e8003c45f5b2dcbf36b7e8be59ca4b46266cf75bea8a22ab71895d954dc6d28864144c73391770690a9301cde97565d509effc252599b26555355d7955f551df82ea475a711ec56d00000000a89c7533c9955fd6"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ppoll(&(0x7f00000001c0)=[{}, {r6, 0x7cdc}, {r5, 0x200}], 0x2, 0x0, 0x0, 0x37) setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x18) syz_emit_ethernet(0x1a, &(0x7f0000000740)=ANY=[@ANYBLOB="ffffffffffff00000000000081000000000000000095b02b00e045cc020000040000000022ac35507682f08ac883060655631175059e38cad2dffa06910b250eb018d2c8053e9a208f9ff6bd66094129ae0cf62c6f7e5090bbff99bbf6a977c664fced1bec01918e5ae133fc220d064b7413653bd1980429b39d0f4de97fa3cc5398a121256602bab7ebeaf83149120214fb01c4e93020344cbabca8d2135ffbd1746d2d16b29487f61036e501800b5c60412eb6c06e47a4cd4d43e9a864f2c4bb4f38f32c1fa97697060812da"], 0x0) r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r7, 0x40186f40, 0x20000502) r8 = dup(r0) write$UHID_INPUT(r8, &(0x7f0000001040)={0xc, {"a2f70e06d038e7ff7fc6e5539b5b43078b089b3b32376d090890e0878f0e1ac6e7049b3371959b719a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f9a9cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f317cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4dd0c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc15df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bf3e3c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 48.96438ms ago: executing program 1 (id=2405): syz_open_dev$dri(0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0) sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f0000002fc0)=ANY=[], 0x2b08}}, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000380)=@ccm_128={{0x304}, "1bb59684423031d5", "b518ec45e428570213debdfea23df4fe", "bafe5ad9", "ab31d35bed3ad4c4"}, 0x28) recvmmsg(r0, &(0x7f0000001040)=[{{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)=""/106, 0x6a}], 0x1}, 0x4}], 0x2, 0x40000002, 0x0) 0s ago: executing program 3 (id=2406): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101b01) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, &(0x7f0000000000)={0x3f}) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012000e000500140f0a00070000100f01"], 0x17) kernel console output (not intermixed with test programs): ode: writeback. [ 342.197640][ T7613] EXT4-fs (loop1): shut down requested (1) [ 342.363103][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 342.562252][ T7623] loop4: detected capacity change from 0 to 512 [ 342.582326][ T7623] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 342.598506][ T7623] EXT4-fs (loop4): invalid journal inode [ 342.606752][ T7623] EXT4-fs (loop4): can't get journal size [ 342.661251][ T7625] ubi: mtd0 is already attached to ubi0 [ 343.157806][ T7623] EXT4-fs (loop4): 1 truncate cleaned up [ 343.958766][ T7623] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 344.253902][ T7634] sp0: Synchronizing with TNC [ 346.745858][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 346.854959][ T7649] loop3: detected capacity change from 0 to 128 [ 346.921150][ T7649] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 346.961022][ T7649] ext4 filesystem being mounted at /162/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 347.592030][ T7667] loop0: detected capacity change from 0 to 4096 [ 347.659046][ T7667] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 347.825685][ T7667] EXT4-fs (loop0): shut down requested (1) [ 347.962954][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 348.908740][ T7680] ubi: mtd0 is already attached to ubi0 [ 349.706530][ T7684] loop1: detected capacity change from 0 to 512 [ 349.867205][ T7684] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 349.906262][ T7684] EXT4-fs (loop1): invalid journal inode [ 349.914920][ T7684] EXT4-fs (loop1): can't get journal size [ 349.926466][ T7684] EXT4-fs (loop1): 1 truncate cleaned up [ 349.935756][ T7684] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 349.936590][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 350.374794][ T4269] Bluetooth: hci1: command 0x2016 tx timeout [ 351.978094][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 352.113147][ T7699] loop3: detected capacity change from 0 to 512 [ 352.163118][ T7700] sp0: Synchronizing with TNC [ 352.167252][ T7699] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 352.216479][ T7699] EXT4-fs (loop3): invalid journal inode [ 352.233204][ T7699] EXT4-fs (loop3): can't get journal size [ 352.256828][ T7701] loop2: detected capacity change from 0 to 4096 [ 352.259992][ T7699] EXT4-fs (loop3): 1 truncate cleaned up [ 352.285495][ T7699] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 352.300109][ T7701] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 352.342714][ T7701] EXT4-fs (loop2): shut down requested (1) [ 352.368363][ T7708] loop0: detected capacity change from 0 to 64 [ 352.454915][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 352.593316][ T7711] netlink: 72 bytes leftover after parsing attributes in process `syz.4.864'. [ 352.604243][ T7711] netlink: 12 bytes leftover after parsing attributes in process `syz.4.864'. [ 352.615067][ T7711] netlink: 16 bytes leftover after parsing attributes in process `syz.4.864'. [ 352.625485][ T7711] netlink: 16 bytes leftover after parsing attributes in process `syz.4.864'. [ 353.280868][ T7718] loop4: detected capacity change from 0 to 128 [ 353.290410][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 353.336098][ T4262] Bluetooth: hci5: sending frame failed (-49) [ 353.350926][ T4269] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 353.380436][ T7718] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 353.461875][ T7718] ext4 filesystem being mounted at /184/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 353.564562][ T7728] loop3: detected capacity change from 0 to 512 [ 353.579482][ T7728] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 353.584553][ T7724] loop1: detected capacity change from 0 to 4096 [ 353.594937][ T7724] EXT4-fs: Ignoring removed nobh option [ 353.938928][ T7728] EXT4-fs (loop3): invalid journal inode [ 353.963848][ T7724] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 354.066649][ T7728] EXT4-fs (loop3): can't get journal size [ 354.364900][ T7728] EXT4-fs (loop3): 1 truncate cleaned up [ 354.476127][ T7728] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 354.724026][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 355.169752][ T7742] loop0: detected capacity change from 0 to 64 [ 355.334126][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 355.547185][ T7754] loop1: detected capacity change from 0 to 512 [ 355.568209][ T7752] loop2: detected capacity change from 0 to 1024 [ 355.574780][ T7754] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 355.596064][ T7752] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 355.635326][ T7754] EXT4-fs (loop1): invalid journal inode [ 355.688499][ T7754] EXT4-fs (loop1): can't get journal size [ 355.730761][ T7754] EXT4-fs (loop1): 1 truncate cleaned up [ 355.751744][ T7754] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 355.917203][ T6607] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 356.002206][ T7760] loop3: detected capacity change from 0 to 1024 [ 356.044393][ T7760] EXT4-fs: Ignoring removed nomblk_io_submit option [ 356.322595][ T6607] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 356.323259][ T6607] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 356.323423][ T6607] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 356.460713][ T6607] usb 3-1: config 0 descriptor?? [ 356.474914][ T7760] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 356.474945][ T7760] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 356.550310][ T7760] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 356.603912][ T7760] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2739: inode #2: comm syz.3.882: corrupted in-inode xattr [ 356.611953][ T7760] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2809: Unable to expand inode 2. Delete some EAs or run e2fsck. [ 356.619444][ T7760] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2186: inode #2: comm syz.3.882: corrupted in-inode xattr [ 356.713433][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 356.769176][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 356.973813][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 357.098654][ T7775] loop4: detected capacity change from 0 to 512 [ 357.157539][ T7775] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 357.176751][ T7775] EXT4-fs (loop4): invalid journal inode [ 357.195241][ T7775] EXT4-fs (loop4): can't get journal size [ 357.204353][ T7775] EXT4-fs (loop4): 1 truncate cleaned up [ 357.214812][ T7775] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 357.610115][ T7786] ubi: mtd0 is already attached to ubi0 [ 358.805283][ T7255] usb 3-1: USB disconnect, device number 3 [ 358.875825][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 358.989488][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 359.151534][ T7799] loop3: detected capacity change from 0 to 512 [ 359.205528][ T7799] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 359.243025][ T7799] EXT4-fs (loop3): invalid journal inode [ 359.277112][ T7799] EXT4-fs (loop3): can't get journal size [ 359.373664][ T7799] EXT4-fs (loop3): 1 truncate cleaned up [ 359.375460][ T7810] loop2: detected capacity change from 0 to 128 [ 359.422329][ T7799] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 359.451297][ T7810] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 359.497129][ T7810] ext4 filesystem being mounted at /165/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 359.529042][ C0] vkms_vblank_simulate: vblank timer overrun [ 360.047393][ T7822] ubi: mtd0 is already attached to ubi0 [ 360.832565][ T7830] loop4: detected capacity change from 0 to 128 [ 361.090590][ T26] audit: type=1800 audit(1732856695.746:194): pid=7831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.904" name="bus" dev="loop4" ino=1048638 res=0 errno=0 [ 361.749158][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 362.037443][ T7839] loop3: detected capacity change from 0 to 512 [ 362.096500][ T7839] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 362.133705][ T7839] EXT4-fs (loop3): invalid journal inode [ 362.249741][ T7839] EXT4-fs (loop3): can't get journal size [ 362.335156][ T7839] EXT4-fs (loop3): 1 truncate cleaned up [ 362.351386][ T7839] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 362.535528][ T7848] loop1: detected capacity change from 0 to 1024 [ 363.218183][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 363.738059][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 363.820030][ T7860] loop3: detected capacity change from 0 to 256 [ 364.021529][ T7870] ubi: mtd0 is already attached to ubi0 [ 364.312167][ T7860] FAT-fs (loop3): Directory bread(block 64) failed [ 364.437142][ T7860] FAT-fs (loop3): Directory bread(block 65) failed [ 364.620329][ T7860] FAT-fs (loop3): Directory bread(block 66) failed [ 364.667229][ T7860] FAT-fs (loop3): Directory bread(block 67) failed [ 364.704905][ T7872] loop2: detected capacity change from 0 to 512 [ 364.729481][ T7860] FAT-fs (loop3): Directory bread(block 68) failed [ 364.736101][ T7860] FAT-fs (loop3): Directory bread(block 69) failed [ 364.757419][ T7860] FAT-fs (loop3): Directory bread(block 70) failed [ 364.781554][ T7872] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 364.808138][ T7860] FAT-fs (loop3): Directory bread(block 71) failed [ 364.814802][ T7860] FAT-fs (loop3): Directory bread(block 72) failed [ 364.833641][ T7860] FAT-fs (loop3): Directory bread(block 73) failed [ 364.840577][ T7872] EXT4-fs (loop2): invalid journal inode [ 364.846297][ T7872] EXT4-fs (loop2): can't get journal size [ 364.871094][ T7872] EXT4-fs (loop2): 1 truncate cleaned up [ 364.876782][ T7872] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 365.099878][ T7886] loop3: detected capacity change from 0 to 512 [ 365.108975][ T7886] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 365.118545][ T7886] EXT4-fs (loop3): invalid journal inode [ 365.134465][ T7886] EXT4-fs (loop3): can't get journal size [ 365.328171][ T7886] EXT4-fs (loop3): 1 truncate cleaned up [ 365.390196][ T7886] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 365.863619][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 366.531457][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 366.554964][ T7895] loop2: detected capacity change from 0 to 64 [ 366.624212][ T7884] loop1: detected capacity change from 0 to 32768 [ 366.678357][ T7897] loop3: detected capacity change from 0 to 8 [ 366.697131][ T7899] loop0: detected capacity change from 0 to 128 [ 366.716495][ T7884] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 366.745442][ T7884] lbmIODone: I/O error in JFS log [ 366.756891][ T7899] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 366.805782][ T7884] *** Log Format Error ! *** [ 366.827340][ T7884] lmLogInit: exit(-22) [ 366.831667][ T7884] lmLogOpen: exit(-22) [ 366.858542][ T7899] ext4 filesystem being mounted at /193/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 366.901565][ T7897] SQUASHFS error: Failed to read block 0x4de: -5 [ 366.942894][ T7897] SQUASHFS error: Failed to read block 0x4de: -5 [ 366.980044][ T26] audit: type=1800 audit(1732856701.636:195): pid=7897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.925" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 367.101374][ T7893] loop4: detected capacity change from 0 to 40427 [ 367.141813][ T7884] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.177209][ T7884] lbmIODone: I/O error in JFS log [ 367.195237][ T7893] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x7 [ 367.206028][ T7884] *** Log Format Error ! *** [ 367.212929][ T7893] F2FS-fs (loop4): Unrecognized mount option "barrier" or missing value [ 367.231376][ T7884] lmLogInit: exit(-22) [ 367.242423][ T7884] lmLogOpen: exit(-22) [ 367.666891][ T7912] ubi: mtd0 is already attached to ubi0 [ 368.562989][ T7916] sp0: Synchronizing with TNC [ 368.576095][ T7920] loop2: detected capacity change from 0 to 512 [ 368.678283][ T7920] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 368.708787][ T7920] EXT4-fs (loop2): invalid journal inode [ 368.714516][ T7920] EXT4-fs (loop2): can't get journal size [ 368.735719][ T7920] EXT4-fs (loop2): 1 truncate cleaned up [ 368.741583][ T7920] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 369.397931][ T7929] loop4: detected capacity change from 0 to 512 [ 369.405603][ T7929] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 369.474874][ T7929] EXT4-fs (loop4): invalid journal inode [ 369.505252][ T7929] EXT4-fs (loop4): can't get journal size [ 369.568122][ T7929] EXT4-fs (loop4): 1 truncate cleaned up [ 369.578213][ T7929] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 369.770265][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 370.479614][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 370.486192][ T7941] loop2: detected capacity change from 0 to 64 [ 370.705174][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 370.917847][ T7956] sp0: Synchronizing with TNC [ 371.313375][ T7961] ubi: mtd0 is already attached to ubi0 [ 371.996317][ T7966] loop2: detected capacity change from 0 to 512 [ 372.032264][ T7966] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 372.077338][ T7966] EXT4-fs (loop2): invalid journal inode [ 372.091442][ T7966] EXT4-fs (loop2): can't get journal size [ 372.148104][ T7966] EXT4-fs (loop2): 1 truncate cleaned up [ 372.153838][ T7966] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 372.164245][ T7970] loop3: detected capacity change from 0 to 512 [ 372.186830][ T7970] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 372.222043][ T7970] EXT4-fs (loop3): invalid journal inode [ 372.350476][ T7970] EXT4-fs (loop3): can't get journal size [ 372.600698][ T7970] EXT4-fs (loop3): 1 truncate cleaned up [ 372.655741][ T7970] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 372.890795][ T7949] loop1: detected capacity change from 0 to 40427 [ 373.139240][ T7949] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3ffff [ 373.153160][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 373.189139][ T7949] F2FS-fs (loop1): invalid crc value [ 373.499510][ T128] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 373.562533][ T128] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 373.581157][ T7988] loop0: detected capacity change from 0 to 128 [ 373.629352][ T7988] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 373.674990][ T7988] ext4 filesystem being mounted at /196/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 373.731693][ T7949] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4) [ 373.786469][ T7991] loop2: detected capacity change from 0 to 64 [ 373.797553][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 374.462215][ T8010] sp0: Synchronizing with TNC [ 374.626360][ T8012] ubi: mtd0 is already attached to ubi0 [ 375.363927][ T8017] loop3: detected capacity change from 0 to 512 [ 375.401808][ T8017] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 375.422222][ T8017] EXT4-fs (loop3): invalid journal inode [ 375.431334][ T8017] EXT4-fs (loop3): can't get journal size [ 375.496160][ T8017] EXT4-fs (loop3): 1 truncate cleaned up [ 375.502140][ T8017] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 375.592976][ T8025] loop4: detected capacity change from 0 to 512 [ 375.671134][ T8025] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 375.749404][ T8025] EXT4-fs (loop4): invalid journal inode [ 375.755137][ T8025] EXT4-fs (loop4): can't get journal size [ 376.382657][ T8034] loop2: detected capacity change from 0 to 64 [ 376.483121][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 376.484563][ T8025] EXT4-fs (loop4): 1 truncate cleaned up [ 376.557154][ T8025] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 376.682667][ T8040] loop1: detected capacity change from 0 to 128 [ 377.238283][ T26] audit: type=1800 audit(1732856711.836:196): pid=8043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.973" name="bus" dev="loop1" ino=1048639 res=0 errno=0 [ 377.604152][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 377.765457][ T8051] sp0: Synchronizing with TNC [ 378.276443][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 378.362886][ T8063] loop1: detected capacity change from 0 to 512 [ 378.427385][ T8063] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 378.448663][ T8067] loop4: detected capacity change from 0 to 64 [ 378.480764][ T8063] EXT4-fs (loop1): invalid journal inode [ 378.500338][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.507050][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.519428][ T8063] EXT4-fs (loop1): can't get journal size [ 378.638218][ T8063] EXT4-fs (loop1): 1 truncate cleaned up [ 378.700427][ T8063] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 379.025391][ T8077] loop4: detected capacity change from 0 to 128 [ 379.552094][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 379.783814][ T26] audit: type=1800 audit(1732856714.436:197): pid=8083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.986" name="bus" dev="loop4" ino=1048640 res=0 errno=0 [ 379.858894][ T8085] loop2: detected capacity change from 0 to 512 [ 379.903345][ T8085] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 379.927896][ T8085] EXT4-fs (loop2): invalid journal inode [ 379.947636][ T8085] EXT4-fs (loop2): can't get journal size [ 380.071998][ T8091] sp0: Synchronizing with TNC [ 380.093436][ T8085] EXT4-fs (loop2): 1 truncate cleaned up [ 380.111640][ T8085] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 380.422718][ T8101] loop3: detected capacity change from 0 to 64 [ 381.033198][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 381.154619][ T8110] loop3: detected capacity change from 0 to 512 [ 381.164453][ T8110] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 381.178966][ T8110] EXT4-fs (loop3): invalid journal inode [ 381.185203][ T8110] EXT4-fs (loop3): can't get journal size [ 381.304767][ T8110] EXT4-fs (loop3): 1 truncate cleaned up [ 381.320858][ T8110] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 381.562024][ T8122] loop4: detected capacity change from 0 to 128 [ 381.950143][ T26] audit: type=1800 audit(1732856716.606:198): pid=8122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1003" name="bus" dev="loop4" ino=1048641 res=0 errno=0 [ 382.311246][ T8129] sp0: Synchronizing with TNC [ 382.378114][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 382.515831][ T8137] loop3: detected capacity change from 0 to 64 [ 384.093603][ T8168] loop4: detected capacity change from 0 to 512 [ 384.116607][ T8170] sp0: Synchronizing with TNC [ 384.162234][ T8168] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 384.176529][ T8174] loop0: detected capacity change from 0 to 64 [ 384.203580][ T8168] EXT4-fs (loop4): invalid journal inode [ 384.233422][ T8168] EXT4-fs (loop4): can't get journal size [ 384.274067][ T8168] EXT4-fs (loop4): 1 truncate cleaned up [ 384.286749][ T8168] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 385.263940][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 385.488342][ T8200] sp0: Synchronizing with TNC [ 385.761319][ T8209] loop2: detected capacity change from 0 to 64 [ 386.308122][ T8218] loop0: detected capacity change from 0 to 512 [ 386.322163][ T8218] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 386.450345][ T8218] EXT4-fs (loop0): invalid journal inode [ 386.456239][ T8218] EXT4-fs (loop0): can't get journal size [ 386.513469][ T8218] EXT4-fs (loop0): 1 truncate cleaned up [ 386.567583][ T8218] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 387.444762][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 387.634923][ T8236] sp0: Synchronizing with TNC [ 387.668519][ T8238] loop0: detected capacity change from 0 to 128 [ 387.888692][ T26] audit: type=1800 audit(1732856722.546:199): pid=8241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1046" name="bus" dev="loop0" ino=1048642 res=0 errno=0 [ 388.001421][ T8244] loop4: detected capacity change from 0 to 64 [ 388.170810][ T8251] netlink: 'syz.2.1054': attribute type 29 has an invalid length. [ 388.181311][ T8251] netlink: 'syz.2.1054': attribute type 29 has an invalid length. [ 388.191247][ T8251] netlink: 'syz.2.1054': attribute type 29 has an invalid length. [ 388.199711][ T8251] netlink: 'syz.2.1054': attribute type 29 has an invalid length. [ 388.208125][ T8251] netlink: 'syz.2.1054': attribute type 29 has an invalid length. [ 388.428922][ T8260] loop4: detected capacity change from 0 to 512 [ 388.450953][ T8260] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 388.522857][ T8260] EXT4-fs (loop4): invalid journal inode [ 388.529002][ T8260] EXT4-fs (loop4): can't get journal size [ 388.580545][ T8260] EXT4-fs (loop4): 1 truncate cleaned up [ 388.586350][ T8260] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 389.473586][ T8278] sp0: Synchronizing with TNC [ 389.627725][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 389.692762][ T8280] loop3: detected capacity change from 0 to 64 [ 390.192167][ T8293] loop2: detected capacity change from 0 to 128 [ 390.420498][ T26] audit: type=1800 audit(1732856725.076:200): pid=8300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1069" name="bus" dev="loop2" ino=1048643 res=0 errno=0 [ 390.571909][ T8292] device syzkaller0 entered promiscuous mode [ 391.113461][ T8309] loop1: detected capacity change from 0 to 512 [ 391.171139][ T8309] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 391.181359][ T8309] EXT4-fs (loop1): invalid journal inode [ 391.187732][ T8309] EXT4-fs (loop1): can't get journal size [ 391.214197][ T8309] EXT4-fs (loop1): 1 truncate cleaned up [ 391.228704][ T8309] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 391.914185][ T8321] loop2: detected capacity change from 0 to 64 [ 392.174558][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 393.868494][ T8331] netlink: 'syz.3.1083': attribute type 33 has an invalid length. [ 393.876370][ T8331] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1083'. [ 394.146744][ T8342] loop1: detected capacity change from 0 to 128 [ 394.157492][ T8343] loop3: detected capacity change from 0 to 128 [ 394.567097][ T26] audit: type=1800 audit(1732856729.196:201): pid=8349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1088" name="bus" dev="loop3" ino=1048644 res=0 errno=0 [ 395.936385][ T26] audit: type=1800 audit(1732856730.336:202): pid=8352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1087" name="bus" dev="loop1" ino=1048645 res=0 errno=0 [ 396.068725][ T8357] loop3: detected capacity change from 0 to 512 [ 396.081653][ T8359] loop1: detected capacity change from 0 to 64 [ 396.092378][ T8357] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 396.117800][ T8357] EXT4-fs (loop3): invalid journal inode [ 396.130626][ T8357] EXT4-fs (loop3): can't get journal size [ 396.171502][ T8357] EXT4-fs (loop3): 1 truncate cleaned up [ 396.187533][ T8357] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 396.630510][ T8376] netlink: 'syz.1.1098': attribute type 33 has an invalid length. [ 396.802839][ T8376] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1098'. [ 397.216602][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 397.273083][ T8385] loop2: detected capacity change from 0 to 128 [ 397.359955][ T8387] loop3: detected capacity change from 0 to 128 [ 397.582641][ T8392] loop0: detected capacity change from 0 to 64 [ 399.682684][ T26] audit: type=1800 audit(1732856732.336:203): pid=8393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1101" name="bus" dev="loop2" ino=1048646 res=0 errno=0 [ 399.915289][ T26] audit: type=1800 audit(1732856733.146:204): pid=8396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1102" name="bus" dev="loop3" ino=1048647 res=0 errno=0 [ 400.478790][ T8413] loop1: detected capacity change from 0 to 512 [ 400.555448][ T8413] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 400.594251][ T8413] EXT4-fs (loop1): invalid journal inode [ 400.617212][ T8413] EXT4-fs (loop1): can't get journal size [ 400.644253][ T8415] sp0: Synchronizing with TNC [ 400.684411][ T8413] EXT4-fs (loop1): 1 truncate cleaned up [ 400.692444][ T8413] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 401.242899][ T8426] loop4: detected capacity change from 0 to 128 [ 401.596873][ T8430] loop0: detected capacity change from 0 to 128 [ 401.791982][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 402.857125][ T26] audit: type=1800 audit(1732856737.346:205): pid=8434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1117" name="bus" dev="loop4" ino=1048648 res=0 errno=0 [ 403.683249][ T8439] loop1: detected capacity change from 0 to 64 [ 403.775684][ T26] audit: type=1800 audit(1732856737.516:206): pid=8435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1119" name="bus" dev="loop0" ino=1048649 res=0 errno=0 [ 404.147467][ T8449] netlink: 'syz.1.1125': attribute type 10 has an invalid length. [ 404.155836][ T8449] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1125'. [ 404.584158][ T8461] ubi: mtd0 is already attached to ubi0 [ 405.233978][ T8463] loop2: detected capacity change from 0 to 512 [ 405.267556][ T8463] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 405.324488][ T8463] EXT4-fs (loop2): invalid journal inode [ 405.332781][ T8463] EXT4-fs (loop2): can't get journal size [ 405.386351][ T8463] EXT4-fs (loop2): 1 truncate cleaned up [ 405.394962][ T8463] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 406.442383][ T8468] loop0: detected capacity change from 0 to 128 [ 406.844896][ T26] audit: type=1800 audit(1732856741.496:207): pid=8476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1131" name="bus" dev="loop0" ino=1048650 res=0 errno=0 [ 406.903878][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 408.031434][ T8485] loop2: detected capacity change from 0 to 64 [ 410.038812][ T8508] loop1: detected capacity change from 0 to 512 [ 410.074548][ T8508] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 410.108602][ T8508] EXT4-fs (loop1): invalid journal inode [ 410.132423][ T8508] EXT4-fs (loop1): can't get journal size [ 410.208252][ T8508] EXT4-fs (loop1): 1 truncate cleaned up [ 410.214160][ T8508] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 412.208160][ T8518] loop4: detected capacity change from 0 to 512 [ 412.258445][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 412.334083][ T8527] loop0: detected capacity change from 0 to 128 [ 415.602008][ T8518] fscrypt: Error allocating hmac(sha512): -2 [ 415.724491][ T26] audit: type=1800 audit(1732856750.286:208): pid=8537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1149" name="bus" dev="loop0" ino=1048651 res=0 errno=0 [ 416.074399][ T8552] loop2: detected capacity change from 0 to 1024 [ 416.087391][ T8552] EXT4-fs: Ignoring removed orlov option [ 416.093249][ T8552] EXT4-fs: Ignoring removed nomblk_io_submit option [ 416.127529][ T8552] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 416.307240][ T128] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 416.461451][ T8552] syz.2.1157 (8552) used greatest stack depth: 19072 bytes left [ 416.491660][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 416.523657][ T128] usb 2-1: too many configurations: 115, using maximum allowed: 8 [ 416.560053][ T128] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 416.586391][ T128] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.612733][ T128] usb 2-1: Product: syz [ 416.625753][ T128] usb 2-1: Manufacturer: syz [ 416.646738][ T128] usb 2-1: SerialNumber: syz [ 416.673544][ T8563] loop2: detected capacity change from 0 to 512 [ 416.676079][ T128] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 416.715786][ T8563] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 416.864862][ T128] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 416.937583][ T8563] EXT4-fs (loop2): invalid journal inode [ 417.118312][ T8563] EXT4-fs (loop2): can't get journal size [ 417.843406][ T8563] EXT4-fs (loop2): 1 truncate cleaned up [ 417.947036][ T8563] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 417.969656][ T7255] usb 2-1: USB disconnect, device number 4 [ 418.141333][ T128] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 418.165830][ T128] ath9k_htc: Failed to initialize the device [ 418.192647][ T7255] usb 2-1: ath9k_htc: USB layer deinitialized [ 418.773161][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 418.997619][ T8582] loop0: detected capacity change from 0 to 128 [ 419.728318][ T26] audit: type=1800 audit(1732856753.986:209): pid=8588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1165" name="bus" dev="loop0" ino=1048652 res=0 errno=0 [ 420.573379][ T8598] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 420.699702][ T8605] loop1: detected capacity change from 0 to 512 [ 420.727547][ T8605] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 420.746185][ T8605] EXT4-fs (loop1): invalid journal inode [ 420.854182][ T8605] EXT4-fs (loop1): can't get journal size [ 420.882863][ T8605] EXT4-fs (loop1): 1 truncate cleaned up [ 420.903247][ T8605] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 421.849591][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 422.511183][ T8626] loop1: detected capacity change from 0 to 128 [ 422.786480][ T8633] nbd2: detected capacity change from 0 to 12 [ 423.016211][ T8635] nbd2: detected capacity change from 12 to 4 [ 423.053934][ T52] block nbd2: Send control failed (result -89) [ 423.178237][ T26] audit: type=1800 audit(1732856757.796:210): pid=8637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1179" name="bus" dev="loop1" ino=1048653 res=0 errno=0 [ 423.362385][ T8627] loop4: detected capacity change from 0 to 4096 [ 423.488642][ T8627] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 423.591984][ T8627] EXT4-fs (loop4): shut down requested (1) [ 423.696143][ T52] block nbd2: Request send failed, requeueing [ 423.702522][ T4262] block nbd2: Receive control failed (result -32) [ 423.718377][ T52] block nbd2: Dead connection, failed to find a fallback [ 423.726564][ T52] block nbd2: shutting down sockets [ 423.732618][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.741218][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 423.741712][ T52] buffer_io_error: 39 callbacks suppressed [ 423.741725][ T52] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.761162][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.770411][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.787209][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.796316][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.805629][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.815716][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.827843][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.836911][ T52] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.845061][ T4272] ldm_validate_partition_table(): Disk read failed. [ 423.868029][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.877378][ T52] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.889635][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.898975][ T52] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.906884][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.916595][ T52] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.924632][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 423.933861][ T52] Buffer I/O error on dev nbd2, logical block 0, async page read [ 423.943264][ T4272] Dev nbd2: unable to read RDB block 0 [ 424.008451][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 424.018537][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 424.026600][ T4272] nbd2: unable to read partition table [ 424.082414][ T4272] nbd2: partition table beyond EOD, truncated [ 424.127470][ T4272] ldm_validate_partition_table(): Disk read failed. [ 424.157893][ T4272] Dev nbd2: unable to read RDB block 0 [ 424.175000][ T4272] nbd2: unable to read partition table [ 424.224051][ T4272] nbd2: partition table beyond EOD, truncated [ 424.473487][ T8656] loop3: detected capacity change from 0 to 512 [ 424.481592][ T8656] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 424.499200][ T8656] EXT4-fs (loop3): invalid journal inode [ 424.597344][ T8658] 9pnet_fd: Insufficient options for proto=fd [ 425.011824][ T4332] libceph: connect (1)[c::]:6789 error -101 [ 425.022590][ T4332] libceph: mon0 (1)[c::]:6789 connect error [ 425.028744][ T8656] EXT4-fs (loop3): can't get journal size [ 425.075247][ T8656] EXT4-fs (loop3): 1 truncate cleaned up [ 425.090541][ T8656] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 425.127211][ T8658] ceph: No mds server is up or the cluster is laggy [ 425.158422][ T8634] loop0: detected capacity change from 0 to 32768 [ 425.172017][ T8634] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.1182 (8634) [ 425.371051][ T8634] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 425.387259][ T8634] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 425.813508][ T8634] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 425.881348][ T8634] BTRFS info (device loop0): use zstd compression, level 3 [ 425.989488][ T8634] BTRFS info (device loop0): using free space tree [ 426.019682][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 426.891846][ T26] audit: type=1326 audit(1732856761.536:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a5d580809 code=0x7ffc0000 [ 426.957233][ T26] audit: type=1326 audit(1732856761.536:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a5d580809 code=0x7ffc0000 [ 427.247548][ T26] audit: type=1326 audit(1732856761.536:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a5d582727 code=0x7ffc0000 [ 427.464438][ T26] audit: type=1326 audit(1732856761.536:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3a5d58269c code=0x7ffc0000 [ 427.490529][ T8634] BTRFS error (device loop0): open_ctree failed [ 427.592491][ T26] audit: type=1326 audit(1732856761.536:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3a5d5825d4 code=0x7ffc0000 [ 427.785723][ T26] audit: type=1326 audit(1732856761.536:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3a5d5825d4 code=0x7ffc0000 [ 427.856238][ T26] audit: type=1326 audit(1732856761.536:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3a5d57f46a code=0x7ffc0000 [ 428.934006][ T26] audit: type=1326 audit(1732856761.536:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a5d580809 code=0x7ffc0000 [ 428.941202][ T4272] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by udevd (4272) [ 428.990549][ T26] audit: type=1326 audit(1732856761.536:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8686 comm="syz.3.1193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a5d580809 code=0x7ffc0000 [ 429.080104][ T8705] loop1: detected capacity change from 0 to 128 [ 430.937783][ T8714] ./file0: Can't open blockdev [ 431.273501][ T26] audit: type=1800 audit(1732856765.886:220): pid=8718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1197" name="bus" dev="loop1" ino=1048654 res=0 errno=0 [ 432.519256][ T8732] loop1: detected capacity change from 0 to 512 [ 432.570608][ T8732] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 432.632895][ T8732] EXT4-fs (loop1): invalid journal inode [ 432.639083][ T8732] EXT4-fs (loop1): can't get journal size [ 432.855596][ T8732] EXT4-fs (loop1): 1 truncate cleaned up [ 432.865110][ T8732] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 435.346022][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 436.437206][ T22] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 436.580436][ T8780] nbd0: detected capacity change from 0 to 12 [ 436.593071][ T8780] nbd0: detected capacity change from 12 to 4 [ 436.674757][ T1043] block nbd0: Send control failed (result -89) [ 436.681141][ T1043] block nbd0: Request send failed, requeueing [ 436.727207][ T22] usb 4-1: Using ep0 maxpacket: 8 [ 436.931684][ T22] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 437.136153][ T22] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 437.403522][ T22] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 437.417826][ T4262] block nbd0: Receive control failed (result -32) [ 437.426121][ T1043] block nbd0: Dead connection, failed to find a fallback [ 437.433228][ T1043] block nbd0: shutting down sockets [ 437.438534][ T1043] blk_print_req_error: 19 callbacks suppressed [ 437.438549][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.453860][ T1043] buffer_io_error: 19 callbacks suppressed [ 437.453872][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.467668][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.476798][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.485343][ T22] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 437.487258][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.499427][ T22] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 437.507460][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.533006][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.542676][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.550617][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.559726][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.567671][ T4670] ldm_validate_partition_table(): Disk read failed. [ 437.574381][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.583578][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.591436][ T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.605553][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.615040][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.623741][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.632840][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.649499][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.658609][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.777087][ T4670] Dev nbd0: unable to read RDB block 0 [ 437.782769][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 437.791922][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 437.812799][ T22] usb 4-1: usb_control_msg returned -32 [ 437.818883][ T4670] nbd0: unable to read partition table [ 437.831595][ T22] usbtmc 4-1:16.0: can't read capabilities [ 437.862652][ T4670] nbd0: partition table beyond EOD, truncated [ 437.891984][ T8799] loop2: detected capacity change from 0 to 512 [ 437.912880][ T8799] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 437.951375][ T8799] EXT4-fs (loop2): invalid journal inode [ 437.963650][ T8799] EXT4-fs (loop2): can't get journal size [ 438.026869][ T4670] ldm_validate_partition_table(): Disk read failed. [ 438.043147][ T8799] EXT4-fs (loop2): 1 truncate cleaned up [ 438.054322][ T4670] Dev nbd0: unable to read RDB block 0 [ 438.077118][ T8799] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 438.462258][ T4670] nbd0: unable to read partition table [ 439.075399][ T128] usb 4-1: USB disconnect, device number 2 [ 439.137218][ T4670] nbd0: partition table beyond EOD, truncated [ 439.361712][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 439.978025][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.984705][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.817226][ T952] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 441.617470][ T952] usb 5-1: Using ep0 maxpacket: 16 [ 441.684017][ T952] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 441.737953][ T952] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 441.745987][ T952] usb 5-1: Product: syz [ 441.890066][ T952] usb 5-1: Manufacturer: syz [ 441.957143][ T952] usb 5-1: SerialNumber: syz [ 441.993894][ T952] usb 5-1: config 0 descriptor?? [ 442.091803][ T952] ssu100 5-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 442.874140][ T952] ssu100: probe of 5-1:0.0 failed with error -71 [ 443.167241][ T952] usb 5-1: USB disconnect, device number 2 [ 444.978262][ T8852] ubi: mtd0 is already attached to ubi0 [ 445.029020][ T8855] nbd1: detected capacity change from 0 to 12 [ 445.044802][ T1043] block nbd1: Send control failed (result -89) [ 445.044893][ T8855] nbd1: detected capacity change from 12 to 4 [ 445.051334][ T1043] block nbd1: Request send failed, requeueing [ 445.064150][ T4262] block nbd1: Receive control failed (result -32) [ 445.064206][ T1043] block nbd1: Dead connection, failed to find a fallback [ 445.078432][ T1043] block nbd1: shutting down sockets [ 445.083742][ T1043] blk_print_req_error: 19 callbacks suppressed [ 445.083757][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.099294][ T1043] buffer_io_error: 19 callbacks suppressed [ 445.099309][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.114238][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.123808][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.136027][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.145732][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.153874][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.163002][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.171148][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.180268][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.188302][ T4272] ldm_validate_partition_table(): Disk read failed. [ 445.195024][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.204194][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.212866][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.224198][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.232263][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.241492][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.249536][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.258760][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.266613][ T4272] Dev nbd1: unable to read RDB block 0 [ 445.294732][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.303911][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 445.312469][ T4272] nbd1: unable to read partition table [ 445.330071][ T4272] nbd1: partition table beyond EOD, truncated [ 445.342245][ T4272] ldm_validate_partition_table(): Disk read failed. [ 445.349383][ T4272] Dev nbd1: unable to read RDB block 0 [ 445.355233][ T4272] nbd1: unable to read partition table [ 445.361497][ T4272] nbd1: partition table beyond EOD, truncated [ 446.958588][ T8885] input: syz1 as /devices/virtual/input/input58 [ 447.601715][ T26] audit: type=1326 audit(1732856782.256:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.1.1248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 447.729504][ T8905] ubi: mtd0 is already attached to ubi0 [ 448.033089][ T26] audit: type=1326 audit(1732856782.256:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8890 comm="syz.1.1248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 450.713134][ T8936] loop4: detected capacity change from 0 to 4096 [ 450.862565][ T8936] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 451.110604][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 451.485492][ T8953] ubi: mtd0 is already attached to ubi0 [ 461.763550][ T9045] loop4: detected capacity change from 0 to 512 [ 461.787133][ T9028] random: crng reseeded on system resumption [ 461.937481][ T9045] EXT4-fs: Ignoring removed nomblk_io_submit option [ 461.988220][ T9045] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 462.047830][ T9045] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a85ec028, mo2=0002] [ 462.070379][ T9045] System zones: 0-2, 18-18, 34-34 [ 462.105809][ T9045] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 462.301453][ T9045] EXT4-fs (loop4): 1 truncate cleaned up [ 462.357348][ T9045] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 463.115858][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 463.261321][ T9067] loop4: detected capacity change from 0 to 128 [ 463.314638][ T9067] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 463.374289][ T9067] ext4 filesystem being mounted at /263/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 463.727063][ T128] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 463.937172][ T128] usb 2-1: Using ep0 maxpacket: 32 [ 463.968493][ T128] usb 2-1: New USB device found, idVendor=2013, idProduct=0248, bcdDevice=75.43 [ 464.177125][ T128] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 464.267010][ T128] usb 2-1: Product: syz [ 464.271219][ T128] usb 2-1: Manufacturer: syz [ 464.311292][ T128] usb 2-1: SerialNumber: syz [ 464.418758][ T128] usb 2-1: config 0 descriptor?? [ 465.759284][ T9084] block nbd1: shutting down sockets [ 465.992600][ T128] dvb-usb: found a 'Pinnacle PCTV 282e' in cold state, will try to load a firmware [ 466.031299][ T128] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 466.781335][ T128] dib0700: firmware download failed at 7 with -22 [ 466.816111][ T128] usb 2-1: USB disconnect, device number 5 [ 467.483612][ T9116] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1314'. [ 467.645156][ T9097] loop3: detected capacity change from 0 to 32768 [ 467.666434][ T9097] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1307 (9097) [ 467.694174][ T9097] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 467.728912][ T9097] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 467.757744][ T9097] BTRFS info (device loop3): using free space tree [ 468.097705][ T9097] BTRFS info (device loop3): enabling ssd optimizations [ 468.364339][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 468.546172][ T4250] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 469.329133][ T9175] loop3: detected capacity change from 0 to 2048 [ 469.345282][ T9173] device syzkaller0 entered promiscuous mode [ 469.404574][ T9175] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 469.526449][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 469.720149][ T9186] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1328'. [ 469.741829][ T9188] loop2: detected capacity change from 0 to 128 [ 469.797687][ T9188] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 469.807457][ T9188] ext4 filesystem being mounted at /265/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 472.344982][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 473.265267][ T9221] ubi: mtd0 is already attached to ubi0 [ 473.921931][ T9225] loop3: detected capacity change from 0 to 512 [ 473.957157][ T9228] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1341'. [ 474.988897][ T9225] EXT4-fs: test_dummy_encryption requires encrypt feature [ 475.435052][ T9243] xt_l2tp: unknown flags: 17 [ 476.317308][ T26] audit: type=1326 audit(1732856810.976:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9246 comm="syz.3.1345" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a5d580809 code=0x0 [ 476.339172][ C0] vkms_vblank_simulate: vblank timer overrun [ 476.564585][ T9250] loop2: detected capacity change from 0 to 128 [ 476.617964][ T9250] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 476.629162][ T9250] ext4 filesystem being mounted at /270/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 476.661140][ C0] vkms_vblank_simulate: vblank timer overrun [ 477.157207][ T9238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1343'. [ 477.199249][ T9238] bridge0: port 2(bridge_slave_1) entered learning state [ 477.335975][ T9238] bridge0: port 2(bridge_slave_1) entered disabled state [ 477.430158][ T26] audit: type=1326 audit(1732856812.086:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.1348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 477.497177][ T26] audit: type=1326 audit(1732856812.116:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.1348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 477.519614][ C1] vkms_vblank_simulate: vblank timer overrun [ 477.606996][ T26] audit: type=1326 audit(1732856812.116:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.1348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 477.729558][ T9267] loop4: detected capacity change from 0 to 512 [ 477.798886][ T26] audit: type=1326 audit(1732856812.116:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.1.1348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 477.826195][ T9267] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 477.860369][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 477.890398][ T9267] EXT4-fs (loop4): invalid journal inode [ 477.897264][ T9270] ubi: mtd0 is already attached to ubi0 [ 477.973785][ T9267] EXT4-fs (loop4): can't get journal size [ 478.019131][ T9267] EXT4-fs (loop4): 1 truncate cleaned up [ 478.037781][ T9267] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 478.757302][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 479.891038][ T9289] loop4: detected capacity change from 0 to 128 [ 480.114224][ T9295] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1361'. [ 481.495666][ T26] audit: type=1800 audit(1732856816.146:228): pid=9301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1358" name="bus" dev="loop4" ino=1048655 res=0 errno=0 [ 481.796074][ T9312] loop2: detected capacity change from 0 to 128 [ 481.854722][ T9312] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 481.878850][ T9312] ext4 filesystem being mounted at /273/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 482.321366][ T9317] loop4: detected capacity change from 0 to 4096 [ 482.422935][ T9317] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 483.365061][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 483.625779][ T9333] ubi: mtd0 is already attached to ubi0 [ 485.733426][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 486.160387][ T9349] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1374'. [ 486.551896][ T9358] sp0: Synchronizing with TNC [ 486.875845][ T9365] Cannot find add_set index 0 as target [ 488.071506][ T9374] ubi: mtd0 is already attached to ubi0 [ 491.007170][ T9400] netlink: 'syz.2.1389': attribute type 8 has an invalid length. [ 491.621449][ T9411] sp0: Synchronizing with TNC [ 491.968129][ T9422] ubi: mtd0 is already attached to ubi0 [ 492.277797][ T9423] loop2: detected capacity change from 0 to 4096 [ 492.941607][ T9423] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 493.235666][ T9423] EXT4-fs (loop2): shut down requested (1) [ 493.250550][ T9406] loop4: detected capacity change from 0 to 32768 [ 493.434372][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 496.110632][ T9454] loop4: detected capacity change from 0 to 128 [ 496.164748][ T9454] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 496.254541][ T9454] ext4 filesystem being mounted at /274/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 496.311382][ T9458] sp0: Synchronizing with TNC [ 498.962332][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 499.827124][ T4303] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 501.067095][ T9504] input: syz0 as /devices/virtual/input/input73 [ 501.491947][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.517107][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.787008][ T4303] usb 4-1: Using ep0 maxpacket: 32 [ 501.793958][ T4303] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 501.817018][ T4303] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 501.830143][ T4303] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 501.839649][ T4303] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.878159][ T4303] usb 4-1: config 0 descriptor?? [ 501.902320][ T4303] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 502.684396][ T9156] usb 4-1: USB disconnect, device number 3 [ 502.875037][ T9516] loop2: detected capacity change from 0 to 24 [ 502.882797][ T9516] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 502.920441][ T9516] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 504.044633][ T9527] loop3: detected capacity change from 0 to 128 [ 504.210534][ T9532] loop4: detected capacity change from 0 to 128 [ 504.223048][ T9533] loop2: detected capacity change from 0 to 512 [ 504.230553][ T9527] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 504.239535][ T9527] ext4 filesystem being mounted at /282/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 504.277137][ T9533] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 504.367360][ T9533] EXT4-fs (loop2): invalid journal inode [ 504.376163][ T9533] EXT4-fs (loop2): can't get journal size [ 504.639803][ T26] audit: type=1800 audit(1732856839.286:229): pid=9538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1425" name="bus" dev="loop4" ino=1048656 res=0 errno=0 [ 504.725580][ T9533] EXT4-fs (loop2): 1 truncate cleaned up [ 504.836833][ T9533] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 505.627733][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 507.352000][ T9579] ubi: mtd0 is already attached to ubi0 [ 507.724590][ T9587] loop2: detected capacity change from 0 to 512 [ 507.814328][ T9587] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 507.884750][ T9587] ext4 filesystem being mounted at /292/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 507.911944][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 508.134199][ T9597] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1439'. [ 509.020441][ T9599] loop3: detected capacity change from 0 to 512 [ 509.071591][ T9599] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 509.162957][ T9599] EXT4-fs (loop3): invalid journal inode [ 509.177273][ T9599] EXT4-fs (loop3): can't get journal size [ 509.205976][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 510.121717][ T9599] EXT4-fs (loop3): 1 truncate cleaned up [ 510.127816][ T9599] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 510.766427][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 511.379204][ T4262] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 511.387964][ T4262] Bluetooth: hci3: Injecting HCI hardware error event [ 511.396719][ T4269] Bluetooth: hci3: hardware error 0x00 [ 511.526996][ T9156] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 511.752587][ T9156] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 511.778170][ T9627] loop3: detected capacity change from 0 to 128 [ 511.796955][ T9156] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 511.806827][ T9156] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 511.857857][ T9627] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 511.871683][ T9627] ext4 filesystem being mounted at /286/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 511.906018][ T9156] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.925134][ T9617] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 512.410729][ T9637] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1451'. [ 513.457061][ T4269] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 513.482840][ T9156] usb 3-1: USB disconnect, device number 4 [ 515.203456][ T9656] loop2: detected capacity change from 0 to 512 [ 515.386767][ T9656] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 515.758983][ T9656] EXT4-fs (loop2): invalid journal inode [ 515.895396][ T9656] EXT4-fs (loop2): can't get journal size [ 516.244299][ T9656] EXT4-fs (loop2): 1 truncate cleaned up [ 516.290352][ T9656] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 516.765034][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 516.794474][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 517.044816][ T9679] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1464'. [ 517.892535][ T9681] ubi: mtd0 is already attached to ubi0 [ 518.438234][ T9702] loop4: detected capacity change from 0 to 128 [ 518.791217][ T26] audit: type=1800 audit(1732856853.436:230): pid=9709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1469" name="bus" dev="loop4" ino=1048657 res=0 errno=0 [ 520.852890][ T9729] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1477'. [ 523.826477][ T9759] loop3: detected capacity change from 0 to 736 [ 524.002190][ T9763] loop2: detected capacity change from 0 to 128 [ 524.125653][ T9763] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 524.136766][ T9763] ext4 filesystem being mounted at /300/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 525.116407][ T9774] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 525.454301][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 525.690603][ T9788] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1491'. [ 525.941043][ T9790] loop4: detected capacity change from 0 to 1024 [ 526.017292][ T9790] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 526.248021][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 527.697246][ T9165] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 527.767092][ T9156] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 527.897181][ T9165] usb 2-1: Using ep0 maxpacket: 16 [ 527.910446][ T9165] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 527.978639][ T9156] usb 3-1: Using ep0 maxpacket: 32 [ 527.996015][ T9156] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 528.089482][ T9165] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 528.166325][ T9156] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 528.249012][ T9165] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 528.313401][ T9156] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 528.439486][ T9156] usb 3-1: Product: syz [ 528.443699][ T9156] usb 3-1: Manufacturer: syz [ 528.456980][ T9165] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 528.486831][ T9156] usb 3-1: SerialNumber: syz [ 528.491503][ T9165] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 528.541050][ T9156] usb 3-1: config 0 descriptor?? [ 528.567083][ T9165] usb 2-1: config 0 descriptor?? [ 528.584708][ T9804] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 528.769169][ T9814] sp0: Synchronizing with TNC [ 528.811668][ T14] usb 3-1: USB disconnect, device number 5 [ 529.038552][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.047006][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.054729][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.062026][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.063717][ T9819] loop4: detected capacity change from 0 to 128 [ 529.069286][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.069352][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.069377][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.069400][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.069423][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.069446][ T9165] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 529.075449][ T9165] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0002/input/input76 [ 529.379539][ T9819] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 529.520154][ T9819] ext4 filesystem being mounted at /296/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 529.594280][ T9165] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 529.811555][ T9165] usb 2-1: USB disconnect, device number 6 [ 530.327264][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 530.940203][ T9846] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1507'. [ 533.946529][ T9909] loop4: detected capacity change from 0 to 512 [ 533.954837][ T9911] loop3: detected capacity change from 0 to 128 [ 533.964654][ T9909] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 534.006613][ T9909] EXT4-fs (loop4): invalid journal inode [ 534.029613][ T9909] EXT4-fs (loop4): can't get journal size [ 534.043141][ T9911] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 534.058601][ T9909] EXT4-fs (loop4): 1 truncate cleaned up [ 534.064286][ T9909] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 534.090605][ T9911] ext4 filesystem being mounted at /296/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 534.541309][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 535.098502][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 537.521041][ T9944] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 539.569013][ T9969] loop3: detected capacity change from 0 to 128 [ 539.590894][ T9969] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 539.602928][ T9969] ext4 filesystem being mounted at /299/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 540.619988][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 541.782930][ T9991] loop4: detected capacity change from 0 to 128 [ 542.154842][ T9164] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 542.162685][ T26] audit: type=1800 audit(1732856876.766:231): pid=9998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1541" name="bus" dev="loop4" ino=1048658 res=0 errno=0 [ 542.533449][ T9164] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 542.821077][ T9164] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 542.829227][ T9164] usb 1-1: Product: syz [ 542.833409][ T9164] usb 1-1: Manufacturer: syz [ 542.838689][ T9164] usb 1-1: SerialNumber: syz [ 542.847363][ T9164] usb 1-1: config 0 descriptor?? [ 543.262004][ T9164] usb 1-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0) [ 543.277578][ T9164] usb 1-1: Firmware version (0.0) predates our first public release. [ 543.311109][ T9164] usb 1-1: Please update to version 0.2 or newer [ 543.560483][ T9164] usb 1-1: USB disconnect, device number 2 [ 544.069875][T10015] tipc: Started in network mode [ 544.075142][T10015] tipc: Node identity ffffffff, cluster identity 4711 [ 544.096995][T10015] tipc: Node number set to 4294967295 [ 544.170285][T10016] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1545'. [ 545.061613][T10020] loop3: detected capacity change from 0 to 128 [ 545.081536][T10020] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 545.564170][T10020] ext4 filesystem being mounted at /302/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 546.391159][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 548.791282][T10066] hub 9-0:1.0: USB hub found [ 548.807058][T10066] hub 9-0:1.0: 1 port detected [ 548.877025][ T9165] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 549.037945][T10074] loop4: detected capacity change from 0 to 128 [ 549.077255][ T9165] usb 1-1: Using ep0 maxpacket: 8 [ 549.105638][ T9165] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 15 [ 549.129148][T10074] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 549.149324][ T9165] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 549.171959][T10074] ext4 filesystem being mounted at /311/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 549.267766][ T9165] usb 1-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8 [ 549.635923][ T9165] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 550.437896][ T9165] usb 1-1: Product: syz [ 550.442127][ T9165] usb 1-1: Manufacturer: syz [ 550.446741][ T9165] usb 1-1: SerialNumber: syz [ 550.464013][ T9165] usb 1-1: config 0 descriptor?? [ 550.470780][T10064] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 550.482598][ T9165] powermate: probe of 1-1:0.0 failed with error -22 [ 550.484427][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 552.637415][ T9165] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 552.890525][ T9165] usb 4-1: Using ep0 maxpacket: 16 [ 552.899255][ T9165] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 552.953926][ T9165] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 552.972504][ T9165] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 553.000515][ T9165] usb 4-1: Product: syz [ 553.010394][ T9165] usb 4-1: Manufacturer: syz [ 553.025012][ T9165] usb 4-1: SerialNumber: syz [ 553.051296][ T9165] usb 4-1: config 0 descriptor?? [ 553.091721][ T9165] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 553.111732][ T14] usb 1-1: USB disconnect, device number 3 [ 553.114818][ T9165] em28xx 4-1:0.0: DVB interface 0 found: bulk [ 553.692584][ T9165] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 553.814700][T10131] loop2: detected capacity change from 0 to 128 [ 553.974447][T10131] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 553.983474][T10131] ext4 filesystem being mounted at /316/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 555.378436][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 555.951290][ T9165] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 556.010325][T10149] sp0: Synchronizing with TNC [ 556.042191][ T9165] em28xx 4-1:0.0: board has no eeprom [ 556.186964][ T9165] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 556.286373][ T9165] em28xx 4-1:0.0: dvb set to bulk mode. [ 556.362362][ T9165] usb 4-1: USB disconnect, device number 4 [ 556.380303][ T9165] em28xx 4-1:0.0: Disconnecting em28xx [ 556.405663][ T9156] em28xx 4-1:0.0: Binding DVB extension [ 556.720938][ T9156] em28xx 4-1:0.0: Registering input extension [ 556.741365][ T9165] em28xx 4-1:0.0: Closing input extension [ 556.801899][ T9165] em28xx 4-1:0.0: Freeing device [ 557.136639][ T26] audit: type=1326 audit(1732856891.786:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 557.486125][T10168] loop4: detected capacity change from 0 to 32768 [ 557.537972][ T26] audit: type=1326 audit(1732856891.826:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 558.191966][T10168] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 558.257162][ T26] audit: type=1326 audit(1732856891.826:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 558.264927][T10168] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 558.539031][ T26] audit: type=1326 audit(1732856891.826:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 558.627580][T10168] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 558.686112][T10168] BTRFS info (device loop4): use zstd compression, level 3 [ 558.712628][ T26] audit: type=1326 audit(1732856891.826:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 558.751619][T10168] BTRFS info (device loop4): using free space tree [ 558.807916][T10189] loop2: detected capacity change from 0 to 128 [ 558.890497][ T26] audit: type=1326 audit(1732856891.826:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 558.937168][T10189] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 558.973415][T10189] ext4 filesystem being mounted at /319/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 559.160694][ T26] audit: type=1326 audit(1732856891.826:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 559.346346][ T26] audit: type=1326 audit(1732856891.826:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 559.369166][ T26] audit: type=1326 audit(1732856891.826:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 559.420982][ T26] audit: type=1326 audit(1732856891.826:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10169 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 559.450807][T10168] BTRFS info (device loop4): enabling ssd optimizations [ 559.803134][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 560.616263][T10222] sp0: Synchronizing with TNC [ 560.896148][ T4252] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 562.321633][T10245] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1602'. [ 562.819149][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.826248][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.872291][T10258] xt_l2tp: unknown flags: 17 [ 567.366992][ T4303] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 567.566988][ T4303] usb 3-1: Using ep0 maxpacket: 32 [ 567.567172][T10314] loop3: detected capacity change from 0 to 128 [ 567.574537][ T4303] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 567.623314][T10314] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 567.625752][ T4303] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 567.644388][T10314] ext4 filesystem being mounted at /315/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 567.705569][ T4303] usb 3-1: config 0 descriptor?? [ 567.887665][ T4303] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 568.174537][T10325] loop4: detected capacity change from 0 to 512 [ 568.250435][T10325] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 568.269935][T10325] ext4 filesystem being mounted at /322/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 568.521289][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 568.540542][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 568.746284][T10329] netlink: 562 bytes leftover after parsing attributes in process `syz.3.1629'. [ 569.114105][T10338] loop3: detected capacity change from 0 to 64 [ 569.547475][ T4303] gspca_nw80x: reg_w err -110 [ 569.561696][ T4303] nw80x: probe of 3-1:0.0 failed with error -110 [ 570.048760][T10344] sp0: Synchronizing with TNC [ 570.841409][T10355] loop4: detected capacity change from 0 to 512 [ 571.157153][T10355] EXT4-fs: test_dummy_encryption requires encrypt feature [ 571.838999][ T952] usb 3-1: USB disconnect, device number 6 [ 572.655781][ T26] kauditd_printk_skb: 20 callbacks suppressed [ 572.655796][ T26] audit: type=1326 audit(1732856907.306:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10377 comm="syz.1.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 572.847236][T10379] capability: warning: `syz.1.1645' uses 32-bit capabilities (legacy support in use) [ 572.897519][ T26] audit: type=1326 audit(1732856907.506:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10377 comm="syz.1.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 572.920264][T10385] sp0: Synchronizing with TNC [ 573.371530][ T26] audit: type=1326 audit(1732856907.536:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10377 comm="syz.1.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7252780809 code=0x7ffc0000 [ 573.896680][T10394] loop3: detected capacity change from 0 to 1024 [ 573.950672][T10394] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 574.089811][T10394] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 574.928241][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 574.942784][T10406] loop4: detected capacity change from 0 to 512 [ 575.029976][T10410] loop2: detected capacity change from 0 to 512 [ 575.068822][T10406] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 575.108618][T10406] EXT4-fs (loop4): invalid journal inode [ 575.117067][T10406] EXT4-fs (loop4): can't get journal size [ 575.154245][T10406] EXT4-fs (loop4): 1 truncate cleaned up [ 575.160654][T10406] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 575.179509][T10410] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 575.263928][T10410] ext4 filesystem being mounted at /326/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 575.439225][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 576.428485][T10428] sp0: Synchronizing with TNC [ 576.767729][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 581.367012][T10473] sp0: Synchronizing with TNC [ 585.933746][T10531] loop2: detected capacity change from 0 to 16 [ 585.961766][T10531] erofs: (device loop2): mounted with root inode @ nid 36. [ 586.827277][T10540] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1691'. [ 588.365024][T10556] ubi: mtd0 is already attached to ubi0 [ 589.513117][T10558] block device autoloading is deprecated and will be removed. [ 589.962430][T10568] loop4: detected capacity change from 0 to 512 [ 589.970103][T10568] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 589.983991][T10568] EXT4-fs (loop4): invalid journal inode [ 589.989750][T10568] EXT4-fs (loop4): can't get journal size [ 590.121977][T10568] EXT4-fs (loop4): 1 truncate cleaned up [ 590.137090][T10568] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 590.495599][T10577] sp0: Synchronizing with TNC [ 592.205976][T10596] ubi: mtd0 is already attached to ubi0 [ 593.280751][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 595.738600][T10639] loop4: detected capacity change from 0 to 512 [ 595.793285][T10639] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 595.853079][T10639] EXT4-fs (loop4): invalid journal inode [ 595.860895][T10639] EXT4-fs (loop4): can't get journal size [ 595.921982][T10639] EXT4-fs (loop4): 1 truncate cleaned up [ 595.995531][T10639] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 596.853158][T10632] loop3: detected capacity change from 0 to 32768 [ 596.883911][T10632] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.1717 (10632) [ 596.952884][T10632] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 596.997234][T10632] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 597.006710][T10632] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 597.870674][T10632] BTRFS info (device loop3): use zstd compression, level 3 [ 597.907044][T10632] BTRFS info (device loop3): using free space tree [ 599.348143][T10632] BTRFS error (device loop3): open_ctree failed [ 599.706762][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 602.399115][T10717] loop2: detected capacity change from 0 to 128 [ 602.498978][ T26] audit: type=1800 audit(1732856937.156:265): pid=10717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1732" name="bus" dev="loop2" ino=1048659 res=0 errno=0 [ 606.222829][T10754] mmap: syz.3.1740 (10754) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 607.640004][T10771] xt_l2tp: unknown flags: 17 [ 609.823868][T10788] loop3: detected capacity change from 0 to 512 [ 609.872689][T10788] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 609.923447][T10788] EXT4-fs (loop3): invalid journal inode [ 609.929371][T10788] EXT4-fs (loop3): can't get journal size [ 609.967213][T10788] EXT4-fs (loop3): 1 truncate cleaned up [ 609.976176][T10788] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 610.858830][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 613.327454][T10813] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1758'. [ 615.647963][T10841] loop4: detected capacity change from 0 to 512 [ 615.674370][T10841] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 615.697444][T10841] EXT4-fs (loop4): invalid journal inode [ 615.703250][T10841] EXT4-fs (loop4): can't get journal size [ 615.805248][T10849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 615.886164][T10846] sp0: Synchronizing with TNC [ 615.944205][T10841] EXT4-fs (loop4): 1 truncate cleaned up [ 616.042458][T10841] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 616.700659][T10855] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1771'. [ 616.817052][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 616.995074][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 617.856962][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 622.283506][T10897] sp0: Synchronizing with TNC [ 624.839894][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.846259][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.542447][T10916] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 626.395525][ T4269] Bluetooth: Wrong link type (-71) [ 626.586973][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 627.543973][T10939] loop3: detected capacity change from 0 to 256 [ 627.616960][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 629.429124][T10957] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1784'. [ 633.982280][T10240] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 634.191940][T10240] usb 4-1: Using ep0 maxpacket: 16 [ 634.271514][T10240] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 634.446610][T10240] usb 4-1: config 0 has no interfaces? [ 634.570579][T10240] usb 4-1: New USB device found, idVendor=0456, idProduct=f000, bcdDevice=f3.7f [ 634.857886][T10240] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 634.873050][T10240] usb 4-1: Product: syz [ 634.877424][T10240] usb 4-1: Manufacturer: syz [ 634.882623][T10240] usb 4-1: SerialNumber: syz [ 634.890438][T10240] usb 4-1: config 0 descriptor?? [ 636.143525][ T4269] Bluetooth: Wrong link type (-71) [ 636.328837][T11023] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1807'. [ 636.405573][T11025] loop4: detected capacity change from 0 to 512 [ 636.416624][T11023] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1807'. [ 636.445570][T11023] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1807'. [ 637.190594][T11025] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.1819: attempt to clear invalid blocks 1 len 1 [ 637.308532][T11025] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1819: bg 0: block 343: padding at end of block bitmap is not set [ 637.343233][T11025] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 637.365249][T11025] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1819: invalid indirect mapped block 1819239214 (level 0) [ 637.413406][T11025] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1819: invalid indirect mapped block 1819239214 (level 1) [ 637.445817][T11025] EXT4-fs (loop4): 1 truncate cleaned up [ 637.455898][T11025] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 639.670475][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 639.788608][T11046] loop4: detected capacity change from 0 to 128 [ 640.016622][T11046] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 640.048323][T11046] ext4 filesystem being mounted at /358/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 641.021534][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 641.181370][T11069] loop4: detected capacity change from 0 to 512 [ 641.218100][T11069] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 641.254405][T11069] EXT4-fs (loop4): invalid journal inode [ 641.281977][T11069] EXT4-fs (loop4): can't get journal size [ 641.301821][T10240] usb 4-1: USB disconnect, device number 5 [ 641.312085][T11069] EXT4-fs (loop4): 1 truncate cleaned up [ 641.355785][T11069] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 642.110366][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 647.078439][T11119] loop3: detected capacity change from 0 to 512 [ 647.128537][T11119] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 647.202805][T11119] EXT4-fs (loop3): invalid journal inode [ 647.211666][T11119] EXT4-fs (loop3): can't get journal size [ 647.304384][T11119] EXT4-fs (loop3): 1 truncate cleaned up [ 647.310218][T11119] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 648.182732][T11134] block device autoloading is deprecated and will be removed. [ 648.192018][T11134] blk_print_req_error: 19 callbacks suppressed [ 648.192061][T11134] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1 [ 648.350746][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 650.596232][T11156] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 650.975716][T11173] loop3: detected capacity change from 0 to 512 [ 651.008458][T11173] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 651.056073][T11173] EXT4-fs (loop3): invalid journal inode [ 651.076019][T11173] EXT4-fs (loop3): can't get journal size [ 651.105854][T11173] EXT4-fs (loop3): 1 truncate cleaned up [ 651.120035][T11173] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 652.297425][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 653.344283][T11198] loop0: detected capacity change from 0 to 128 [ 653.738582][T11198] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 653.849648][T11198] ext4 filesystem being mounted at /377/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 654.427013][T11204] ubi: mtd0 is already attached to ubi0 [ 654.902310][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 657.258414][T11256] loop3: detected capacity change from 0 to 128 [ 658.091851][T11256] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 658.134046][T11256] ext4 filesystem being mounted at /363/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 660.336022][T11276] loop4: detected capacity change from 0 to 512 [ 660.380539][T11276] EXT4-fs: test_dummy_encryption requires encrypt feature [ 660.467741][ T4250] EXT4-fs (loop3): unmounting filesystem. [ 660.862019][T11284] xt_l2tp: unknown flags: 17 [ 663.442384][T11311] ubi: mtd0 is already attached to ubi0 [ 672.412082][T10240] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 672.677073][T10240] usb 2-1: Using ep0 maxpacket: 8 [ 672.710066][T10240] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 672.812264][T10240] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 673.167476][T10240] usb 2-1: Product: syz [ 673.171702][T10240] usb 2-1: Manufacturer: syz [ 673.217149][T10240] usb 2-1: SerialNumber: syz [ 673.477359][T10240] usb 2-1: config 0 descriptor?? [ 673.488764][T10240] gspca_main: se401-2.14.0 probing 047d:5003 [ 674.576474][T10240] gspca_se401: Wrong descriptor type [ 674.842013][ T6795] usb 2-1: USB disconnect, device number 7 [ 677.142076][ T26] audit: type=1326 audit(1732857011.686:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 677.185975][ T26] audit: type=1326 audit(1732857011.686:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 677.262517][ T26] audit: type=1326 audit(1732857011.686:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 677.333473][ T26] audit: type=1326 audit(1732857011.686:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 677.652267][ T6795] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 678.054737][ T26] audit: type=1326 audit(1732857011.686:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 678.090389][ T26] audit: type=1326 audit(1732857011.686:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 678.151304][ T26] audit: type=1326 audit(1732857011.826:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 678.204774][ T26] audit: type=1326 audit(1732857011.826:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 678.386931][ T26] audit: type=1326 audit(1732857011.826:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 678.414705][ T6795] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 678.437924][ T6795] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 678.449470][ T6795] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 678.462667][ T6795] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 678.472256][ T6795] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 678.489553][ T6795] usb 1-1: config 0 descriptor?? [ 678.494730][ T26] audit: type=1326 audit(1732857011.826:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11466 comm="syz.0.1945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6632980809 code=0x7ffc0000 [ 679.498940][T11467] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 682.806696][T11499] block device autoloading is deprecated and will be removed. [ 682.815667][T11499] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1 [ 682.988361][ T6795] usbhid 1-1:0.0: can't add hid device: -71 [ 682.994375][ T6795] usbhid: probe of 1-1:0.0 failed with error -71 [ 683.058788][ T6795] usb 1-1: USB disconnect, device number 4 [ 686.516222][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.522662][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 689.235884][T11544] block device autoloading is deprecated and will be removed. [ 689.250703][T11544] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 693.310314][ T4262] Bluetooth: Wrong link type (-71) [ 696.597042][ T4262] Bluetooth: Wrong link type (-71) [ 696.602737][ T4262] Bluetooth: hci1: link tx timeout [ 696.609155][ T4262] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa [ 698.073771][T11679] misc userio: Invalid payload size [ 698.313346][T11679] misc userio: No port type given on /dev/userio [ 698.352148][T11679] misc userio: The device must be registered before sending interrupts [ 698.579939][T11679] misc userio: The device must be registered before sending interrupts [ 704.826562][T11734] block device autoloading is deprecated and will be removed. [ 704.834408][T11734] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1 [ 705.115566][T11744] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 710.837250][T11795] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1 [ 712.352914][T11804] loop0: detected capacity change from 0 to 256 [ 712.416574][T11804] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 714.474696][ T26] kauditd_printk_skb: 21 callbacks suppressed [ 714.474717][ T26] audit: type=1800 audit(1732857048.956:297): pid=11814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2034" name="file1" dev="loop0" ino=1048660 res=0 errno=0 [ 717.453301][ T4269] Bluetooth: Wrong link type (-71) [ 719.185564][T11858] loop0: detected capacity change from 0 to 512 [ 719.294096][T11858] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.2048: attempt to clear invalid blocks 1 len 1 [ 719.331467][T11858] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2048: bg 0: block 343: padding at end of block bitmap is not set [ 719.391048][T11858] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 719.435607][T11858] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2048: invalid indirect mapped block 1819239214 (level 0) [ 719.477599][T11858] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2048: invalid indirect mapped block 1819239214 (level 1) [ 719.580947][T11858] EXT4-fs (loop0): 1 truncate cleaned up [ 719.586667][T11858] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 720.822303][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 723.899277][T11890] loop0: detected capacity change from 0 to 256 [ 723.968336][T11890] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 724.510050][T11896] syz.0.2056: attempt to access beyond end of device [ 724.510050][T11896] loop0: rw=524288, sector=280, nr_sectors = 128 limit=256 [ 724.533751][T11896] syz.0.2056: attempt to access beyond end of device [ 724.533751][T11896] loop0: rw=524288, sector=408, nr_sectors = 256 limit=256 [ 724.550777][T11896] syz.0.2056: attempt to access beyond end of device [ 724.550777][T11896] loop0: rw=0, sector=280, nr_sectors = 8 limit=256 [ 724.717154][ T26] audit: type=1800 audit(1732857059.226:298): pid=11896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2056" name="file1" dev="loop0" ino=1048661 res=0 errno=0 [ 725.047121][ T4269] Bluetooth: Wrong link type (-71) [ 727.456331][T11917] loop0: detected capacity change from 0 to 512 [ 727.523450][T11917] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 727.592396][T11917] EXT4-fs (loop0): invalid journal inode [ 727.628213][T11917] EXT4-fs (loop0): can't get journal size [ 727.682487][T11917] EXT4-fs (loop0): 1 truncate cleaned up [ 727.937776][T11917] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 729.873158][ T4251] EXT4-fs (loop0): unmounting filesystem. [ 732.514471][T11960] xt_TPROXY: Can be used only with -p tcp or -p udp [ 733.154271][T11962] loop0: detected capacity change from 0 to 512 [ 733.156901][ T4262] Bluetooth: Wrong link type (-71) [ 733.405555][ T4262] Bluetooth: hci4: link tx timeout [ 733.411427][ T4262] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa [ 734.374255][T11962] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.2074: attempt to clear invalid blocks 1 len 1 [ 734.429000][T11962] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2074: bg 0: block 343: padding at end of block bitmap is not set [ 734.453618][T11962] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 734.469017][T11962] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2074: invalid indirect mapped block 1819239214 (level 0) [ 734.565701][T11962] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2074: invalid indirect mapped block 1819239214 (level 1) [ 734.585770][T11962] EXT4-fs (loop0): 1 truncate cleaned up [ 734.591673][T11962] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 735.833598][T11983] xt_l2tp: v2 doesn't support IP mode [ 735.842175][T11983] xt_TPROXY: Can be used only with -p tcp or -p udp [ 742.007029][ T4269] Bluetooth: Wrong link type (-71) [ 744.306499][T12042] xt_l2tp: v2 doesn't support IP mode [ 744.314936][T12042] xt_TPROXY: Can be used only with -p tcp or -p udp [ 747.296325][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.302753][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 749.185142][T12087] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2105'. [ 754.947510][T12135] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2119'. [ 755.127983][ T4269] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 755.249424][ T4269] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 755.257504][ T4269] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 755.265326][ T4269] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 755.273003][ T4269] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 755.281952][ T4269] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 757.307049][ T4269] Bluetooth: hci5: command 0x0409 tx timeout [ 759.527464][ T4269] Bluetooth: hci5: command 0x041b tx timeout [ 759.736200][T12138] chnl_net:caif_netlink_parms(): no params data found [ 760.098977][T12138] bridge0: port 1(bridge_slave_0) entered blocking state [ 760.106122][T12138] bridge0: port 1(bridge_slave_0) entered disabled state [ 760.150724][T12138] device bridge_slave_0 entered promiscuous mode [ 760.168642][T12138] bridge0: port 2(bridge_slave_1) entered blocking state [ 760.183856][T12138] bridge0: port 2(bridge_slave_1) entered disabled state [ 760.208409][T12138] device bridge_slave_1 entered promiscuous mode [ 760.334744][T12138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 760.365032][T12138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 760.502258][T12138] team0: Port device team_slave_0 added [ 760.518256][T12138] team0: Port device team_slave_1 added [ 760.602541][T12138] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 760.614932][T12138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 760.731710][T12138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 760.788931][T12138] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 760.795979][T12138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 760.830972][T12138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 761.958782][ T4256] Bluetooth: hci5: command 0x040f tx timeout [ 762.862267][T12138] device hsr_slave_0 entered promiscuous mode [ 762.887244][T12138] device hsr_slave_1 entered promiscuous mode [ 762.896936][T12138] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 762.904521][T12138] Cannot create hsr debugfs directory [ 765.492428][ T4269] Bluetooth: hci5: command 0x0419 tx timeout [ 765.964698][T12223] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2140'. [ 766.335903][T12138] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 766.412515][T12138] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 766.464497][T12138] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 766.514800][T12138] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 766.792377][T12138] 8021q: adding VLAN 0 to HW filter on device bond0 [ 766.829676][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 766.851070][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 766.893006][T12138] 8021q: adding VLAN 0 to HW filter on device team0 [ 766.921017][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 766.950496][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 767.042707][ T4364] bridge0: port 1(bridge_slave_0) entered blocking state [ 767.049895][ T4364] bridge0: port 1(bridge_slave_0) entered forwarding state [ 767.123973][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 767.156574][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 767.166560][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 767.175302][ T4364] bridge0: port 2(bridge_slave_1) entered blocking state [ 767.182477][ T4364] bridge0: port 2(bridge_slave_1) entered forwarding state [ 767.192031][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 767.213205][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 767.426416][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 767.743443][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 767.931453][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 767.988220][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 768.048004][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 768.077744][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 768.122907][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 768.161712][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 768.185246][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 768.244212][T12138] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 769.411216][ T26] audit: type=1326 audit(1732857104.066:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 769.507130][ T26] audit: type=1326 audit(1732857104.096:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 769.625006][ T26] audit: type=1326 audit(1732857104.096:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 769.691817][ T26] audit: type=1326 audit(1732857104.096:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 769.766990][ T9160] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 769.776899][ T26] audit: type=1326 audit(1732857104.096:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 769.845494][ T26] audit: type=1326 audit(1732857104.096:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 769.921635][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 769.931038][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 769.942911][ T26] audit: type=1326 audit(1732857104.096:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 769.953651][T12138] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 770.003052][ T9160] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 770.009346][ T26] audit: type=1326 audit(1732857104.096:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 770.044030][ T9160] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 770.085878][ T9160] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 770.124132][ T26] audit: type=1326 audit(1732857104.106:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 770.127267][ T9160] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 770.196714][ T9160] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 770.221584][ T26] audit: type=1326 audit(1732857104.106:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12247 comm="syz.2.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5462180809 code=0x7ffc0000 [ 770.229089][ T9160] usb 3-1: config 0 descriptor?? [ 770.291566][T12249] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 770.931766][ T9160] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd [ 771.427547][ T9160] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 771.575741][ T9160] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 771.658050][ T9160] usb 3-1: USB disconnect, device number 7 [ 772.349403][ T4269] Bluetooth: Wrong link type (-71) [ 772.355015][ T4269] Bluetooth: hci2: link tx timeout [ 772.362339][ T4269] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa [ 772.855461][T12286] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2151'. [ 775.304896][ T9890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 775.357584][ T9890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 775.417492][ T9890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 775.439307][ T9890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 775.644698][ T9890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 777.064865][ T9890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 777.436579][T12138] device veth0_vlan entered promiscuous mode [ 777.650337][T12138] device veth1_vlan entered promiscuous mode [ 778.092270][T12138] device veth0_macvtap entered promiscuous mode [ 778.192233][ T9891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 778.327214][ T9891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 778.367542][T12138] device veth1_macvtap entered promiscuous mode [ 778.394243][ T9890] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 778.423325][ T9890] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 778.507961][T12138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 778.575178][T12138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 778.615566][T12138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 778.659158][T12138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 778.704791][T12138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 778.751202][T12138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 778.832338][T12138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 778.888867][T12138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 778.900366][T12138] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 778.911319][T12138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 778.922021][T12138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 778.931976][T12138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 781.484220][T12138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 781.494176][T12138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 781.505156][T12138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 781.526217][T12138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 781.582373][T12138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 781.787030][T12138] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 781.838892][ T4411] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 781.849227][ T4411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 781.858284][ T4411] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 781.869005][ T4411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 781.880603][T12138] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 781.891660][T12138] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 781.910199][T12138] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 781.924302][T12138] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 783.471851][ T4837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 783.528578][ T4837] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 783.578784][T12337] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2165'. [ 783.675416][ T4837] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 783.702104][ T4837] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 783.735592][ T4837] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 783.868033][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 785.387333][ T9160] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 785.606967][ T9160] usb 2-1: Using ep0 maxpacket: 8 [ 785.627676][ T9160] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 785.814369][ T9160] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 785.972563][ T9160] usb 2-1: Product: syz [ 785.992573][ T9160] usb 2-1: Manufacturer: syz [ 786.027004][ T9160] usb 2-1: SerialNumber: syz [ 786.066870][ T9160] usb 2-1: config 0 descriptor?? [ 786.151977][ T9160] gspca_main: se401-2.14.0 probing 047d:5003 [ 786.762601][ T9160] gspca_se401: Wrong descriptor type [ 787.243339][ T6795] usb 2-1: USB disconnect, device number 8 [ 789.230756][T12394] ubi: mtd0 is already attached to ubi0 [ 795.137511][ T6795] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 795.350399][ T6795] usb 5-1: Using ep0 maxpacket: 8 [ 795.360199][ T6795] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 796.154808][ T6795] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 796.162899][ T6795] usb 5-1: Product: syz [ 796.167142][ T6795] usb 5-1: Manufacturer: syz [ 796.171785][ T6795] usb 5-1: SerialNumber: syz [ 796.305853][ T6795] usb 5-1: config 0 descriptor?? [ 796.324927][ T6795] gspca_main: se401-2.14.0 probing 047d:5003 [ 796.815814][ T6795] gspca_se401: Wrong descriptor type [ 797.164677][ T6795] usb 5-1: USB disconnect, device number 3 [ 798.055650][T12467] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2200'. [ 807.091745][T12521] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2212'. [ 808.640080][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.647312][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.926809][ T4857] Bluetooth: hci6: Frame reassembly failed (-84) [ 810.076006][ T4857] Bluetooth: hci6: Frame reassembly failed (-84) [ 810.419099][T12541] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2218'. [ 812.209340][ T4256] Bluetooth: hci6: command 0x1003 tx timeout [ 812.219336][ T4269] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 828.736998][ T4256] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 834.859324][ T4256] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 836.880634][T12742] ubi: mtd0 is already attached to ubi0 [ 841.032325][T12788] ubi: mtd0 is already attached to ubi0 [ 847.936180][ T4256] Bluetooth: Wrong link type (-71) [ 848.897080][ T4269] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 850.236963][T12876] ubi: mtd0 is already attached to ubi0 [ 855.388766][T12921] ubi: mtd0 is already attached to ubi0 [ 858.346994][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 858.347054][ T26] audit: type=1326 audit(1732857192.846:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.104783][ T26] audit: type=1326 audit(1732857192.846:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.169908][ T26] audit: type=1326 audit(1732857192.856:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.366298][ T26] audit: type=1326 audit(1732857192.856:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.388916][ T26] audit: type=1326 audit(1732857192.856:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.411848][ T26] audit: type=1326 audit(1732857192.866:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.551118][ T26] audit: type=1326 audit(1732857192.866:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.619012][ T26] audit: type=1326 audit(1732857192.866:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.642495][ T26] audit: type=1326 audit(1732857192.876:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.665174][ T26] audit: type=1326 audit(1732857192.876:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12948 comm="syz.4.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ee3d80809 code=0x7ffc0000 [ 859.861537][T12968] ubi: mtd0 is already attached to ubi0 [ 861.516012][ T4543] Bluetooth: hci6: Frame reassembly failed (-84) [ 861.523017][ T4543] Bluetooth: hci6: Frame reassembly failed (-84) [ 863.377015][ T4269] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 865.074004][ T9165] kworker/dying (9165) used greatest stack depth: 18304 bytes left [ 865.084002][ T128] kworker/dying (128) used greatest stack depth: 15136 bytes left [ 865.386265][T13014] ubi: mtd0 is already attached to ubi0 [ 868.368933][T13035] xt_l2tp: v2 doesn't support IP mode [ 868.388125][T13035] xt_TPROXY: Can be used only with -p tcp or -p udp [ 870.477296][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.484599][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.971190][T13048] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2364'. [ 871.980432][T13048] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2364'. [ 871.989452][T13048] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2364'. [ 872.533809][T13073] ubi: mtd0 is already attached to ubi0 [ 878.764989][T13134] ubi: mtd0 is already attached to ubi0 [ 882.336895][ T4256] Bluetooth: hci5: command 0x0406 tx timeout [ 883.391937][ T9897] Bluetooth: hci6: Frame reassembly failed (-84) [ 883.513611][ T9897] Bluetooth: hci6: Frame reassembly failed (-84) [ 884.130402][ T4269] Bluetooth: Wrong link type (-71) [ 884.137582][ T4269] Bluetooth: hci4: link tx timeout [ 884.142731][ T4269] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa [ 884.151945][ T4269] Bluetooth: hci4: link tx timeout [ 884.157133][ T4269] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 885.841199][ T4269] Bluetooth: hci6: command 0x1003 tx timeout [ 885.841603][ T4256] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 886.634412][ T4269] Bluetooth: hci4: command 0x0406 tx timeout [ 888.825976][ T28] INFO: task syz-executor:4251 blocked for more than 144 seconds. [ 888.842416][ T28] Not tainted 6.1.119-syzkaller #0 [ 888.848106][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 888.856805][ T28] task:syz-executor state:D stack:19352 pid:4251 ppid:1 flags:0x00004004 [ 889.074917][T13210] ubi: mtd0 is already attached to ubi0 [ 889.429946][ T28] Call Trace: [ 889.464085][ T28] [ 889.470522][ T28] __schedule+0x143f/0x4570 [ 889.481880][ T28] ? lockdep_hardirqs_on+0x94/0x130 [ 889.502741][ T28] ? release_firmware_map_entry+0x186/0x186 [ 889.531443][ T28] ? prepare_to_wait_event+0x3b5/0x3f0 [ 889.559326][ T28] schedule+0xbf/0x180 [ 889.581501][ T28] wb_wait_for_completion+0x162/0x290 [ 889.619129][ T28] ? __bpf_trace_writeback_inode_template+0x20/0x20 [ 889.649738][ T28] ? wake_bit_function+0x210/0x210 [ 889.654945][ T28] ? mark_lock+0x9a/0x340 [ 889.680171][ T28] __writeback_inodes_sb_nr+0x2ce/0x370 [ 889.685793][ T28] ? writeback_inodes_sb_nr+0x30/0x30 [ 889.706809][ T28] ? get_nr_dirty_inodes+0x2ab/0x2e0 [ 889.722438][ T28] sync_filesystem+0xa0/0x220 [ 889.727242][ T28] generic_shutdown_super+0x6b/0x340 [ 889.743173][ T28] kill_block_super+0x7a/0xe0 [ 889.753320][ T28] deactivate_locked_super+0xa0/0x110 [ 889.771127][ T28] cleanup_mnt+0x490/0x520 [ 889.785857][ T28] ? lockdep_hardirqs_on+0x94/0x130 [ 889.795663][ T28] task_work_run+0x246/0x300 [ 889.811353][ T28] ? task_work_cancel+0x2e0/0x2e0 [ 889.826605][ T28] exit_to_user_mode_loop+0xde/0x100 [ 889.842286][ T28] exit_to_user_mode_prepare+0xb1/0x140 [ 889.862603][ T28] syscall_exit_to_user_mode+0x60/0x270 [ 889.878721][ T28] do_syscall_64+0x47/0xb0 [ 889.893497][ T28] ? clear_bhb_loop+0x45/0xa0 [ 889.903608][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 889.923002][ T28] RIP: 0033:0x7f6632981b37 [ 889.940787][ T28] RSP: 002b:00007ffd34ebbe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 889.958748][ T28] RAX: 0000000000000000 RBX: 00007f66329f37dc RCX: 00007f6632981b37 [ 890.000220][ T28] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd34ebbf20 [ 890.022805][ T28] RBP: 00007ffd34ebbf20 R08: 0000000000000000 R09: 0000000000000000 [ 890.055849][ T28] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd34ebcfa0 [ 890.065842][ T28] R13: 00007f66329f37dc R14: 00000000000b2e2b R15: 00007ffd34ebcfe0 [ 890.084339][ T28] [ 890.088512][ T28] [ 890.088512][ T28] Showing all locks held in the system: [ 890.096263][ T28] 1 lock held by rcu_tasks_kthre/12: [ 890.122862][ T28] #0: ffffffff8d32b110 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 890.153826][ T28] 1 lock held by rcu_tasks_trace/13: [ 890.169932][ T28] #0: ffffffff8d32b910 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 890.218011][ T28] 1 lock held by khungtaskd/28: [ 890.230920][ T28] #0: ffffffff8d32af40 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 890.258154][ T28] 2 locks held by getty/4010: [ 890.273099][ T28] #0: ffff888030e2d098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 890.297887][ T28] #1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 890.335596][ T28] 1 lock held by syz-executor/4251: [ 890.342198][ T28] #0: ffff888047e920e0 (&type->s_umount_key#31){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 890.359870][ T28] 2 locks held by kworker/u4:9/4365: [ 890.365272][ T28] 3 locks held by syz.4.2399/13184: [ 890.372658][ T28] [ 890.375006][ T28] ============================================= [ 890.375006][ T28] [ 890.394578][ T28] NMI backtrace for cpu 1 [ 890.398930][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.119-syzkaller #0 [ 890.406833][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 890.416904][ T28] Call Trace: [ 890.420205][ T28] [ 890.423163][ T28] dump_stack_lvl+0x1e3/0x2cb [ 890.427864][ T28] ? preempt_schedule_thunk+0x16/0x18 [ 890.433263][ T28] ? nf_tcp_handle_invalid+0x642/0x642 [ 890.438747][ T28] ? panic+0x764/0x764 [ 890.442841][ T28] ? vprintk_emit+0x622/0x740 [ 890.447547][ T28] ? printk_sprint+0x490/0x490 [ 890.452342][ T28] ? nmi_cpu_backtrace+0x252/0x560 [ 890.457490][ T28] nmi_cpu_backtrace+0x4e1/0x560 [ 890.462547][ T28] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 890.468730][ T28] ? _printk+0xd1/0x111 [ 890.472900][ T28] ? panic+0x764/0x764 [ 890.476987][ T28] ? __wake_up_klogd+0xcc/0x100 [ 890.481860][ T28] ? panic+0x764/0x764 [ 890.485972][ T28] ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0 [ 890.492071][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 890.498158][ T28] nmi_trigger_cpumask_backtrace+0x1ae/0x3f0 [ 890.504167][ T28] watchdog+0xf88/0xfd0 [ 890.508356][ T28] ? watchdog+0x1f8/0xfd0 [ 890.512718][ T28] kthread+0x28d/0x320 [ 890.516802][ T28] ? hungtask_pm_notify+0x50/0x50 [ 890.521860][ T28] ? kthread_blkcg+0xd0/0xd0 [ 890.526498][ T28] ret_from_fork+0x1f/0x30 [ 890.530962][ T28] [ 890.535983][ T28] Sending NMI from CPU 1 to CPUs 0: [ 890.541728][ C0] NMI backtrace for cpu 0 [ 890.541743][ C0] CPU: 0 PID: 4859 Comm: kworker/u4:32 Not tainted 6.1.119-syzkaller #0 [ 890.541760][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 890.541770][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 890.541794][ C0] RIP: 0010:nsim_dev_trap_report_work+0x9f0/0xab0 [ 890.541816][ C0] Code: 44 aa 8b be 54 03 00 00 31 d2 e8 1b 48 fc fa 2e 2e 2e 31 c0 4c 8b 64 24 58 48 8b 6c 24 68 48 89 e8 48 c1 e8 03 42 80 3c 28 00 <74> 08 48 89 ef e8 36 15 7e fb 48 8b 6d 00 4c 39 e5 74 0a e8 08 8c [ 890.541833][ C0] RSP: 0018:ffffc9001b25fb88 EFLAGS: 00000246 [ 890.541864][ C0] RAX: 1ffff1100f1cb300 RBX: 0000000000000000 RCX: ffff888024f0d940 [ 890.541876][ C0] RDX: dffffc0000000000 RSI: ffff888024f0d940 RDI: ffffc9001b25fb00 [ 890.541905][ C0] RBP: ffff888078e59800 R08: dffffc0000000000 R09: ffffed100acf689a [ 890.541917][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8880196de448 [ 890.541929][ C0] R13: dffffc0000000000 R14: ffff888078e59a48 R15: ffff8880567b44a8 [ 890.541941][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 890.541955][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 890.541966][ C0] CR2: 00007ffdb62aee8c CR3: 000000005cbe0000 CR4: 00000000003506f0 [ 890.541981][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 890.541990][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 890.542000][ C0] Call Trace: [ 890.542005][ C0] [ 890.542011][ C0] ? nmi_cpu_backtrace+0x3de/0x560 [ 890.542036][ C0] ? read_lock_is_recursive+0x10/0x10 [ 890.542063][ C0] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 890.542088][ C0] ? nmi_handle+0x25/0x440 [ 890.542120][ C0] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 890.542135][ C0] ? nmi_handle+0x12e/0x440 [ 890.542161][ C0] ? nmi_handle+0x25/0x440 [ 890.542186][ C0] ? nsim_dev_trap_report_work+0x9f0/0xab0 [ 890.542207][ C0] ? default_do_nmi+0x62/0x150 [ 890.542239][ C0] ? exc_nmi+0xa8/0x100 [ 890.542264][ C0] ? end_repeat_nmi+0x16/0x31 [ 890.542294][ C0] ? nsim_dev_trap_report_work+0x9f0/0xab0 [ 890.542316][ C0] ? nsim_dev_trap_report_work+0x9f0/0xab0 [ 890.542338][ C0] ? nsim_dev_trap_report_work+0x9f0/0xab0 [ 890.542360][ C0] [ 890.542364][ C0] [ 890.542377][ C0] ? process_one_work+0x7a9/0x11d0 [ 890.542397][ C0] process_one_work+0x8a9/0x11d0 [ 890.542424][ C0] ? worker_detach_from_pool+0x260/0x260 [ 890.542446][ C0] ? _raw_spin_lock_irqsave+0x120/0x120 [ 890.542466][ C0] ? kthread_data+0x4e/0xc0 [ 890.542492][ C0] ? wq_worker_running+0x97/0x190 [ 890.542509][ C0] worker_thread+0xa47/0x1200 [ 890.542530][ C0] ? release_firmware_map_entry+0x186/0x186 [ 890.542559][ C0] ? _raw_spin_unlock+0x40/0x40 [ 890.542584][ C0] kthread+0x28d/0x320 [ 890.542597][ C0] ? worker_clr_flags+0x190/0x190 [ 890.542616][ C0] ? kthread_blkcg+0xd0/0xd0 [ 890.542631][ C0] ret_from_fork+0x1f/0x30 [ 890.542660][ C0] [ 890.776796][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 890.776812][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.119-syzkaller #0 [ 890.776834][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 890.776847][ T28] Call Trace: [ 890.776854][ T28] [ 890.776862][ T28] dump_stack_lvl+0x1e3/0x2cb [ 890.776901][ T28] ? nf_tcp_handle_invalid+0x642/0x642 [ 890.776933][ T28] ? panic+0x764/0x764 [ 890.776954][ T28] ? llist_add_batch+0x160/0x1d0 [ 890.777020][ T28] ? vscnprintf+0x59/0x80 [ 890.777046][ T28] panic+0x318/0x764 [ 890.777067][ T28] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 890.777099][ T28] ? memcpy_page_flushcache+0xfc/0xfc [ 890.777126][ T28] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 890.777155][ T28] ? nmi_trigger_cpumask_backtrace+0x338/0x3f0 [ 890.777189][ T28] ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0 [ 890.777222][ T28] watchdog+0xfc7/0xfd0 [ 890.777255][ T28] ? watchdog+0x1f8/0xfd0 [ 890.777286][ T28] kthread+0x28d/0x320 [ 890.777304][ T28] ? hungtask_pm_notify+0x50/0x50 [ 890.777329][ T28] ? kthread_blkcg+0xd0/0xd0 [ 890.777350][ T28] ret_from_fork+0x1f/0x30 [ 890.777390][ T28] [ 890.778595][ T28] Kernel Offset: disabled [ 891.045391][ T28] Rebooting in 86400 seconds..